Jayride 1.0 Devops Infra Questions

Secrets / Key Vault

  • How many secrets/keys/certs stored in Key Vault (per environment)?

We save appSetting keys in KV as ‘secrets’, also we save Jayride server certs.

I currently don't have permission to access the Azure account, so I can't see how many exact KV count over the 5 variable groups.

  • Average API calls per day (e.g., GetSecret, List, SetSecret).

It doesn’t work in this way. The KV access is through Azure library, and the keys(secrets) stored are used very much like the other appSetting keys stored in configuration.

  • Are secrets pulled at startup only or also during runtime (and how often per app)?

The appSetting keys stored in KV is the same way used as stored in the configuration. It can be ‘pulled' either ‘at startup’ or 'runtime’ depending on the use.

Compute (VMs / App Service / Containers)

  • List all VMs / App Service Plans / AKS nodes running apps:

  • Environment (prod vs non-prod)

    • SKU/Size (e.g., Standard D4s v3)
    • OS type & version (Windows Server 2019, Ubuntu 20.04, etc.)
    • Count of instances
    • Attached storage (type + size) per VM
    • Auto-scaling rules (min/max instances)

We don’t use AKS.

Here's on our VMs:

Prod VM: Name: azure-prod-eastus2 Environment: Production Purpose: Runs scheduled backup scripts for MySQL and MongoDB. OS type & version: Unsure, likely Ubuntu SKU/Size: Not specified. Count: 1 VM. Attached storage: Used for backup compression before uploading to S3 (size not specified). Auto-scaling rules: None (single fixed VM).

Stage VM: Name: azure-stage-eastus2 Environment: Non-Production (Staging) Purpose: Used for database restores/testing. OS type, SKU/Size, storage, scaling: Not specified. Count: 1 VM.

Multiple App Service Plans exist for prod/stage/dev groups (prod-service-group-eastus2, stage-service-group-eastus2, dev-service-group-eastus2, etc.)

Databases*

SQL Server:

  • Service type (Azure SQL Database, Managed Instance, or SQL in VM)
    • Instance size/SKU (e.g., GP_Gen5_4)
    • vCore/DTU, storage size, IOPS
    • Number of databases/instances

We have 2 databases: -Directory -TransportCompanies

Architecture Diagram

  • Average/peak connections, QPS (queries per sec)

  • MySQL:

  • Service type (Azure Database for MySQL vs self-managed VM)

spiral notepad Azure Database for MySQL flexible servers

  • SKU, storage, IOPS

  • of instances and replicas

spiral notepad one instance serves core booking system, with 2 databases:

-member, legacy agent member data

-payment, source of truth booking data

  • Backup retention setup

spiral notepad Backup daily. It’s through scheduled job running on VM. Please check here

Warning Please check Aaron’s handover document for the spec information

Serverless (Function Apps)

  • For each Function App:

  • Trigger type (HTTP, Timer, Queue, Blob, EventHub)

    • Avg execution time & max execution time
    • Allocated memory per function
    • Concurrency / parallelism
    • Avg executions per day (and peak)

spiral notepad I try to provide the trigger type used in functions. The other information can get from AppInsights/Metrics once you have the access to Azure Portal.

Trigger Type

Function App

Service Bus 

BookingDataWarehouseFunction(dw-booking)

DatawarehouseFunction(dw-quote)

POISearchFunction(localitypsf)

azure-blob-to-gcp-function(transfer-extract-azure-to-gcp)

Cosmos DB 

BookingQuoteRequestArchiveFunction(qr-archive)

Timer trigger 

service-extraction-function(agency/agent/brand/member/driver-event/transport-service)

PartnerBookingcomBookingFunction(partner-bookingcom-booking)

DirectoryStatFunction(directory-stat)

Http trigger 

UpdateBookingFunction_v1(partner-bookingcom-booking)

ValidateUpdateBookingFunction_v1(partner-bookingcom-booking)

CancelBookingFunction_v1(partner-bookingcom-booking)

DriverEventsFunction_v1(partner-bookingcom-booking)

Note: for the timer triggers schedule, you can get from TimerInterval environment variable in function app, which is in CRON format.

Workload / Usage

  • Requests per second:

  • Per API / Web App / Function

    • Separate avg vs peak

  • CPU & Memory:

  • Last 30 days per VM / App Service / DB

    • Peak vs baseline

  • Network throughput (ingress/egress per month)

Warning Please check in Azure Monitor to get the metrics details

Networking & CDN

  • Is Azure Front Door / Azure CDN / App Gateway in use?
  • Custom domains, WAF rules, SSL certs

spiral notepad Jayride use AWS Cloudfront as CDN. But we do use AFD for some custom domains. Please check here once you get access to Azure portal

Regions

  • Which Azure regions are apps & DBs deployed to?

spiral notepad Major resources are deployed to East US 2. Please check resource groups to get more information

  • Any geo-redundancy or failover setup?

Warning Please check Aaron’s handover document for infrastructure architecture information

Backup & DR

  • Current backup policy:

  • What resources are backed up (VM snapshots, SQL backup, storage)?

    • Frequency (hourly, daily, weekly)
    • Retention period
    • Geo-redundancy (ZRS, GRS, LRS)

spiral notepad Azure resources, such as SQL Server/Cosmos DB/Storage account, has its built-in backup feature. The frequency, retention and geo-redundancy policy depends on SLA we purchase. We only explicitly backup the MySQL and MongoDB, which is daily scheduled automation job.

Warning Please check Aaron’s handover document for SLAs