This solution uses Azure Traffic Manager to route traffic to endpoints to satisfy regional requirements, corporate and international regulations, and data needs.
Architecture
Download a Visio file of this architecture.
Dataflow
- The client sends a request to the cloud application.
- Traffic Manager uses DNS to direct the client requests to the appropriate service endpoint, based on a traffic-routing method. Traffic Manager also provides health monitoring for every endpoint.
- The instance of the cloud application that Traffic Manager selects processes the request.
Components
- Azure Stack Hub. Azure Stack Hub is an extension of Azure. It brings the agility of cloud computing to your on-premises environment. In this architecture, it hosts the on-premises version of the app.
- Traffic Manager. Traffic Manager is a DNS-based traffic load balancer. It's used here to direct client requests to the appropriate endpoint.
- Domain Name System (DNS). DNS translates (or resolves) a website or service name to its IP address.
- Cloud endpoint. Public IP addresses route incoming traffic through Traffic Manager to the endpoints for the public cloud app resources.
- Local endpoint. Public IP addresses route incoming traffic through Traffic Manager to the endpoints for the local cloud app resources.
- Azure DDoS Protection, combined with application-design best practices, provides enhanced DDoS mitigation features to provide more defense against DDoS attacks. You should enable Azure DDOS Protection on any perimeter virtual network.
Alternatives
For web applications, you can use Azure Front Door instead of Traffic Manager. Azure Front Door works on Layer 7 (the HTTP/HTTPS layer). It can keep traffic on the best path to your app, improve service scale, reduce latency, and increase throughput for your global users with edge load balancing, SSL offload, and application acceleration.
Scenario details
This solution illustrates geographic traffic routing, a process for implementing geo-distributed apps. The solution directs traffic to specific endpoints based on various metrics. It uses Azure Traffic Manager to route traffic to endpoints to satisfy regional requirements, corporate and international regulations, and data needs.
Potential use cases
Organizations that have wide-reaching geographies strive to distribute data and make it accessible. At the same time, they must meet the required levels of security, compliance, and performance per user, location, and device across borders.
Use this solution when:
- Your organization has international branches that require custom regional security and distribution policies.
- Each of your organization's offices pulls employee, business, and facility data, which necessitates reporting activity per local regulations and time zone.
- You can meet high-scale requirements by horizontally scaling out apps, with multiple app deployments made within a single region and across regions to handle extreme load requirements.
- Your apps must be highly available and responsive to client requests even during single-region outages.
Considerations
These considerations implement the pillars of the Azure Well-Architected Framework, which is a set of guiding tenets that you can use to improve the quality of a workload. For more information, see Microsoft Azure Well-Architected Framework.
Reliability
Reliability ensures that your application can meet the commitments that you make to your customers. For more information, see Overview of the reliability pillar.
Use appropriate on-premises hardware configuration and software deployment practices to ensure that locally deployed apps are configured for high availability. To improve resiliency, follow the guidance in Resiliency and dependencies and Best practices.
Security
Security provides assurances against deliberate attacks and the abuse of your valuable data and systems. For more information, see Overview of the security pillar.
For comprehensive guidance about security principles, see Security documentation in the Azure Well-Architected Framework.
Operational excellence
Operational excellence covers the operations processes that deploy an application and keep it running in production. For more information, see Overview of the operational excellence pillar.
Performance efficiency
Performance efficiency is the ability of your workload to scale to meet the demands placed on it by users in an efficient manner. For more information, see Performance efficiency pillar overview.
The key benefit of cross-cloud scaling is the ability to deliver on-demand scaling. Scaling must happen between public and local cloud infrastructure and provide a consistent, reliable service that's based on demand. To learn more about implementing scalability in Azure, see Performance efficiency.
Contributors
This article is maintained by Microsoft. It was originally written by the following contributors.
Principal author:
- Bryan Lamos | Senior Content Developer
This article is maintained by Microsoft. It was originally written by the following contributors.
Next steps
- See the Azure Traffic Manager documentation to learn more about how this DNS-based traffic load balancer works.
- See Hybrid app design considerations to learn more about best practices.
- Learn about the Azure Stack portfolio of products and solutions.
- When you're ready to deploy this solution, use the Geo-distributed app solution deployment guide. It provides step-by-step instructions for deploying and testing the solution's components.