Nonstop API

Azure Architecture

Pre-Prod (Dev, Staging, QA)

Each environment (for more details see Environments) is deployed as a single Resource Group within Azure containing the following resources:

• 1 App Service Plan housing:
  • 1 Azure App Service to host the CMS API
  • 1 Azure App Service to host the CMS Front End
  • 1 Azure App Service to host the Public API
• 1 Azure SQL Database Server housing:
  • the Azure SQL Database for this environment
• 1 Azure Storage Account for static file hosting
• 1 Azure CDN for improving the delivery of the static files
• 1 Azure Cache for Redis for this environment
• 1 Azure Key Vault for secrets management for this environment

Production

For production, we operate 2 geo-redundant copies of the above infrastructure contained within a single resource group. The makeup of this resource group is as follows:

Web sites

• 1 App Service Plan housing:
  • 1 Azure App Service to host the Public API on the West Coast
• 1 App Service Plan housing:
  • 1 Azure App Service to host the Public API on the East Coast
• 1 App Service Plan housing:
  • 1 Azure App Service to host the CMS API on the West Coast
  • 1 Azure App Service to host the CMS Front End on the West Coast
• 1 App Service Plan housing:
  • 1 Azure App Service to host the CMS API on the East Coast
  • 1 Azure App Service to host the CMS Front End on the East Coast

At present, these services are run in a Primary/Secondary configuration using Azure Traffic Manager which manages request routing at the DNS level.

• 3 Azure Traffic Manager instances (one for each component of the system)

Data Storage

• 1 Azure SQL Database Server housing:
  • the Azure SQL Database for the production environment on the West Coast
• 1 Azure SQL Database Server housing:
  • the Azure SQL Database for the production environment on the East Coast

Geo resiliency for the SQL Server is managed using SQL Azure's Geo Replication feature. This means that the East Coast database is a readable secondary of the main, writeable primary database located on the West Coast. Failover to the secondary is achieved manually and is only intended to be used in the event of an extended outage.

• 1 Azure Cache for Redis for the production environment on the West Coast
• 1 Azure Cache for Redis for the production environment on the East Coast

Geo resiliency for the Redis Cache is managed using Redis Azure's Geo Replication feature. This means that the East Coast cache is a readable secondary of the main, writeable primary database located on the West Coast. Failover to the secondary is achieved manually and is only intended to be used in the event of an extended outage.

Blob Storage

• 1 Azure Storage Account for static file hosting
• 1 Azure CDN for improving the delivery of the static files

Geo resiliency for Blob Storage is provided by using Azure Blob Storage's Geo redundant-storage feature. This means that in the event of an outage Microsoft is able to enable reads from the secondary region (in our case, East US) in the event of an outage in primary region (in our case, West US).

Others

• 1 Azure Key Vault for secrets management for production

Geo resiliency for Azure Key Vault is included with the service - please see here for details.