Skip to content

faraday23/cloud-native-portfolio

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 

Repository files navigation

DevOps
DevOps App Build Pipelines
Git
Java Build Pipeline
Network
Javascript Build Pipeline
Hardware
PHP Build Pipeline
kubernetes
.NET Build Pipeline
kubernetes
Python Build Pipeline
kubernetes
C# Build Pipeline
DevOps
CI/CD Tools
DevOps
GitHub Actions
DevOps
GitLab
DevOps
Team City / Octopus Deploy
DevOps
Azure DevOps Pipelines
Cloud
Cloud Computing
aws
AWS
azure
Azure
Google Cloud Platform
Google Cloud Platform
openstack
OpenStack
programming
Software Development
html
C#
go
Go-lang
javascript
Javascript
dot-net
.NET
Scripting
Scripting
Python
Python
Powershell
Bash
perl
Powershell
Containerization
Containerization
Docker
Docker
Podman
Podman
observability
Server Administration
Prometheus
Windows
Circle CI
Linux
Databases
Databases
sql
MySQL
Mongo
MongoDB
Testing
PostrgesSQL
Testing
CosmosDB
Testing
Database Automation
Databases
Data Processing
sql
Data Bricks
Mongo
Azure Data Lake
Testing
Azure Data Factory
Testing
Apache Spark
Terraform
Iac/Configuration Management
puppet
Terraform
Distributed
Ansible
you
Packer
Monitoring
Monitoring
Prometheus
Prometheus
Grafana
Grafana
Prometheus
Datadog
DataDog
Elastic Search
Grafana
Kiabana
Grafana
Logstash
observability
Distributed Tracing
Prometheus
Application Insights
Circle CI
Open Telemetry
DataDog
Zipkin
Grafana
Jaegar
observability
Networking
Prometheus
Azure express route
Circle CI
Azure virtual network
Circle CI
Azure Load Balancer
observability
Security
Prometheus
Azure Firewall
Circle CI
Azure Sentinel
Circle CI
Azure Key Vault
Circle CI
HashiCorp Vault
Databases
Testing
sql
Functional Testing
Mongo
Unit Testing
Testing
Integration Testing
HR
GitOps
Argo
Argo CD
Chaos Engineering
Chaos Engineering
Misc
k6
Elastic
Litmus Chaos
Chaos Engineering
Message Queueing
Misc
RabbitMQ
Misc
Apache Kafka
Chaos Engineering
Helm
Misc
Helm
DevSecOps
DevSecOps
Misc
CheckMarx/Jfrog XRAY
Misc
SonarQube/Owasp ZAP
Misc
PrismaCloud/Twistlock
Chaos Engineering
Architecture Design
Misc
Monolith to Microservices - Linkerd
Elastic
FaaS-ServerLess - Azure Functions
resume
Resume

LexisNexis

Ashley Furniture
Elastic
Microsoft

Azure Cloud Native Solution Architecture Diagram

Below is a diagram of the solution architecture we are building towards. This is An example solution would be an internal web application that allows employees to access and manage their company benefits. The web application would be hosted in an AKS cluster and would be composed of multiple microservices such as user management, claims management, and plan management. Users would be authenticated via Azure Active Directory and access to the web application would be restricted via Azure Virtual Network and Network Security Groups. The web application would be load balanced via Azure Load Balancer with Nginx and would be able to handle high traffic. The application data would be stored in Azure MySQL Flex Server and would be highly available and scalable. Azure Monitor would be used to monitor the performance of the web application, and Azure Container Registry would be used to store and manage the Docker images used by the application. the entire application would be build using ci/cd in a github actions pipeline.

azure-architecture_2_tier

Pre-requisites

  • Task 1: Create github repository
  • Task 2: Create Terraform enterprise workspace
  • Task 3: Add provider.tf file in repository
  • Task 4: Configuring a New Workspace
  • Task 5: Add environment variables
  • Task 6: Add Terraform variables
  • Task 7: Test Run Trigger

Part 2: Setup Vnet's, Resource Group's, and ACR

  • Task 1: Create resource groups for each VNet
  • Task 2: Decide the CIDR block for all VNets and add them to Network Allocations
  • Task 3: Create separate virtual network's with subnet for mbs frontend, backend, and database
  • Task 4: Create ACR in the Linux resource group
  • Task 5: Firewall requests

  • Task 1: Start with a base image: The first step is to specify a base image to use for the application. The most common base image for .NET applications is the official Microsoft .NET SDK image. The following line can be used to specify the base image:
    FROM mcr.microsoft.com/dotnet/sdk:5.0

  • Task 2: Set the working directory: Next, we'll set the working directory for the image. This is the directory that will be used as the starting point for all subsequent commands:
    WORKDIR /app

  • Task 3: Copy the application files: Next, we'll copy the application files into the working directory. This can be done using the COPY command, like so:
    COPY . .

  • Task 4: Restore dependencies: Now that the application files are in place, we need to restore the application's dependencies. This can be done using the dotnet restore command:
    RUN dotnet restore

  • Task 5: Build the application: After restoring the dependencies, we need to build the application. This can be done using the dotnet build command:
    RUN dotnet build --configuration Release

  • Task 6: Publish the application: Now that the application is built, we need to publish it so that it's ready to run. This can be done using the dotnet publish command:
    RUN dotnet publish --configuration Release --output /app/out

  • Task 7: Set the entry point: Finally, we need to set the entry point for the image so that the application will start when the container is run. This can be done using the ENTRYPOINT command:
    ENTRYPOINT ["dotnet", "/app/out/YourAppName.dll"]

  • Task 8: Once you have created the Dockerfile, you can build the Docker image using the "docker build" command, like so:
    docker build -t my-dotnet-app .

  • Task 9: This will create a new image named "my-dotnet-app" using the current directory as the build context and the Dockerfile in the current directory. Once the image is built, it can be run using the "docker run" command, like so:
    docker run -p 8080:80 my-dotnet-app
    This command will start a new container from the "my-dotnet-app" image and map port 8080 on the host to port 80 in the container.

  • What is the purpose of the container?

  • What base image should be used as the starting point?

  • What dependencies are required to run the application in the container?

  • How can the container be made as small and secure as possible?

  • How will data be persisted in the container?

  • How will the application communicate with other containers and services?

  • How will logs be collected and monitored in the container?

  • What resource constraints should be set for the container?

  • How will the container be tested and deployed in different environments?

  • How will the container be updated and managed over time?

docker

  • Task 1: Create a container registry
  • Task 2: Log in to registry
  • Task 3: Tag a container image
  • Task 4: Push image to registry
  • Task 5: List container images
  • Task 6: Run image from registry

Part 3: Deploy the Azure Kubernetes Service into Azure

  • Task 2: Create Linkerd service mesh
  • Task 3: Validate your Kubernetes cluster
  • Task 4: Install the control plane onto your cluster
  • Task 5: Explore Linkerd
  • Task 6: Install application
  • Task 7: Update data
  • Task 8: Restore data

service_mesh

  • Task 1: Setup AKS cluster for vault
  • Task 2: Configure Azure Key Vault
  • Task 3: Enable Key Management secrets engine
  • Task 4: Write keys
  • Task 5: Read Keys
  • Task 6: Create KMS provider
  • Task 7: Distribute keys to key vault
  • Task 8: Rotate key

hashicorp_vault

  • Task 1: Tunnel into the Azure Kubernetes Service cluster
  • Task 2: To monitor progress, use the kubectl get service command kubectl get service <service> --watch
  • Task 3: confirm coredns, kube-proxy, azure-cni, azure-ip. pods are running succesfully kubectl get pods -o wide --all-namespaces
  • Task 1: Create Helm chart by templating the collected resource yamls
  • Task 2: Understand and define Deployment, HorizontalPodAutoscaler, Ingress, Service, ServiceAccount
  • Task 3: Configure image, repository, pullPolicy
  • Task 4: Set up Service accounts provide a user identity to run in the pod inside the cluster.
  • Task 5: Configure networking ClusterIP, NodePort, ingress, hostnames
  • Task 6: Deploy application using helm chart

helm

  • Task 2: Deploy storage account
  • Task 3: Create a storage account
  • Task 4: 'General-purpose V2' storage account provides access to all of the Azure Storage services: blobs, files, queues, tables, and disks
  • Task 5: Selection Replication Geo-redundant storage (GRS) or Locally redundant storage (LRS)

Part 9: Monitoring with Azure Monitor and Log Analytics

  • Task 1: Create Azure Monitor and Log Analytics environment
  • Task 2: Explore AzureActivity with table schema
  • Task 3: Write a query using the AzureActivity table
  • Task 4: Add a filter to the query to reduce the number of records that are returned
  • Task 5: Work with charts to analyze the results of the query
  • Task 2: Create an Azure Database for MySQL
  • Task 3: Configure the server firewall
  • Task 4: Use prefered tool to create a database
  • Task 5: Load sample data
  • Task 6: Query data
  • Task 7: Update data
  • Task 8: Restore data

azure_database

Part 11: Scale the application and test HA

  • Task 1: Increase service instances from the Kubernetes dashboard
  • Task 2: Increase service instances beyond available resources
  • Task 3: Restart containers and test HA
  • Task 4: Configure Azure Database for MySQL DB Autoscale
  • Task 5: Test Azure Database for MySQL DB Autoscale

Part 12: Working with services and routing application traffic

  • Task 1: Scale a service without port constraints
  • Task 2: Update an external service to support dynamic discovery with a load balancer
  • Task 3: Adjust CPU constraints to improve scale
  • Task 4: Perform a rolling update
  • Task 5: Configure Kubernetes Ingress
  • Task 6: Multi-region Load Balancing with Azure Application Gateway

Optional

  • Task 2: Install Helm and the Secrets Store CSI driver
  • Task 3: Create an Azure key vault and set your secrets
  • Task 4: Create your own SecretProviderClass object
  • Task 5: Install Azure Active Directory (Azure AD) Pod Identity
  • Task 6: Deploy your pod with mounted secrets from your key vault
  • Task 7: Distribute keys to key vault
  • Task 8: Check the pod status and secret content

key_vault

  • Task 1: Discover options for triggering a CD GitHub Workflow
  • Task 2: Control workflow execution with job conditionals
  • Task 3: Store credentials with GitHub Secrets
  • Task 4: Deploy to Microsoft Azure using GitHub Actions

github_actions

  • Task 1: Install argocd server into cluster
  • Task 2: configure authentication to github
  • Task 3: deploy applications
  • Task 4: enable auto-sync auto-heal
  • Task 5: Watch Argocd sync the application

argocd

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published