Managed Cloud PaaS
This section of the documentation describes the Managed Cloud PaaS offerings. If you have a containers solution, refer to Managed Cloud Containers.
Sitecore provides two hosting tiers for Managed Cloud PaaS: PaaS 1.0 and PaaS 2.0. Both of these support the Managed Cloud Standard and Managed Cloud Premium hosting services. PaaS 2.0 is available for XP/XM version 10.3.1 and later, and includes some significant improvements in security and performance compared to PaaS 1.0.
PaaS 1.0
Managed Cloud PaaS 1.0 provides Azure App Service for front-end content delivery and content authoring capabilities, and Azure SQL for backend databases. PaaS 1.0 supports all XM and XP releases from v9.x and later. For more information, please review Sitecore Managed Cloud Standard – service aspects and embedded operations Supported technologies.
If you're an existing PaaS 1.0 customer, you can upgrade to PaaS 2.0. This requires a clean reprovisioning of both the underlying Azure environments and the associated Sitecore software (XM/XP). To facilitate this process, Sitecore introduces the new PaaS 2.0 environments alongside the existing PaaS 1.0 environments. The PaaS 1.0 environments are decommissioned once migration has completed.
PaaS 2.0
PaaS 2.0 is available for XM and XP v10.3.1 and later, and includes some significant improvements in security and performance compared to PaaS 1.0. This includes the implementation of Microsoft’s Hub-spoke Network Architecture, upgraded App Services, and Azure SQL components.
Hub-spoke architecture
Managed Cloud PaaS 2.0 has implemented Microsoft’s Hub-spoke network architecture. This architecture allows for centralized control and cost optimization by directing all network ingress for each Azure region through a central hub. Sitecore offers two tiers of hubs: Basic and Advanced.
The Basic Hub Resource Group includes a dedicated Azure Front Door for the production environment and another Front Door for non-production environments, a private DNS service, an Azure Recovery Vault, an Azure Key Vault, an Azure Storage Account, a virtual network (vNET), and an Azure Bastion service with associated Bastion VM. The Azure Bastion service allows authorized Sitecore employees to connect to the Hub vNET and peered Spoke vNETs for remote desktop purposes, app services KUDU access, and more. You can access the Hub-spoke vNET in two ways:
-
Using a virtual network gateway (VPN), which provides added security via site-to-site VPN connection to your corporate firewall to access resources.
-
Using a secured Jump Box VM with Azure Bastion Service.
The Advanced hub extends the capability and functionality of the Basic hub by adding advanced security capabilities with the inclusion of Azure Front Door Premium. Key features include the advanced Web Application Firewall capabilities of Microsoft managed rule set and Bot Management. As Azure Front Door develops over time, please visit Microsoft’s documentation for the latest comparison.
Updated App Services
PaaS 2.0 also includes significant improvements in performance and reliability for Sitecore on Azure Managed Cloud. The latest Premium v3 App Services have been implemented for key Sitecore roles, including Content Delivery and Content Management. These upgrades have achieved up to three times the performance compared to previous designs, with improved CPU, a 4:1 ratio of RAM to CPU, and SSD local storage. This leads to faster start-up times post-update or deployment, lower latency page response times for end-users, and improved productivity for content management authors.
Additionally, production content delivery deployments can use Availability Zones, which spread instances across three zones to ensure improved high availability and prevent downtime due to Azure App Service Plan platform updates.
Standardization of SQL Elastic Pools
PaaS 2.0 has also upgraded to the latest version of Azure SQL, moving away from single instance databases to SQL Elastic vCore Services. This leads to improved performance and reliability, with faster start-up times after update or deployment, and lower latency page response times.