Azure Cloud Challenge: Lime Survey

Last week I worked with a team in Germany to deliver an Azure Hackathon. During the hackathon, we decided to create a cloud challenge for the team to work through. These challenges are difficult and require independent critical thinking. The requirements below were developed with the attendees, after which we worked at the whiteboard to develop an agreed upon architecture for implementation. No other instruction was given. Here’s our prompt if you want to give it a try!

Homeroot.NET wants to leverage the freedom of open source software, LimeSurvey, to solicit direct user feedback using online web surveys. This data and insights will be used to research customer perspectives regarding satisfaction of existing customers as well as new-customer market research. The required infrastructure for this solution must be hosted securely in Azure and take advantage of available solutions that reduce the ongoing operational burden to the O&M teams. 

The application must be deployed on separate Web and Data tiers. The web tier must be HTTPS only, secured by SSL certificates, and use a custom branded URL (<firstname>survey) within the company’s domain. The hosting platform must run Linux, though no specific distribution is preferred. A staging environment that closely resembles Production should also be available for pre-production change assessment. Backups must be configured such that the application can be restored with hourly granularity should any inadvertent changes be introduced. The solution must have a minimum of 2 active servers for redundancy and load distribution. Any uploaded content must be stored in a geo redundant manner and mounted at /home/site/wwwroot/upload transparently so that the application code does not need to be modified in order to change the storage location.

The data tier must  leverage MySQL and must not be accessible from the internet. The MYISAM engine should not be used due to the lack of transaction support which can potentially lead to data loss. It is not necessary for TLS between the Web tier and Data tier, though it is not actively discouraged. The database service must be able to handle 1700 IOPS while still making use of burstable capacity and keeping operational costs to a minimum. Automatic backups of the database must be retained for 10 days and stored on geo redundant storage.