<img src="images/azure-snow.PNG" width="500" align="left">

<b>By: Taylor Ramsey</b>

### Existing Problem - What is the goal of this project
Currently, ServiceNow keeps track of the metrics for the Support and EUC team, and while the platform is robust, there are a few key features lacking. One of those is the ability to track the assigned incident backlog in order to measure to how the team is handling their task load. In order to chart that growth/decline of the backog, a metric called "backlog_incident_count" has to be captured and recorded daily.

The backlog_incident_count is recorded daily at 7pm each day using a python-built API call to ServiceNow. The information is appended to a small dataframe with a timestamp, and that information is read from a python web application.

### This project consists of 5 Azure services:

* Azure VM - runs a daily API call to ServiceNow
* Azure App Service -  runs an instance of a flask web app which serves as the dashboard
* Azure Container Registry -  hands a docker image to the app service for deployment
* Azure KeyVault - stores ServiceNow login data used for the API call
* Azure Blob Storage - stores .csv files for record-keeping

### Flow of data within the application
![title](images/ServiceNow-WebApp.png)

# Overview of services used

### Remote Repository (Github/Azure Repos):

<img src="images/azure_repos.PNG" align="right" width="200px"/>
The initial code was developed and tested on my local machine (using VSCode and Jupyter) and pushed to <br>both Github and Azure Repos. <br><br>For this project, I am including links to myAzure Repo for both the API call, and the Dash app:
<br clear="left"/>

[Dash App Repo](https://dev.azure.com/pythonprojects4cats/_git/ServiceNow-Dash-App)

[API Call Repo](https://dev.azure.com/pythonprojects4cats/_git/ServiceNow-API-Call)

### Azure App Service:
The Azure App Service deploys a small dash application using a docker container that runs an ubuntu base image. The docker image is created with the application files already included, so there is no need to pull code from a remote repo. Those files consist of:
* requirements.txt - for use with pip to install dependencies
* application.py - which contains the code for the dash page (based on the flask web framework)
* flask_secrets.py - which contains sensitive variables (added to .gitignore so it will not be shared in the repo) 

I'm using dash because it integrates well with plotly graphs, which I think provide a useful layer of interactivity for the viewer (you can hover and zoom/select). The app service is configured to reboot daily, shortly after the API call, in order to refresh the content being dislayed (as the service loads data from the blob each time it starts).

### Azure Virtual Machine:

The virtual machine contains python code which is run @ 7pm daily using a cron scheduler. The code:
* Reads an existing blob .csv from azure storage (if one does not exist, it will be created using included code)
* Runs the servicenow api call to gather daily backlog data (using credentials which are imported from Azure Key Vault)
* Appends the backlog_daily_count information to a dataframe (and includes a timstamp of time run)
* Then appends the dataframe to the existing blob container (overwriting the existing)

This code is also written exclusively in python, using imported Azure libraries for blob and keyvault functionality. The pandas library is also heavily used for data manipulation, and dataframe appending. In order to access the Azure Key Vault, this VM has also been given a managed identity.

### Azure Container Registry:
Azure container registry is a secure storage location for docker images, and a great alternative to Dockerhub if already using Azure for application deployments. The Azure container registry here holds the "snow-backlog" docker image, and passes it off to the app service for deployment online.

<img src="images/docker_code.PNG" width="300" align="left">
<img src="images/docker-logo.PNG" width="270" align="center" >

The docker image shown here uses an Ubuntu base image (v18.04). 
* The Dockerfile first installs python3 and pip installer
* An application directory ("app") is created in the home directory
* Files from the directory in which Docker is being run are added to the newly created app directory
* Additonal dependencies are installed (as defined in the requirements.txt file)
* "python3" is now declared as the entrypoint (which tells the container to use python to run my code)
* Finally, Docker runs the application.py file which loads the Flask page (it is included in the application file that docker run in port 80, which is the default expectation within Azure

### Azure Blob Storage:
Azure Blob storage is Microsoft's object storage solution for the cloud. I initially chose blob solution due to it's low-cost, but I do think it's probably best practice to store the entries in Azure SQL Database, so that change is coming soon. For now, two csv files are referenced by the code, both historical backlog files (one for EUC, one for Support). The csv log files are read in by the AzureVM API call, and a new csv file is then exported back into the blob container (overwriting the existing file).

### Azure Key Vault:

Azure Key Vault is a cloud service that provides a secure store for store keys, passwords, certificates, and other secrets.
After configuring my Azure VM with a managed identity, I gave the managed identity access to keyvault, just like you could do with any other security principal. The secret being referenced here are my login credentials for ServiceNow-Production access. Now, if I need to change the password for ServiceNow, the change can simply be updated in Azure Key Vault without the need for changing my application code (fewer deployments)

### Learning Experience:

I learned a TON during the course of this project, and ran into numerous issues (which supplied the learning). Some of the key issues:

* Time issues with the ServiceNow data (the data from ServiceNow was UTC-standard, and needed to be converted to local time)
* Time issues with the Ubuntu machine (a data review/audit led to the discovery that the Ubuntu VM was in a diff timezone - affecting the timing of the cronjob, resulting in poor data)
* Secret-keeping in the application file within the VM (cronjob would not detect my existing environmental variables, so I moved sensitive variables to an external file)
* Docker base image issues wherein the Alpine versions did not mingle with core data science libraries/dependencies (pandas, numpy)
* cloud authentication is flexible, and offers many paths to success, but the Azure CLI is new to me and took some time to understand. I recently earned my AZ-104, so it was great to see exactly how the cloud services all work together from scratch

I also got to brush up on my Ubuntu skills, which was by design, though that portion of the project should be revised in the future. In order to make this a completely serverless application, I'll need to deploy my code to Azure Functions. This change will be coming soon, in anticipation of planning for a fully-automated terraform/azure-pipelines automated deployment. Having to move code from the dev environment into a new docker file, then testing the docker image before deploying to Azure made me very aware of the benefits of CI/CD. As someone who is interested in pursuing automation/DevOps as a career-choice, I'm incredibly excited to work towards this goal in the coming weeks.

### Final Product:

As of now, the completed project has been running for 3 days (with multiple testing instances before-hand). It meets the needs of the EUC and Support teams by giving us visibility and insight into the volume of our workloads over time. Below the link to "Learn about this site", I've also included a link to a ServiceNow exploratory data analysis (using python data analysis libraries).

<img src="images/final_product.PNG">

Thanks for viewing!

[LinkedIn Profile for Taylor Ramsey](https://www.linkedin.com/in/william-ramsey-777241119/)