Contents x
    Architecture
    • 01 Dec 2024
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Architecture

    • Updated on 01 Dec 2024
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    In this page we will discuss the Turbo360 architecture when the application is deployed in a private hosting model.

    Turbo360 Core Architecture

    The below diagram shows what the architecture will look like for the core part of the application.

    image.png

    This architecture will cover the following modules within the product:

    • Cost Analyzer

    • Business Applications

    • Azure Documenter

    • BAM in the “Pull model” where you are only using the Log Analytics and App Insights data sources.

    Note that for BAM there are some additional components if you are using the push model which is discussed later.

    What are the components used for

    Component

    Usage

    App Service Plan

    This hosts the web app and function apps

    Web App

    This is the main user interface component that your users would access

    Function Apps

    There are 3 function apps which are used for different purposes.  The main one is the processor which does most of the background work.  There is one for document generation and one for chart generation

    Storage Account

    The main purpose of the storage account is to host the deployment code for the function apps and web app

    SQL Database

    The SQL database holds the data about the configuration of Turbo360 and also the applications you are monitoring or your cost data

    App Insights

    App Insights is used for standard application monitoring for the web app and function apps

    Log Analytics

    Log Analytics is used for the underlying data store for app insights

    How do the resources authenticate between each other?

    When you perform the application installation you can choose the connection string or managed identity option.  We would recommend using the user assigned managed identity which is then associated with the resources and configured for authentication.

    For example the user assigned managed identity will be used by the web app when accessing the database and when accessing the storage account.

    How can my users authenticate to the application?

    Users can authenticate to Turbo360 via one of two available authentication schemes:

    1. SSO with Entra ID

    2. Username and Password

    We would expect most customers would want to use SSO with Entra ID so that it is inline with their other applications using Microsoft based authentication.

    Turbo360 BAM Architecture [Optional]

    If you have the Turbo360 Business Activity Monitoring (BAM) module and you are using it in the push model where your components like Logic Apps, Power Automate or other integration components are telling Turbo360 where in your business processes they are up to, then there is an additional part of the architecture that you will need.

    Note there are 2 data processing models for BAM:

    • Push = You send events to Turbo360 and this needs the additional architecture components described here

    • Pull = Turbo360 queries your existing Log sources such as app insights where you do not need the additional architecture components described here

    Below is the addition to the architecture.  You can see an example of a Logic App calling to Turbo360 BAM via an API that is exposed.  You can consume the API via API Management or a Custom Connector.  Behind the scenes the API is implemented with Azure Functions where we receive the message, drop it on a queue for processing and then its processed in the background.  In the data section you can see where the custom business data related to your process is stored.

    In BAM you still use the same user interface as for the other modules but you need the data processing element of BAM.

    FAQ

    Can I add private endpoints to the PaaS resources?

    Yes you can do this.  

    Most customers have slightly different setups for their virtual network so the best way to do this is to deploy the application and then you can add the following:

    • Outbound VNET integration for the Web App and Function Apps

    • Inbound private endpoints for the app service resources

    • Private endpoints for SQL

    • Private endpoints for Storage

    We will help you to set this up after the initial installation.

    Can I automate the infrastructure deployment with Terraform or Bicep?

    Yes you can do this.

    The installer application can point to pre-existing resources and deploy the application onto them.

    Can I choose my own names for the resources when installing?

    Yes you can do this

    The installer application lets you do this or alternatively you can provision the resources yourself with an infrastructure as code solution.

    Can I host on an ASE v3 rather than an App Service Plan?

    Yes, you can do this.

    If you deploy your resources in advance of using the Turbo360 installer then you can set up the web app and functions on an ASE v3

    Was this article helpful?
    What's Next