Deployment Topology¶
This page describes how the factory and its generated runtimes are deployed and scaled on Azure. It complements the C4 Deployment View.
Topology¶
flowchart TB
subgraph region [Azure Region]
subgraph edge [Edge]
fd["Azure Front Door / App Gateway + WAF"]
end
subgraph factory [Factory AKS Cluster]
studioNs["ns: factory-studio"]
platformNs["ns: factory-platforms"]
workerNs["ns: factory-workers"]
end
subgraph generated [Generated Runtime Environments]
prodNs["ns: tenant-prod-*"]
stagingNs["ns: tenant-staging-*"]
end
subgraph managed [Managed Services]
bus["Service Bus"]
sql["Azure SQL / PostgreSQL"]
qdrant["Qdrant"]
redis["Redis"]
blob["Blob"]
vault["Key Vault"]
acr["Container Registry"]
ai["Application Insights"]
end
end
fd --> studioNs
fd --> platformNs
platformNs --> bus
platformNs --> sql
workerNs --> bus
platformNs --> redis
platformNs --> qdrant
generated --> bus
generated --> sql
factory --> vault
factory --> ai
generated --> acr
Hold "Alt" / "Option" to enable pan & zoom
Runtime model¶
| Aspect | Approach |
|---|---|
| Compute | AKS node pools for steady services; Azure Container Apps for elastic/event-driven services; Azure Functions for burst ingestion. |
| Scaling | Horizontal Pod Autoscaler on CPU/memory and KEDA on Service Bus queue depth for workers. |
| Configuration | Externalized via ConnectSoft.Extensions.Options; environment overlays per environment (dev/test/staging/prod). |
| Secrets | Azure Key Vault via managed identities; CSI Secrets Store driver in AKS. |
| Health | Liveness/readiness via ConnectSoft.Extensions.Diagnostics.HealthChecks; aggregated by the Health Checks Aggregator. |
| Provisioning | Pulumi programs (IaC) executed by the DevOps / GitOps IaCProvisioningService. |
Environments¶
| Environment | Purpose |
|---|---|
| dev | Inner-loop development of the factory itself. |
| test | Automated test and validation. |
| staging | Pre-production verification of factory and generated products. |
| prod | Production factory and generated SaaS runtimes. |
Promotion between environments is governed by the DevOps EnvironmentPromotionService with governance approval gates.
Generated runtime isolation¶
Generated SaaS products deploy into dedicated namespaces / Container Apps environments, isolated per tenant or product and bound via RuntimeTenantBinding. The Runtime Cloud Platform owns this topology.