Posted on 07 Dec 18 by Luke Dudney - Senior System Engineer
Learn how KZN enabled ILC to drive down costs while increasing availability and business agility using DevOps methodologies.
The Independent Living Centre WA (ILCWA) is national not-for-profit community support organisation providing information, advice, assessment, training, funding and equipment hire services that enable Western Australians of all ages and disabilities to live more independent and fulfilling lives. Service areas include community allied health and home modification services, carer support and respite, assistive technology and equipment, occupational therapy driver assessment, Home and Community Care regional assessment, and grants and equipment funding.
In collaboration with Independent Living Centres across Australia, ILCWA owns and operates the National Equipment Database (NED) where the public can search tens of thousands of assistive technology and equipment products from scores of suppliers to help people remain independent and improve their quality of life.
The ongoing capability of ILC’s previous hosting environment to support the NED application was in jeopardy due to viability concerns with the application developer and hosting provider. The existing operational and software development processes were no longer fit for purpose, with incidents of uncontrolled releases to production causing disruption and confusion among the user base. Inadequate development and testing environments meant that critical system and library upgrades could not be safely integrated into the production systems, causing the application’s libraries and dependencies to slip further and further out of date, and making the IT function slow to respond to business and end-user requirements.
KZN’s team of AWS Certified Professionals defined a two step strategy that included a tactical lift-and-shift followed by a technical transformation, implementing a DevOps culture, tooling and processes.
KZN first worked with ILCWA on a lift-and-shift migration into AWS, moving quickly to re-host all ILCWA servers into the AWS EC2 service using the Import/Export tool to provide an immediate tactial resolution and ensure continued availability and viability of the critical NED application. Once the environment was stabilised, a modernisation program was undertaken to introduce advanced cloud technologies.
KZN re-architected, built, deployed and tested the NED application stack onto AWS. The ruby on rails application code and infrastructure-as-code templates are managed together in the GitHub hosted version control system, which is the entry point into a continuous integration and continuous deployment (CI/CD) pipeline leveraging a number of AWS services including CodePipeline, CodeBuild, and CloudFormation. Once unit testing is successful, an immutable AMI image of the OS, application code and configuration is created using the Hashicorp Packer tool. The pipeline then deploys the entire application stack into an ephemeral staging environment where integration testing and optional user acceptance testing (UAT) is performed before being deployed into production. Once approved, the staging environment is automatically terminated to reduce costs. Autoscaling, Elastic Load Balancing, and RDS Multi-AZ services provide high availability at every layer of the application stack, with static and media content saved into and served directly out of S3, further reducing load on the web servers and simplifying the persistence of data. Application and system logs are streamed from the EC2 instances into the CloudWatch Logs service where rich logstream analysis alerts the operators to divergence from expected application behaviour.
Security and access to the platform are protected using AWS accounts separated by environment (staging and production), least-privilege IAM users and groups, cross-account roles and multi-factor authentication devices. The CloudTrail service provides a tamper-resistant, centralised audit trail of all actions taken across all AWS accounts.
Infrastructure and application performance and availability metrics are closely monitored using CloudWatch with alarms fed via SNS to the operations team’s ChatOps platform Slack. Additionally, the team are notified of infrastructure events such as autoscaling actions and CI/CD pipeline stage outcomes, helping them to understand in real-time the state of the build process and production environment.
Moving to a CI/CD model of application delivery has given ILCWA greater confidence in the development and release of new features, which are now demonstrated in a staging environment and can be released to production within minutes and at any time of day. Having the entire application stack defined using infrastructure-as-code allows individual developers to engineer and test their code in their own isolated production analogue environments, and was critical to enabling the efficient uplift of application libraries and dependencies to secure and functional versions.
Advanced AWS managed services such as Autoscaling, Elastic Load Balancing and RDS drastically increased availability while reducing operational costs, and indeed have delivered near-100% uptime over the life of the solution to date. The offloading of static content into S3 has simplified deployment and backup procedures; when combined with autoscaling, the application can respond dynamically to changes in request volume over time
With staging and development environments provisioned on-demand, and automatically terminated when no longer in use it allows ILC to manage costs by only playing resources currently in use.
Security is much improved, with immutable infrastructure and no direct access to the production environment. Only reviewed and approved code and infrastructure changes are introduced to the environment, and all access is via multi-factor authenticated and well-defined role-based access adhering to the principal of least privilege.
I have had occasion to work with a number of software companies over the last 18 years. I cannot express what a breath of fresh air working with KZN has been. Their responsiveness and customer service is second to none and their expertise and guidance in developing our thoughts into deliverable requirements has been pivotal to the resounding success of the work we have completed with them. I would have no hesitation in recommending their services to anyone.
- Sacha Marchant National Equipment Database Manager
DevOps is Agile. By building and supporting cross-functional teams with the right tooling, you can empower teams to spend their time on value-creating activity that helps you identify and deliver what your customers need most.
Your DevOps journey is unique, and as cloud experts we will partner with you to help you identify any gaps and use your project to start building out DevOps culture and practices.
Learn more about how KZN can assist you with your DevOps ambitions here.