환경구분

Domain

비고

DEVELOP

{+}https://dev-m.sansae.net+^{Image Added} 

STAGE

{+}https://stg-m.sansae.net+^{Image Added}

PRODUCTION

{+}https://m.sansae.net+^{Image Added}

순번

구분

내용

비고

1

Hub-Spoke Network설계

• Vnet Peering
  
• Hub zone / Azure Firewall
  
• Spoke zone / Azure Firewall

{+}https://docs.microsoft.com/ko-kr/azure/architecture/reference-architectures/hybrid-networking/hub-spoke?tabs=cli+^{Image Added}

2

VPN 설정

On Premise →  Azure Hub zone

{+}https://docs.microsoft.com/ko-kr/azure/cloud-adoption-framework/migrate/azure-best-practices/migrate-best-practices-networking#best-practice-implement-a-highly-available-site-to-site-vpn+^{Image Added}

3

VNet 설계

• Hub zone Subnet 설계
  
• Spoke zone Subnet 설계

{+}https://docs.microsoft.com/ko-kr/azure/cloud-adoption-framework/migrate/azure-best-practices/migrate-best-practices-networking#best-practice-design-subnets+^{Image Added}

4

Azure Resources 생성

• ACR 생성

• AKS 생성

• DB 생성
  
  • Private Endpoint 생성

• Application Gateway 생성

• Firewall 생성

• Storage 생성

• Azure CDN 생성

• Azure DNS zone 생성

5

Azure Application Gateway 설정

• Domain Base Route Rule설정
  
• Backend Pool
  
• TLS종료 설정
  
• X-Forwarded-For설정

6

Azure Firewall 설정

• SNAT
  
• DNAT
  
• Firewall-policy

7

Azure CDN 설정

• Custom-domain 설정
  
• Storage account 설정