Azure Prerequisites
Ensure these prerequisites are ready before deploying:- An active Azure subscription with sufficient privileges.
- Azure CLI installed and authenticated.
- Familiarity with Kubernetes and basic Azure services (AKS, CosmosDB/MongoDB, Redis, Blob storage).
Recommended Azure Infrastructure
Set up Prisme.ai using the following Azure-managed resources:Kubernetes (AKS)
Kubernetes (AKS)
- Service: Azure Kubernetes Service (AKS)
-
Recommended Configuration:
- 3-5 nodes with at least Standard_D4s_v4 (4 vCPU, 16GB RAM each)
- Cluster Autoscaler enabled
-
Best Practices:
- Use Azure Availability Zones for high availability
- Integrate Azure AD for AKS cluster authentication
-
Deployment Example:
MongoDB (Azure CosmosDB)
MongoDB (Azure CosmosDB)
- Service: Azure Cosmos DB API for MongoDB
- Recommended Configuration:
- 3-node replication (multi-region optional)
- Provision throughput according to your workload (400-10,000 RU/s)
- Best Practices:
- Enable Geo-replication for disaster recovery
- Regularly monitor and scale throughput dynamically
Search Engine (ElasticSearch / OpenSearch)
Search Engine (ElasticSearch / OpenSearch)
- Service: Elasticsearch on Elastic Cloud or ES/OS deployed via AKS-managed containers
- Recommended Configuration:
- Elasticsearch cluster with at least 3 nodes (8GB RAM per node)
- Best Practices:
- Snapshot regularly to Cloud Storage
- Secure using private networking and access controls
Redis Cache (Azure Cache for Redis)
Redis Cache (Azure Cache for Redis)
- Service: Azure Cache for Redis
- Recommended Configuration:
- Premium P1 or P2 tier for HA and clustering
- Multi-zone redundancy enabled
- Best Practices:
- Regularly perform maintenance and updates
- Integrate with Azure Monitor for metrics
Object Storage (Azure Blob Storage)
Object Storage (Azure Blob Storage)
- Service: Azure Blob Storage
- Configuration:
- Separate containers for private uploads, public assets, and models
- Best Practices:
- Use Azure CDN to serve public assets efficiently
- Enable lifecycle management policies
File Storage (Azure Files)
File Storage (Azure Files)
- Service: Azure Files with Azure Storage Accounts
- Recommended Configuration:
- Premium SSD tier for optimal performance
- Integration with AKS using CSI drivers for persistent volumes
- Best Practices:
- Secure access via Private Endpoints
- Enable regular backups via Azure Backup
Azure Deployment Steps
1
Create Resource Group
Create a dedicated Azure Resource Group:
2
Deploy AKS Cluster
Provision your AKS cluster:
3
Provision Managed Databases
Set up Cosmos DB, Azure Search, and Redis via Azure Portal or CLI:
4
Configure DNS & Networking
- Configure Azure DNS for your domains:
api.yourdomain.comstudio.yourdomain.com*.pages.yourdomain.com
- Use Azure Application Gateway as ingress if desired.
5
Deploy Prisme.ai via Helm
Deploy Prisme.ai using Helm in AKS:
6
Set up Ingress and SSL
Set up Azure Application Gateway with AKS Ingress Controller:Use Azure Key Vault to manage SSL certificates.
Security Best Practices
Azure AD Integration
- Secure your AKS cluster using Azure Active Directory integration.
- Implement RBAC for access management.
Private Networking
- Deploy AKS within a private Virtual Network (VNet).
- Utilize Azure Firewall or Network Security Groups (NSGs) for controlled access.
Secrets Management
- Store sensitive configurations in Azure Key Vault.
- Regularly rotate keys and passwords.
Monitoring & Alerts
- Utilize Azure Monitor and Azure Log Analytics.
- Set alerts for resource anomalies.