PROJECT GOAL
AAIC helped Skyword to achieve application migration and modernization with the existing team. This also reduces the efforts on deploying, maintaining and supporting the existing applications. Skyword also achieved an optimal automation and DevOps on Skyword 360.
BUILDING THE SOLUTION
AAIC engineers team worked with Skyword technical leadership and Product owner team to develop modernized business solution which includes.
- Containerising and automating the deployment of environments for the
Skyword app and migrate on K8S - CI and CD implementation for Skyword application.
- By using GitHub actions for building the WAR/JAR files and automated deployment of the same on different AWS ASG. Cloud Formation templates are used for creating the infrastructure. Selenium testing framework is integrated with CI pipeline for functional testing. OWASP is being used for security/DevSecOps. CloudWatch metrics and logs are used for monitoring the system. Lambda functions are written to scale up/down the environment from cost saving perspective.
- API and Selenium UI automation testing of Skyword application use cases, and make it part of the CI/CD
- Setting up Operations/Monitoring dashboard like TrackMaven
- Help in migrating private GitLab to public SaaS GitHub.
- Customer had below mentioned challenges, so we migrated to GitHub.
- Inability to host everything on gitlab.
- Client team was familiar with GitHub and onboarding them on Gitlab
was taking much effort. - Gitlab’s sack integration was not efficient.
ARCHITECTURE
Information on clients to be deployed securely in the Cloud. Standard 3 Tier architecture is used. Clients can login with appropriate IAM security. Group rules and security were also used.
Within AWS the architecture utilised Amazon’s Elastic Load Balancers combined with Auto Scaling Groups to balance the traffic across multiple instances and automate the creation/termination of instances across multiple Availability Zones. A number of components were also split out from the current infrastructure to make it more modular and fault-tolerant. This provides redundancy across multiple geographic location.
DEPLOYED AWS SERVICES
• AWS S3 Bucket
S3 is an object storage service. To store the images formatted by the openross application S3 bucket is getting used.
• AWS Elastic File System
EFS is a regional service storing data within and across multiple Availability Zones for high availability and durability. For sharing the file system across multiple applications amazon elastic file system is used.
• AWS Cloudwatch Log Group
Amazon CloudWatch Logs used to monitor, store, and access application logs. For storing the application logs, AWS CloudWatch log group is getting used.
• AWS Application Load Balancer
ALB is used for distributing incoming application traffic across multiple targets, such as EC2 instances, in multiple Availability Zones.
• AWS Route53 Hosted Zones
Route 53 is a highly available and scalable DNS web service. It is getting used for routing internet traffic to the skyword applications.
• AWS Secrets Manager
All the skyword application secrets or properties are stored in AWS Secrets Manager.
• AWS Key Management Service
AWS Key Management Service is a managed service that makes it easy for you to create and control customer master keys, the encryption keys used to encrypt your data. It is getting used to encrypt the EFS data and Skyword applications secrets.
• AWS Elasticache (Redis)
Amazon ElastiCache for Redis is a Redis-compatible in-memory data store service. It is getting used for session management in skyword web application.
• AWS Certificate Manager
It is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources.
• AWS System Manager Session Manager
Session Manager is a fully managed AWS Systems Manager capability that lets you manage your EC2 instances, on-premises instances, and virtual machines (VMs) through an interactive one-click browser-based shell or through the AWS CLI.
• AWS Identity and Access Management
AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely.
THE DATA LAYER
RDS was used for the data-layer. AWS Aurora is a MySQL-compatible RDBMS which was designed from the ground-up to run on AWS, and has a number of benefits over MySQL running on RDS which is more durable and redundant
Deployment
Application Instance creation, launch and updating is managed using AMI.(Amazon Machine Image.)In order to update AMI i.e., modifying WAR/JAR files present in the AMI, AMI bakery is used. It also provides support for deploying it into the respective auto-scaling group. AMI deployment process is done in a blue-green fashion where a new instance will be launched and only after that older or previous instance will be terminated.
AWS lambda function has been set up in environment. This lambda function is responsible for scaling up or scaling down autoscaling groups. It can be scheduled to scale up or scale down at a specific rate or crontab also.
VERSION CONTROLLING YOUR INFRASTRUCTURE
Git VCS is used to manage the versioning of the infrastructure. a git repo is created with all of the relevant setup & configuration scripts, along with any relevant documentation etc. Detailed information on how to recreate our infrastructure from scratch is combined with CloudFormation which allowed to automate the creation of almost all AWS services.
THE MIGRATION BENEFITS
- Uptime
Significant improvement, which can monitor with 3rd party tools and confirmed. - No single point of failure
- Ability to innovate
Being on AWS opens up an array of new services and technologies that are now significantly more accessible to the average IT group. Whether it’s looking at new storage engines like Redshift or services like Amazon Machine Learning or Lambda, the time to implement – and therefore innovate – is significantly reduced. - Integration to other systems
Being on AWS opens up new possibilities to integrate including best of breed tools & services to connect to other systems. - Scale
Elasticity, load balancing and the capability to scale automatically is a big bonus.
COST OPTIMIZATION
With the deployment and output of AWS Migration Evaluator, Skyword was able to see detailed reports of their inventory.
The utilization of resources were analyzed, and this helped in right-sizing the company’s AWS solutions. Some of skywords existing resources were over-provisioned and right-sizing their resources resulted in significant cost savings.
With the use of tagging and AWS Billing and Cost Management, an ongoing review was carried out to ensure skyword operated at cost efficiency.
AAIC is technology services company that provide high-end engineering services and is proficient in enterprise class for IT-delivery.AAIC focus on Automation in Cloud and DevOps
