0

I'm working on a project that requires deployment both on the cloud and on private virtual machines. The customer provided 4 VMs with the stipulation that the database should be on one VM, the application on others, and certain services on specific VMs.

Specifics: Single ASP.NET Core Project:

Can I achieve this deployment structure with a single ASP.NET Core Aspire project, or do I need different APP HOSTS with connections to Docker containers on different VMs?

Deployment Recommendations:

What are the best practices for deploying different components of a system on separate VMs while ensuring efficient communication and maintainability?

Docker Containerization:

Should I consider containerizing services and applications for streamlined deployment across different VMs?

Database Management:

Any suggestions on managing a database on a separate VM while maintaining smooth interactions with the application?

If I am wrong about any concept please feel free to correct it. I want all my services to be deployed on dockers over Windows Server.

Improve this question
1
  • If I am wrong about any concept please feel free to correct it. I want all my services to be deployed on dockers over Windows Server 2012 Windows Server 2012 is end of life and off topic on this forum. Commented Nov 21, 2023 at 12:34

1 Answer 1

Reset to default
0

First of all, stay away from docker windows containers, they are a pain in the ass.

You are saying you need to deploy ASP.net components on a couple of VM in the private network and in the cloud. I think you first need to look at your architecture. Do i need a front-end, do i need a back-end. Do the asp.net components have dependencies on server roles we need to install, for example IIS. Which server is going to have which role and components?

Regarding this question Deployment Recommendations: What are the best practices for deploying different components of a system on separate VMs while ensuring efficient communication and maintainability?

Best practices are in my opinion:

  • Use a naming convention and deploy all everything on the servers in the same way as much possible (for example logfiles on a seperate drive, and that the same on each server) -Use least privilege, grant service accounts and so, the permissions the only need and as less possible. Document that
  • only open network ports when required, and keep it as minimal as possible. Document that
  • Do a sizing with the customer and check if the servers have enough resources.
  • Harden the servers, for example with a cis benchmark to keep the attack surface as low as possible.
  • Install all the latest updates and patches.
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.