Highly Available and Auto-Scaling Azure Cloud Setup for Web Traffic and with Region level BCDR
Scenario
Azure Cloud Setup for web traffic offers a highly available, auto-scaling infrastructure that supports region-level BCDR (Business Continuity and Disaster Recovery) solutions of Private Tour Operator that accepts registration for pilgrimage. The application to be hosted in one region and during an region level outage, the infrastructure can be failover to a secondary region. Additional two virtual machines are deployed where one is used for hosting the staging site for development purpose and the other is for hosting customer support ticketing system.
Key Components of Azure Cloud Setup for Web Traffic Management
Challenges
Client needed the application to be highly available in case of a azure zone disaster and able to apply BCDR in case of entire region outage. So we needed to design the Azure Infrastructure to be highly- available to a Azure Zone Outage and be able to Fail-over to a secondary region during Azure region level outage.
Objectives
Host the application in a file share service storage account and for compute, deploy Azure Virtual Machine Scale set (VMSS) which is the auto-scale solution from Azure and to provide BCDR solution. Two additional Virtual Machines, geo-replicated storage and backup solution as well as traffic load balancing and web application firewall solutions are also needed.
Project Delivery
We deployed Azure Front Door service which helped us to manage and monitor the global routing for web traffic in one region and during region-level outage, we could prioritize traffic to the secondary region. For more details on how to optimize traffic in Azure, check our article on Azure Load Balancer.
Azure VMSS was used to provide compute (vCPu/RAM) and the web-files are stored in Geo-redundant Azure Storage File Service account. The user uploads are configured stored in Azure Blob Storage. Azure CDN service was deployed to cache static objects such as images, videos loaded from Azure Blob storage for delivering high-bandwidth content. Azure Load Balancer deployed in front of Azure VMSS provided web traffic distribution to VMSS as well as secure RDP.
Azure Application Gateway is used to filter out web traffic with Web Application Firewall providing protection against common web and SQL attacks and providing secure access to web content. Geo-replicated Azure Hosted MSSQL was deployed to service Database for VMSS. Azure Backup is used to take backup of files stored in file service and also for other two machines. Azure VPN is sued for secure access to the Azure Infrastructure. Key Vault is used for storing credentials and certificates. The entire infrastructure is secured by Azure Security Center and monitoring provided by Azure Monitor.
Detail About Azure Services:
- Azure Front Door: Expand on how Azure Front Door enables global routing and the benefits of using it for traffic management during regional outages.
- Azure Virtual Machine Scale Set (VMSS): Provide a deeper explanation of how VMSS works, how it helps auto-scale applications, and its role in ensuring high availability.
- Azure CDN: You can elaborate on the role of Azure CDN in improving performance by caching content and reducing latency for global users.
Azure Cloud Setup: Key Tools and Technologies
- Azure Front Door: Explain how it optimizes performance by routing traffic to the most optimal region.
- Azure Load Balancer: Discuss its benefits in handling traffic spikes and ensuring high availability.
- Azure Application Gateway: Go into more detail about how it secures and accelerates the delivery of applications.
- Geo-replication and Azure SQL Database: Provide more information on how this ensures data integrity and high availability.
Results
We have deployed an secure, highly available web portal that is resilient to zone and region level outage. Geo-replication and backup service provides instant file/folder recovery as well as data for secondary region in case of BCDR.
Tools Used
- Azure Front Door
- Azure Load Balancer
- Azure Application Gateway
- Azure CDN
- Azure Blob Storage
- Azure File Share Service
- Azure VMSS
- Azure Backup
- Azure Security Center
- Azure Monitor
- Azure SQL Database
- Azure Site-To-Site VPN
- Azure Key Vault
- Azure Virtual Network
- Azure Recovery Vault
- Azure CDN