Microsoft Azure Solution Architecture Guidelines
Cloud computing can be particularly confusing when it comes to practice and when putting all the pieces together to solve a specific business problem. This is not surprising since there are more than 200 products and services that are available to help solve challenges and create future platforms.
The trick is in knowing what services a business should consider when solving its unique challenges. Companies can use a few of these guidelines to get the best value whilst also considering costs and security:
It is important to remember that architecting a cloud solution is different from on-premises. When working on the cloud you need to consider costs and which services to use. Microsoft Azure contains many services designed to help companies solve business problems at different levels and skill sets; managed, reliable, scalable, and cost-effective services.
It is imperative to factor in the cost of cloud services and, in particular, the limitations that a business must consider due to cost reasons. It is not always advisable to take up the best service available since it might be more expensive. An example of such services would be Storage Queues versus Service Bus Queues. While Service Bus Queue might offer more flexibility and features, it is more expensive than Storage Queue. Therefore, depending on your requirements, Storage Queue may be more fitting and cost-effective.
Azure Compute provides the infrastructure you need to run your business applications on the cloud. It is essential to start thinking about the Azure Compute options in your cloud architecture. The diagram below will help you decide on how to proceed with the options available within Azure. I would highly recommend using it.
When considering data in Azure you need to understand the type of data to be stored. Note that Azure SQL offers the best SLA and availability. The table below gives more options and considerations:
Selecting the messaging service depends mainly on the business requirements. Non-functional requirements are also key in identifying which messaging service will be sufficient for the business application. Even though these services are similar, they are all designed for specific requirements or scenarios. These services can be used side by side in scenarios to fulfil different roles.
By default, security is a crucial topic when it comes to cloud computing in general. Security must be a prerequisite to all levels in cloud architecture. Best practices include restricting access to Virtual Machines and App Services. Understanding network security groups (NSGs) and how to manage rules is of utmost importance. NSGs can be associated with subnets or individual virtual machine instances within that subnet and can allow or deny network traffic.
The use of encryption in data storage is another option, which is on by default in most cases. Some Azure services provide built-in authentication and authorisation capabilities, but it is important to understand what can be configured. The example below from Microsoft shows the authentication and authorisation of a middleware component.
An architecture diagram showing requests being intercepted by a process in the site sandbox which interacts with identity providers before allowing traffic to the deployed site.
Logging and Monitoring
The last aspect we will be looking at is logging and monitoring. Microsoft Azure offers various logging and monitoring tools at both the infrastructure and application levels. Integrating these tools helps with gathering and analysing insights in your Azure environment. Alerts are also available to notify different teams and can be configured appropriately in any exceptional situation. i.e., High CPU usage, memory licks, exceptions, etc.
Azure allows you to also create and configure user-friendly dashboards to visualise business system states. Businesses can also use a feature called Application Insights to monitor live applications, detect performance anomalies and help diagnose issues. This Azure monitor feature also allows businesses to understand what users do within your system to help improve performance and usability.
The Azure architecture centre is a hub for viewing different reference architecture. Microsoft created this hub to assist businesses in solving specific business requirements. It outlines diagrams and goes into the detail of each service. Design guidelines and case studies can also be found in this hub to help business put together their architecture documentation.
If you have any questions feel free to reach out to me on LinkedIn.