Client: Aviation Company
Duration: 2017 - ongoing
Type: Infrastructure Migration
ITGix

Project of ITGix

More about ITGix

Description

The Challenge

The customer has multiple suppliers in different world locations and all of them are
involved in the development of their product. The product itself is in the form of a
monolith application which is considered outdated and difficult to go through all
CI/CD phases. It was slowing down the development cycles and operations were
becoming difficult as new deployments involved downtime of multiple services.

The Solution

The situation was quickly assessed and the solution was to break the application
into microservices and utilize technologies like Docker, Kubernetes and Jenkins – for
doing the CI/CD. In terms of hosting the containers, it was decided to use AWS.
The company requested professional services from ITGix and we worked on
establishing a plan to:
● setup a secured and automated environment in AWS;
● integrate the on-premises datacenter of the company with Amazon VPC;
● setup an automated and centralized monitoring, log aggregation and
scalable container management system.

For the project we advised the Customer to use Amazon Web Services which would
not lock the him with a specific custom solution. ITGix was completely responsible
for the deployment, monitoring and update of the Kubernetes cluster.

Environment
The approach in that particular case was to use Terraform with S3 and DynamoDB
for state locking. Moreover, the environment code was broken down into multiple
modules for efficient usage and easy recreation for DR scenarios and replication.
We followed the approach of infrastructure-as-a-source-code and git for preserving
that code. Naturally we managed to improve the cycles as using the trunk based
approach and git review for each new improvement. Moreover, we saw a good
opportunity to switch the configuration language to Ansible and create roles for
provisioning where it was needed.

Integration of AWS and DC
We faced challenges to keep the same authentication mechanisms and DNS
principles for the VPCs. We secured the connection for services by implementing an
integration with SimpleAD and utilized the HA VPN connectivity with a good
organization of routing for all VPCs.

Centralized Monitoring and Log Aggregation
We faced some challenges when using Cloudwatch so we utilized a hybrid approach
with Icinga and Prometheus. Having mixed types of applications and servers
required a deep look into the solutions. However we managed to run them in
containers and utilize Grafana for segregation of different data-sources and
correlation dashboards.

Container Management System
Last but not least we had to work on a container management system which was
going to improve the overall experience and management of the core component.
The non-functional requirements for each application were clear, so we decided to
build our container management system with Kubernetes. This decision was taken
based on the “non-vendor lock” requirement and future development of the hybrid
cloud strategy.

AWS Services
In this specific project the ITGix team worked on the following AWS Technologies:
● EC2;
● CloudWatch (basic metrics and scaling EC2 services);
● Networking (routing tables, subnets, security groups);
● IAM;
● Simple AD;
● Route53;
● ECS;
● SNS and SQS;
● RDS ( Postgres and MySQL).

The Result

We managed to create a stable environment with DR for our customer. Strict
pipelines of workflows and efficient automation utilizing technologies like Ansible
and Terraform. That resulted in an easy adoption and migration of new services.
We managed to migrate in 3 months more than 300 microservices resulting in
more than 800 containers. An Important learning experience was the switch of all
team members to DevOps practices utilizing git and containers in conjunction with
proper process for code organization.

Scope

Amazon Web Services Cloud and Automation