Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

환경구분

Domain

비고

DEVELOP


STAGE


PRODUCTION


Cloud Solution Architecture

Image Added

Architecture Implements

순번

구분

내용

비고

1

Hub-Spoke Network설계

  • Vnet Peering
  • Hub zone / Azure Firewall
  • Spoke zone / Azure Firewall

2

VPN 설정

On Premise →  Azure Hub zone

3

VNet 설계

  • Hub zone Subnet 설계
  • Spoke zone Subnet 설계

4








Azure Resources 생성








  • ACR 생성
    • Private Endpoint 생성

https://docs.microsoft.com/ko-kr/azure/container-registry/

  • AKS 생성
    • Internal-LB생성
    • UDR 생성

https://docs.microsoft.com/ko-kr/azure/aks/intro-kubernetes

  • DB 생성
    • Private Endpoint 생성

https://docs.microsoft.com/ko-kr/azure/mariadb/

https://docs.microsoft.com/ko-kr/azure/azure-cache-for-redis/

https://docs.microsoft.com/ko-kr/azure/event-hubs/

  • Application Gateway 생성

https://docs.microsoft.com/ko-kr/azure/application-gateway/overview

  • Firewall 생성

https://docs.microsoft.com/ko-kr/azure/firewall/overview

  • Storage 생성

https://docs.microsoft.com/ko-kr/azure/storage/common/storage-account-overview

  • Azure CDN 생성

https://docs.microsoft.com/ko-kr/azure/cdn/

  • Azure DNS zone 생성

https://docs.microsoft.com/ko-kr/azure/dns/

5

Azure Application Gateway 설정

  • Multiple Sites 설정
  • TLS종료 설정
  • X-Forwarded-For설정

https://docs.microsoft.com/ko-kr/azure/application-gateway/create-multiple-sites-portal

https://docs.microsoft.com/ko-kr/azure/application-gateway/create-ssl-portal

https://docs.microsoft.com/ko-kr/azure/application-gateway/rewrite-http-headers-url

6

Azure Firewall 설정

  • SNAT
  • DNAT
  • Firewall-policy

https://docs.microsoft.com/ko-kr/azure/firewall/tutorial-firewall-dnat-policy

https://docs.microsoft.com/ko-kr/azure/firewall/rule-processing

7

Azure CDN 설정

  • Custom-domain 설정
  • Storage account 설정

https://docs.microsoft.com/ko-kr/azure/cdn/cdn-map-content-to-custom-domain?tabs=azure-dns%2Cazure-portal%2Cazure-portal-cleanup

https://docs.microsoft.com/ko-kr/azure/cdn/cdn-custom-ssl?tabs=option-1-default-enable-https-with-a-cdn-managed-certificate