Transformation & Modernization of NBN Application Runbook

By /

Architecture Diagram

 

 

NBN Azure Project – Prerequisites Checklist

1. Azure Account & Subscription

  • Azure Free Tier Account created (with $200 credits)

  • Microsoft Entra ID access for user provisioning

  • Azure Subscription active and accessible

  • Azure billing alerts configured (FinOps)

2. Local Machine Setup (Windows/Linux)

  • Azure CLI installed and verified (az --version)

  • Terraform CLI installed and verified (terraform -version)

  • SSH client installed (e.g., PuTTY or built-in terminal)

  • Git installed and configured with GitHub credentials

  • VS Code/IDE installed for scripting and YAML editing

3. Access Control & RBAC

  • Users created via Microsoft Entra ID

  • Roles assigned:

    • DevOps Admin

    • VM-Only Access

    • Reader/Contributor as required

  • RBAC configured – avoid Global Admin access

4. GitHub Project Setup

  • GitHub Organization: NBN-Transformation

  • Repositories:

    • Codebase

    • Terraform scripts

    • CI/CD pipelines

    • Documentation

  • Teams created: Dev, Test, Ops

  • Branching strategy defined (microservices-based)

  • GitHub Projects/Kanban board initialized

  • GitHub Actions enabled (or runners configured)

5. Jenkins & CI/CD Tooling

  • Jenkins installed (locally or on Azure VM)

  • Jenkins plugins: GitHub, Docker, Kubernetes, Terraform, etc.

  • Maven & Tomcat setup for Java builds

  • SonarQube server ready (locally or on Azure)

6. Terraform Cloud Resources

  • SSH key pairs generated (ssh-keygen)

  • Terraform script components:

    • Provider setup (Azure)

    • Resource Group

    • Virtual Network/Subnet

    • NSG & Public IP

    • VM instance (Ubuntu) with Jenkins

  • Jenkins startup script tested and embedded in Terraform

7. Containerization & Image Management

  • Docker installed locally and on Azure VM

  • Azure Container Registry (ACR) created

  • DockerHub (optional) for public image testing

  • JFrog/Nexus configured for artifact management

8. Kubernetes & CD Infrastructure

  • KIND/K3D setup for staging (local clusters)

  • AKS cluster created for production

  • Helm installed and configured

  • Auto-scaling, Load Balancing, and DR setup planned

9. Monitoring & Observability

  • Datadog (primary monitoring) account configured

  • Prometheus + Grafana stack (alternative) provisioned

  • Slack/Email/Teams integration for alerting

10. SaaS Tools (Azure DevOps – Future Team B)

  • Azure DevOps Organization created

  • Boards, Repos, Pipelines, Artifacts setup

  • Marketplace extensions reviewed and installed

11. Project Planning & Execution

  • Defined Agile workflow for team task tracking

  • Tasks split between Team A (GitHub + Jenkins) and Team B (Azure DevOps)

  • Initial sprint tasks:

    • Azure account creation

    • Azure CLI installation

    • Terraform provisioning

  • Communication channels established (Slack, Teams, Email)

12. Security & Best Practices

  • Code scanning: SonarQube integrated into CI pipeline

  • Container scanning: Docker/K8s/Helm scanning tools ready

  • GitHub branch protection rules enforced

  • terraform destroy emphasized over manual deletion

  • Budget alerts and usage caps applied (FinOps)

Raw Diagram creation with Team Members

Task Assign

Team members are assigned tasks based on Team A and Team B, and they proceed accordingly

The NBN Azure Project focuses on migrating from a monolithic architecture to a secure, cost-efficient, and automated microservices infrastructure using DevOps best practices. The initiative is driven by Team A (Achievers) using Jenkins-based CI/CD pipelines, with future expansion for Team B leveraging Azure DevOps.

Key components include:

  • Terraform-based infrastructure provisioning

  • CI/CD pipeline: Build → Test (Karate) → Dockerize → Deploy to AKS via Helm

  • Monitoring: Jenkins alerts integrated with Slack/Email; Datadog or Prometheus for observability

  • Dynamic Jenkins agents on Kubernetes, artifact management via JFrog

  • Full DevOps lifecycle coverage, with emphasis on reusability and Infrastructure-as-Code (IaC)

The project utilizes Azure $200 free credits, with a 2-week completion goal, ensuring FinOps principles and robust security through tools like SonarQube and container scanning. A GitHub organization (NBN-Transformation) and Kanban board are in place for task tracking and collaboration.

 

The NBN Azure Project kicked off via GitHub Pages with Team A using GitHub + Jenkins and Team B set for Azure DevOps. Tasks are managed using GitHub Projects, starting with Azure setup and Terraform-based VM provisioning. Azure users were created with RBAC, avoiding Global Admin roles. GitHub is the sole platform for CI/CD, using Actions or manual Terraform for deployment.

 

View Repositories Project Tracker

 

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top