Tesserra Well-Architected Framework

Reliability

Resilience tiers, multi-zone placement, Autoscale, and HA Datastores.

Review questions

• What is your target RTO and RPO?
• Are Compute replicas spread across Zones?
• Is Datastore HA enabled for production?

Recommended practices

• Use multi-zone resilience for production web and API workloads.
• Enable Autoscale on stateless Compute with health checks.
• Define Insight alerts for error rate, latency p99, and disk usage.

Anti-patterns

• Single Compute instance with no Autoscale in production.
• Shared Datastore schema across unrelated microservices.

Security

Sentinel WAF, tenant isolation, managed TLS, audit trail.

Review questions

• Is every public endpoint behind Sentinel and Gateway?
• Are internal services on a private Fabric only?
• Do you rotate API keys and database credentials on schedule?

Recommended practices

• Place Sentinel in block mode before Gateway in production.
• Never expose Compute ports directly to the internet.
• Use Archive with private buckets for sensitive documents.

Anti-patterns

• TLS termination on Compute instead of Gateway.
• WAF in warn-only mode in production without a migration plan.

Performance

Zone-aware routing, caching, messaging offload, right-sized Compute.

Review questions

• Which endpoints drive 80% of traffic?
• Can async work move to Conduit, Lane, or Beacon?
• Is Redis or read replica caching in place for hot paths?

Recommended practices

• Right-size Compute CPU/memory from Insight baselines.
• Offload long tasks to Lane workers with Autoscale max replicas.
• Use Beacon for fan-out notifications instead of polling.

Anti-patterns

• Synchronous chains across five microservices for every request.
• Oversized Datastore without connection pooling on Compute.

Operational excellence

Insight metrics, organization Health console, one-click provisioning.

Review questions

• Can you provision a staging clone from blueprint in under an hour?
• Who receives Insight alerts and owns the runbook?
• Is deployment automated (CI → container registry → Tesserra)?

Recommended practices

• Store project blueprints in version control.
• Tag every resource with environment and team owner.
• Review the Health console weekly for SLA and incident trends.

Anti-patterns

• Manual console changes without blueprint updates.
• No staging environment mirroring production topology.

Cost optimization

Plan-aligned quotas, scale-to-zero workers, tiered retention.

Review questions

• Are dev/staging environments scaled down or stopped off-hours?
• Is Archive lifecycle policy aligned with compliance retention?
• Do Autoscale min replicas match actual baseline traffic?

Recommended practices

• Start with Pro plan patterns; upgrade tier when multi-region is required.
• Use scale-to-zero workers for batch Lane consumers where SLA allows.
• Monitor token and quota consumption in organization dashboard.

Anti-patterns

• Production-sized replicas in development projects.
• Unbounded Insight retention without business justification.

Pre-production checklist

• Reference pattern selected and blueprint stored in version control.
• Sentinel + Gateway configured for all public endpoints.
• Insight dashboards and alert routes tested in staging.
• Resilience tier matches contract (multi-zone vs multi-region).
• Runbook documented for Datastore restore and Compute rollback.