E-Comm Domains Azure Re-Infrastructure
Current State
Updated Miro as of 4/19/23:
https://miro.com/app/board/uXjVP3wN1TM=/?share_link_id=430901434152
Pain points for current setup
Cannot save products on Stage magento due to cloudflare rules
Unclear combination of VPNs depending on what resource a dev is trying to interact with
Unclear understanding of “ownership” boundaries of infrastructure in Azure
What is the dev’s team responsibility to own/fix/access?
Wish List/Ideal State
https://miro.com/app/board/uXjVP3wN1TM=/?share_link_id=430901434152
Reduction of “VPN hopping”
Our current setup requires us use three separate VPNs to interact with the front and back of staging sites at the same time
Recommendations for Azure training for developers who are supporting Azure Infrastructure
Things such as Craft CMS tech stack / Magento tech stack / n8n / meilisearch / docker image devops flow
Docker image repository if we dont already have one
Team based permissions
Internal tools dashboard for simple Azure actions for prod issues? (i.e. restarting melisearch service when down)
Button to clear respective cloudflare caches after a deploy
Easy ssh key management
Monitoring, uptime checks, log aggregation
Pingdom + Datadog + more robust Azure monitoring/logging as a dashboard
Fast, private networks between environments for data syncs
Permissions to
Cost
Network (View only)
Monitoring, logs, health checks
Environment vars, settings for managed services
App service/container redeploys/mods
FreeCME domain in cloudflare for consistency and security
Permissions to cloudflare desired - flushing asset caches and reviewing status of things
May not need direct hands on - but integrations from blitz and auto-purge extensions will need ECM assistance to configure and test
https://putyourlightson.com/plugins/blitz#cloudflare-page-rules (Cloudflare page rules via blitz docs)
After we update blitz we can do purging directly from within it:
Meilisearch App container with persistent storage - (Done)
This is done - master keys are held in a secret in ADO I believe
SSL wildcards for domains where possible (fcme pending)
FCME Behind cloudflare - DNS moved into .. Cloudflare I think - last I knew it was on Godaddy
Load balancing (IF NEEDED - I have not seen a reason for this just yet- until we get caching straightened out, this should be low priority)
Managed Services
Redis DB for prod+stage
MariaDB and replica for stage
Need to prep for move off of Adobe Cloud - @Ben Williamson (Deactivated) recommends JetRails
TODO: Date for end of cloud contract (may need to extend by another year to support migration)