Microservices¶
Target Architecture — Final-State Design
All 9 services are described in their final state. They follow the naming conventions and the Clean Architecture layout of the ConnectSoft.MicroserviceTemplate, are written in .NET 10, and are themselves deployed and operated as generated factory workloads on Azure.
The Runtime & Cloud Platform is composed of 9 microservices under the ConnectSoft.Factory.Runtime.* namespace. Each service owns its aggregate roots and its store; no service reads another service's database. Services communicate through the canonical event envelope on Azure Service Bus (MassTransit) and expose REST + gRPC over the patterns described in APIs.
Service Catalog¶
| Microservice | Responsibility | APIs | Events | Aggregate Roots | Store |
|---|---|---|---|---|---|
| RuntimeEnvironmentService | Provision, track, and decommission isolated runtime environments (dev → test → staging → prod) via Pulumi. | POST /runtime/environments, GET /runtime/environments/{environmentId} |
RuntimeEnvironmentProvisioned |
RuntimeEnvironment | Azure SQL / PostgreSQL |
| DeploymentService | Roll generated workloads onto AKS, Container Apps, Functions, and App Service with health-gated, reversible promotion. | POST /runtime/deployments, GET /runtime/deployments/{deploymentId} |
RuntimeDeploymentCompleted |
RuntimeDeployment | Azure SQL / PostgreSQL |
| ServiceCatalogRuntimeService | Maintain the authoritative live inventory of every generated component running per environment and tenant. | (internal) | RuntimeInventoryUpdated |
RuntimeService | Azure SQL / PostgreSQL |
| RuntimeConfigurationService | Distribute, version, and synchronize runtime configuration to running workloads. | POST /runtime/configurations |
ConfigurationSynced |
RuntimeConfiguration | Azure SQL / PostgreSQL |
| SecretBindingService | Bind workloads to Azure Key Vault secrets via managed identities and orchestrate rotation. | POST /runtime/secret-bindings |
SecretRotated |
SecretBinding | Azure SQL / PostgreSQL + Azure Key Vault |
| TenantRuntimeIsolationService | Translate generation-time tenant boundaries into enforced runtime isolation (namespaces, identities, quotas). | (internal) | RuntimeTenantBound |
RuntimeTenantBinding | Azure SQL / PostgreSQL |
| RuntimeHealthService | Continuously evaluate liveness/readiness/dependency health of running components. | GET /runtime/services/{serviceId}/health |
HealthCheckCompleted |
HealthCheckResult | Azure SQL / PostgreSQL + Application Insights |
| RuntimeScalingService | Apply and enforce SLO-driven scaling policies against live load (HPA/KEDA/Container Apps rules). | POST /runtime/scaling-policies |
ScalingPolicyApplied |
ScalingPolicy | Azure SQL / PostgreSQL |
| RuntimeDriftDetectionService | Reconcile actual runtime state against desired state and surface divergence for remediation. | GET /runtime/drift/{environmentId} |
RuntimeDriftDetected |
RuntimeDriftFinding | Azure SQL / PostgreSQL + Cosmos DB (state snapshots) |
Implementation Notes
Infrastructure provisioning is performed by Pulumi (.NET/C#) programs invoked by RuntimeEnvironmentService and DeploymentService, aligned with the DevOps / GitOps Platform's IaCProvisioningService. Health evaluation reuses the standardized probes exposed by ConnectSoft.Extensions.Diagnostics.HealthChecks across every generated workload.
Service Interaction Diagram¶
flowchart LR
EnvS["RuntimeEnvironmentService"] -->|"RuntimeEnvironmentProvisioned"| CatS["ServiceCatalogRuntimeService"]
EnvS -->|"environment ready"| DepS["DeploymentService"]
IsoS["TenantRuntimeIsolationService"] -->|"RuntimeTenantBound"| EnvS
CfgS["RuntimeConfigurationService"] -->|"ConfigurationSynced"| DepS
SecS["SecretBindingService"] -->|"secret bindings"| DepS
DepS -->|"RuntimeDeploymentCompleted"| CatS
DepS -->|"workload live"| HealthS["RuntimeHealthService"]
HealthS -->|"HealthCheckCompleted"| ScaleS["RuntimeScalingService"]
HealthS -->|"health state"| DriftS["RuntimeDriftDetectionService"]
ScaleS -->|"ScalingPolicyApplied"| DriftS
CatS -->|"inventory baseline"| DriftS
DriftS -->|"RuntimeDriftDetected"| DepS
Hold "Alt" / "Option" to enable pan & zoom
Service Responsibilities in Depth¶
- RuntimeEnvironmentService is the entry point for the runtime lifecycle. It plans and applies Pulumi programs to create AKS node pools, Container Apps environments, Functions, App Service plans, and the supporting data/messaging resources, recording each as a
RuntimeEnvironment. - DeploymentService owns the
RuntimeDeploymentstate machine. It selects the target compute surface per component, applies config and secret bindings, executes the rollout, waits on health gates, and either promotes or rolls back. - ServiceCatalogRuntimeService is the runtime system-of-record: which
RuntimeServiceinstances exist, at which version, on which surface, for which tenant. It is queried by the UI Runtime Center and feeds the drift baseline. - RuntimeConfigurationService and SecretBindingService form the Configuration & Secrets context — versioned config plus Key Vault-backed secret references, applied atomically per deployment.
- TenantRuntimeIsolationService maintains
RuntimeTenantBindingand enforces the isolation model (silo/pool/shared) at provisioning and deployment time. - RuntimeHealthService and RuntimeScalingService form the Health & Scaling context — health is evaluated continuously and drives both alerting and elasticity.
- RuntimeDriftDetectionService continuously compares the live inventory against Git/Pulumi desired state and emits findings that DeploymentService remediates.
Cross-Cutting Concerns¶
- Multi-tenancy — every service applies the
ConnectSoft.Extensions.Saas.*tenant context; all queries are tenant- and environment-scoped, andRuntimeTenantBindingis the hard boundary. - Messaging — services publish and consume via MassTransit on Azure Service Bus using the canonical envelope; commands are
VerbNoun, events areNounVerbPastTense. - Persistence — Azure SQL / PostgreSQL via NHibernate for runtime inventory and config metadata; Cosmos DB for high-churn state snapshots; Key Vault for secret material; Blob for deployment artifacts and logs.
- Health — every service exposes
ConnectSoft.Extensions.Diagnostics.HealthChecksendpoints so the platform can operate itself with the same probes it operates generated workloads with. - Idempotency — each service deduplicates inbound events on
eventId; commands are idempotent on natural keys (e.g. environment + module + desired version).