I just wrapped up one of my most comprehensive cloud engineering projects: designing, securing, and deploying a full-stack Epic Book web app on Microsoft Azure using real production patterns.
This project pushed me far beyond “just deploy a VM.”
I had to think like an architect: networking, security, scalability, and infrastructure design all mattered as much as the code itself.
Frontend Layer
I built a React frontend that communicates with an Express.js API over HTTPS.
The backend runs on port 5000, giving me a clean separation between UI, API, and infrastructure.
Application Layer (Public Subnet)
I deployed a Node.js + Nginx web server on Ubuntu 22.04, placed behind an Azure Load Balancer with a public IP.
To keep things secure, I locked down the Web NSG to ports 80 and 22 only and assigned a dedicated public IP + NIC for full network control.
Nginx handles reverse proxying to Node.js, improving performance and security.
Database Layer (Private Subnet)
For the database, I used Azure Database for MySQL Flexible Server (epiSQ-db).
It sits in a fully private subnet with zero public exposure.
•DB NSG allows only port 8006
•MySQL port 3306 is accessible only from within the VNet (10.0.0.0/16)
This ensures the database is completely isolated from the public internet.
Security-First Architecture
Security guided every decision I made:
•Private subnet isolation for the database
•Strict NSG rules on both web and DB layers
•Load Balancer as the only public entry point
•Zero-trust approach to MySQL access
•Controlled, predictable traffic flow end to end
Traffic Flow
Internet → Load Balancer → Web VM → MySQL Flexible Server
My Biggest Takeaway
This project reminded me that cloud engineering is more than writing code.
It’s about understanding how your application lives in the cloud, how it’s secured, how it scales, and how every component communicates.
If you're a developer looking to level up, start thinking beyond your local machine. The cloud is where your application truly becomes real.
I want to sincerely thank my mentors, Pravin Mishra, Praveen Pandey, Abhishek Makwana and Mobarak Hosen
Top comments (0)