Skip to main content

Development environment reference architecture

Introduction to the development environment reference architecture

Purpose:
Used by developers for writing, building, and initially verifying new code or features.
The Thinkwise Software Factory is the production environment for your developers.

User Types:

  • Software Developers: Primary users for code creation and modification.
  • Technical Leads/Architects: Occasionally validate implementation approaches or perform initial reviews.

Access Method:

  • Typically via local user accounts or developer-managed credentials.
  • No external authentication (such as OpenID) required; focus is on ease of access for rapid iteration.

Data:

  • Synthetic, mock, or minimal datasets for functionality checks.
  • Usually isolated from real, acceptance, or production data.

Typical Activities:

  • Code writing and debugging
  • Unit testing and initial functional checks
  • Code reviews and developer integration

Tools:

  • Thinkwise Software Factory
  • SSMS

Development environment requirements

A development environment should be set up with as few restrictions as possible and requires the following conditions to function properly:

  • Minimal Restrictions – Allow smooth debugging, integration, and testing of components.
  • AI Configuration – Requires an active (paid) API key to access AI services such as OpenAI or other platforms.
  • Database Requirements – Installation of Microsoft SQL Server is required:
    • Version: Standard or Enterprise
    • Full Text Search must be enabled
  • Security (SSL/TLS) – The environment must support SSL:
    • Browsers impose restrictions on HTTP, leading to reduced performance compared to HTTPS.
    • Supported certificate types:
      • Standard SSL certificate
      • Wildcard certificate
      • Self-signed certificate (acceptable for internal testing)
  • Thinkwise Windows GUI for development – Requires at least 500MB RAM memory per user.
  • Indicium Service Account – A dedicated service account is required for running Indicium with:
    • Write permissions on the Indicium directory
    • Access rights to both the IAM database and the application database
    • Secure management in accordance with the organization’s identity and access policies

Cloud

Architecture and connections with 4 developers or less

Cloud development environment reference architecture

Connections:

  1. Developer to Internet – Connects to the bastion environment via public internet.
  2. Internet to External Firewall – Incoming connection hits an external firewall.
  3. External Firewall to Bastion (Jump Server) – Traffic passes into the secure bastion environment.
  4. Bastion to Internal Firewall – Traffic moves through an internal firewall into protected VNets.
  5. Bastion to App Server (VNet 3) – Secure connection to application servers.
  6. Bastion to SQL Server (VNet 2) – Secure connection to SQL Server.
  7. App Server to SQL Server – Application servers connect to the SQL server.

Summary of commonly used ports:

ServiceTypical Port Numbers
RDP (Remote Desktop Protocol)TCP 3389
HTTPS (secured web/admin)TCP 443
SQL ServerTCP 1433

Architecture and connections with 5 developers or more

Cloud development environment reference architecture

Connections:

  1. Developer to Internet – Connects to the bastion environment via public internet.
  2. Internet to External Firewall – Incoming connection hits an external firewall.
  3. External Firewall to Bastion (VPN) – Traffic passes into the bastion environment (VPN).
  4. Bastion to Internal Firewall – Traffic moves through an internal firewall into protected VNets.
  5. Bastion to App Server (VNet 3) – Secure connection to application servers.
  6. Bastion to SQL Server (VNet 2) – Secure connection to SQL Server.
  7. App Server to SQL Server – Application servers connect to the SQL server.

Summary of commonly used ports:

ServiceTypical Port Numbers
HTTPS (secured web/admin)TCP 443
SQL ServerTCP 1433

Sizing (hardware cloud)

Recommended specifications (cloud):

ComponentAzureAWSGoogle
VM (optional)DS11 v2
(2 vCPUs, 14 GiB)
m6i.large (2 vCPU, 16 GiB)E2-standard-4 (4vCPU, 16 GB)
SQLAzure Managed Instance
(4vCores, 20 GB)
AWS RDS
db.m5.xlarge (4 vCPU, 16GB)
SQL server
4 vCPU, 16 GB
Indicium & UniversalAppService
Basic B2
Elastic Beanstalk
t3.large
Cloud Run (Memory: 1 GB)
Storage Bucket
Class data: Default Class Standard

Cloud environment setup

For more information about setting up a cloud environment, see:

On Premise

Architecture and connections

On-premise development environment reference architecture

Connections:

  1. Developer to Internet – The developer initiates a connection to the VPN gateway through the Internet.
  2. Internet to Firewall – The request reaches a firewall that filters inbound VPN traffic.
  3. Firewall to VPN Gateway – Traffic allowed by firewall rules passes to the VPN Gateway.
  4. VPN Gateway to Internal Networks – After authentication, the VPN Gateway routes traffic securely into internal networks.
  5. Client Network to Application Server (Network 2) – Developers or clients from internal networks access applications hosted on the Application Server.
  6. Client Network to SQL Server (Network 1) – Direct interaction from developer/client machines to the SQL Server (management tools, database queries).
  7. App Server to SQL Server – Application Server accesses the databases hosted on SQL Server.

Summary of commonly used ports:

ServiceTypical Port Numbers
HTTPS (secured web / VPN SSL)TCP 443
SQL ServerTCP 1433
RDP (Remote Desktop Protocol)TCP 3389

Sizing (hardware on premise)

Recommended hardware specifications (IIS Server):

ComponentConfiguration
CPU4 vCPUs
Memory16 GB RAM
Storage100–200 GB
OSWindows Server 2019/2022

Recommended hardware specs (SQL Server):

ComponentConfiguration
CPU4 vCPUs
Memory16 GB (1–5 developers)
32 GB (6–10 developers)
StorageWindows/SQL installation: 200 GB
SQL Data: 200 GB
SQL Log: 100 GB
Best practice is to separate the installation, data and log locations
OSWindows Server 2019/2022
SQLSQL Server 2019/2022 Standard or Enterprise

On-premise environment setup

For more information about setting up an on-premise environment, see:


Was this article helpful?