- 020 8163 7876
- [email protected]
Established in 2003
UK segment of a German automotive manufacturer
£Billions per annum
There is always a better approach, even if you're already using Docker containers and Kubernetes.
The challenge set by the group was to ensure that the platform security posture was met within a tight timeline.
The existing EKS infrastructure had been created with self managed nodes and has fallen foul to complicated upgrades and security holes.
To make the problem more complex, was that there were many manual processes and manual operational requirements the team were supporting with. We had to come up with a better way.
There was no secrets management in place, so the challenge was to tighten application and infrastructure level security.
Move the EKS Self Hosted Nodes to EKS Fargate.
No More EC2. An objective set by the business to no longer require operational burden of patches and security.
This organisation has many legacy systems & processes which need to be understood in order to migrate successfully to AWS.
Introduce Secrets Management.
Remove AWS Access Key usage.
Introduce CI/CD and Terraform Automation.
Automate Deployments to EKS.
No automation & lack of documentation.
Operational Costs are high for server patching.
Upskilling people in the organisation to new ways of working.
What a fantastic challenge to have completed with time to spare. Our experience with Docker, EKS and AWS made us the ideal partner to work with.
We produced a Design and TCO to get approval for our work. Our POC process proved the existing container applications can work in Fargate.
Storing the Docker Image was also moved from self hosted Nexus to hosting in the AWS ECR. This made it easier to share images across accounts.
Secrets Management and Security are often overlooked in the rush to migrate to AWS. This is exactly what had happened this this client.
KO Technologies ensure that no secret was in plain text.
Our approach was to integrate EKS with AWS Secrets Manager.
Replatforming applications that are running in a traditional fashion is no easy task to make Docker Images for.
Our talented team, was able to reduce the number of EC2 hosts from 10 to , but neatly packaging the running services in to Docker images, ready to be hosted in EKS Fargate.
Together with this move we introduced Jenkins pipelines to build, store and deploy these new applications to the EKS Fargate Cluster we built.
AWS
A well architected delivery for EKS modernisation.
Security: Internet traffic inbound was changed from NLB to ALB. The ensured security groups restricted access from Imperva.
Costs: EKS Fargate Pod specifications were finely tuned ensure compute power was optimal. Client was made aware of savings plans to implement.
Operations: Replatforming the Linux EC2 workloads to Docker / EKS, means that there is significantly reduced operational overhead.
EKS Fargate is used to reduced Kubernetes data plane management.
Performance: The EKS pods are tuned to run as quickly as required and scale accordingly to demand.
Sustainability: EKS Fargate means that he infrastructure scales to meet demand.
Reliability: Everything is delivered with Terraform Automation and automated CI/CD to ensure reliable delivery of DevOps.
People
We help and trained multiple organisation units to modern ways of working on introduce a DevOps mentality to their way of working.
A collaborative way of working, sharing ideas and common code base helped many teams work more efficiently.
Processes
Many processes are automated, which provides a far more efficient way of working,
Products
Opensource tooling for the migration keeps the costs down without reducing quality.
The versatility and extensibility means we can automate more make the delivery of services repeatable, reliable and reproduceable.
Jenkins Pipelines were updated to the new EKS version. Moving to EKS Faragte and using Jenkins Agents within Fargate meant that Kaniko was used to build the Docker Containers.
