官术网_书友最值得收藏!

N-tier deployment

Now we know all the basics and it is time to make a complex architecture (N-tier architecture) out of this.

Let's take a look at the following diagram:

What is different here? The architecture is again based on the pattern for multiple VMs, but this time, the design is repeated several times because the architecture is divided into at least the following three levels:

  • Web tier or frontend application
  • Business tier or business logic
  • Data tier

Not required, but nevertheless often present, are the following levels:

  • Management tier
  • Active Directory

All actually existing levels within this architecture are also single subnets of the VNet.

The entry point for this architecture is again the Azure Load Balancer, which is only used to distribute incoming internet traffic to the web tier, the Azure Internal Load Balancer (ILB) is then used for all other levels.

Unlike the Azure Load Balancer, the ILB requires a private IP address. To give the ILB a private IP address, create a frontend IP configuration and associate it with the subnet for the business tier.

Let's go back to distribution from incoming internet traffic. Not visible, but still present, are the numerous network security groups (NSGs) that are respectively associated with the subnet. An NSG is used to regulate network traffic by allowing or denying network traffic. For our architecture, this means, for example, that you can use the help of an NSG to decide that the data from the web tier can only be passed on to the business tier.

Now, I have some additional information about the optional architectural layers:

  • Management tier (also known as jumpbox or bastion host): The Management tier includes a secure VM on the network that administrators (or DevOps) use to connect to the other VMs. Note that the most of the time the management tier has an NSG that allows remote traffic only from public IP addresses on a safe list. The NSG should also permit the use of the RDP. The management tier is also a good place to install a monitoring solution such as Nagios or Zabbix that can give you an insight into response time, VM uptime, and the overall health of your system.
  • Active Directory Tier: The Active Directory tier includes a VM with installed Active Directory Domain Service (AD DS). An Active Directory tier is only required if you use an SQL Server Always-On Availability Group as Data tier. Prior to Windows Server 2016, SQL Server Always-On Availability Groups must be joined to a domain. This is because availability groups depend on the Windows Server Failover Cluster (WSFC) technology. Windows Server 2016 provides the ability to create a failover cluster without Active Directory. If your architecture is based on Windows Server 2016, the AD DS server is not required.
主站蜘蛛池模板: 米易县| 汾西县| 临漳县| 宜宾市| 周口市| 山东省| 治县。| 甘谷县| 岳阳县| 昌都县| 枣庄市| 台东市| 洪江市| 丰台区| 鹰潭市| 蒙山县| 阳原县| 阜新市| 洪湖市| 元阳县| 涿鹿县| 西乌珠穆沁旗| 改则县| 康平县| 蛟河市| 辉南县| 和龙市| 安远县| 五家渠市| 穆棱市| 寿宁县| 洪江市| 即墨市| 沭阳县| 通榆县| 苗栗市| 云浮市| 花垣县| 锡林浩特市| 朝阳县| 湟中县|