BookWorm is designed for cloud-native deployment on Azure Container Apps (ACA), providing managed container hosting with automatic scaling, load balancing, and integrated monitoring.

Service | Min Replicas | Max Replicas | Scaling Rules |
---|
Catalog API | 2 | 10 | CPU > 70%, Memory > 80%, HTTP requests > 100/min |
Ordering API | 2 | 5 | CPU > 80%, HTTP requests > 50/min |
Basket API | 1 | 3 | CPU > 70%, HTTP requests > 200/min |
Rating API | 1 | 3 | HTTP requests > 30/min |
Chat API | 1 | 5 | WebSocket connections > 100, CPU > 70% |
API Gateway | 2 | 5 | CPU > 60%, HTTP requests > 500/min |
deploys/bicep/postgresql/postgresql.bicep
resource postgres 'Microsoft.DBforPostgreSQL/flexibleServers@2024-08-01' = {
name: take('postgres-${uniqueString(resourceGroup().id)}', 63)
location: location
properties: {
administratorLogin: administratorLogin
administratorLoginPassword: administratorLoginPassword
authConfig: {
activeDirectoryAuth: 'Disabled'
passwordAuth: 'Enabled'
}
availabilityZone: '1'
backup: {
backupRetentionDays: 7
geoRedundantBackup: 'Disabled'
}
highAvailability: {
mode: 'Disabled'
}
storage: {
storageSizeGB: 32
}
version: '16'
}
sku: {
tier: 'GeneralPurpose'
}
tags: {
'aspire-resource-name': 'postgres'
Environment: 'Production'
Projects: 'BookWorm'
}
}
deploys/bicep/redis/redis.bicep
resource redis 'Microsoft.Cache/redis@2024-03-01' = {
name: take('redis-${uniqueString(resourceGroup().id)}', 63)
location: location
properties: {
sku: {
name: 'Basic'
family: 'C'
capacity: 1
}
enableNonSslPort: false
minimumTlsVersion: '1.2'
}
tags: {
'aspire-resource-name': 'redis'
Environment: 'Production'
Projects: 'BookWorm'
}
}

Component | Security Measure | Implementation |
---|
API Gateway | TLS termination, Rate limiting | Azure Container Apps ingress |
Services | mTLS, JWT validation | .NET Aspire security middleware |
Databases | Private endpoints, SSL only | Azure private link |
Secrets | Key Vault integration | Managed identity authentication |
Network | NSG rules, Private DNS | Azure VNET configuration |

# Azure Resource Manager deployment
az deployment group create \
--resource-group rg-bookworm-prod \
--template-file infrastructure/main.bicep \
--parameters @parameters/prod.json
Component | Backup Method | Retention | Recovery Time |
---|
PostgreSQL | Automated daily backups | 30 days | < 1 hour |
Redis | Data persistence enabled | Real-time | < 5 minutes |
Azure Table Storage | Automatic backups | 30 days | < 30 minutes |
Application Code | Container registry | Version-based | < 10 minutes |
Configuration | Key Vault backup | 90 days | < 5 minutes |
- Database Recovery: Point-in-time restore from automated backups
- Application Recovery: Container redeployment from registry
- Configuration Recovery: Key Vault restore and service restart
- Network Recovery: Infrastructure as Code redeployment