Azure Best Practices

Corrected Flow for Request Handling with Azure Cloud Services:

1. User Request: A user makes a request (e.g., loan application).

2. Azure CDN:

   • The request can first go through Azure CDN (Content Delivery Network), which caches static assets like images, scripts, or frontend resources. This will reduce latency for frequently accessed resources.

3. Azure Traffic Manager:

   • After that, the request is routed through Azure Traffic Manager, which is responsible for directing the request to the closest or most available region of your application (multi-region load balancing). Traffic Manager helps with geo-replication, ensuring high availability and fault tolerance.

4. Azure Front Door:

   • Azure Front Door then acts as a global HTTP(s) load balancer, handling the routing for user traffic to the appropriate backend service. Front Door provides additional features like SSL termination, Web Application Firewall (WAF), and routing based on URL paths or hostnames.

5. Azure Application Gateway:

   • After being directed by Front Door, the traffic reaches Azure Application Gateway, which acts as an internal load balancer, responsible for traffic distribution across multiple microservices or internal resources (services running on AKS or other infrastructure). It also provides SSL offloading and Web Application Firewall capabilities.

6. Load Balancer (if needed):

   • If you have multiple instances or replicas of services running in AKS, Azure Load Balancer can be used to distribute traffic across them. However, Azure Application Gateway often takes care of this, so Load Balancer can be an optional step depending on your architecture.

7. AKS (Azure Kubernetes Service):

   • The request then reaches the AKS cluster, where your microservices are deployed. AKS is responsible for running containerized applications and scaling them based on the demand.

   • Inside AKS, Istio service mesh can be used for service-to-service communication, monitoring, and security.

8. Microservices:

   • The request is processed by the relevant microservices deployed on AKS (e.g., Loan Processing, Loan Decisioning, Credit Scoring, etc.). Each service can interact with Azure resources like databases, queues, and event hubs, depending on the architecture.

Key Adjustments in Flow:

• Traffic Manager should be placed before Azure Front Door in the routing hierarchy. Traffic Manager handles global load balancing (geo-based routing), while Front Door is responsible for global HTTP(S) routing and security.

• Application Gateway works better for internal load balancing between AKS pods, while Azure Front Door is the global layer that can handle web traffic routing.

• Load Balancer might not be necessary if Application Gateway is already handling the traffic distribution internally.

Final Corrected Flow:

1. User Request

2. Azure CDN (for static content caching)

3. Azure Traffic Manager (global load balancing, region routing)

4. Azure Front Door (global HTTP(S) routing and WAF)

5. Azure Application Gateway (internal load balancing, SSL offloading)

6. Azure Load Balancer (optional, depending on architecture)

7. Azure AKS (container orchestration)

8. Microservices (hosted in AKS, e.g., Loan Application, Loan Processing)

9. Back-End Azure Services (e.g., databases, queues, Kafka)