As customer application workloads began to increase rapidly, Webconnex decided to change over to a Kubernetes microservices architecture, which would make it easier to update and scale applications and the supporting compute resources. To make this change effectively, Webconnex needed help streamlining its DevOps process and fine-tuning its Amazon Web Services (AWS) cloud environment.
To solve this challenge, Webconnex turned to Mission’s managed DevOps service. The Mission team collaborated with Webconnex to create an AWS environment that is more secure and supports the microservices application architecture. The Webconnex team can now focus more time on building and enhancing applications while the AWS environment managed by Mission accelerates the process to test, deploy and scale application services.
“We could do a lot of the AWS work on our own, but it would take a lot longer than it takes Mission, and Mission makes sure we utilize cloud-technology best practices. Because of their domain knowledge, not only in the cloud, but also with DevOps and containers, Mission is much more efficient at managing AWS environments.”
- Infrastructure-as-code speeds up application testing, updates and failed deployment rollbacks.
- Separate virtual private cloud environments strengthen security posture.
- Managed Kubernetes service auto-scales container capabilities.
- Containers make it possible to upgrade/downgrade single services without impacting other services.
- DevOps as a Service model provides on-demand access to a wide range of cloud expertise.
Managing Cloud Environment Takes Software Developers Away from Main Mission
In 2019, the Webconnex customer base continued to grow rapidly, and the software development team had expanded by 75 percent to support the increasing demand on Webconnex applications in the cloud. That’s when CTO Nathanael Merrill determined the time had arrived for major changes to the architecture supporting the customer applications as well as the way the company managed its Amazon Web Services (AWS) environment that hosted the IT infrastructure.
“We had utilized AWS for about seven years, managing the environment with our internal developer team,” Merrill says. “But as our infrastructure footprint increased to support the growth of the business, managing the cloud infrastructure required more and more time. This took our developers away from their primary mission—developing and enhancing customer-facing applications.”
At the same time, Merrill and the software development team planned to transition the company’s application architecture to microservices. This would streamline development and testing and make it easier to scale application services. The team identified Kubernetes as the open-source container-orchestration system to automate microservices development processes.
“In addition to applying best practices to efficiently manage our AWS infrastructure, we wanted to configure the AWS environment to work well with Kubernetes,” Merrill explains. “We also felt it was necessary to strengthen our security posture. This meant we needed to find experts with a unique set of skills who could help us build and manage an efficient DevOps process.”
Streamline Software Testing & Deployment
Webconnex had initially chosen to migrate its IT infrastructure from a co-location data center to AWS several years before because AWS offered the most mature cloud solution in comparison to its competitors. Merrill and others on the software development team had also relied on AWS when working for previous companies, and they valued how AWS makes it possible to easily test and deploy new services.
Now that Webconnex had been using AWS for a few years, Merrill considered hiring full-time employees to focus on fine-tuning the AWS environment, building a DevOps process to accommodate the Kubernetes microservices architecture, and improving the security of the AWS cloud environment. He also considered the possibility of working with contractors on an as-needed basis. Neither approach seemed to meet what Webconnex required.
“Hiring full-time employees would be cost-prohibitive, and it would be difficult to ramp up contractors when we need them to respond quickly,” Merrill explains. “We essentially needed AWS DevOps expertise on-demand, but without the high cost.”
To find the answer to this challenge, Merrill turned once again to AWS, this time for a partner referral.
On-Demand Access to a Wide Range of Specialized Cloud Expertise
In response to Merrill’s inquiry, AWS recommended that Webconnex consider partnering with Mission. Webconnex appreciates the freedom Mission provides to enable access to specialized expertise on an as-needed basis. “And because the Mission team is familiar with our environment, anyone we turn to for help can hit the ground running,” Merrill points out. “That’s something we can’t get from contractors, and full-time engineers would cost a lot more.”
Mission proved particularly helpful in advising Webconnex on how to adjust the AWS environment for the Kubernetes containers.
“Mission helped us understand what we needed to change. In particular, they helped us set up AWS EKS auto-scaling, which had proven difficult for our internal team.”
A Collaborative Effort Between Internal and External Teams
The partnership with Mission was the first time that the internal software development team at Webconnex had worked alongside an external team. To facilitate collaboration between the two teams, Mission assigned a dedicated project manager and conducted weekly stand-up meetings to discuss on-going projects and to provide updates on the performance of the AWS environment.
“Because Mission takes a proactive approach to communicating and checking on the status of tasks, our internal team does not have to manage the members of their team,” Merrill says. “As we focus on development and updates to our applications, Mission focuses on the AWS infrastructure—it’s a great partnership that leverages the primary expertise of both companies.”
Another key factor to the success of the partnership is that the Mission team adjusted its approach to fit the Webconnex culture. The Webconnex developer team prefers to make adjustments quickly without going through an extensive change-management process that can hold projects up. The Mission team meets this need by staying nimble and reacting quickly to any adjustments Webconnex requires.
Security Posture Grows Stronger
Mission helped migrate the single Webconnex virtual private cloud environment to three virtual private clouds—production, development and a utility bastion environment. Creating three separate virtual private clouds increases the security posture of each environment by clearly delineating the authorized access of each end-user. Mission also documented the AWS architecture in detail and made sure each environment provides the necessary compute resources for each Webconnex application service.
During the process to create the three environments, Webconnex also needed to move its production database. Merrill was initially concerned about how much downtime the migration might require.
“It went off without a hitch,” Merrill says. “We were only down for about 30 minutes, which is quite impressive.”
Another key aspect of the new Webconnex environment is the infrastructure-as-code (IaC) process (using Terraform) that Mission set up. This makes it possible to manage and provision AWS resources through machine-readable definition files rather than physical hardware configurations.
“Thanks to the IaC approach, we can roll out service patches, releases and upgrades much more easily,” Merrill says. “We can also run tests in advance to see what will change and how the changes will impact our customers. We can then make decisions as to when to apply the changes.”
Merrill points to the use of containers and the cloud infrastructure that supports Kubernetes as the biggest benefit of the new AWS environment. “We used to have servers running 10 to 15 services, so to scale one service, we would have to scale everything or else pull the service out and re-architect it,” Merrill says. “Either approach took a long time, but with containerized applications, we can now choose to scale or downgrade just one service according to the demand on an application. This makes it possible to respond to customer needs much faster.”
With the new AWS environment, Webconnex also has better insight into the microservices resources each application is using. It’s also easier to rollback failed services since Webconnex does not have to roll back a full deployment.
Managed DevOps Model Reduces Costs
- Provided more stable application performance and increased security for customers.
- Enabled developers to respond faster to customer application requirements.
- Allowed developers to focus more time on building and enhancing applications.
- Lowered cost of DevOps in comparison to hiring full-time employees.
- Delivered faster DevOps services in comparison to hiring contractors.
- Minimized database downtime during migration to a new cloud environment.
Looking ahead, Webconnex plans to consult with Mission on setting up a Canary deployment process and to fully document and assess the Webconnex disaster recovery plan. In assessing the ROI that Webconnex has generated by partnering with Mission, Merrill compares it to hiring full-time personnel or contractors.
“The DevOps as a managed service model that Mission provides is much less expensive,” Merrill says. “We can tap into expertise on-demand for a short time period as opposed to the process of finding and hiring experts, and then bringing them up-to-speed. With Mission, if we just need someone for two hours, we can get them.”
Merrill also points to the amount of time the internal software development team previously spent on AWS. “Most of that time has gone away, so in essence, the Mission partnership has increased our internal resource time,”
“Mission impressed us with their depth of resources. In addition to a dedicated engineer, we can also access other engineers with wide-ranging expertise—spanning the cloud, DevOps, containers and security.”
- Elastic Compute Cloud (EC2)
- Elastic Kubernetes Service (EKS)
- Virtual Private Cloud (VPC)
- API Gateway
- Elastic Container Registry (ECR)
- Relational Database Service (RDS)
- Route 53
- Simple Storage Service (S3)
- ElastiCache for Redis
- Elasticsearch Service
- Simple Queue Service (SQS)
- Simple Notification Service (SNS)