Enhancing Azure DR Capabilities: A Case Study on Azure Front Door and Traffic Manager Integration

In our journey to implement an Azure Integration platform with a leading technology partner, we conducted a thorough DR failover test. Discover how we addressed DNS resolution challenges and why integrating Azure Front Door and Traffic Manager became essential for seamless DR self-management. Learn about the agile methodology, challenges with Front Door, and our recommended solutions, backed by production-ready Terraform scripts. Dive into the results, client outcomes, feedback, and our continued collaboration on innovative integration solutions across various sectors such as ERP, HR, and warehouse management systems.

Background & Context 

While working with a leading technology partner to implement an Azure Integration platform, we completed a DR failover test of the platform and application. During this test, we identified a DNS resolution change that required the client to manually complete, in order to move the domain from the active uksouth public IP address to the passive ukwest public IP address. 

Following the successful DR test, the client asked us to investigate including either Front Door or Traffic Manager into the Architecture so that the Integration platform support team would be able to self-manage a full DR if needed. 

Challenges & Pain Points 

During the course of the PoC, we encountered some issues with the use of Front Door, two of which ultimately were raised with Microsoft: 

  • Front Door did not appear to implement alongside a security-hardened Key Vault 
  • Front Door’s health probes did not run under SSL 

 

We were able to resolve and work around the issues encountered, and our recommendation was to implement Front Door and then fall back to Traffic Manager if required. We created production strength Terraform scripts to deploy both Front Door and Traffic Manager in order for the client to decide which to proceed with. 

Solutions & Strategies 

We worked to an agile methodology, utilising collaborative sprint planning and demos to relay our progress to the client and keep aligned with their expectations. We use Azure DevOps on the client’s subscription, giving them a real-time transparent view of everything we are doing. 

Results & Outcomes 

The client was walked through a detailed PoC outcome report that provided an updated platform design for DR, Solution Architecture for both Azure Front Door and Azure Traffic Manager, along with the Terraform deployment scripts and failover test evidence. We then updated the existing Integration Architecture with their choice of Traffic Manager. 

They were left with a version of 345 AIR, a secure application landing zone for Azure Integration Services, providing them with all the cloud infrastructure to build further integration applications in Azure. We handed over a detailed Azure DevOps wiki and completed a full DR test ready for them to accept into Production. 

Feedback & Learnings 

As the PoC was relatively siloed from the rest of the client’s team, we operated within our subscription in order to not expose their Production instance to any breaking changes. The client was supportive of the costs incurred and actively involved with the Demo and discussions around next steps. 

Future Prospects 

Off the back of this work, we have continued to work with the client to create further integration solutions around their ERP, HR and warehouse management systems, and provide additional Architecture, Solution, Development, and Test support for their progressing projects.  We are also providing Production Support for this infrastructure and the integration solutions. 

Final Thoughts 

The client recognised the opportunity to extend their services during the first DR Failover and supported our recommendations to investigate which option was best suited to their needs. They understood the time and technical requirements needed and were supportive and engaging. It was a great opportunity to further develop the initial single-site Azure Integration Platform they had requested, which now supports their demanding operational requirements. 

345 AIR

The most secure Azure platform for integration and data projects.

345 AIR is an integration landing zone that accelerates your Azure deployments so you spend your time delivering business value instead of cloud infrastructure.

Further reading