Enabling Scalable Deployments with Configuration as Code

Our customer identified an opportunity to migrate a windows desktop application, a critical component of their business portfolio, to AWS. They engaged Cevo to implement Configuration As Code using industry best practices to achieve quick, scalable, and efficient deployment patterns, resulting in improved operational efficiency and increased productivity.

Configuration as code

Solution

Financial Services

Industry

Our customer is an Australian technology company that provides market-leading software to the financial services industry, servicing customers around the world.

Business challenge

A critical component of this organisation’s business portfolio is a comprehensive digital offering that supports the front and back-office administration of financial service organisations. They identified a significant challenge in efficiently deploying, running and supporting it in production in the cloud. This has resulted in missed opportunities to leverage their application for other projects and clients.

The primary cause of this challenge was the manual configuration of infrastructure and applications. This process was proving time consuming, error prone and challenging to manage due to the complex and interdependent nature of the systems involved. Precise configuration settings were required to work efficiently, and errors could result in costly downtime, increased security risks and reduced productivity.

To address this problem, they wanted to adopt a configuration as code approach, which involves using automated scripts and tools to define and manage the configuration of infrastructure and applications.

Solution

Cevo was engaged by this organisation to implement configuration as code using best industry practices. The engagement commenced with a three day workshop to identify the in-scope items, which included:

  • Deployment – Automated capability to deploy an instance to onboard a new client
  • Upgrade – Automated capability to upgrade an existing instance for a client
  • Undeploy – Automated capability to destroy an instance to offboard an existing client
  • Decommission – Automated capability to destroy an instance including backups for an existing client to offboard completely
  • Manual backup and restore – Automated pipeline to take create a backup of a client instance, and restore from it
  • Long-term backups – Ability to take scheduled backups and restore from them if needed
  • Site Copy – Create a new instance from an existing running instance, mostly targeted for non-production environments
 

The solution was designed with the below principles in mind:

  • Everything in a code, which refers to the practice of using code to automate the creation and management of infrastructure and applications
  • One pipeline must do only one task, which refers to breaking down complex software delivery processes into smaller, specialised pipelines
  • Think of pipelines as module, so a single pipeline can be invoked by another by passing acceptable, pre-defined parameters
  • Every pipeline requires special approval to deploy or destroy an instance in a UAT or production environment
  • Every feature branch builds its unique application image version and can be tested and deployed independently
  • All environments including staging, UAT and production can only be deployed via a pipeline
  • Every success successful application build should pass unit and integration tests
  • Backup and restore pipelines should use AWS Step Functions to orchestrate the backup and restore process for EFS, S3 and RDS
 

During this engagement, Cevo’s consultants first defined all infrastructure and application configurations using code. Automated application and infrastructure versioning and tagging was set up using Gitversion. Configuration code was stored in GitHub as a version control system. Terraform was used for infrastructure as code orchestration.

To ensure the security and integrity of the code, Cevo’s consultants built a suite of automated tests, including unit tests, integration tests, and end-to-end tests to test the application before deployment. Code scanning was performed as part of an automated pipeline to identify any security vulnerabilities and secrets that may be present. Artifactory was used as a hosting and security scanning tool for deployable artefacts.

Once configurations have been tested and validated, they are deployed using automated Buildkite pipelines. Build results are sent via Slack notifications.

The below diagram demonstrates the application deployment:

Outcomes

Prior to this engagement, the application development and delivery practices operated on physical servers that were hosted on-premises, which required frequent human interactions. The implementation of configuration as code, including the use of GitHub, BuildKite and Artifactory, and deployment of infrastructure components via an infrastructure as code approach using Terraform has significantly reduced a number of risks and inefficiencies. 

Benefits include:

  • Consistency: Configuration as code ensures that all systems are configured consistently, reducing the risk of errors and downtime
  • Reduced time-to-market: Lead times for delivering new customer instances were reduced from weeks to hours, while also reducing the time required to deploy new application or infrastructure versions
  • Increased scalability: Ability to easily scale its infrastructure and applications up or down as needed, without relying on manual processes
  • Enhanced agility: Increased ability to quickly respond to changing business needs and adapt accordingly
  • Improved security: Quick and efficient identification and fixing of configuration issues, resulting in improved security and reduced risks
 

Overall, adopting a configuration as code approach has helped this organisation improve its operational efficiency, reduce risk, and achieve its business goals more effectively. By doing so, they can streamline the deployment and management of their application, improve efficiency and reliability, and reduce the risk of errors and downtime, ultimately helping them to remain competitive.

Enjoyed this customer story?

Share it with your network!