Scalable WordPress Architecture on Azure
This article will describe in sort how to design scalable WordPress architecture on Azure cloud platform.
WordPress hosting can be found everywhere and there are plenty of hosting providers that will service small and medium sites. Hosting WP deployment in cloud environment will provide you with infrastructure needed for large scale deployment and high traffic.
As a best practice scalable architecture should allow for automation and orchestration of all architecture elements and also provide necessary security environment.
Application architecture for WordPress will be separated into several main enclosures :
- network and access
- application servers
- database servers
Network & Access
Network and access elements are separated into three sections :
- Application Gateway
- Azure CDN
Azure CDN will retrieve files from Azure Storage and in doing so remove additional load from the servers.
Network security groups
Network security groups are convenient way to manage access between different subnets or groups of subnets and to control access between resources in your deployment.
A network security group is a layer of security that acts as a virtual firewall for controlling traffic in and out of virtual machines (via network interfaces) and subnets. It contains a set of security rules that allow or deny inbound and outbound traffic using the following 5-tuple: protocol, source IP address range, source port range, destination IP address range, and destination port range. A network security group can be associated to multiple network interfaces and subnets, but each network interface or subnet can be associated to only one network security group.
Application gateway will provide Layer 7 firewall and load balancing engine.
Microsoft Azure Application Gateway provides an Azure-managed HTTP load-balancing solution based on layer-7 load balancing. Application load balancing enables IT administrators and developers to create routing rules for network traffic based on HTTP. The Application Gateway service is highly available and metered.
Microsoft Azure provides a 99.9% uptime SLA for Application Gateway Cloud Services having two or more medium or larger instances.
DNS zone will provide all necessary tools to manage DNS records.
A DNS zone is used to host the DNS records for a particular domain. For example, the domain ‘architech.hr’ may contain a number of DNS records such as ‘mail.architech.hr’ (for a mail server) and ‘www.architech.hr’ (for a web site). Azure DNS allows you to host your DNS zone and manage your DNS records, and provides name servers that will respond to DNS queries from end users with the DNS records that you create.