mspnp
diff --git a/‎README.md
Lines changed: 16 additions & 25 deletions b/‎README.md
Lines changed: 16 additions & 25 deletions
diff --git a/‎azuredeploy-firewall.json
Lines changed: 464 additions & 0 deletions b/‎azuredeploy-firewall.json
Lines changed: 464 additions & 0 deletions
diff --git a/‎azuredeploy-prereqs.json
Lines changed: 24 additions & 0 deletions b/‎azuredeploy-prereqs.json
Lines changed: 24 additions & 0 deletions
@@ -3,6 +3,22 @@ Microsoft patterns & practices
 
 This reference implementation shows a set of best practices for building and running a microservices architecture on Microsoft Azure, using Kubernetes.
 
+|                                         | [Basic](https://github.com/mspnp/microservices-reference-implementation/tree/basic) | [Advanced](https://github.com/mspnp/microservices-reference-implementation/) |
+|-----------------------------------------|-------|----------|
+| Distributed Monitoring                  |  ✅   |    ✅    |
+| Ingress Controller                      |  ✅   |    ✅    |
+| Azure Active Directory Pod Identity     |  ✅   |    ✅    |
+| CI/CD using Azure Pipelines             |  ✅   |    ✅    |
+| Helm charts                             |  ✅   |    ✅    |
+| Resource Limits                         |  ✅   |    ✅    |
+| Readiness/Liveness Probes               |  ✅   |    ✅    |
+| Horizontal Pod Autoscaling              |  ❌   |    ✅    |
+| Cluster Autoscaling                     |  ❌   |    ✅    |
+| Advanced Networking                     |  ❌   |    ✅    |
+| Service Endpoints                       |  ❌   |    ✅    |
+| Network Policies                        |  ❌   |    ✅    |
+| Egress restriction using Azure Firewall |  ❌   |    ✅    |
+
 ## Guidance
 
 This project has a companion set of articles that describe challenges, design patterns, and best practices for building microservices architecture. You can find these articles on the Azure Architecture Center:
@@ -29,31 +45,6 @@ The Drone Delivery application is a sample application that consists of several
 
 ![](./architecture.png)
 
-## Test results and metrics
-The Drone Delivery application has been tested up to 2000 messages/sec:
-
-
-|                                          | Replicas | ~Max CPU (mc) | ~Max Mem (MB) | Avg. Throughput*        | Max. Throughput*        | Avg (ms) | 50<sup>th</sup> (ms) | 95<sup>th</sup> (ms) | 99<sup>th</sup> (ms) |
-|------------------------------------------|----------|---------------|---------------|-------------------------|-------------------------|----------|-----------|-----------|-----------|
-| Nginx                                    | 1        | N/A           | N/A           | serve: 1595 reqs/sec    | serve: 1923 reqs/sec    | N/A      | N/A       | N/A       | N/A       |
-| Ingestion                                | 10       | 474           | 488           | ingest: 1275 msgs/sec   | ingest: 1710 msgs/sec   | 251      | 50.1      | 1560      | 2540      |
-| Workflow (receive messages)              | 35       | 1445          | 79            | egress: 1275 msgs/sec   | egress: 1710 msgs/sec   | 81.5     | 0         | 25.7      | 121       |
-| Workflow (call backend services + mark message as complete) | 35       | 1445          | 79            | complete: 1100 msgs/sec | complete: 1322 msgs/sec | 561.8    | 447       | 1350      | 2540      |
-| Package                                  | 50       | 213           | 78            | N/A                     | N/A                     | 67.5     | 53.9      | 165       | 306       |
-| Delivery                                 | 50       | 328           | 334           | N/A                     | N/A                     | 93.8     | 82.4      | 200       | 304       |
-| Dronescheduler                           | 50       | 402           | 301           | N/A                     | N/A                     | 85.9     | 72.6      | 203       | 308       |
-
-
-
-*sources:
-1. Serve: Visual Studio Load Test Throughout Request/Sec
-2. Ingest: Azure Service Bus metrics Incoming Messages/Sec
-3. Egress: Azure Service Bus metrics Outgoing Messages/Sec
-4. Complete: AI Service Bus Complete dependencies  
-5. Avg/50<sup>th</sup>/95<sup>th</sup>/99<sup>th</sup>: AI dependencies
-6. CPU/Mem: Azure Monitor for Containers
-
-
 ## Deployment
 
 To deploy the solution, follow the steps listed [here](./deployment.md).
 
@@ -28,24 +28,28 @@
                 "deliveryIdName": "dev-d",
                 "workflowIdName": "dev-wf",
                 "droneSchedulerIdName": "dev-ds",
+                "appGatewayControllerIdName": "dev-ag",
                 "acrResourceGroupName": "[variables('acrResourceGroupNamePrefix')]"
             },
             "qa": {
                 "deliveryIdName": "qa-d",
                 "workflowIdName": "qa-wf",
                 "droneSchedulerIdName": "qa-ds",
+                "appGatewayControllerIdName": "qa-ag",
                 "acrResourceGroupName": "[variables('acrResourceGroupNamePrefix')]"
             },
             "staging": {
                 "deliveryIdName": "staging-d",
                 "workflowIdName": "staging-wf",
                 "droneSchedulerIdName": "staging-ds",
+                "appGatewayControllerIdName": "staging-ag",
                 "acrResourceGroupName": "[variables('acrResourceGroupNamePrefix')]"
             },
             "prod": {
                 "deliveryIdName": "prod-d",
                 "workflowIdName": "prod-wf",
                 "droneSchedulerIdName": "prod-ds",
+                "appGatewayControllerIdName": "prod-ag",
                 "acrResourceGroupName": "[concat(variables('acrResourceGroupNamePrefix'),'-',parameters('environmentName'))]"
             }
         }
@@ -121,6 +125,18 @@
                                 "app": "fabrikam-dronescheduler",
                                 "[parameters('environmentName')]": true
                             }
+                        },
+                        {
+                            "type": "Microsoft.ManagedIdentity/userAssignedIdentities",
+                            "name": "[variables('environmentSettings')[parameters('environmentName')].appGatewayControllerIdName]",
+                            "apiVersion": "2015-08-31-preview",
+                            "location": "[parameters('resourceGroupLocation')]",
+                            "tags": {
+                                "displayName": "app gateway controller managed identity",
+                                "what": "rbac",
+                                "reason": "aad-pod-identity",
+                                "[parameters('environmentName')]": true
+                            }
                         }
                     ],
                     "outputs": {
@@ -148,6 +164,14 @@
                             "value": "[concat(subscription().id, '/resourceGroups/',parameters('resourceGroupName'),'/providers/Microsoft.ManagedIdentity/userAssignedIdentities/',variables('environmentSettings')[parameters('environmentName')].workflowIdName)]",
                             "type": "string"
                         },
+                        "appGatewayControllerIdName": {
+                            "value": "[variables('environmentSettings')[parameters('environmentName')].appGatewayControllerIdName]",
+                            "type": "string"
+                        },
+                        "appGatewayControllerPrincipalResourceId": {
+                            "value": "[concat(subscription().id, '/resourceGroups/',parameters('resourceGroupName'),'/providers/Microsoft.ManagedIdentity/userAssignedIdentities/',variables('environmentSettings')[parameters('environmentName')].appGatewayControllerIdName)]",
+                            "type": "string"
+                        },
                         "acrResourceGroupName": {
                             "value": "[variables('environmentSettings')[parameters('environmentName')].acrResourceGroupName]",
                             "type": "string"