Sales:  +91-120-466-3031 , +91-971-177-4040

Support:  +91-120-466-3000 , +91-956-026-2223

Case Study - Migrating an on-prem DevOps infra of an Ecommerce platform to AWS

Home Client List Case Studies Migrating an on-prem DevOps infra of an Ecommerce platform to AWS

ABOUT CUSTOMER

A king of selling precious metal like Gold, Silver, etc. Incorporated in India on 18 January 2008, this is a joint venture between, Switzerland based company and a Government of India Undertaking company. They are India’s largest public sector trading organisation, engaged in the trading of several products including precious metals.

This customer is internationally recognized as an industry leader for bringing global standards of excellence to the Indian precious metals industry. They have received several awards since inception from local and global industry bodies for the transparency and sustainability that they rigorously uphold in their sourcing, refining and supply of precious metals in the Indian market. This customer is the only LBMA-accredited Gold & Silver refinery in India, and is accepted across global commodity exchanges and central banks.

Current Infrastructure

The customer is selling Gold through their own outlets and using their E-commerce portal. They have created multiple application for the end customers, their partners and internal staff where they are managing inventory, selling the products, taking actions on partner's request and facilitating transactions for the each and every purchase with log retention.

This company has its own-premises Datacenter managed by its own technical team as directed by the Government of India. The customer also engaged some third-party vendors to create and manage the DevOps activity for their applications.

The customer's IT team deployed the physical servers and created VMs using the VMWare vCenter platform. The infra was managed by their own IT team but the development and CI/CD were created using open-source technologies like Jenkins and Git where containerization is formed using Dockerhub by creating 1 master and 2 nodes managed by third-party vendors.

The customer has DEV, UAT, and Prod environment and some additional server for the Liferay (an orchestration platform for the web based application published through Apache tomcat), A reddish VM, A Elasticsearch VM, some DB VMs across all three environments.

The Challenge

The customer is facing several challenges with their current on-premises infrastructure. They have consolidated a large amount of data on a single server by creating a cluster using virtual machines (VMs) that share common physical resources at the backend. Despite this setup, they are encountering multiple issues related to hardware, implementation, support, and scalability.

Key Challenges-

  1. Support and Diagnosis
  • Fragmented Support: The customer has multiple teams responsible for different aspects of their infrastructure, DevOps, and cyber security making it difficult to identify the right technical team for support and issue diagnosis.
  • Lack of a Single Support Window: There is no centralized point of contact for support, leading to delays in problem resolution and increased complexity in managing support requests.
  1. Scalability
  • Limited On-Demand Scaling: VMs and containers cannot be scaled on-demand within an on-premises physical server environment. Each scaling operation requires a VM restart, which is inefficient.
  • Resource Measurement Issues: The actual resource requirements cannot be accurately measured until the instances face real traffic, necessitating real-time autoscaling that the on-premises datacentre cannot provide.
  1. Debugging
  • Complex Debugging Process: Fixing bugs often requires the development team to rewrite and redeploy code to containers. In an on-premises setup, if a container stops due to bugs, it needs to be manually debugged and restarted each time.
  1. Lack of Rollback Plan
  • No Rollback Capability: The current on-premises setup does not offer a straightforward rollback plan, making it challenging to revert to a previous stable state if needed.
  1. Redundancy
  • High Risk of Downtime: The infrastructure is not configured for high availability (HA), making it vulnerable to failures during periods of heavy traffic.
  1. Security
  • Vulnerability Exposure: The use of open-source tools like Jenkins poses security risks due to potential vulnerabilities.
  1. Cost
  • Upfront Costs: The current costing model is not pay-as-you-go. All expenses are upfront, which complicates budgeting and approval processes.
  • Approval Delays: Upscaling requires management approval, which is a time-consuming process and affects the development team’s performance and ability to deploy changes promptly.

The Solution

When we approached this customer, we assessed their infra and found the hardware was aged and needed to be refreshed immediately. The customer is planning to get out of this and finally decided to move to a robust, reliable infra where resources can be commissioned on demand in minutes.

Amazon Web Services are the best cloud platform where this infra can be migrated and provide the best performance if implemented under best practices in terms of implementation, deployment, security, and cost.

ASSESS

During this phase, our team thoroughly examines the infra and operation and found that they have CI/CD pipeline along with lot of supporting services like Liferay, Redis, Elasticsearch, etc. We’ve noted that the CI/CD Pipeline is implemented through Jenkins, while containerization relies on Docker hub. The development team has executed these processes efficiently and appropriately, and our goal is to replicate this success during migration.

When we initially received this account, it had a significant high-level security breach and was deployed in an unstructured manner. Our first step was to meticulously review and optimize the security groups according to the client’s requirements. Subsequently, we proposed restructuring the entire account, which the client urgently desired. We began by setting up the infrastructure one component at a time, starting with development, followed by UAT and production environments.

Customer has purchased the subscription for the Akamai WAF and all traffic is routed through this WAF to their infra. As customer is more comfortable with this WAF so they had decided to use it continuously.

MOBILIZE

Our primary focus was deploying the infrastructure for production, specifically for eight APIs. For each API, we created scenario-based files such as deployment.yaml, services.yaml, ingress.yaml, and Dockerfiles. We also set up Jenkins to streamline this deployment process.

Next, we deployed the Liferay application for the frontend and utilized Amazon Aurora for the database. We replicated the same infrastructure setup for the development and UAT environments.

we implemented high availability by deploying all our APIs in other regions for prod infra to ensure robustness and continuity. This strategy involved duplicating the production infrastructure APIs in another AWS region.

By deploying the same set of APIs in multiple regions, we significantly enhanced the availability and reliability of our services. This redundancy not only mitigates the risk of single-point failures but also ensures seamless operation even in the event of regional outages or disruptions.

Additionally, we recommended transitioning from New Relic to Grafana (which will get deployed on ECS cluster) for monitoring and observability purposes. Grafana offers powerful visualization and analytics capabilities, allowing for comprehensive insights into system performance, resource utilization, and application health.

By leveraging Grafana, our client gains more flexibility and control over monitoring their infrastructure and applications. Grafana’s open-source nature also aligns with modern DevOps practices, empowering teams to customize and extend monitoring dashboards according to specific needs.

MIGRATE & MODERNIZE

The customer is currently operating in a monolithic environment with a large codebase written in a single application. This setup presents several challenges in terms of scalability, maintainability, and deployment efficiency.

Prerequisites we have considered:

  • We stored critical information securely in secret files before deployment.
  • We ensured the entire infrastructure was kept private. For instance, requests to the Liferay application first go through an ELB, then a web server, and finally to the Liferay server.
  • Developers accessed the system through a private route, logging in via OpenVPN and then to a jump server before accessing Jenkins.

  1. Cluster Conversion and Migration
  • Cluster Setup: The monolithic application was first converted into a cluster to facilitate the migration process.
  • Cloud Migration: We planned and executed the migration of this clustered environment to AWS's cloud platform to leverage its scalability, reliability, and advanced services.
  • DB Migration: We used AWS DMS to migrate the document DB from the on-prem and modernize it by implementing the Amazon Aurora
    1. Modernizing Infrastructure with AWS Native Tools
      • CI/CD Pipeline: A comprehensive cloud infrastructure was set up, featuring a CI/CD pipeline powered by AWS native tools. This includes:
      1. AWS ECS (Elastic Container Service): For container orchestration and management.
      2. AWS CodeBuild: For building and testing code.
      3. AWS CodeDeploy: For automating deployments.
      1. Deployment of General Instances
        • VMs and Databases: For general instances like VMs, Redis Cache, and MongoDB, we prepared equivalent infrastructure on AWS:
        1. ElastiCache: For Redis Cache.
        2. Amazon RDS: For managed relational databases.
        3. MongoDB Atlas or AWS DocumentDB: For MongoDB instances.
        1. Ensuring Redundancy and Fault Tolerance:
          • Multi-AZ Deployment: Infrastructure was deployed across multiple Availability Zones (Multi-AZ) to ensure redundancy and fault tolerance, providing high availability and resilience against failures.
        1. Implementing Best Practices:
        • Security Best Practices
          1. To enhance security measures, we implemented Multi-Factor Authentication (MFA) for both OpenVPN users and IAM (Identity and Access Management) users. This proactive approach significantly strengthens access control and safeguards against unauthorized access.
          2. By enabling MFA for OpenVPN and IAM users, we ensure an additional layer of verification beyond username and password, requiring a secondary form of authentication like a time-based one-time password (TOTP) or hardware token. This mitigates the risk of credential theft or misuse.

Solution/Architecture Diagram
Main Challenges that are mitigated

As above said challenges are kept in mind while migrating to AWS and deploying the solution. Following are the benefits that are reflected to the customer after migrating to AWS cloud platform.

        1. Support and Diagnosis
        • Single point Support: The i2k2 Networks become the single point for the customer for all the issues related to infrastructure, DevOps, and cyber security. Making it easy to identify the right technical team as per the escalation matrix for support and issue diagnosis.
        1. Scalability
        • On-Demand Auto Scaling: Important VMs and containers are configured in an autoscaling group to achieve scaling on-demand. Each scaling operation is real-time and on-demand and automatically works based on the threshold.
        • Resource Measurement Issues: The pay-as-you-go model of AWS allows users to terminate and commission the resources anytime and they are billed hourly, which brings great comfort to the customer.
        1. Debugging
        • Easy Debugging Process: Fixing bugs and rewriting the code and proper rollback plan powered by lambda is eliminating the manual rollback effort and making debugging easy.
        1. Rollback Plan
        • Rollback Capability: Generally, rollback includes manual effort or a scripting in on-prem scenario. AWS provide a simple automated platform that allows it to be automated by using Lambda.
        1. Redundancy
        • Nearby Zero downtime: The infrastructure is configured in multiple availability zones to achieve high availability (HA) with load balancing, making it to prevent failures during periods of heavy traffic.
        1. Security
        • Highly Secure Environment: VPN, WAF, Secret Manager, Security Hub, and many more security-related services are implemented as per the recommendation of our cloud security expert.
        1. Cost
        • Upfront Costs: Zero upfront cost
        • No more Approval: Everything configured in a way to achieve auto-scaling, Load Balancing, and HA so that the IT team cannot run for approvals at the time of need.

Results & Benefits

By migrating to AWS and modernizing the infrastructure, the customer benefits from improved scalability, enhanced security, and a more efficient development lifecycle. This approach not only addresses the limitations of their previous monolithic setup but also positions them for future growth and innovation in a cloud-native environment. The reliability of the AWS cloud platform is underpinned by several key features and practices.

        1. High Availability:
          1. Multi-AZ Deployments: AWS provides the ability to deploy applications across multiple Availability Zones (AZs), which are physically separated within a region. This ensures that if one AZ fails, the others can continue to operate, maintaining application uptime.
          2. Global Infrastructure: AWS operates in multiple geographic regions, each comprising several AZs, allowing for redundant deployments and disaster recovery options.
        1. Fault Tolerance:
          1. Automatic Failover: Services like Amazon RDS (Relational Database Service) and Amazon Route 53 (DNS service) offer automatic failover capabilities, ensuring that services remain available even in the event of hardware or network failures.
          2. Elastic Load Balancing: Distributes incoming application traffic across multiple targets, such as EC2 instances, to ensure no single instance bears too much load and to maintain application availability.
        1. Redundancy:
          1. Data Replication: AWS services like Amazon S3 (Simple Storage Service) and Amazon EFS (Elastic File System) automatically replicate data across multiple AZs, ensuring data durability and availability even if one AZ becomes unavailable.
          2. Backup and Restore: AWS provides automated backup services for databases (e.g., AWS Backup) and supports snapshots for EBS (Elastic Block Store) volumes, enabling quick recovery from data loss events.

Advantages of Using AWS ECS:

        1. Simplicity and Ease of Use: ECS is designed to be straightforward to set up and use, with a lower learning curve compared to other container orchestration platforms like Kubernetes. This makes it accessible for teams with limited container experience.
        2. Fully Managed Service: As a fully managed service, ECS handles the infrastructure management tasks, such as provisioning, patching, and scaling the container instances, allowing development teams to focus on building and deploying applications.
        3. Seamless AWS Integration: ECS integrates tightly with other AWS services, such as AWS Identity and Access Management (IAM), Amazon CloudWatch, AWS CloudFormation, Amazon RDS, and load balancers like ALB and NLB. This makes it easier to build comprehensive solutions using familiar AWS tools.
        4. Cost Efficiency: ECS can be more cost-effective, especially for smaller workloads or teams, as it allows for efficient resource utilization and offers various pricing models, including on-demand and spot instances.
        5. High Availability and Reliability: ECS runs on AWS's global infrastructure, which provides high availability and reliability. It can easily distribute workloads across multiple availability zones, ensuring applications remain up and running.
        6. Performance: ECS can deliver high performance for containerized applications, leveraging AWS's optimized networking and compute resources.
        7. Security: ECS benefits from AWS's security features, including VPC integration, IAM roles, and security groups. It also supports encrypted communication between containers and AWS services, ensuring data security and compliance.
        8. Flexible Deployment Options: ECS supports a variety of deployment options, including AWS Fargate for serverless compute and EC2 instances for more control over the infrastructure. This flexibility allows organizations to choose the best deployment strategy for their needs.
        9. Scalability: ECS can automatically scale containerized applications to handle varying levels of traffic and workloads, ensuring that applications can grow with demand without manual intervention.
        10. Developer Productivity: ECS supports various developer tools and CI/CD pipelines, integrating seamlessly with services like AWS CodePipeline, AWS CodeBuild, and third-party CI/CD tools, thus enhancing developer productivity and accelerating application delivery.
        11. Agility: AWS provides agile development and deployment tools, allowing businesses to iterate quickly, experiment with new ideas, and bring products to market faster, enhancing their ability to respond to changing market conditions.
        12. Ease of Use: AWS offers intuitive management interfaces, extensive documentation, and a supportive community, making it easy for businesses to get started with cloud computing and manage their infrastructure efficiently.
        13. Support and Resources: AWS provides comprehensive support plans, training programs, and a vast ecosystem of partners and third-party tools, enabling businesses to access the resources they need to succeed in the cloud. As i2k2 Networks is providing 24X7X365 NOC based on-call support to the customers.
        14. Estimated Productivity Increase:
        • IT and Infrastructure Efficiency: The automation of infrastructure tasks and improved scalability can result in a 30-50% increase in operational efficiency for IT and DevOps teams.
        • Development and Deployment: Enhanced developer productivity through better CI/CD pipelines and tool integration can lead to a 20-30% improvement in development speed and efficiency.
        • Overall Business Operations: The combined benefits of high availability, cost efficiency, and security can contribute to a 10-20% increase in overall business productivity, as resources are better allocated and risks are mitigated.
        • Overall Estimated Productivity Increase: Taking these factors into account, the overall increase in productivity can range from 30-60% or more, depending on the specific baseline conditions and how effectively the AWS services and ECS are utilized. This range reflects improvements in IT operations, developer productivity, and broader business processes.

For a more precise estimation, organizations typically conduct a detailed post-migration analysis, tracking specific metrics such as time savings, cost reductions, user satisfaction, and revenue growth.

Why AWS?

AWS is designed to allow application providers, ISVs, and vendors to quickly and securely host your applications – whether an existing application or a new SaaS-based application. You can use the AWS Management Console or well-documented web services APIs to access AWS's application hosting platform. AWS utilizes an end-to-end approach to secure and harden our infrastructure, including physical, operational, and software measures. For more information, see the AWS Security Center.

Using AWS tools, Auto Scaling, and Elastic Load Balancing, your application can scale up or down based on demand. Backed by Amazon's massive infrastructure, you have access to compute and storage resources when you need them. With AWS, you take advantage of a scalable, reliable, and secure global computing infrastructure, the virtual backbone of Amazon.com's multi-billion-dollar online business that has been honed for over a decade.

Why i2k2?

As an AWS Advanced Consulting Partner & Managed Amazon cloud services provider, i2k2 provides comprehensive folio of cloud solutions along with prompt and reliable support. Our partnership with AWS goes several years back, even before we formalized our association with the company in 2013. Key reason to choose i2k2 was 20 years of proven business. Talent is vast due to extensive IT exposure in India.

About i2k2 Networks

i2k2 Networks is the No.1 Dedicated Web Hosting company in India and a trusted name in the IT cloud hosting services industry that offers a full gamut of cutting edge enterprise solutions which drive business in today's Internet-powered world. Our folio includes Dedicated Servers, Cloud Hosting- Public, Private and Hybrid, Data Center Services, Business Email Solutions, Managed IT Services, Backup, and DR Solutions, DevOps Services, Cloud Enablement, Enterprise Hardware solutions, and various other integrated services. A team of dedicated and professionally driven IT experts conversant with diverse client requirements are available 24x7x365 to provide extended support. With superior technologies to host, design and develop high-quality websites and applications, we ensure to deliver unmatched value to our clients.

Please fill in the details to download Files


Enter Captcha: captcha

Request A Call Back

+91-120-466-3031 +91-971-177-4040