ready to merge to prod

scenarios/metadata.json

@@ -66,7 +66,7 @@
         }
     },
     {
-        "status": "inactive",
+        "status": "active",
         "key": "azure-databases-docs/articles/mysql/flexible-server/tutorial-deploy-wordpress-on-aks.md",
         "title": "Tutorial: Deploy WordPress on AKS cluster by using Azure CLI",
         "description": "Learn how to quickly build and deploy WordPress on AKS with Azure Database for MySQL - Flexible Server.",
@@ -653,7 +653,7 @@
         }
     },
     {
-        "status": "inactive",
+        "status": "active",
         "key": "CreateLinuxVMSecureWebServer/create-linux-vm-secure-web-server.md",
         "title": "Create a NGINX Webserver Secured via HTTPS",
         "description": "This tutorial shows how to create a NGINX Webserver Secured via HTTPS.",
@@ -679,7 +679,7 @@
         }
     },
     {
-        "status": "inactive",
+        "status": "active",
         "key": "azure-docs/articles/confidential-computing/confidential-enclave-nodes-aks-get-started.md",
         "title": "Quickstart: Deploy an AKS cluster with confidential computing Intel SGX agent nodes by using the Azure CLI",
         "description": "Learn how to create an Azure Kubernetes Service (AKS) cluster with enclave confidential containers a Hello World app by using the Azure CLI.",
@@ -701,7 +701,7 @@
         }
     },
     {
-        "status": "inactive",
+        "status": "active",
         "key": "azure-docs/articles/azure-linux/quickstart-azure-cli.md",
         "title": "Quickstart: Deploy an Azure Linux Container Host for AKS cluster by using the Azure CLI",
         "description": "Learn how to quickly create an Azure Linux Container Host for AKS cluster using the Azure CLI.",
@@ -720,7 +720,7 @@
         }
     },
     {
-        "status": "inactive",
+        "status": "active",
         "key": "azure-compute-docs/articles/virtual-machine-scale-sets/tutorial-use-custom-image-cli.md",
         "title": "Tutorial - Use a custom VM image in a scale set with Azure CLI",
         "description": "Learn how to use the Azure CLI to create a custom VM image that you can use to deploy a Virtual Machine Scale Set",

tools/design.md

@@ -0,0 +1,109 @@
+# Design Document for a Resilient Retail Application on Azure using Kubernetes
+
+## Table of Contents
+1. **Overview**
+2. **Business Requirements**
+3. **System Architecture**
+4. **Technology Stack**
+5. **Deployment Strategy**
+6. **Resilience and High Availability**
+7. **Security Considerations**
+8. **Monitoring and Observability**
+9. **Cost Management**
+10. **Conclusion**
+
+---
+
+## 1. Overview
+This document outlines the design of a resilient retail application hosted on Azure, leveraging Kubernetes. The application will support operations in the USA and Europe, ensuring high availability, scalability, and fault tolerance. The deployment will utilize Azure Kubernetes Service (AKS) with a focus on best practices for multi-region deployments and resilience.
+
+---
+
+## 2. Business Requirements
+- **Geographical Presence:** The application must operate in both USA and Europe.
+- **High Availability:** Ensure uptime of 99.99% to meet critical retail demands.
+- **Scalability:** Handle varying workloads during seasonal peaks.
+- **Compliance:** Meet data sovereignty and compliance requirements (e.g., GDPR in Europe).
+- **Cost Efficiency:** Optimize for cost without compromising performance.
+- **Disaster Recovery:** Recovery time objective (RTO) of 15 minutes and recovery point objective (RPO) of 5 minutes.
+
+---
+
+## 3. System Architecture
+### 3.1 High-Level Architecture
+- **Frontend:** React-based single-page application (SPA) hosted on Azure Static Web Apps.
+- **Backend:** Microservices architecture developed using .NET Core and Node.js.
+- **Data Layer:** Azure SQL Database for transactional data, Cosmos DB for globally distributed data, and Azure Blob Storage for unstructured data.
+- **Message Broker:** Azure Service Bus for asynchronous communication.
+- **Load Balancing:** Azure Front Door to distribute traffic across regions.
+
+### 3.2 Multi-Region Deployment
+- Primary region: East US
+- Secondary region: West Europe
+- Data replication using geo-redundant services.
+
+---
+
+## 4. Technology Stack
+- **Cloud Provider:** Azure
+- **Container Orchestration:** Azure Kubernetes Service (AKS)
+- **CI/CD:** Azure DevOps
+- **Monitoring:** Azure Monitor, Prometheus, Grafana
+- **Storage:** Azure Blob Storage, Azure SQL Database, Cosmos DB
+- **Networking:** Azure Front Door, Application Gateway, Azure VPN
+- **Security:** Azure Active Directory (AAD), Azure Key Vault
+
+---
+
+## 5. Deployment Strategy
+### 5.1 Infrastructure as Code (IaC)
+- Use Terraform to provision Azure resources.
+- Helm charts for Kubernetes manifest management.
+
+### 5.2 CI/CD Pipeline
+- Azure DevOps pipelines to automate build, test, and deployment.
+- Canary deployments for incremental rollouts.
+
+### 5.3 Blue-Green Deployment
+- Utilize AKS to maintain separate environments for blue and green deployments, ensuring seamless updates.
+
+---
+
+## 6. Resilience and High Availability
+### 6.1 Kubernetes Configuration
+- Use multiple node pools in AKS for workload isolation.
+- Enable Kubernetes Pod Disruption Budgets (PDBs) to maintain availability.
+- Configure Horizontal Pod Autoscaler (HPA) for scaling based on load.
+
+### 6.2 Disaster Recovery
+- Geo-redundant storage for data replication.
+- Backup strategies using Azure Backup and Azure Site Recovery.
+- Failover automation using Azure Traffic Manager.
+
+---
+
+## 7. Security Considerations
+- Use Azure AD for identity management.
+- Encrypt data at rest and in transit using Azure Key Vault and TLS/SSL.
+- Network security groups (NSGs) to enforce network isolation.
+- Regular vulnerability scans and compliance audits.
+
+---
+
+## 8. Monitoring and Observability
+- **Kubernetes Monitoring:** Azure Monitor for containers, Prometheus for metrics collection.
+- **Log Aggregation:** Centralized logging with Azure Log Analytics and Fluent Bit.
+- **Alerts:** Set up alerts for key performance indicators (KPIs) and anomalies.
+
+---
+
+## 9. Cost Management
+- Use Azure Cost Management tools to monitor and optimize resource usage.
+- Leverage reserved instances for predictable workloads.
+- Implement autoscaling to avoid over-provisioning.
+
+---
+
+## 10. Conclusion
+This design ensures a resilient, scalable, and secure retail application capable of meeting the demands of a global customer base. By leveraging Azure and Kubernetes, the solution provides a robust platform for business continuity, compliance, and growth.
+