06
fev
DevOps
06
jun
Bringing cloud native concepts through DevAx to accelerate cloud journey for Big Red Group
DNX Solutions delivered the AWS Developer Acceleration (DevAx) enablement program to Big Red Group (BRG). The program is aimed at increasing the customers’ developer skills for cloud adoption and building developer cloud native fluency across their organisation. A major focus of AWS DevAx is the developer patterns and practices of modernisation and distributed system design, to break down and rearchitect monolithic application architectures.
The DNX team delivered the AWS DevAx enablement as a structured program by running a structured enablement program, working directly with BRG’s development teams for six weeks. A comprehensive curriculum taught through workshops and co-development sessions resulted in the upskilling of BRG’s internal development community.
What is the “Monoliths To Microservices” Program?
The migration from a monolithic architecture to microservices requires both a willingness on the part of the developer and the business as a whole, as well as a thorough understanding of the way in which architectures such as microservices design patterns can be used and the tools that can be utilised in order to deploy them.
The AWS DevAx “Monoliths to Microservices” program aims to increase developers’ knowledge and experience in distributed system design patterns, or to assist developers in gaining more experience in developing on AWS in general. The program takes a theory and patterns-first approach, then introduces the AWS developer tools. It, therefore, targets experienced developers looking to increase their skills, which perfectly reflects the BRG team that undertook the program with DNX Solutions.
Over the 6 weeks that DNX delivered the program, BRG developers started with a Java Springboot Monolith with a large RDBMS backend and methodically broke the monolith into a series of decoupled microservices. The DNX team rehosted the application in AWS, and then refactored the application architecture to utilise application release automation, bounded context based microservices, refactor and rearchitect the databases, implement an event driven system, implement authentication and authorisation systems, and create AI driven services.
Topics like microservices security best practices are covered as a cross-cutting topic across all modules.
- Module 1: Lift & Shift – Migrating The Monolith
- Module 2: Application Release Automation
- Module 3: Create a Microservice
- Module 4: Refactor Your Database
- Module 5: Microservices Decoupled Eventing & Messaging Architectures
- Module 6: Creating an Authenticated Single Page App
- Module 7: Creating Immersive AI Experiences
What is the value of the AWS DevAx program to BRG?
The DevAx enablement contributed to a mindset shift in the BRG Java developers, where they received the knowledge and tools required to alter their way of working from monolithic applications to a microservices-based architecture. This gave them the chance to understand the new technology, the different opportunities it provides and why it is worth adopting. For a company that is dealing with multiple brands all with unique infrastructures and functionalities, merging the data was a mammoth task that required an open-minded and educated developer team. As stated by the BRG Head of Engineering, this complexity is the reason “Devax Academy was extremely important in changing our team’s mindset, encouraging them to get involved with the project”. In addition, the deep understanding and insight into the patterns BRG’s teams need to break the monolithic across different types of architectures at speed will allow developers to reuse those same patterns in the future.
To move from monolith to microservices was a breakthrough for BRG. By moving away from long-running environments and drastically altering the development life cycle, teams can begin doing development with whatever the code repository is, allowing developers to spin up the environments. In addition, the cost of non-production is massively decreased by maintaining production and changing non-production as development is undertaken. In BRG’s case, the new confidence in breaking up and re-architecting monolithic applications that cannot be easily rehosted in the cloud has opened up many more doors, such as making it possible for them to build a secure Infrastructure as a Service (IaaS) that is simple to use and maintain. An additional benefit of microservices is the ability to implement Straight-Through Processing (STP). STP uses automation to increase the speed of financial transactions, which not only simplifies financial processes but its implementation at BRG has also saved them a huge amount in operational expenditure.
Upon completion of the program, the BRG team had gained a thorough foundation of knowledge and insight, meaning they are not only willing but also able, to strive for continual improvement. These benefits are just some of those gained by BRG due to the move from monolith to microservice technology, all of which can be achieved by any business willing to commit to the change.
DNX Solutions values sharing knowledge and is proud to be able to deliver comprehensive programs through the AWS DevAx enablement. For businesses that want to take control of their assets without having to rely on external resources, completing enablement through DevAx is a straightforward and valuable way to increase in-house skills. To see how your business can benefit from this program, contact DNX today.
01
jun
Big Red Group’s challenge to create a new infrastructure for multiple unique brands
Big Red Group (BRG) is the leading experience partner in Australia and New Zealand.
BRG is the parent company of major experience brands, such as RedBalloon, Adrenaline, Lime&Tonic, and Experience OZ. Each one of them have their unique value proposition to attract and engage diverse audiences, with exclusive distribution channels, B2C and B2B offerings, and unlock access to more than 10,000 experiences across Australia and New Zealand.
The Challenge
After acquiring new brands and inheriting their technology and infrastructure, BRG had to maintain multiple infrastructure sets resulting in the challenge of creating and maintaining new functionalities for each brand. In addition, they had the challenge of providing meaningful reports for the business due to their different data models.
BRG were seeking a cloud consultant partner that could assist them in building a secure infrastructure as a service that was simple to use and maintain from day one. They also sought increasingly leveraging microservices to ensure continuous, agile delivery and flexible deployment of complex, service-oriented applications.
DNX Solutions determined BRG’s business and technical capabilities, such as the interdependencies, storage constraints, release process, and level of security. With the required information at hand and BRG’s required technology, DNX developed a roadmap to meet BRG’s Technical and Business objectives, using AWS best practices “The 7R’s” (retire, retain, relocate, rehost, repurchase, replatform, and refactor).
The Solution
BRG’s project was implemented in two phases where an AWS Foundation, Application Platform (Containers), and Application BluePrints (Static frontEnd and Containers with full CI/CD PIpeline) were delivered.
DNX Well-Architected Foundation entails
- AWS Landing Zones
- 100% infra-as-code
- CI/CD for infrastructure
- CDK in Typescript
- Knowledge transfer
- Cost Report and optimization
- AWS ClientVPN Auditing Strategy
AWS Application Platform
- AWS ECS
- CloudFront + S3 (Static Application)
- Application CI/CD Strategy
- Monitoring strategy
- Auto-scaling strategy
- Logging strategy and retention
- Secrets management
- Application BluePrints
The Outcome
The DNX team designed and implemented a safe infrastructure as a code for AWS Cloud Development Kit (CDK) in typescript to run inside the AWS cloud Formation for their entire foundation as per BRG’s prerequisites.
The typescript was chosen by BRG’s team to provide them with an easier way to write and maintain not just the applications codebase but also infrastructure. TypeScript is a superset of JavaScript which primarily provides optional static typing, classes, and interfaces. One of the big benefits is to enable IDEs to provide a richer environment for spotting common errors as you type the code which BRG’s team was already very familiar with.
It offers all the features of JavaScript, plus an additional layer on top of these – the TypeScript type system. This can help companies to build more robust code, reduce runtime type errors, take advantage of modern features before they are available in JavaScript, and work better with development teams.
DNX also deployed Application Blueprints (Static frontEnd and Containers with full CI/CD Pipeline) so BRG’s team could deploy, migrate, manage and monitor their own applications in the AWS cloud in the future.
As with all of our projects, DNX delivered extensive documentation and sessions on transferring knowledge covering how DNX Foundations works, how to deploy applications, how to run CI/CD pipelines, and more.
Moreover, DNX delivered the AWS Devax Academy training program Monoliths to Microservices for Java developers for six weeks.
Conclusion
No matter your needs or requirements, DNX is able to deliver the right solution for your business.
Everybody in the DNX team has been very pleasant to work
with from end to end. The walkthrough was very
informative and the DNX team was helpful in accommodating
different requests. Thanks, DNX and AWS
23
maio
How DevOps is contributing to CreditorWatch’s Digital Transformation
We live in a Digitally Transformed world where technology allows new forms of work in a rapidly changing environment. Traditional businesses are challenged by start-ups and tech companies with innovative and disrupting business models. New apps and services are created and become obsolete in the blink of an eye.
The traditional development, test, production, and operation models no longer serve our high-speed, connected world, but rather create bottlenecks and friction between departments. Each of the technology areas ends up becoming a silo with strict interaction rules.
On one side of the ring, we have development, trying to answer in the best and fastest way it can through the use of business insights, agile methodologies, and modern architectures and languages. In the other corner, there is IT operations, on a quest for stability and control of the production environments. IT operations is tasked with creating processes and procedures to ensure that every piece of released code is stable enough to avoid incidents, all the while continuing to protect what is already running.
And between them? A huge abyss. This distance separating Development and Operations results in clashes, increasing the time for delivery and problem resolution.
To reduce the friction and allow business ideas to become features to service consumers, the DevOps concept was forged around 2010. It is a concept that continues to grow and, in recent years, has begun changing the IT landscape.
What is DevOps?
DevOps is work culture, bringing software development closer to IT operations, allowing the business as a whole to reap the rewards of collaboration.
DevOps is not a methodology or a tool, but a set of practices built on automation, communication and shared objectives, changing organisational cultures to bring to life a new way to deliver IT. DevOps includes the whole Design, Build and Operate IT lifecycle, unifying these processes with governance and security serving as its basis, sewed up with automation, and an agile way of working.
How is DNX assisting CreditorWatch to evolve and implement a DevOps culture?
All DNX projects use DevOps practices, which provides us the ability to deliver higher quality solutions to clients, with faster and continuous delivery.
Clients are often so impressed by these results that they wish to deliver the same level of quality, knowledge, and efficiency to their own clients.
After completing a successful data modernisation project with DNX, CreditorWatch wanted to continue its digital transformation by implementing a DevOps culture in its IT operations. The DNX professional services team delivered a series of hands-on workshops where developers learned about configuration management, infrastructure as a code, and the whys of the platform. This gives developers the ability to transform into a DevOps team.
The learning curve is decreased considerably through DNX’s pattern and template creation, allowing CreditorWatch’s developer team to recreate their own means to act as a platform.
What is CreditorWatch obtaining with its Digital Transformation?
By adopting DevOps practices, CreditorWatch, represented by its CTO Joseph Vartuli, is building a culture of shared responsibility, transparency, and faster feedback as the foundation of every product and feature developed by its team. This gives them:
- Increased competitive advantage
- Decreased risks
- Decreased costs
- Continuous delivery and deployment
Continuous delivery is an ongoing DevOps practice of building, testing, and delivering improvements to software code and user environments with the help of automated tools. The key outcome of the continuous delivery (CD) paradigm is code that is always in a deployable state.
- Reduced downtime
- Reduced time to market
- Increased employee engagement and satisfaction, through the use of the latest technologies
Adopting a DevOps work culture means different teams within the business collaborate in order to reach a shared goal. Products and services are delivered to your end users at a faster rate with a higher level of quality. As technology becomes integrated with every aspect of our lives, work silos only get in the way. Just like CreditorWatch, you too can benefit from DevOps practices, transporting your business to the future.
The Unique Value DNX brought to the CreditorWatch Project
DNX Solutions utilised its knowledge on DevOps, Cloud, data, and Software Engineering to provide CreditorWatch with a secure environment that continually meets ISO and other compliance standards. The diversity of experience integrated within the DNX team allowed for instant identification of areas for improvement in CreditorWatch’s systems. In addition, DNX assisted CreditorWatch in bringing about a cultural change by transferring its DevOps mindset approach. Not only was the goal of agility and efficiency reached by the close of the project, but significant storage cost reductions were made enabling CreditorWatch to compete to a higher standard and continue to expand.
02
maio
CreditorWatch Democratises Credit Data
CreditorWatch was founded in 2010 by a small business owner who wanted to create an open source, affordable way for SMBs to access and share credit risk information. Today, CreditorWatch’s subscription-based online platform enables its 55,000+ customers—from sole traders to listed enterprises—to perform credit checks and determine the risk to their businesses. It also offers additional integrated products and services that help customers make responsible, informed credit decisions.
CreditorWatch helps businesses understand who they are trading with and any creditor issues associated with that particular business. They analyse data from 30 different sources, including both private and government sources. Some of their most powerful behaviour data is crowdsourced from their very own customers providing insights into businesses. Ultimately, CreditorWatch customers get access to Australia’s most insightful business credit rating.
The Challenge of Australia’s Largest Commercial Credit Bureau
An expansion phase saw major corporations, including Australia’s Big Four banks, looking to leverage CreditorWatch’s rich dataset and granular analytics capabilities. As a result, CreditorWatch decided to increase its agility and efficiency. With the need to provide a continuously secure and compliant environment, with reduced costs and increased time to market, CreditorWatch engaged with DNX Solutions. DNX was tasked with creating and executing a roadmap for the improvements, targeting cloud-native concepts, and bringing more efficiency to the IT and Operations teams.
Through workshops during the discovery phase, DNX determined CreditorWatch’s business and technical capabilities, such as the interdependencies, storage constraints, release process, and level of security. With the required information at hand, DNX developed a roadmap to meet CreditorWatch’s Technical and Business objectives, using AWS best practices “The 7R’s” (retire, retain, relocate, rehost, repurchase, replatform, and refactor).
A Safe Environment to Meet ISO Standards
To continue delivering a safe platform to their customers and meeting the requirements of ISO and other compliance standards, DNX constructed a new secure AWS environment utilising its DNX.one Foundation.
Rather than undergoing a lengthy and expensive process each time a safe environment needs to be recreated, DNX.one helps customers build secure and scalable container platforms at high-availability and low-cost. This unique marketplace solution designed for AWS with well-architected principles combines years of cloud experience in a platform focused on simplicity, infrastructure-as-code and open sources technologies. In addition, DNX.one provides a consistent approach to implementing designs that will scale CreditorWatch’s application needs over time.
Once CreditorWatch’s environment was secured with the best AWS and industry practices, it was time to move to the modernisation phase.
Instant Cost Reduction of 120K per Year With Data Modernisation
Due to the amount of data received on a daily basis, CreditorWatch’s database increases considerably in size and cost.
The DNX data team worked on the data Engineering by optimising CreditorWatch’s Aurora database and its tools to full capability.
Amazon Aurora is a MySQL and PostgreSQL-compatible relational database built for the cloud that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases.
Amazon Aurora features a distributed, fault-tolerant, self-healing storage system that auto-scales up to 128TB per database instance. It delivers high performance and availability with up to 15 low-latency read replicas, point-in-time recovery, continuous backup to Amazon S3, and replication across three Availability Zones.
Aurora data is stored in the cluster volume, which is a single, virtual volume that uses solid state drives (SSDs). A cluster volume consists of copies of the data across three Availability Zones in a single AWS Region. Because the data is automatically replicated across Availability Zones, customers’ data is highly durable with less possibility of data loss. This replication also ensures that databases are more available during a failover.
The Aurora cluster volume contains all user data, schema objects, and internal metadata, such as the system tables and the binary log. Its volumes automatically grow as the amount of data in the customer’s database increases.
With extensive data knowledge and years of experience with AWS solutions and tools, DNX provided a unique solution to configure Aurora Database leveraging its full capabilities, which resulted in an instant cost reduction of over 90K per year related to instant threshold of data availability.
The DNX team also created an automated archiving process utilising AWS Airflow, which analyses CreditorWatch’s database tables, identifying data which is unused for a period of time. Unused data is then archived with a different type of file storage at a cheaper rate than S3. This process resulted in an additional cost reduction of 30K per year.
The Unique Value DNX brought to the CreditorWatch Project
DNX Solutions utilised its knowledge on DevOps, Cloud, data, and Software Engineering to provide CreditorWatch with a secure environment that continually meets ISO and other compliance standards. The diversity of experience integrated within the DNX team allowed for instant identification of areas for improvement in CreditorWatch’s systems. In addition, DNX assisted CreditorWatch in bringing about a cultural change by transferring its DevOps mindset approach. Not only was the goal of agility and efficiency reached by the close of the project, but significant storage cost reductions were made enabling CreditorWatch to compete to a higher standard and continue to expand.
A eficacia de uma líderança depende do uso de dados para tomar decisões importantes, é preciso ter um olhar amplo com informações assertivas para ter ações significativas, assim é contruida uma estratégia de dados moderna para fornecer insights às pessoas e aplicações que precisam, com segurança e em qualquer escala. A DNX Brasil ajuda sua empresa a aplicar análise de dados em seus casos de uso mais críticos para os negócios com soluções completas que precisam de experiência em dados.
Descubra o valor dos dados
04
fev
Workstar: Modernising a Windows-based application by applying DevOps on AWS
About Workstar
Workstar is an Australian Company based in New South Wales (NSW) dedicated to assisting corporations in developing customised, digital learning solutions based on real-life, practical situations. Operating since 2002, Workstar remains deeply dedicated to a ‘hands-on’ approach, providing options based on first-hand experience.
From scenario-based learning to the gamification of the workplace, Workstar professionally tailors each proposal to their clients’ needs on an ad hoc basis, offering both excellent service and professionalism. Their clients include reputable organisations such as Telstra, Westfield and McDonald’s.
The Business Challenge
Workstar is a Microsoft-based company, and were manually delivering web application releases via RDP protocol, where the likelihood for human error is higher. The requirement for developers to manually use a maintenance window for safe operation extended an already lengthy lead time.
DNX Solutions was consulted and engaged to design and implement a tailor-made approach to achieve an optimal outcome for Workstar. During the discovery phase, the team noticed the absence of Load Balancers and Auto Scaling aspects. Additionally, their application at the time did not benefit from either elasticity or high availability aspects in the cloud; areas of focus that would be directly addressed by the team’s project outcomes.
After actively consulting the client to understand the challenges faced, and the key outcomes they hope to achieve, the team at DNX kickstarted the process to design a salient solution.
The Solution
The team at DNX started the project with a prerequisite DevOps test, measuring multiple factors of Workstar’s DevOps Maturity Levels. Key areas including lead time and the time taken if deployment had failed were duly considered. These leading indicators allowed the team to craft a substantive plan to satisfy both Workstar’s needs and wants.
Involving the client in the process is at the core of DNX Solution’s philosophy. The DNX team, in active collaboration with Workstar, worked together as one team to achieve optimal results in the project’s conclusion.
The solution starts with a solid AWS Foundation. Our team at DNX focused on fashioning a reliably strong platform called DNX.One which implements operational excellence, security, reliability, performance efficiency, and cost optimisation using Infrastructure as Code (IaC), so applications can thrive while the business can remain focused on customer solutions. Once the framework had been implemented, this was quickly followed by the modernisation phase. The process involved migrating Workstar’s workloads to Elastic Beanstalk IIS, which runs on the Windows Platforms on spot instances using IaC.
IaC is one of DevOps’ many important principles, as well as DNX Solution’s core deliverables.
It is crucial that Elastic Beanstalk was set up for zero-downtime deployments with monitoring and health checks for better telemetry and stronger control of environments. With the app platform built, we started to move the currently encrypted RDS database to its new home in a Secure Subnet, built during the AWS Foundation stage, which only the private subnet (where the application will run) has access to. Also, the SQL Server license was reduced from ‘Enterprise’ to ‘Express’, bringing cost-savings to the customer as the features utilised are available in the Express version.
Some of the AWS Services provisioned:
After the environments had been fully established, we started working on the application CI/CD. The CI/CD pipeline automates diagnostic testing, building, and deployment to nullify the risk of manual errors from occuring. Further complemented by Elastic Beanstalk’s blue-green deployments, Workstar now has the ideal environment to flourish financially.
The client can now focus on business endeavours without being preoccupied with background operations, and the maintenance of their web infrastructure. Additionally, unnecessary costs have been significantly reduced to a minimum.
Our CI/CD pipeline solutions are all original and independent of one another, relying on their proprietary stylings. Previously, Workstar’s resource content files had been updated manually during the maintenance phase. With active monitoring and alerts currently in place, releases are now easily deployed for testing, with automated production environments operating in a safe and secure manner. Additionally, resources and environments are now efficiently managed, operating at capacity. An improved developer experience is another crucial achievement for the development team.
Conclusion
The staff at Workstar are now able to experiment and test their deliverables in a safe and collaborative environment, encouraging both creativity and innovation. A production-like environment eliminates the likelihood of bugs and production hurdles. As a result, the final users can now enjoy a more stable solution. The costs associated with AWS and TCO were also substantially reduced, with spot instances being 70% cheaper than regular on-demand instances. The complete automation of the manual operand for deployments, releases or scaling on AWS has reduced lead times considerably.
Overall, the project took 45 days to complete, and the team at DNX has managed to deliver on all fronts, satisfying their client’s needs in a timely and professional manner.
Na DNX Brasil, rabalhamos para trazer uma melhor experiência em nuvem e aplicações para empresas nativas digitais. Trabalhamos com foco em AWS, Well-Architected Solutions, Containers, ECS, Kubernetes, Integração Contínua/Entrega Contínua e Malha de Serviços. Estamos sempre em busca de profissionais experiêntes em cloud computing para nosso time, focando em conceitos cloud-native. Confira nossos projetos open-souce em https://github.com/DNXLabs e siga-nos no Twitter, Linkedin or YouTube.
Sem spam - apenas novidades, atualizações e informações técnicas.
Tenha informações das últimas previsões e atualizações tecnológicas
21
jan
Airboard: Improving time-to-market on AWS, a DNX Startup Case
About Airboard
Airboard is a digital queueing application that removes physical queues to improve the passenger experience at airports and on commercial flights. It currently uses machine learning and its unique patent-pending technology to benefit airports and airlines around the world.
The Business Challenge
As a startup, Airboard had done their homework on the industry, created a great product using agile concepts, and achieved an excellent MVP (Minimum Valuable Product). Airboard was seeking a development team for expedient development (in a two-week timeframe) of a Well-Architected global framework to achieve performance excellence concurrently with high security, reliability, availability, and efficiency for its airline industry customers. A key priority for the digital queuing application is to achieve low latency across multiple, global locations with a highly scalable framework. This requires leveraging the capability of the AWS cloud, anticipating the potential for an exponential increase in the number of simultaneous users as sector adoption grows. Time savings are a significant benefit of the Airboard system, so the accuracy of timing in multiple simultaneous locations remains essential to its success. To achieve these conditions within their desired parameters, Airboard chose to team up with the highly skilled and experienced AWS architects and engineers of DNX to design and build a solution for their first release.
In the initial development phase, the Airboard team were using AWS Lightsail for front-end and back-end PHP applications running on a single EC2 instance, which enabled rapid prototyping in its initial product development phase. However, given the increased sector demand during COVID and as part of a post-COVID recovery solution for the aviation industry, the Airboard team were looking for a way to enable automated deployments that can support global adoption with enough elasticity to allow for spikes in usage during global travel seasons.
Furthermore, an ambitious customer deadline was imminent for the Airboard team and it was under pressure to prepare the application for its first release. DNX was engaged to not just design and apply a solution for these challenges, but requested by the Airboard team to assist in providing comprehensive documentation and further enhancing its DevOps best-practices on AWS. As a certified DevOps competency AWS partner, DNX pushed hard during knowledge transfer sessions and detailed documentation about our solutions.
At first, going for an event-driven architecture using serverless computing was tempting but required lots of refactoring in the current product at that time, so DNX elaborated a container-based solution on AWS. With critical compliance requirements and strict security concerns, especially in US airports, the due date was close and DNX could modernise the Airboard application while building its AWS foundations.
The Solution
DNX allocated more Cloud Engineers for this project due to its critical deadline, so while a team was building Airboard’s AWS Foundations from the ground up, another one started to modernise the application that was written in PHP with front and back-end separated, both using Laravel Framework and classic LAMP stack (Linux, Apache, MySQL, and PHP). Also, the Continuous Delivery strategy with CI/CD pipelines, essential to fulfilling the customer requirements, started to be designed as the team ran the App discovery phase by the DNX Cloud Architect.
Our well-known DNX.One Well-Architected Foundation was applied – leveraging our considerable developer experience, and using Terraform to manage our IaC, we could also accomplish high-standard compliance with Airboard’s clients as AWS IAM policies are version controlled and securely managed. Using our IAM topology, the access to AWS accounts are role-based where users assume one or multiple roles across accounts and environments.
Additionally, each policy role has its version tracked using GIT, where any modification or inclusion to a role is approved using Pull Requests. This is a benefit of using IaC, where any change in a policy is tracked and can be compared using git diff.
Application Modernisation
To achieve a cloud-native solution, the PHP application was enhanced with the modernisation process where our engineers review the code and apply 12-factor principles, preparing it for container orchestration on ECS and making sure that performance would not be compromised.
As a result, we could build the application containers for ECS orchestration, by moving configurations stored in the application to the environments using CI/CD pipelines and ensuring that no state was kept by the application processes. We also automated existing database migrations and deployments that were previously manual processes, providing the team confidence to release new features that can be easily tested in a production-like environment before every deployment.
Continuous Integration and Continuous Delivery
Airboard is a growing business with the foresight to build its foundations on a framework that can scale easily. When DNX were engaged, the team was ready to transition to enhanced pipeline architecture, to support new features and future releases. Prior to engaging us, the Airboard team would connect to the EC2 Instance manually to release new features, as the application was already living in Bitbucket with a pipeline solution. At DNX, we utilised the client’s existing CI/CD tool to provide the best pipeline architecture, focusing on the best approach for the client’s needs. Along with regular feedback, architecture reviews, and Knowledge Transfer sessions, the DNX team designed and delivered a long-term solution to secure Airboard’s scalability in the cloud.
AWS Pipeline
Application pipeline
Some of the AWS Services provisioned:
Customer Benefits
Now Airboard has a future-proofed, scalable solution on AWS with elasticity, global high-availability, CICD, and ongoing automation supporting their application. All infrastructure built in this project uses spot instances that can save up to 70% in costs, maintaining a great Developer Experience. Applying the multi-region strategy created during the AWS Foundation and CI/CD pipelines phase, Airboard can now scale its solution and development team seamlessly around the globe without a significant increase on the current TCO (Total Cost of Ownership), improving passenger experience, supporting the growth of the business, and keeping passengers around the world safe.
Na DNX Brasil, rabalhamos para trazer uma melhor experiência em nuvem e aplicações para empresas nativas digitais. Trabalhamos com foco em AWS, Well-Architected Solutions, Containers, ECS, Kubernetes, Integração Contínua/Entrega Contínua e Malha de Serviços. Estamos sempre em busca de profissionais experiêntes em cloud computing para nosso time, focando em conceitos cloud-native. Confira nossos projetos open-souce em https://github.com/DNXLabs e siga-nos no Twitter, Linkedin or YouTube.
Sem spam - apenas novidades, atualizações e informações técnicas.
Tenha informações das últimas previsões e atualizações tecnológicas
14
jan
Agyle Time: Protecting customer data while reducing TCO and computing costs
About Agyle Time
Agyle Time simplifies Workforce Management, ensuring cost optimisation of your resources and allowing you to better schedule to actual workload, manage costs, and improve customer satisfaction. Agyle Time uses a modern development approach with cloud technologies to engage teams and their customers with a secure and go-anywhere platform that takes just minutes to set up.
The Business Challenge
Agyle Time’s SaaS platform and its connectors are dynamic and fit different customers’ needs. However, tenant isolation along with their individual data was crucial and a mandatory requirement for large customers. In addition, due to the increase of demo requests and new tenants coming on board, building automation that delivers security was vital to keep innovating and delivering the best to Agyle Time’s users while protecting sensitive data.
Security Services on Cloud is critical for customer success in the cloud space. Data protection has become more important than ever before and every company will need high-level encryption capabilities for sensitive data, as the customers expect compliance and need governance, risk management and reporting.
DNX was engaged to elaborate and implement their new cloud operations, taking into consideration the AWS Well-Architected pillars:
- Operational Excellence
- Security
- Reliability
- Performance Efficiency
- Cost Optimisation
The Solution
Multiple perspectives should be considered while architecting automation for an SaaS arrangement like Agyle Time’s. Aspects like cross-tenant prevention, data protection, and tenant isolation are essential.
For a SaaS environment, these benefits extend beyond deployment configurations, including data encryption and security controls. This allows Agyle Time to ensure tenant isolation by encrypting their data during transit between services and in storage via their database and Amazon S3. Using Terraform also allowed Agyle Time to quickly automate their key management infrastructure, allowing employees to set up accounts for the system instantly with no third-party involvement or risk of misconfiguration.
Using Buildkite for CI/CD self-hosted pipelines, DNX has implemented automation on the CI/CD tool improving the security layer in the deployment process. For better pipeline control we decided to use self-hosted runners in our project with a custom hardware configuration which offers us better control on the builds.
It is feasible to check that secure code is deployed using CI/CD by imposing certain regulations during build time and deployment time. We’ve been able to enforce these checks with little effort because we’re utilizing Buildkite. To implement this security check, DNX used a number of plugins together with Buildkite.
The first step to an automated security architecture is to understand the kind of threats you need to protect against. Threat modelling is a technique for identifying and classifying threats that could impact your operations. It’s important to remember that any threat you document in this process is only one possible scenario out of many, but documenting it helps you better prepare yourself for how to handle it. It’s also not essential that you identify every threat, as long as you understand the general types of threats that are possible in your environment.
Going one step further, DNX has implemented a security plugin that takes care of the authentication process in Buildkite. This plugin adds some new functionalities to ensure that only authorized and authenticated users can access the CI/CD pipeline data.
The results were an automated data pipeline that brought the benefits of IaC to Agyle Time’s managed service. Each tenant’s data is isolated from the rest of Agyle Time, making it possible to enforce their multi-tenant architecture and hosting strategy using Terraform. The pipeline also allows each tenant to manage their own key infrastructure, removing any single point of failure in the account creation process.
Images regarding Buildkite demo
DNX.One Foundation
We started assessing the existing Agyle Time infrastructure against the five pillars of AWS Well-Architected Framework. It enables DNX Solutions to understand customers’ environments and identify best practices gaps, then provides a remediation plan and roadmap to resolve issues based on Security, Operational Excellence, Performance Efficiency, Cost Optimisation, and Reliability.
With a thorough awareness of and recognition of infrastructure issues, DNX delivered the DNX.One Well-Architected Foundation (aka DNX.One) – an automated platform built with simplicity in mind, Infrastructure as Code (IaC), open-source technologies, and designed for AWS with well-architected principles. It means that the platform is already built based on reference architectures and continuous assurance testing to regulatory audits and analytics, removing many regulatory and compliance hurdles involved throughout an organisation’s entire lifecycle.
The following illustrates an example of the IAM topology implemented for Agyle Time. As AWS IAM policies are controlled and securely managed, accomplishing high standard compliance was possible. The access to AWS accounts is role-based, where users assume multiple roles across accounts and environments.
Delivery Networking using security best practices for VPC, plus the extra ‘DNX layer’ of protection, is another advantage of DNX.One. Multiple Availability Zone, security groups and network ACLs, IAM policies to control access, and tools to monitor VPC components and VPC connections are the default for DNX.One and were automatically deployed to the infrastructure. In addition, having a dedicated and isolated subnet for the database and file system was considered to enhance the security around the networking infrastructure. Therefore, there are policies, permissions, and flow access to have access to sensitive data.
Another DNX.One best practice implemented for the customer was account management and separation. This practice isolates production workloads from development, test, and shared services workloads and also provides a robust logical boundary between workloads that process data of different sensitivity levels. The granular access control determines who can access each workload and what they can do with that access. In addition, it allows the customer to set guardrails as its workloads grow.
Some of the AWS Services provisioned:
Business Outcome
One of the most important topics around CI/CD pipelines is security. In public runners, provided by the pipeline tool, we cannot have control of or know if our builds are running in an isolated environment, or sharing resources across several other customers. Bringing the runners in-house, we have a stable and secure environment that enables the customer to run all the application build and deployments in isolating workspaces. Everything wrapped around the DNX.One foundation, bringing more control and confidence to the customer. Now, Agyle Time’s team can deploy releases for current and new customers automatically in a secure, elastic, and highly available way on AWS and their customers can take advantage of the workforce management platform with no data concerns.
Na DNX Brasil, rabalhamos para trazer uma melhor experiência em nuvem e aplicações para empresas nativas digitais. Trabalhamos com foco em AWS, Well-Architected Solutions, Containers, ECS, Kubernetes, Integração Contínua/Entrega Contínua e Malha de Serviços. Estamos sempre em busca de profissionais experiêntes em cloud computing para nosso time, focando em conceitos cloud-native. Confira nossos projetos open-souce em https://github.com/DNXLabs e siga-nos no Twitter, Linkedin or YouTube.
Sem spam - apenas novidades, atualizações e informações técnicas.
Tenha informações das últimas previsões e atualizações tecnológicas
12
nov
Law of the Jungle: Applying modern DevOps concepts in AWS
About Law of the Jungle
Law of the Jungle (LOTJ) is a cloud-based solution for risk-proofing marketing and making compliance agile and effortless. Their solution encourages effective compliance by improving productivity and reducing time to market. LOTJ brings agile methodologies to marketing teams and guides them through compliance using artificial intelligence on AWS.
The vision behind LOTJ is to allow its clients to turn marketing compliance into a competitive advantage.
The Business Challenge
Law of the Jungle was already running workloads in AWS, however they experienced challenges with configuration management and complex deployments. So, LOTJ looked to reduce time to market by reducing the environment complexity. Another challenge which was brought to the table was how to improve and make the best use of knowledge and information management.
DNX Solutions was engaged by LOTJ to provide support and implement solutions for these challenges. Together, we decided to push immutability concepts on a new AWS platform which uses an Infrastructure as a Code (IaC) process improving knowledge and information management. Building a demonstration environment for potential LOTJ customers will enable the sales team to expand their reach.
The Solution
Before starting the project, DNX’s team evaluated the organisation’s requirements and utilised DNX’s DevOps approach. This approach guides the team through the DevOps journey while building a perfect foundation, standardising and automating processes, and uses technologies to deliver applications quickly and reliably.
Our solution for this scenario was to modernise the current Java microservices leveraging Docker containers and orchestrate them using AWS Elastic Container Service clusters.
With a focus on reducing configuration management, we modernised the application by applying the 12-factor concepts and we improved the continuous deployment process by using environment variables in SSM Parameter Stores. The ECS Service uses task definitions, a powerful tool to achieve immutability and run multiples containers across the cluster instances sharing the same file system, where EFS have mounted targets across the different availability zones.
AWS Foundation
As with most projects at DNX, we start with deploying our AWS platform as this is the first layer of modernisation. DNX built the AWS Well-Architected Foundation by applying effective infrastructure code patterns, bringing instant value to our clients as it covers the essential aspects for an organisation which has DevOps culture in its DNA.
AWS Well-Architected Framework Pillars
AWS Well-Architect Framework pillars
You can see more details about our AWS Platform solution at this link.
Once we have prepared the foundation, we start the modernisation phase in which the DNX team prepares the microservices for the new cloud environment. We eliminated the need for configuration management by applying immutable concepts into the building stage of the Bitbucket pipelines that deploy the application to production in AWS. There is no need to access production or staging servers once they are up-and-running. If an exceptional need arises, the connection is secured by the SSM Session manager.
DNX uses spot instances for the ECS cluster, generating an estimated 70% cost reduction on average. Our solution implements a well-architected account topology in AWS. Law of the Jungle can have testing and development environments identical to production with reduced or similar computing power. Adding a management account facilitates security and audit aspects, keeping production and non-production environments secure and available, even during an audit process or security tests.
Continuous Delivery:
The container built during the building stage will be deployed across both AWS accounts and environments. This ensures the same application that is tested is deployed to production, providing consistency during bug fixes and new releases.
Steps:
- Application build
- Application Docker Build and Push to ECR
- Application ECS Blue-Green Deployment using AWS Code Deploy
- Automatic deploy to QA / Staging
- Automatic deployment to production with manual approval
During the whole project, DNX executes knowledge transfer sections to Law of the Jungle with our AWS Certified professionals. DNX believes this builds a healthy relationship with customers and partners.
Some of the AWS Services provisioned:
- AWS ECS
- AWS Elastic File System (EFS)
- System Manager
- CloudTrail
- Aurora Cluster
- Cloud Watch
- Code Deploy
- AWS Config
Customer Benefits
DNX Solutions looked to provide a stress-free environment and a safe place for experimentation with faster time to market for new features. DNX provided the conditions and tools in AWS to apply modern and efficient DevOps practices for LOTJ. As a result, LOTJ was able to deploy more features to its users. We also provided a new demo environment where potential customers can trial the solution in a secure and isolated approach on AWS.
To help LOTJ with its knowledge management challenge, the AWS foundation phase and knowledge transfer sections with the DNX team accommodated all knowledge in the code, reducing time on-boarding new team members.
Na DNX Brasil, rabalhamos para trazer uma melhor experiência em nuvem e aplicações para empresas nativas digitais. Trabalhamos com foco em AWS, Well-Architected Solutions, Containers, ECS, Kubernetes, Integração Contínua/Entrega Contínua e Malha de Serviços. Estamos sempre em busca de profissionais experiêntes em cloud computing para nosso time, focando em conceitos cloud-native. Confira nossos projetos open-souce em https://github.com/DNXLabs e siga-nos no Twitter, Linkedin or YouTube.
Sem spam - apenas novidades, atualizações e informações técnicas.
Tenha informações das últimas previsões e atualizações tecnológicas
05
nov
Perx Health: Automated global deployments on AWS with HIPAA Best Practices
About Perx Health
Perx Health is pioneering a motivational health community made for everyone. They are using leading-edge behavioural science, understanding of consumer tactics, and technology to assist and motivate people living with chronic conditions to stick to their treatment plans. Notably, Perx has already helped to increase engagement with thousands of patients, improved their adherence, and achieved better health outcomes. Their goal is a future where managing a chronic condition can really be simple, exciting, and rewarding.
The Business Challenge
Already running healthcare solutions on AWS, Perx Health aimed to leverage an elaborated multi-region automated deployment strategy in a HIPAA compliant way, requiring a move from higher-level AWS services like Elastic Beanstalk to services with more operational control. Achieving this target without adding infrastructure operations overhead was crucial to maintain a collaborative, innovative and flexible environment for the development team. Security of all data was of primary concern to Perx Health and this became a major focus of the solution delivered. Another challenge was to identify opportunities for cost reduction while running the application in the new environment.
To accomplish these challenges, DNX Solutions was heavily involved in the new architecture solution. Together, we evolved the platform to container-based orchestration, pushing stateless applications through CI/CD pipelines along with IaC (Infrastructure as code) using Terraform. We can meet security and compliance standards through management and governance solutions, also take advantage of the AWS shared responsibility model, specially for security and operations topics.
The Solution
We started assessing the existing infrastructure using HIPAA Best Practices and our DevOps Transformation guidelines. The project started by deploying our DNX Well-Architected AWS foundation, also called DNX.One, which implements operational excellence, security, reliability, performance efficiency, and cost optimisation using Infrastructure as Code, so that applications can thrive, while the business can remain focused on customer solutions.
With minimum infrastructure operations in mind, Elastic Container Service on AWS was the service of choice for the application modernisation strategy. It is important to mention that DNX used spot instances for the ECS cluster, focusing on availability while reducing AWS costs.
As security and privacy were of paramount importance to Perx Health we were able to develop systems to ensure production data was well secured from development workloads and that access was only via a secure VPN to a secure subnet in their VPCs which is not accessible to the public internet. Additionally, high levels of security best practices were enabled during the Foundation stage, including; A separate audit only account, centralised cloud trail, AWS Config, AWS Guard Duty, and AWS KMS.
Taking the blue-green deployment approach in a multi-region environment, we automated existing database migrations and deployments that were previously manual processes, providing the team confidence to release new features that can be easily tested in a prod-like environment before every deployment.
Perx Health also required an analytics solution to manage its multi-region environment. Using Terraform to manage Infrastructure as Code (IaC) enabled simple provisioning of a Data Warehouse cluster, which was essential to bring automation, security, and information management and control.
Data Overview
CI/CD Pipelines
Previously, deployments were semi-manual where the team would use a 3rd party deployment tool and required short amounts of downtime. At DNX, we used the current hosts CI/CD tool to provide the best pipeline architecture for deploying to multiple environments and regions with maximum flexibility and confidence while ensuring 0 downtime deployments.
As security is a critical topic, DNX has ensured that security controls were considered around the pipeline build-in on DNX.One Foundation. An IAM role is created specifically for CI/CD and we have been making use of it to deploy Perx’s applications. Discover more accessing our GitHub here.
ECR – Docker image scanning
To avoid releasing a docker image with major vulnerabilities, DNX has implemented an image scanning for Perx’s deployments.
On bitbucket, a step was added prior to deployment. This step will check the ECR report created for that image tag and if it contains critical level vulnerabilities, the deployment of that image will be prevented.
To ensure compliance, each container is scanned for vulnerability using ECR in the pipeline.
Read this article to learn more: AWS ECR — Improving container security by using Docker image scanning
Some of the AWS Services provisioned:
Conclusion
Perx Health’s project was highly collaborative and ultimately delivered beyond expectation. With an engaged and helpful development team working together with DNX, we built a resilient, secure, and reliable AWS platform for Perx Health applications. Now the team is able to focus on what they do best, using leading-edge behavioural science, consumer tactics, and technology to help and motivate people living with chronic conditions to better adhere to their treatment plans on a HIPAA compliant platform and automated deployments. Using spot instances for the Elastic Container Service (ECS) has been generating an average of 50% cost reduction.
With modern and efficient DevOps-oriented practices, Perx Health can test and release new features to the market, faster. Reducing operational constraints on AWS, the new platform is prepared for a global HIPAA compliant strategy.
Na DNX Brasil, rabalhamos para trazer uma melhor experiência em nuvem e aplicações para empresas nativas digitais. Trabalhamos com foco em AWS, Well-Architected Solutions, Containers, ECS, Kubernetes, Integração Contínua/Entrega Contínua e Malha de Serviços. Estamos sempre em busca de profissionais experiêntes em cloud computing para nosso time, focando em conceitos cloud-native. Confira nossos projetos open-souce em https://github.com/DNXLabs e siga-nos no Twitter, Linkedin or YouTube.
Sem spam - apenas novidades, atualizações e informações técnicas.
Tenha informações das últimas previsões e atualizações tecnológicas
22
out
Waterco: Moving from Heroku to AWS without adding infrastructure operations
About Waterco — Poolware
Established in 1981, Waterco is a global brand reputed for designing and manufacturing filtration and sanitisation systems. Waterco’s products are widely used in swimming pools, spas, aquacultures, and the water purification industry. Their products are used for residential, commercial, and industrial applications across over 40 countries.
One of Waterco’s applications is Poolware, a proprietary software which analyses, calculates, and diagnoses both the chemical interactions and current water conditions.
The Business Challenge
After about two decades operating the Poolware in a desktop format, Waterco was ready to improve its user experience offerings, providing users convenient access to Poolware across multiple smart devices. Instead of purchasing or licensing existing cloud-based solutions, Waterco developed its own independently, uploading it into the cloud in 2018.
From the beginning, Heroku was the go-to solution stemming from their developer experience (DX) and for reducing infrastructure operations overheads. Having used Heroku for a few years, Waterco believes it is necessitous to improve the efficacy of resource-usage, without increasing infrastructural operations, being able to grow more dynamically, remaining light on infrastructure operations, and having more control in the long-run. However, Heroku was limiting Waterco’s ability to achieve it.
DNX Solutions was tasked by Waterco to satisfy and achieve their main business objectives. One key decision was to transition from Heroku to AWS. With AWS, Waterco’s primary goals could be easily achieved with an elastic and cost-effective architecture uploaded to the cloud.
The Solution
Prior to starting the project, DNX’s teams ran a thorough evaluation of Waterco’s requirements, and reviewed their incumbent delivery processes through DNX’s DevOps. This approach provided adequate guidance to the team throughout the DevOps process. The journey entailed building a robust foundation and the standardization and automation of certain processes. This combination of technologies enables DNX solutions to produce applications efficiently and reliably.
The project started by deploying our DNX Well-Architected foundation, also called DNX.One. The platform incorporates a robust and extremely secure cloud environment, is fully automated using Terraform, and handles most of the infrastructure operations leveraging a well-architected AWS implementation, including Docker containers.
The plan for “Application Modernisation” proposes the movement of applications to ECS cluster in EC2 instances for better resource usage, vis-à-vis the operational model in Heroku titled “Dynos”.
Upon deployment of DNX.One, we modernised Poolware’s deployment design by moving it to Docker containers, bringing together both the existing automated tests and database migration scripts to its CI/CD pipeline.
AWS Foundations:
Building a strong and solid foundation for Waterco’s applications was a critical first step prior to modernisation. Using a multi-AZ strategy with ECS nodes running on spot instances, Waterco was able to run a Cluster of Docker Containers across availability zones and EC2 instances, while optimising cost.
Costs savings
Here’s a compute price comparison* of more or less similar instances and the cost per month:
-
AWS: t3.micro (1GiB) — $0.004 per hour ($2.88 per month)
-
Heroku (Dyno): standard-2x (1024MB) ($50.00 per month)
94.24% reduction
-
AWS: c5.2xlarge (16GiB) — $0.1382 per hour ($99.5 per month)
-
Dyno: performance-l (14GB) ($500.00 per month)
80.1% reduction
Application Modernisation
Poolware had previously adopted some of the 12-factor principles. So, we applied additional cloud-native concepts to it during the modernisation phase, focused especially on building, releasing, and running.
With better usage of the AWS resources, the developed application was able to benefit from improved operational excellence in AWS, and increased elasticity in the cloud.
Each environment in AWS was made identical to one another, varying only in EC2 instance types in each environment. Differences include development, QA/Staging and finally production. The same immutable application image was deployed and tested across these environments. By adopting this approach, Waterco has improved its operational resilience, greatly reducing production incidents to zero through its self-healing platform.
CI/CD Pipeline
We used AWS EC2 instances to run complex CI/CD pipelines using spot instances, optimising steps such as database migration and automated tests running in parallel steps via Gitlab. Hundreds of pipelines are triggered daily at minimal operational cost. Moreover, this reduced the number of production incidents while increasing their current test capacity.
Some of the AWS Services provisioned:
- AWS ECS
- AWS Elastic File System (EFS)
- System Manager
- CloudTrail
- Aurora Cluster
- Cloud Watch
- Code Deploy
Conclusion
From conception to its conclusion, the migration project of Heroku to AWS was completed in approximately one month. The new Docker+AWS environment implementation allowed Waterco to achieve twice the performance and efficacy as compared to their previous Heroku environment. Their production quality, and their ability to release more products frequently have increased. Furthermore, developer and QA productivity has improved significantly. Now, Waterco only needs to run half the number of servers, cutting the hosting bill by approximately 25%.
*prices comparison performed in 11/06/2020 sources:
Na DNX Brasil, rabalhamos para trazer uma melhor experiência em nuvem e aplicações para empresas nativas digitais. Trabalhamos com foco em AWS, Well-Architected Solutions, Containers, ECS, Kubernetes, Integração Contínua/Entrega Contínua e Malha de Serviços. Estamos sempre em busca de profissionais experiêntes em cloud computing para nosso time, focando em conceitos cloud-native. Confira nossos projetos open-souce em https://github.com/DNXLabs e siga-nos no Twitter, Linkedin or YouTube.
Sem spam - apenas novidades, atualizações e informações técnicas.
Tenha informações das últimas previsões e atualizações tecnológicas
04
maio
tech2: Implementing continuous delivery running .NET core workloads in AWS
DNX is all about helping our customers to leverage effective scalability, security and zero downtime deployments.
About tech2
tech2 is an Australian-owned company that engages in a wide range of technical operations and installation activities across the nation. With over 22 years of experience, tech2 is dedicated to providing efficient and reliable technology solutions spanning telecommunications, on-site technical installation services in homes and business and remote IT Premium Support, (from two Sydney-based centres). tech2 also licenses its very own robust workforce management software.
tech2 has a strong culture focused on excellence, keeping its promises, and doing the right thing by their clients and customers. They are a trusted partner committed to continuously improving their technology solutions.
The Business Challenge
tech2 used to have a traditional Windows stack running on AWS. The IT support team provided application maintenance and worked to develop new features on an ongoing basis. Continuous Integration and Continuous Deployments were critical. Its core product was a client-server VB Application running on AWS using a Windows Server EC2 instances without Autoscaling Groups. This meant that there was a high risk of operational downtime for the business service. Reducing configuration management and enabling automation was mandatory in order to allow for automation to solve the risk of downtime.
DNX was engaged to build a new strategy focused on re-architecting its application and adding automation around the software lifecycle, leveraging a modern and cloud-native stack in order to achieve their expected outcomes. This was identified during the DNX Cloud Assessment phase and would be used to improve operation efficiency.
The Solution
Before commencing the project, DNX’s team evaluated the organisation’s requirements. They plunged into the processes through DNX’s DevOps approach. This drove the team through DevOps journey while building a perfect foundation, standardising and automating processes, as well as using the technology needed to deliver applications quickly and reliably.
DNX proposed to transform the tech2 .NET Core application moving it to Docker containers and use AWS Elastic Container Service to manage the new cluster. Our computing solution used spot instances to run the workloads while providing cost-savings. For the application that could not be containerised, we used Elastic Beanstalk for quickly moving the workloads to proposed implementing a well-designed CI/CD pipeline that applied a zero-downtime deployment architecture. It would enable tech2 to leverage the benefits of having an immutable application running in Docker containers in AWS.
The High-Level Diagram below illustrates the solutions and resources used in AWS:
Network solution
Application Layer
The project
It was a 2 phase project, where DNX Engineers started building the AWS networking layer using Infrastructure as Code, which brings several benefits to tech2 application stack. It is also required for a well-architect ECS Cluster that was built in the first phase along with the Network layer.
In the second phase, DNX designed and created the CI/CD Pipeline covering the application full-stack, both back and front end in the same pipeline – sing S3 Buckets and Cloudfront AWS CDN to distribute the static content.
Deploy Strategy:
CI/CD tool: Azure DevOps Pipelines
Backend
- Application build
-
Application Docker Build and Push to ECR
-
Application ECS Blue-Green Deployment using AWS Code Deploy
-
Automatic deploy to staging
-
Automatic deploy to production with manual approval
Front End
-
Application build
-
Unit Tests
-
Push the static application to S3 and run invalidation on the respective CloudFront
-
Automatic deploy to DEV and QA
-
Automatic deploy to production with manual approval
CI/CD Pipeline Overview:
Containers
Releases
Release stages detail
Deliverables:
- AWS Implementation as per High-Level Design
- Applications migrated to the new platform
- CI/CD Pipeline with zero-downtime deployments
- DevOps Workshop
- AWS Knowledge transfer by DNX’s AWS-Certified professionals
During the whole project, DNX executed transfer knowledge sections with DNX AWS certified professionals to tech2. DNX believes this is the right way to build a healthy relationship with customers and partners.
AWS Security:
-
This project followed well-architected principles, and DNX is always committed to applying high-security standards. The AWS Foundation phase created VPC with separate layers for application and data storage. Encryption was done in transit and at rest is applied across the application.
AWS IAM Roles are used to delimited application permission on the AWS platform, following least privilege concepts.
AWS RDS:
tech2 relies on MS SQL for their enterprise database. The database runs on RDS with Mult-AZ and encryption enabled. In addition, automatic backups are in place as part of their disaster recovery strategy.
The following diagram depicts the hybrid strategy created to keep both architectures running at the same time.
Conclusion
With a DNX solution tech2 could move their .NET Core solution to immutable containers running on ECS and Elastic BeanStalk for workloads that could not run in Docker Containers, drastically reducing the configuration management. Also, from a well-designed deployment pipeline, essentials for Continuous Delivery / Continuous Integration aspects off-shore teams managements are simple, and deployments are more frequently released, while also benefiting zero-downtime deployments with blue-green deployments.
With a better operation efficiency and team management automation around software lifecycle, tech2 has a resilient and lower total cost of ownership infrastructure on AWS. Developer Experience has been improved, therefore the team has been releasing code more often and with better quality.
Na DNX Brasil, rabalhamos para trazer uma melhor experiência em nuvem e aplicações para empresas nativas digitais. Trabalhamos com foco em AWS, Well-Architected Solutions, Containers, ECS, Kubernetes, Integração Contínua/Entrega Contínua e Malha de Serviços. Estamos sempre em busca de profissionais experiêntes em cloud computing para nosso time, focando em conceitos cloud-native. Confira nossos projetos open-souce em https://github.com/DNXLabs e siga-nos no Twitter, Linkedin or YouTube.
Sem spam - apenas novidades, atualizações e informações técnicas.
Tenha informações das últimas previsões e atualizações tecnológicas
16
mar
UORDERIT: AWS Platform, CICD and Application Migration
DNX is all about helping our customers to leverage effective scalability, security and zero downtime deployments.
About Uorderit
UORDERIT is an Australian B2B platform for customers to source, rate and review Technology Companies.
The platform enables customers to browse and choose from a comprehensive list of Australian and Global Technology firms.
The platform is based on two primary users.
Businesses that are looking for a specialist, digital and IT professional which suits clients’ needs. From app and software development to blockchain, SEO, and cybersecurity; UORDERIT has certified and verified professionals for projects of all sizes.
Providers: Its a part of the platform where a professional can register their skills sets and interests. The platform matches this information to the right project.
The Business Challenge
UORDERIT was struggling to achieve a reliable, secure, and future prove cloud platform that supports the MVP launch, keep cloud costs under control, and simultaneously move new features to production quickly. Adopting Serverless in AWS, UORDERIT intended to effectively launch new features to the market and get Continuous Integration across on-shore and off-shore teams.
With the suggested development pipeline UORDERIT expected to release code to production twice a month on the end of each sprint.
The Solution
Before start running the project, DNX’s team evaluated the organisation’s requirements also plunged into the processes through DNX’s DevOps approach which drives the team over the DevOps journey while building a perfect foundation, standardising and automating processes, and use the technologies to deliver applications quickly and reliably.
As lift-and-shift was not the right approach for this scenario, firstly we moved the current application to AWS utilising the DNX open source, infrastructure-as-code software Terraform to provide a solid, secure, and cost-efficient AWS platform to enable UORDERIT to deploy their workloads. After the AWS foundation phase, continuous integration and continuous delivery (CI/CD) platform were introduced to deploy AWS infrastructure and application changes. Lastly, the UORDERIT applications and databases were migrated to the new platform using Containers, CICD and ECS with blue/green deployment concepts relying on DNX best practices.
Application Transformation Phase
DNX was engaged as a trusted advisor to design, implement and deploy UORDERIT’s cloud platform and application stacks.
By using DNX One — our all-in-one AWS platform based on open source Terraform modules — UORDERIT could promptly start planning the deployment phase into the AWS platform. The following features were implemented:
-
AWS Design and Documentation
-
Infrastructure-as-code using Terraform and DNX open source modules
-
CI/CD Pipelines for Terraform Projects
-
Application Container Strategy
-
Application Blue/Green Deployment
-
AWS ECS Cluster Configuration
-
AWS RDS Setup and Configuration
The diagram below illustrates the high-level design used for UORDERIT:
After this first approach, DNX built from ground up the path to serverless where UORDERIT benefits from faster time to market and rapid continuous integration between teams. Leveraging AWS Amplify and API Gateway with Lambdas.
With the serverless approach UORDERIT could move reduced infrastructure operation and use their time to think about the business and new features to the market.
Serverless Approach
AWS service utilized:
- Lambda Functions
- CloudFormation
- API Gateway
- Cognito
- AWS Amplify
Conclusion
The project for UORDERIT was delivered in less than one (1) month, and the velocity was due to automation and CI/CD pipelines — both core DNX principles.
With the project completed, UORDERIT can now deploy workloads in an automated way with on-shore and off-shore teams, promoting continuous integration for both and full control. With the full automation of cloud platforms to enable UORDERIT to approve and release code twice a month as intended originally. As adopting a serverless approach, the bill is under control as you pay per usage, avoiding over-provisioning by using Lambda functions, the infrastructure grows with the company.
As security was a key concern, DNX has built a secure AWS foundation to host the current data-base, enable to scale and grow the application. Adding CICD pipelines, the team could focus on delivering features instead of infrastructure. UORDERIT is set on the path to the success, which can turn its MVP into a product without any rebuild.
“As a Start-Up company, there are many challenges that can potentially derail your project. These usually revolve around the governance of the project, or the lack thereof. Most of our web-development was outsourced overseas, therefore it was vital for us to partner with DNX Solutions, to future proof our development pipeline. DNX Solutions architected our environments in a way where it would scale and more importantly be secure. This solution means we can work with a developer anywhere in the world and be assured that we remain in control of our development.”
Jon Altringer Founder & Managing Director”
Na DNX Brasil, rabalhamos para trazer uma melhor experiência em nuvem e aplicações para empresas nativas digitais. Trabalhamos com foco em AWS, Well-Architected Solutions, Containers, ECS, Kubernetes, Integração Contínua/Entrega Contínua e Malha de Serviços. Estamos sempre em busca de profissionais experiêntes em cloud computing para nosso time, focando em conceitos cloud-native. Confira nossos projetos open-souce em https://github.com/DNXLabs e siga-nos no Twitter, Linkedin or YouTube.
Sem spam - apenas novidades, atualizações e informações técnicas.
Tenha informações das últimas previsões e atualizações tecnológicas
01
fev
Krost: Using Infrastructure as code simplified scalability in AWS
DNX is all about helping our customers to leverage effective scalability, security and zero downtime deployments.
About Krost
Krost is an office furniture store that started selling office furniture back in the ’30s. Their 3 key ideals remain since then: principles of offering the best service, providing the highest quality products and selling at a fair price.
They help to shape the right corporate image through their office furniture selection.
The Business Challenge
Krost used to run their application, including their online store, in AWS using a traditional LAMP web service stack (Linux operating system, the Apache HTTP Server, the MySQL relational database management system and the PHP programming language). That stack was provisioned in a traditional way on AWS and the solution was not using AWS AutoscalingGroups, the application suffered some spikes on Memory and CPU causing manual intervention on the stack.
The Solution
The proposed DNX solution for this scenario is to transform the application and leverage Docker containers in AWS ECS for immutability and build CI/CD Continuous Integration (CI) and Continuous Delivery (CD) applying blue and green deployment strategy. The objective is to deliver continuity and scalability and facilitate the promotion of new features using CI/CD pipelines, the solution was based on AWS Elastic Container Service and scalable using Spot Instances that also saves in computing costs.
The project
The project had 3 phases, in the first phase the DNX engineers build from the ground up a well-architected AWS foundation where the customer could leverage security and elasticity aspects, essentials to achieve zero-downtime deployment and CI/CD strategy.
Once we had the AWS Foundation, using terraform modules built-in, we could start phase 2 that consists of application transformation phase where DNX team understands the application dependencies, build and deployment needs. Using docker containers DNX starts to transform the application applying immutability and scalability concepts deploying it behind an ALB using ECS. We also had application tunning and CSS and JavaScript minifying tasks as along with VPN setup and Database migration to private in order to improve security aspects.
In the third phase, DNX designed and implemented the CI/CD pipeline with the best deployment strategy for the customer with zero-downtime where blue and green deployment architecture was applied. We used the current customer DevOps lifecycle tool — Bitbucket to build the CI/CD pipeline achieving the customer’s goals and preparing the cutover task.
Deploy Strategy:
-
Bitbucket Pipelines
-
Application build
-
Application Docker Build and Push to ECR
-
Application ECS Blue-Green Deployment using AWS Code Deploy
-
Automatic deploy to staging
-
Automatic deploy to production with manual approval
During the whole project, DNX executes transfer knowledge sections with DNX AWS certified professionals to Krost. DNX believes that is the right way to build a healthy relationship with customers and partners.
Deliverables:
-
AWS Implementation as per High-Level Design
-
Applications transformed and migrated to the new platform
-
CI/CD Pipelines
-
AWS Knowledge transfer by DNX’s AWS-Certified professionals
Conclusion
Applying DNX purposed solution, Krost could effectively experience elasticity of AWS cloud and achieve a robust and reliable deployment, eliminating the mentioned memory spikes and need of manual intervention on the stack. Also, with better performance and resilience, Krost application team are much more confident to roll out new features to the business.
DNX Solutions have outstanding knowledge on CICD pipeline, AWS services, Linux bash scripting, Infrastructure as Code and so on. They provided excellent services to Krost Business furniture including sharing knowledge. If anyone one looking for cloud server solution docker orchestration DNX Solutions is an ideal consulting agency.
Md Shofiul Alam — Krost
Na DNX Brasil, rabalhamos para trazer uma melhor experiência em nuvem e aplicações para empresas nativas digitais. Trabalhamos com foco em AWS, Well-Architected Solutions, Containers, ECS, Kubernetes, Integração Contínua/Entrega Contínua e Malha de Serviços. Estamos sempre em busca de profissionais experiêntes em cloud computing para nosso time, focando em conceitos cloud-native. Confira nossos projetos open-souce em https://github.com/DNXLabs e siga-nos no Twitter, Linkedin or YouTube.
Sem spam - apenas novidades, atualizações e informações técnicas.
Tenha informações das últimas previsões e atualizações tecnológicas
16
jul
HAMPR: AWS Platform, CI/CD and Application Migration
Summary
HAMPR is a startup focused on corporate catering, events catering and kitchen supplies in Sydney and Melbourne.
DNX worked with HAMPR to redesign their AWS platform to a new, AWS Well-Architected platform providing a solid, secure, and cost-efficient infrastructure enabling HAMPR to deploy their workloads.
The project was comprised of three phases:
-
AWS Well-Architect Foundations
-
CI/CD Implementation
-
Application Deployment
After the AWS foundations were set in place, DNX introduced a Continuous Integration and Continuous Delivery platform to deploy AWS infrastructure and application changes and then migrated their applications and Database to this new environment using Containers, CI/CD and ECS with blue/green deployment concepts relying on DNX best practices.
The Business Challenge
HAMPR was already an AWS user who needed a more reliable, highly available and secure architecture to support its growing user base and fast-paced value delivery throughout development and deployment of new features.
Even using a Cloud environment, HAMPR was not able to achieve the potential of AWS and DevOps, facing some challenges like:
-
Use of only one AWS account creating an administrative burden for separation of duties roles and permissions.
-
Lack of a real vision of the current state of the environment as changes were made directly through the Management Console with no configuration management.
-
Highly tailored instances hindering auto-scaling and high availability.
-
Manual deployment process creating long release windows on the weekends with large downtime for the users.
The Solution
DNX was engaged as a trusted advisor to design, implement and deploy HAMPR’s cloud platform and application stacks.
By using DNX One — our all-in-one AWS platform based on open source Terraform modules — HAMPR could promptly start planning the deployment phase into the AWS platform. The following features were implemented:
-
AWS Design and Documentation
-
Infrastructure-as-code using Terraform and DNX open source modules
-
CI/CD Pipelines for Terraform Projects
-
Application Container Strategy
-
Application Blue/Green Deployment
-
AWS ECS Cluster Configuration
-
AWS RDS Setup and Configuration
-
CloudFront and Web Application Firewall Implementation
The diagram below illustrates the high-level design used for HAMPR:
HAMPR’s AWS High-Level Design
Project Outcomes & Success Metrics
With the project completed, HAMPR can now deploy workloads in an automated way across 2 main AWS accounts (non-production and production), and with the following benefits:
-
Full automation of cloud platform to avoid configuration drifts across environments
-
AWS Billing under control
-
Zero Downtime deployments
-
Daily deployments to production
-
Improved time-to-market using CI/CD pipelines and immutable servers on AWS
-
A secure and scalable platform to allow the company to grow
New CI/CD Pipeline utilising GitLab
Lessons Learned
The following are the most important take-aways from this project:
-
The AWS Design Phase is integral to understanding the platform and application constraints
-
Including the development team in the design phase helps the engagement and build trust, reducing grey areas during the implementation
-
CI/CD pipelines for infrastructure is essential to avoid mistakes within the Implementation Phase
-
Application containers provide immutability and safety to the roll-out of new deployments with zero downtime in production
-
Infrastructure as Code allows full control of the environment configuration enabling scalability and availability
Next Steps
With an AWS Well-Architected Infrastructure and a CI/DC pipeline implemented, HAMPR is going to transfer their Jenkins jobs scheduled to AWS Batch and Lambda and start an application modernisation using Serverless architecture on Lambda.
Conclusion
HAMPR’s project was delivered in less than one (1) month, and the velocity was due to automation and CI/CD pipelines — both core DNX principles. The result of our work is now live, providing a cost-effective, secure, and reliable AWS experience for the client.
Na DNX Brasil, rabalhamos para trazer uma melhor experiência em nuvem e aplicações para empresas nativas digitais. Trabalhamos com foco em AWS, Well-Architected Solutions, Containers, ECS, Kubernetes, Integração Contínua/Entrega Contínua e Malha de Serviços. Estamos sempre em busca de profissionais experiêntes em cloud computing para nosso time, focando em conceitos cloud-native. Confira nossos projetos open-souce em https://github.com/DNXLabs e siga-nos no Twitter, Linkedin or YouTube.
Sem spam - apenas novidades, atualizações e informações técnicas.
Tenha informações das últimas previsões e atualizações tecnológicas