Comments

Problem Statement 1

Complex IaaS Problem Statement: Global Enterprise CRM Deployment

In accordance with your requirements for a Complex scenario involving New Infrastructure Deployment on Azure IaaS, here is the problem statement designed to test your architectural and service delivery skills.

1. CAF Strategy & Plan (Business Stakeholder Persona)

  • Business Motivation: “Our organization is launching a proprietary, high-performance CRM to support our expansion into the European market. Due to strict data sovereignty laws and legacy application dependencies, we cannot use PaaS; we require full control over the operating system and networking stack.”
  • Business Outcomes: The solution must support 10,000 concurrent users with a target Service Level Agreement (SLA) of 99.99% availability.
  • Workload Profile: A distributed, 3-tier monolithic application consisting of a Web Front-end, an Application Logic layer, and a heavy SQL-based Database backend.

2. CAF Ready & Adopt (Landing Zone)

  • Requirement: The infrastructure must be deployed into a Hub-and-Spoke landing zone. You are responsible for the “Spoke” design, assuming the “Hub” already provides centralized firewalling and ExpressRoute connectivity.

3. Discovery Report: Required Business Logic (Technical Architect Persona)

Because this is a new deployment, this report defines the High-Level Design (HLD) and Low-Level Design (LLD) requirements of the application software provided by the dev team:

  • Component Description:
    • Web Tier: 4x Windows Server 2022 instances (IIS).
    • App Tier: 4x Ubuntu 22.04 LTS instances running Java-based middleware.
    • Database Tier: A 2-node SQL Server 2022 Failover Cluster Instance (FCI) on Windows Server, requiring Shared Storage and high IOPS.
  • Application HLD: The app uses a synchronous communication model. The Web tier calls the App tier via a REST API, and the App tier communicates with the DB via a dedicated service account.
  • Application LLD (Requirements):
    • Web/App VMs require at least 8 vCPUs and 32GB RAM.
    • The Database requires 16 vCPUs, 128GB RAM, and sub-millisecond disk latency.

4. Source Workflow Diagram (Logic Flow)

  1. User Access: External users hit a public-facing entry point via HTTPS (Port 443).
  2. Web-to-App: The Web servers forward requests to the Application servers on Port 8080.
  3. App-to-DB: The Application servers query the SQL Database cluster on Port 1433.
  4. Admin Access: Developers require secure RDP/SSH access for monthly patching.

5. WAF Pillars (Constraints)

  • WAF Security:
    • Identity: All VM login access must be governed by Azure Entra ID.
    • Traffic: Implement a Zero-Trust model using Network Security Groups (NSGs) and Application Security Groups (ASGs). No direct internet access is allowed for App or DB tiers.
    • Secrets: Disk encryption keys and SQL credentials must be stored in Azure Key Vault.
  • WAF Reliability: The design must survive a Zone failure. You must use Availability Zones (AZs) for all tiers.
  • WAF Cost Optimization: The monthly budget for this spoke is $8,000 USD. You must use Azure Reserved Instances and Azure Hybrid Benefit calculations where applicable.
  • WAF Operational Excellence: The infrastructure must be monitored via Azure Monitor, with automated alerts for VM heartbeats and Disk space.

6. Technical Boundary

  • Strictly IaaS: You are forbidden from using Azure SQL Database (PaaS) or Azure App Service. Everything must run on Virtual Machines.
  • Networking: You must define the VNet CIDR, Subnetting (Web, App, DB, and Management), and Load Balancing (Internal vs. External).

The Challenge (Your Deliverables)

To complete this design phase, you must now produce:

  1. Target State HLD: The high-level Azure IaaS architecture.
  2. Target State LLD: Detailed configurations (VNet CIDR, Subnet ranges, VM SKUs like D-Series or E-Series, and Disk types like Premium SSD v2 or Ultra Disk).
  3. Azure Workflow Diagram: A description of how traffic flows securely through your Azure design.
  4. Component Mapping: A table mapping the dev team’s requirements to specific Azure IaaS services.

Are you satisfied with this problem statement, and would you like to proceed with creating these deliverables?

Posted

in

by

panipuri

Tags:

Comments

One response to “Problem Statement 1”

  1. panipuri Avatar
    panipuri

    VM classes comparison table

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *