About the Client
Content Raven is a next-generation, enterprise learning experience platform – the intersection of content storage, secure distribution for all content types, interactive tools, and analytics to deliver business results. Content Raven help corporate training leaders securely distribute content to any device, anywhere in the world. Their clients include Fortune 500 companies in high tech, consumer goods, and information systems. Common use cases include Onboarding, Sales Training, Customer Training, Partner Enablement, and Corporate Communications.
While customer was delivering the next-gen enterprise learning platform, their existing model of developing and deploying the application codes were old fashioned. Right from the building, transporting and deploying of the code were done manually. Their manual approach is to deploy the newly updated code in to a server, take an AMI of that server and configure the AMI in the Launch Config. They had no automation previously to deploy the source code. The entire architecture was implemented in a “Classic EC2” model within AWS with autoscaling for Web and BackEnd server tiers.
AWS provides a set of flexible services designed to enable companies to more rapidly and reliably build and deliver products using AWS and DevOps practices. These services simplify provisioning and managing infrastructure, deploying application code, automating software release processes, and monitoring your application and infrastructure performance. DevOps is the combination of cultural philosophies, practices, and tools that increases an organization’s ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes. This speed enables organizations to better serve their customers and compete more effectively in the market.
After doing a deep dive on to client’s application infrastructure, SecureKloud proposed an architecture where the entire infrastructure of customer was to be setup inside Amazon VPC. We also recommended SecureKloud best practice of setting up DevOps by leveraging “AWS Code Deploy”, “AWS S3” for CI/CD and “AWS CloudFormation” with some python and powershell scripts for automating the infrastructure and “Autoscaling” for the Web and Backend server tiers for high availability.
Customer’s Infrastructure Architecture
- Load Balanced using Amazon Elastic Load balancers and secured the connections using SSL
- Assets stored and delivered from Amazon S3
- Amazon CloudWatch and Amazon SNS set up to monitor resources, send notifications, track logs and metrics
DevOps in AWS
Entire stack was provisioned automatically in AWS using Amazon CloudFormation template.
SecureKloud developed an AWS CloudFormation template that offered the customer developers and systems administrators an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion
Deployment of various environments were handled using AWS Code Deploy
SecureKloud leveraged AWS CodeDeploy to automate code deployments to instances running on AWS. It made the process easier for our customer to rapidly release new features, helped them avoiding downtime during application deployment, and handled the complexity of updating applications. We leveraged AWS CodeDeploy to automate software deployments, eliminating the need for error-prone manual operations, and the service scaled with their infrastructure so that, customer can easily deploy to one or more instances
Design for HA/DR
- HA ensured by using Multiple AWS Availability Zones within a region
- Usage of Fault tolerant building blocks like ELB, S3, SNS, for HA
- ELB + Auto Scaling of Web/App ensuring HA for multiple AZ inside a region
Design for Security
- Isolated network using Virtual Private Cloud (VPC)
- Encryption and Key rotation using Amazon KMS
- S3 Encryption using KMS
- AWS IAM and MFA for access control
- Ensuring zero downtime during deployment
- Frequent releases that helped them to deliver applications and services at high velocity S3 Encryption using KMS
- By leveraging AWS services, customer’s environment became Robust and stable
- Manual operations were automated to increase the productivity