Enterprise Azure Deployment Guide - Energent.ai
Energent.ai delivers AI-powered virtual desktop agents that automate complex multi-application workflows for enterprise users. This guide provides comprehensive Azure deployment specifications using modern cloud-native architecture with Azure AKS, multi-tenant design, and enterprise-grade security controls.
- Document Classification: Public
- Version: 3.0
- Last Updated: 2025-05-28
- Architecture: Azure AKS + Serverless Hybrid
- Compliance: SOC 2, Azure Well-Architected Framework
Table of Contents
- Architecture Overview
- Azure Infrastructure Requirements
- AKS Cluster Specifications
- Data Layer Architecture
- Serverless Components
- Security & Compliance
- Network Architecture
- CI/CD Pipeline
- Monitoring & Observability
- Deployment Process
- Operations & Maintenance
- Support & Escalation
1. Architecture Overview
1.1 Cloud-Native Multi-Tenant Architecture
Energent.ai deploys on Azure using a modern, scalable architecture that combines Kubernetes orchestration with serverless components for optimal performance and cost efficiency.
┌──────────────────────────────────────────────────────────────────┐
│ AZURE CLOUD ENVIRONMENT │
│ ┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐ │
│ │ AKS CLUSTER │ │ SERVERLESS │ │ DATA LAYER │ │
│ │ │ │ │ │ │ │
│ │ • Multi-tenant │ │ • Functions Auth│ │ • Cosmos DB │ │
│ │ • Standard_D4s │ │ • Functions Bill│ │ • Blob Storage │ │
│ │ • Auto-scaling │ │ • API Mgmt │ │ • Azure Files │ │
│ │ • Flux GitOps │ │ • Event Grid │ │ • Key Vault │ │
│ └─────────────────┘ └─────────────────┘ └─────────────────┘ │
│ │ │ │ │
│ └─────────────────────┼────────────────────┘ │
│ │ │
│ ┌─────────────────────────────────────────────────────────────┐ │
│ │ VNET SECURITY BOUNDARY │ │
│ │ • Private Subnets • NAT Gateway • Security Groups │ │
│ │ • NSGs • VNet Endpoints • App Gateway │ │
│ └─────────────────────────────────────────────────────────────┘ │
└──────────────────────────────────────────────────────────────────┘
1.2 Deployment Models
| Model | Description | Use Case | SLA |
|---|
| Multi-Tenant AKS | Shared cluster with namespace isolation | Standard enterprise deployment | 99.9% |
| Dedicated AKS | Single-tenant cluster | High-security, regulatory compliance | 99.95% |
| Hybrid Deployment | AKS + customer on-premises integration | Legacy system integration | 99.9% |
2. Azure Infrastructure Requirements
2.1 Minimum Infrastructure Specifications
| Component | Specification | Purpose |
|---|
| AKS Cluster Version | 1.30+ | Kubernetes orchestration |
| Node Pool Instance Type | Standard_D4s_v5 (4 vCPU, 16 GB RAM) | Compute-optimized workloads |
| Minimum Node Configuration | 1 vCPU, 2 GB RAM per tenant | Resource allocation |
| Managed Disks | 100 GB Premium SSD, encrypted | Pod persistent storage |
| Azure Files | Standard, encrypted | Shared file system |
| Storage Accounts | Standard_LRS, versioning enabled | Object storage |
| Cosmos DB | Serverless, encryption at rest | Metadata and configuration |
2.2 Azure Service Dependencies
| Service | Purpose | Configuration |
|---|
| Azure AKS | Kubernetes orchestration | Private endpoint, logging enabled |
| VM Scale Sets | Dynamic node scaling | Target tracking, predictive scaling |
| Application Gateway | Traffic distribution | SSL termination, WAF integration |
| Azure Functions | Serverless functions | Runtime: Python 3.11, VNet integration |
| API Management | API management | Developer tier, throttling enabled |
| Azure Monitor | Monitoring and logging | Container Insights, custom metrics |
| Azure Key Vault | Secrets management | Automatic rotation, encryption |
| Azure Key Vault | Key management | Customer-managed keys, auto-rotation |
3. AKS Cluster Specifications
3.1 Cluster Configuration
# AKS Cluster Terraform Configuration
resource "azurerm_kubernetes_cluster" "energent_cluster" {
name = "energent-production"
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
dns_prefix = "energent-prod"
kubernetes_version = "1.30"
default_node_pool {
name = "system"
node_count = 3
vm_size = "Standard_D4s_v5"
vnet_subnet_id = azurerm_subnet.aks_subnet.id
enable_auto_scaling = true
min_count = 2
max_count = 20
os_disk_size_gb = 100
os_disk_type = "Managed"
}
network_profile {
network_plugin = "azure"
network_policy = "azure"
service_cidr = "10.1.0.0/16"
dns_service_ip = "10.1.0.10"
docker_bridge_cidr = "172.17.0.1/16"
}
identity {
type = "SystemAssigned"
}
role_based_access_control {
enabled = true
azure_active_directory {
managed = true
admin_group_object_ids = [var.aks_admin_group_id]
}
}
addon_profile {
oms_agent {
enabled = true
log_analytics_workspace_id = azurerm_log_analytics_workspace.main.id
}
azure_policy {
enabled = true
}
kube_dashboard {
enabled = false
}
}
tags = {
Environment = "production"
Product = "energent-ai"
Compliance = "soc2"
}
}
3.2 Node Pool Configuration
# Additional Node Pool for Workloads
resource "azurerm_kubernetes_cluster_node_pool" "energent_workload" {
name = "workload"
kubernetes_cluster_id = azurerm_kubernetes_cluster.energent_cluster.id
vm_size = "Standard_D4s_v5"
node_count = 3
vnet_subnet_id = azurerm_subnet.aks_subnet.id
enable_auto_scaling = true
min_count = 2
max_count = 50
node_labels = {
"workload" = "energent-ai"
}
node_taints = [
"workload=energent-ai:NoSchedule"
]
tags = {
Environment = "production"
NodePool = "workload"
}
}
3.3 Multi-Tenant Resource Allocation
| Tenant Tier | CPU Limit | Memory Limit | Storage | Concurrent Workflows |
|---|
| Basic | 1 vCPU | 2 GB | 10 GB | 1 |
| Standard | 2 vCPU | 4 GB | 25 GB | 2 |
| Premium | 4 vCPU | 8 GB | 50 GB | 4 |
| Enterprise | 8 vCPU | 16 GB | 100 GB | 8 |
4. Data Layer Architecture
4.1 Storage Architecture
4.1.1 Azure Blob Storage Configuration
# Storage Account for Object Storage
resource "azurerm_storage_account" "energent_storage" {
name = "energent${var.environment}${random_id.storage_suffix.hex}"
resource_group_name = azurerm_resource_group.main.name
location = azurerm_resource_group.main.location
account_tier = "Standard"
account_replication_type = "LRS"
enable_https_traffic_only = true
min_tls_version = "TLS1_2"
blob_properties {
versioning_enabled = true
delete_retention_policy {
days = 90
}
}
network_rules {
default_action = "Deny"
virtual_network_subnet_ids = [azurerm_subnet.aks_subnet.id]
}
tags = {
Environment = var.environment
Purpose = "energent-object-storage"
}
}
resource "azurerm_storage_account_customer_managed_key" "energent_storage" {
storage_account_id = azurerm_storage_account.energent_storage.id
key_vault_id = azurerm_key_vault.main.id
key_name = azurerm_key_vault_key.storage_encryption.name
}
4.1.2 Cosmos DB Configuration
# Cosmos DB for Metadata and Configuration
resource "azurerm_cosmosdb_account" "energent_metadata" {
name = "energent-metadata-${var.environment}"
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
offer_type = "Standard"
kind = "GlobalDocumentDB"
capabilities {
name = "EnableServerless"
}
consistency_policy {
consistency_level = "Session"
}
geo_location {
location = azurerm_resource_group.main.location
failover_priority = 0
}
backup {
type = "Periodic"
interval_in_minutes = 240
retention_in_hours = 720
}
tags = {
Environment = var.environment
Purpose = "energent-metadata"
}
}
resource "azurerm_cosmosdb_sql_database" "energent_db" {
name = "energent-database"
resource_group_name = azurerm_resource_group.main.name
account_name = azurerm_cosmosdb_account.energent_metadata.name
}
4.1.3 Azure Files Shared Storage
# Azure Files for Shared File System
resource "azurerm_storage_share" "energent_shared" {
name = "energent-shared"
storage_account_name = azurerm_storage_account.energent_storage.name
quota = 1024
enabled_protocol = "SMB"
metadata = {
Environment = var.environment
Purpose = "shared-storage"
}
}
5. Serverless Components
5.1 Azure Functions
5.1.1 Authentication Service
# Function App for Authentication
resource "azurerm_linux_function_app" "auth_service" {
name = "energent-auth-${var.environment}"
resource_group_name = azurerm_resource_group.main.name
location = azurerm_resource_group.main.location
storage_account_name = azurerm_storage_account.functions_storage.name
storage_account_access_key = azurerm_storage_account.functions_storage.primary_access_key
service_plan_id = azurerm_service_plan.functions_plan.id
site_config {
application_stack {
python_version = "3.11"
}
application_insights_connection_string = azurerm_application_insights.main.connection_string
cors {
allowed_origins = ["https://*.energent.ai"]
}
}
app_settings = {
"COSMOSDB_CONNECTION_STRING" = azurerm_cosmosdb_account.energent_metadata.connection_strings[0]
"KEY_VAULT_URL" = azurerm_key_vault.main.vault_uri
"ENVIRONMENT" = var.environment
}
identity {
type = "SystemAssigned"
}
tags = {
Environment = var.environment
Service = "authentication"
}
}
5.1.2 Billing Service
# Function App for Billing
resource "azurerm_linux_function_app" "billing_service" {
name = "energent-billing-${var.environment}"
resource_group_name = azurerm_resource_group.main.name
location = azurerm_resource_group.main.location
storage_account_name = azurerm_storage_account.functions_storage.name
storage_account_access_key = azurerm_storage_account.functions_storage.primary_access_key
service_plan_id = azurerm_service_plan.functions_plan.id
site_config {
application_stack {
python_version = "3.11"
}
application_insights_connection_string = azurerm_application_insights.main.connection_string
}
app_settings = {
"COSMOSDB_CONNECTION_STRING" = azurerm_cosmosdb_account.energent_metadata.connection_strings[0]
"STORAGE_ACCOUNT_URL" = azurerm_storage_account.energent_storage.primary_blob_endpoint
}
identity {
type = "SystemAssigned"
}
}
5.2 API Management Configuration
# API Management for Serverless Functions
resource "azurerm_api_management" "energent_api" {
name = "energent-api-${var.environment}"
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
publisher_name = "Energent.ai"
publisher_email = "admin@energent.ai"
sku_name = "Developer_1"
virtual_network_type = "Internal"
virtual_network_configuration {
subnet_id = azurerm_subnet.api_mgmt_subnet.id
}
identity {
type = "SystemAssigned"
}
policy {
xml_content = <<XML
<policies>
<inbound>
<cors allow-credentials="false">
<allowed-origins>
<origin>https://*.energent.ai</origin>
</allowed-origins>
<allowed-methods>
<method>GET</method>
<method>POST</method>
</allowed-methods>
</cors>
<rate-limit calls="1000" renewal-period="60" />
</inbound>
<backend />
<outbound />
<on-error />
</policies>
XML
}
tags = {
Environment = var.environment
Service = "api-management"
}
}
6. Security & Compliance
6.1 Network Security
6.1.1 Virtual Network Configuration
# Virtual Network Security Groups
resource "azurerm_network_security_group" "aks_nsg" {
name = "energent-aks-nsg"
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
security_rule {
name = "AllowHTTPS"
priority = 1001
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "443"
source_address_prefix = "VirtualNetwork"
destination_address_prefix = "*"
}
security_rule {
name = "DenyAll"
priority = 4096
direction = "Inbound"
access = "Deny"
protocol = "*"
source_port_range = "*"
destination_port_range = "*"
source_address_prefix = "*"
destination_address_prefix = "*"
}
tags = {
Name = "energent-aks-nsg"
}
}
6.1.2 Network Security Rules
| Direction | Protocol | Port Range | Source/Destination | Purpose |
|---|
| Inbound | HTTPS | 443 | VNet CIDR | API access |
| Inbound | TCP | 1024-65535 | Internet | Return traffic |
| Outbound | HTTPS | 443 | Internet | External API calls |
| Outbound | TCP | 53 | Internet | DNS resolution |
6.2 Encryption Standards
| Data State | Encryption Method | Key Management | Compliance |
|---|
| At Rest | AES-256-GCM | Azure Key Vault with auto-rotation | SOC 2, FIPS 140-2 Level 3 |
| In Transit | TLS 1.3 | Azure Certificate Manager | SOC 2, PCI DSS |
| In Memory | Application-level | Hardware Security Module | SOC 2 |
| Backup | AES-256 | Cross-region Key Vault | SOC 2, GDPR |
6.3 Azure AD and RBAC
6.3.1 AKS Service Identity
# Azure AD Integration
resource "azurerm_role_assignment" "aks_acr_pull" {
scope = azurerm_container_registry.main.id
role_definition_name = "AcrPull"
principal_id = azurerm_kubernetes_cluster.energent_cluster.kubelet_identity[0].object_id
}
resource "azurerm_role_assignment" "aks_network_contributor" {
scope = azurerm_subnet.aks_subnet.id
role_definition_name = "Network Contributor"
principal_id = azurerm_kubernetes_cluster.energent_cluster.identity[0].principal_id
}
7. Network Architecture
7.1 Virtual Network Design
┌─────────────────────────────────────────────────────────────────┐
│ VNet (10.0.0.0/16) │
│ │
│ ┌─────────────────┐ ┌─────────────────┐ ┌─────────────┐ │
│ │ Public Subnet │ │ Public Subnet │ │ Public Sub │ │
│ │ (10.0.1.0/24) │ │ (10.0.2.0/24) │ │(10.0.3.0/24)│ │
│ │ │ │ │ │ │ │
│ │ NAT Gateway │ │ NAT Gateway │ │NAT Gateway │ │
│ │ App Gateway │ │ App Gateway │ │App Gateway │ │
│ └─────────────────┘ └─────────────────┘ └─────────────┘ │
│ │ │ │ │
│ ┌─────────────────┐ ┌─────────────────┐ ┌─────────────┐ │
│ │ Private Subnet │ │ Private Subnet │ │Private Sub │ │
│ │ (10.0.11.0/24) │ │ (10.0.12.0/24) │ │(10.0.13.0/24│ │
│ │ │ │ │ │ │ │
│ │ AKS Nodes │ │ AKS Nodes │ │ AKS Nodes │ │
│ │ Functions VNet │ │ Functions VNet │ │ Functions │ │
│ └─────────────────┘ └─────────────────┘ └─────────────┘ │
│ │ │ │ │
│ ┌─────────────────┐ ┌─────────────────┐ ┌─────────────┐ │
│ │ Data Subnet │ │ Data Subnet │ │ Data Subnet │ │
│ │ (10.0.21.0/24) │ │ (10.0.22.0/24) │ │(10.0.23.0/24│ │
│ │ │ │ │ │ │ │
│ │ Cosmos DB │ │ Cosmos DB │ │ Cosmos DB │ │
│ │ Storage Acct │ │ Storage Acct │ │ Storage │ │
│ └─────────────────┘ └─────────────────┘ └─────────────┘ │
└─────────────────────────────────────────────────────────────────┘
7.2 Private Endpoints
| Service | Type | Purpose |
|---|
| Blob Storage | Private Endpoint | Object storage access |
| Cosmos DB | Private Endpoint | Metadata access |
| AKS | Private Endpoint | Cluster API access |
| Container Registry | Private Endpoint | Container registry |
| Azure Monitor | Private Endpoint | Monitoring and logging |
| Key Vault | Private Endpoint | Secrets access |
8. CI/CD Pipeline
8.1 Infrastructure as Code (Terraform)
8.1.1 Terraform Structure
terraform/
├── environments/
│ ├── dev/
│ ├── staging/
│ └── production/
├── modules/
│ ├── aks/
│ ├── networking/
│ ├── security/
│ └── storage/
├── shared/
│ └── backend.tf
└── global/
└── rbac.tf
8.1.2 Terraform Pipeline (Azure DevOps)
# azure-pipelines.yml
trigger:
branches:
include:
- main
- develop
paths:
include:
- terraform/*
pool:
vmImage: 'ubuntu-latest'
variables:
terraformVersion: '1.6.0'
azureServiceConnection: 'Azure-Production'
stages:
- stage: Plan
jobs:
- job: TerraformPlan
steps:
- task: TerraformInstaller@0
inputs:
terraformVersion: $(terraformVersion)
- task: AzureCLI@2
inputs:
azureSubscription: $(azureServiceConnection)
scriptType: 'bash'
scriptLocation: 'inlineScript'
inlineScript: |
cd terraform/environments/$(Build.SourceBranchName)
terraform init
terraform plan -var-file="$(Build.SourceBranchName).tfvars"
- stage: Apply
condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/main'))
jobs:
- deployment: TerraformApply
environment: 'production'
strategy:
runOnce:
deploy:
steps:
- task: AzureCLI@2
inputs:
azureSubscription: $(azureServiceConnection)
scriptType: 'bash'
scriptLocation: 'inlineScript'
inlineScript: |
terraform apply -auto-approve
8.2 Kubernetes GitOps (Flux)
8.2.1 Flux Configuration
# flux-system/gotk-sync.yaml
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: GitRepository
metadata:
name: energent-k8s
namespace: flux-system
spec:
interval: 1m
ref:
branch: main
url: https://github.com/energent-ai/k8s-manifests
---
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
kind: Kustomization
metadata:
name: energent-apps
namespace: flux-system
spec:
interval: 10m
path: './apps'
prune: true
sourceRef:
kind: GitRepository
name: energent-k8s
validation: client
8.3 Serverless Deployment (Azure Functions Core Tools)
8.3.1 Function App Configuration
# local.settings.json
{
'IsEncrypted': false,
'Values':
{
'AzureWebJobsStorage': 'DefaultEndpointsProtocol=https;AccountName=...',
'FUNCTIONS_WORKER_RUNTIME': 'python',
'FUNCTIONS_EXTENSION_VERSION': '~4',
'COSMOSDB_CONNECTION_STRING': '@Microsoft.KeyVault(VaultName=energent-kv;SecretName=cosmos-connection)',
'KEY_VAULT_URL': 'https://energent-kv.vault.azure.net/',
},
'ConnectionStrings': {},
}
# Deployment script
#!/bin/bash
func azure functionapp publish energent-auth-production --python
func azure functionapp publish energent-billing-production --python
9. Monitoring & Observability
9.1 Azure Monitor Configuration
9.1.1 Container Insights
# Log Analytics Workspace
resource "azurerm_log_analytics_workspace" "main" {
name = "energent-logs-${var.environment}"
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
sku = "PerGB2018"
retention_in_days = 90
tags = {
Environment = var.environment
Purpose = "monitoring"
}
}
# Application Insights
resource "azurerm_application_insights" "main" {
name = "energent-appinsights-${var.environment}"
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
workspace_id = azurerm_log_analytics_workspace.main.id
application_type = "web"
tags = {
Environment = var.environment
Purpose = "application-monitoring"
}
}
9.2 Application Metrics
| Metric Category | Metrics | Target | Alert Threshold |
|---|
| Availability | Uptime, Health Checks | 99.9% | < 99.5% |
| Performance | Response Time, Throughput | < 2s, > 1000 RPS | > 5s, < 500 RPS |
| Resource Usage | CPU, Memory, Storage | < 80% | > 90% |
| Error Rates | 4xx, 5xx errors | < 1% | > 5% |
9.3 Audit Logging
# Azure Policy for Audit Logging
resource "azurerm_policy_assignment" "audit_aks" {
name = "audit-aks-logging"
scope = azurerm_kubernetes_cluster.energent_cluster.id
policy_definition_id = "/providers/Microsoft.Authorization/policyDefinitions/a237c691-d2f7-4b8b-b781-c0c92e09e5b8"
parameters = jsonencode({
logAnalyticsWorkspaceId = {
value = azurerm_log_analytics_workspace.main.id
}
})
}
10. Deployment Process
10.1 Deployment Timeline
| Phase | Duration | Activities | Stakeholders |
|---|
| Pre-Deployment | 2-3 days | Infrastructure planning, security review | Customer IT, Security, Energent Solutions |
| Infrastructure | 1-2 days | Terraform deployment, VNet setup | Customer DevOps, Energent Platform |
| AKS Cluster | 0.5 day | Cluster provisioning, node pools | Customer DevOps, Energent Platform |
| Application | 0.5 day | Flux deployment, application rollout | Energent Platform Team |
| Integration | 1-2 days | Azure AD, monitoring, testing | Customer IT, Energent Support |
| Go-Live | 0.5 day | Production cutover, validation | All stakeholders |
10.2 Deployment Commands
10.2.1 Infrastructure Deployment
# Infrastructure Deployment with Terraform
cd terraform/environments/production
terraform init -backend-config="storage_account_name=energentterraform"
terraform plan -var-file="production.tfvars"
terraform apply -auto-approve
# Verify AKS cluster
az aks get-credentials --resource-group energent-prod-rg --name energent-production
kubectl get nodes
10.2.2 Application Deployment
# Install Flux GitOps
flux bootstrap github \
--owner=energent-ai \
--repository=k8s-manifests \
--branch=main \
--path=./clusters/production
# Deploy serverless components
cd functions/auth/
func azure functionapp publish energent-auth-production --python
cd ../billing/
func azure functionapp publish energent-billing-production --python
# Verify deployment
kubectl get pods -n energent-ai
kubectl get ingress -n energent-ai
10.3 Deployment Validation
# Health check endpoints
curl -k https://api.energent.example.com/health
curl -k https://api.energent.example.com/metrics
# Kubernetes validation
kubectl top nodes
kubectl get hpa -n energent-ai
kubectl logs -n energent-ai -l app=energent-platform
11. Operations & Maintenance
11.1 Backup & Disaster Recovery
11.1.1 Backup Strategy
| Component | Frequency | Retention | RTO | RPO |
|---|
| AKS Cluster State | Daily | 30 days | < 4 hours | < 24 hours |
| Application Data | Real-time | 90 days | < 1 hour | < 15 minutes |
| Configuration | On change | 1 year | < 30 minutes | 0 |
| Audit Logs | Real-time | 7 years | < 24 hours | 0 |
11.1.2 Disaster Recovery Procedures
# AKS cluster backup using Velero
velero backup create energent-cluster-backup \
--include-namespaces energent-ai \
--storage-location azure
# Cosmos DB point-in-time recovery
az cosmosdb sql database restore \
--resource-group energent-prod-rg \
--account-name energent-metadata-production \
--database-name energent-database \
--restore-timestamp "2025-05-28T10:00:00Z"
11.2 Scaling & Performance
11.2.1 Auto-Scaling Configuration
# Horizontal Pod Autoscaler
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: energent-platform-hpa
namespace: energent-ai
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: energent-platform
minReplicas: 3
maxReplicas: 50
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80
11.3 Update & Maintenance
11.3.1 Rolling Updates
# AKS cluster update
az aks upgrade \
--resource-group energent-prod-rg \
--name energent-production \
--kubernetes-version 1.30
# Application rolling update via Flux
git commit -am "Update energent-platform to v2.1.0"
git push origin main
# Flux automatically detects and applies changes
12. Support & Escalation
12.1 Support Tiers
| Tier | Response Time | Channels | Scope |
|---|
| L1 - Basic | < 4 hours | Email, Portal | General questions, documentation |
| L2 - Standard | < 2 hours | Phone, Email, Teams | Technical issues, integration support |
| L3 - Premium | < 1 hour | Phone, Teams, Video | Complex technical issues, architecture |
| L4 - Critical | < 30 minutes | Phone, SMS, Escalation | Production outages, security incidents |
12.2 24/7 Support Coverage
Enterprise Support:
Emergency Escalation:
12.3 Service Level Agreements
| Service | SLA | Penalty |
|---|
| Platform Availability | 99.9% uptime | 10% monthly credit per 0.1% shortfall |
| Response Time (P95) | < 2 seconds | 5% monthly credit if > 5 seconds |
| Support Response | Per tier above | Escalation to next tier |
| Data Recovery | RTO < 4 hours | 25% monthly credit if exceeded |
Appendices
Appendix A: Security Compliance Checklist
Appendix B: Troubleshooting Guide
Common Issues:
-
AKS Nodes Not Joining Cluster
- Verify service principal and security groups
- Check subnet routing and NAT gateway
-
Application Pods CrashLooping
- Check resource limits and requests
- Verify persistent volume claims
-
Network Connectivity Issues
- Verify private endpoints configuration
- Check network security group rules
- Document Classification: Public
- Version: 3.0
- Last Updated: 2025-05-28
- Next Review: 2025-08-28
- Contact: support@energent.ai