Cloud Infrastructure for Publicly Traded Manufacturer
Azure architecture, engineering plan and implementation to power a North American-spanning enterprise application
This publicly-traded manufacturing company spans North America and operates a network of production facilities, B2B outlets, online storefronts and logistics networks. Combining a portfolio of brick-and-mortar facilities and a strong digital ecosystem, they manufacture, market and fulfill a range of physical products for commercial construction firms. To support their growth and optimize operations, they are actively exploring a strategic migration to Azure infrastructure, aiming to leverage the cloud's scalability, agility, and security to further enhance their competitive edge.
The client’s .NET- and SQL-based enterprise application is crucial to company operations and serves thousands of internal and external users every day across North America. As part of the firm’s long-term cloud initiative, IT needed to uplift this application to the cloud. Since they operate most IT infrastructure on-premises, their organization didn’t have the expertise to engineer and implement a cloud solution. Therefore, the client brought MercuryWorks in to develop and implement a plan.
MercuryWorks engineers designed a bi-coastal asset architecture including load-balancing via a secure Azure Front Door and alerting with Azure Monitor. All assets (application, data and storage) are of a Platform as a Service (PaaS) variety and scripted with Infrastructure as Code (IaC) using Bicep to power asset instantiation and configuration with Azure ARM (Azure Resource Manager) files.
MercuryWorks implemented a solid and tested infrastructure that was confirmed with a manual application deployment to proof out operation, performance and functionality in the cloud. By virtue of the Front Door and bi-coastal assets, test users were served by the cloud asset closest to them for ideal user experience. Additionally, use of PaaS assets yielded a significant reduction in IT staff manpower required to keep it running as compared to on-premises infrastructure.
Use of Azure PaaS assets freed up client IT staff
Enables addition of regional assets when needed
Client retired significant assets from their books
Per-transaction performance increased by 25%
As the application’s adoption spreads across the client’s growing B2B user base, not only is demand spreading across North America – it is also experiencing greatly increased overall demand. As such, a geographically-distributed and -sized set of Azure resources was essential to provide responsiveness to the new larger user base.
The client’s user base growth is largely focused on the northeast (NYC, Philly, Boston) and California. For this reason, we implemented a two-region load-balanced Azure infrastructure West US and East US being the paired regions. This strategy provides an application copy close to users on both coasts.
We implemented an additional availability strategy for auto-scaling the API App Service Plan (see diagram below) in each region. The purpose of this strategy addresses anticipated rapidly growing API endpoint request volume and resulting declining response times.
The Azure auto-scale implementation creates a second resource instance during a time window set to encompass North American working hours. Autoscale then scales back during non-working hours to optimize asset spend. Since auto-scale is implemented in each Azure region, each region’s scale out takes into account relevant time zones.
Traffic (API and UI) is load balanced by an Azure Front Door; traffic coming to the application is routed to the appropriate instance based on which will be more performant for the user. The following diagram illustrates the resulting asset topology:
Other Key Highlights
In the event of a large Azure outage, one of each paired service is prioritized for recovery for quickest return to service
During a planned Azure update, paired region updates will be staggered to minimize downtime
CDN for Performance
The Azure Front Door also provides a CDN to cache static resources closer to users, reducing UI load time
We also implemented Azure Monitor to provide conditional alerts for user-impacting performance and availability
"This application is crucial to our operations yet since we operate most IT infrastructure on-premises, our organization didn't have the expertise to engineer and implement a cloud solution. In stepped MercuryWorks to develop an on-point plan - and they executed it with precision!"
Chief Technology Officer
Behind The Curtain
Provides database storage, web app and processing services. Azure provides an ideal solution for the client’s enterprise application; in this scenario we applied Platform as a Service (PaaS) assets.
Microsoft Entra ID is part of this client’s Azure strategy to fulfill SOX-compliant identity and authorization requirements. Entra provides digitally validated identity to ensure trustworthy system access.
Microsoft’s Bicep templates compile into Azure Resource Manager (ARM) templates to define Azure resources declaratively. Bicep is a domain-specific language with clean, easy to read syntax.