bert.hausmans/cmdb-insight
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f4399a8e4e3f22166e226e84fbe6aa68e8e347b4
cmdb-insight/docs/AZURE-RESOURCES-OVERVIEW.md
Bert Hausmans f4399a8e4e Consolidate documentation and update backend services 
- Reorganize docs into 'Core deployment guides' and 'Setup and configuration' subdirectories
- Consolidate redundant documentation files (ACR, pipelines, deployment guides)
- Add documentation consolidation plan
- Update backend database factory and logger services
- Update migration script and docker-compose configurations
- Add PostgreSQL setup script
2026-01-22 22:45:54 +01:00

8.0 KiB
Raw Blame History

Azure Resources Overview

Quick reference of all Azure resources needed for CMDB Insight deployment.

📋 Resources Summary

Resource Type Resource Name Purpose SKU/Tier Estimated Cost Shared?
Resource Group rg-cmdb-insight-prod Container for all resources - Free No
Container Registry yourcompanyacr Store Docker images (can be shared) Basic/Standard €5-20/month Yes
PostgreSQL Database cmdb-postgres-prod Production database Standard_B1ms €20-30/month No
Key Vault kv-cmdb-insight-prod Store secrets securely Standard €1-2/month No
App Service Plan plan-cmdb-insight-prod Hosting plan B1 €15-25/month No
App Service (Backend) cmdb-backend-prod Backend API - Included in plan No
App Service (Frontend) cmdb-frontend-prod Frontend web app - Included in plan No
Application Insights appi-cmdb-insight-prod Monitoring & logging Basic €0-5/month No

Total Estimated Cost: €41-82/month (depending on ACR tier and usage)

💡 Note: Container Registry can be shared across multiple applications. The repository name (cmdb-insight) separates this app from others. If you already have an ACR, reuse it to save costs!

🔗 Resource Dependencies

Resource Group (App-specific)
├── PostgreSQL Database
│   └── Stores: Application data
├── Key Vault
│   └── Stores: Secrets (JIRA tokens, passwords, etc.)
├── Application Insights
│   └── Monitors: Backend & Frontend apps
└── App Service Plan
    ├── Backend App Service
    │   ├── Pulls from: Shared ACR (cmdb-insight/backend:latest)
    │   ├── Connects to: PostgreSQL
    │   ├── Reads from: Key Vault
    │   └── Sends logs to: Application Insights
    └── Frontend App Service
        ├── Pulls from: Shared ACR (cmdb-insight/frontend:latest)
        └── Connects to: Backend App Service

Shared Resources (can be in separate resource group)
└── Container Registry (ACR) ← Shared across multiple applications
    ├── cmdb-insight/          ← This application
    │   ├── backend:latest
    │   └── frontend:latest
    ├── other-app/             ← Other applications
    │   └── api:latest
    └── shared-services/       ← Shared images
        └── nginx:latest

🌐 Endpoints

After deployment, your application will be available at:

  • Frontend: https://cmdb-frontend-prod.azurewebsites.net
  • Backend API: https://cmdb-backend-prod.azurewebsites.net/api
  • Health Check: https://cmdb-backend-prod.azurewebsites.net/api/health

If custom domain is configured:

  • Frontend: https://cmdb.yourcompany.com
  • Backend API: https://api.cmdb.yourcompany.com (or subdomain of your choice)

🔐 Required Secrets

These secrets should be stored in Azure Key Vault:

Secret Name Description Example
JiraPat Jira Personal Access Token (if using PAT auth) ATATT3xFfGF0...
SessionSecret Session encryption secret a1b2c3d4e5f6... (32+ chars)
JiraOAuthClientId Jira OAuth Client ID OAuthClientId123
JiraOAuthClientSecret Jira OAuth Client Secret OAuthSecret456
JiraSchemaId Jira Assets Schema ID schema-123
DatabasePassword PostgreSQL admin password SecurePassword123!

📊 Resource Sizing Recommendations

For 20 Users (Current)

Resource Recommended SKU Alternative
App Service Plan B1 (1 vCore, 1.75GB RAM) B2 if experiencing slowness
PostgreSQL Standard_B1ms (1 vCore, 2GB RAM) Standard_B2s for growth
Container Registry Basic (10GB) Standard for production
Key Vault Standard Standard (only option)

For 50+ Users (Future Growth)

Resource Recommended SKU Notes
App Service Plan B2 or S1 Better performance
PostgreSQL Standard_B2s (2 vCores, 4GB RAM) More concurrent connections
Container Registry Standard (100GB) More storage, geo-replication

🔄 Update/Deployment Flow

  1. Code Changes → Push to repository
  2. CI/CD Pipeline → Builds Docker images
  3. Push to ACR → Images stored in Container Registry
  4. Restart App Services → Pulls new images from ACR
  5. Application Updates → New version live

Manual Deployment

# Restart apps to pull latest images
az webapp restart --name cmdb-backend-prod --resource-group rg-cmdb-insight-prod
az webapp restart --name cmdb-frontend-prod --resource-group rg-cmdb-insight-prod

🛡️ Security Configuration

Network Security

  • HTTPS Only: Enabled on both App Services
  • Database Firewall: Restricted to Azure services (can be further restricted)
  • Key Vault Access: Managed Identity only (no shared keys)

Authentication

  • App Services: Managed Identity for ACR and Key Vault access
  • Database: Username/password (stored in Key Vault)
  • Application: Jira OAuth 2.0 or Personal Access Token

📈 Monitoring & Logging

Application Insights

  • Metrics: Response times, request rates, errors
  • Logs: Application logs, exceptions, traces
  • Alerts: Configured for downtime, errors, performance issues

Access Logs

# Backend logs
az webapp log tail --name cmdb-backend-prod --resource-group rg-cmdb-insight-prod

# Frontend logs
az webapp log tail --name cmdb-frontend-prod --resource-group rg-cmdb-insight-prod

🔧 Configuration Files

Environment Variables (Backend)

  • NODE_ENV=production
  • PORT=3001
  • DATABASE_TYPE=postgres
  • DATABASE_URL (from Key Vault)
  • JIRA_HOST=https://jira.zuyderland.nl
  • JIRA_AUTH_METHOD=oauth
  • JIRA_OAUTH_CLIENT_ID (from Key Vault)
  • JIRA_OAUTH_CLIENT_SECRET (from Key Vault)
  • JIRA_OAUTH_CALLBACK_URL
  • JIRA_SCHEMA_ID (from Key Vault)
  • SESSION_SECRET (from Key Vault)
  • FRONTEND_URL
  • APPINSIGHTS_INSTRUMENTATIONKEY

Environment Variables (Frontend)

  • VITE_API_URL (points to backend API)

🗑️ Cleanup (If Needed)

To delete all resources:

# Delete entire resource group (deletes all resources)
az group delete --name rg-cmdb-insight-prod --yes --no-wait

# Or delete individual resources
az acr delete --name cmdbinsightacr --resource-group rg-cmdb-insight-prod
az postgres flexible-server delete --name cmdb-postgres-prod --resource-group rg-cmdb-insight-prod
az keyvault delete --name kv-cmdb-insight-prod --resource-group rg-cmdb-insight-prod
az appservice plan delete --name plan-cmdb-insight-prod --resource-group rg-cmdb-insight-prod

⚠️ Warning: This will permanently delete all resources and data. Make sure you have backups if needed.

📞 Quick Commands Reference

# Set variables
RESOURCE_GROUP="rg-cmdb-insight-prod"
BACKEND_APP="cmdb-backend-prod"
FRONTEND_APP="cmdb-frontend-prod"

# Check app status
az webapp show --name $BACKEND_APP --resource-group $RESOURCE_GROUP --query state

# View logs
az webapp log tail --name $BACKEND_APP --resource-group $RESOURCE_GROUP

# Restart apps
az webapp restart --name $BACKEND_APP --resource-group $RESOURCE_GROUP
az webapp restart --name $FRONTEND_APP --resource-group $RESOURCE_GROUP

# List all resources
az resource list --resource-group $RESOURCE_GROUP --output table

# Get app URLs
echo "Frontend: https://${FRONTEND_APP}.azurewebsites.net"
echo "Backend: https://${BACKEND_APP}.azurewebsites.net/api"

📚 Related Documentation

  • AZURE-NEW-SUBSCRIPTION-SETUP.md - Complete step-by-step setup guide
  • AZURE-APP-SERVICE-DEPLOYMENT.md - Detailed App Service deployment
  • AZURE-ACR-SETUP.md - ACR setup and usage
  • AZURE-QUICK-REFERENCE.md - Quick reference guide
  • PRODUCTION-DEPLOYMENT.md - General production deployment

Last Updated: 2025-01-21

Reference in New Issue View Git Blame Copy Permalink