After building a full PHP web application for my Web Application Development module, my Distributed and Cloud Computing module decided it was time to zoom out.
Instead of writing code, I had to design the entire infrastructure that would host a real-world system. Servers, networks, security, storage, monitoring, backups. The whole thing.
The system in question was an online discussion forum for a fictional organisation called Nutriworld.
The Problem to Solve
The forum needed to be publicly accessible, secure, scalable, and cost-aware. This was not about building a global platform on day one. It was about designing a proof of concept that could grow safely over time.
High-Level Architecture
The system follows a layered cloud architecture:
- Public entry point via an Application Gateway
- Private application tier
- Managed database
- Object storage for user content
- Monitoring and backup services
Traffic flows through a single controlled ingress point before reaching any application resources.
Platform and Deployment Choices
Microsoft Azure was used as the cloud platform.
The design combines Infrastructure as a Service for the application server with managed services for data storage. This balances control and operational simplicity.
Networking and Security
All resources live inside a Virtual Network with dedicated subnets for the gateway, application server, and database.
The application server has no public IP address. Access is restricted through the gateway and reinforced using Network Security Groups with a default deny approach.
Application Gateway and WAF
The Application Gateway provides HTTPS termination, routing, and Web Application Firewall capabilities.
For the prototype, the WAF operates in detection mode, logging suspicious traffic without blocking it. This allows observation without disrupting legitimate users.
Application Tier
The forum application runs on a Linux virtual machine using Ubuntu Server LTS.
The VM size is intentionally modest, sufficient for a prototype and easy to scale later if required.
Data Layer
Forum data is stored in Azure Database for MySQL Flexible Server.
Using a managed database reduces operational overhead while providing built-in patching, backups, and resilience.
Storage for User Content
User uploads are stored in Azure Blob Storage, keeping large files separate from the application server and allowing independent scaling.
Monitoring and Backups
Azure Monitor is used for metrics and alerting.
Database backups are enabled by default, and virtual machine backups are identified as a future enhancement once provisioning constraints are removed.
Constraints and Reality
Some resources could not be fully provisioned due to subscription limitations. These constraints are documented clearly, with intended configurations explained.
Architecture is about intent as much as implementation.
What This Assignment Taught Me
This project reinforced the importance of system thinking, trade-offs, and documentation.
It pushed me to think beyond code and focus on reliability, security, and evolution over time.
Final Thoughts
This architecture is not flashy, but it is sensible, secure, and realistic.
And that feels like the right direction to be heading in.
Top comments (0)