HemisferioD, DevOps Assessment
Initially, as part of the development process used by HemisferioD, when new versions and functions were developed, the development and operations teams manually executed the process of creating, testing, and deploying said versions both in the development/test environments and in those of production.
This generated a very heavy operational workload for HemisferioD, in addition to reducing the speed with which they produce the code and, therefore, the Time-to-market for their end clients.
HemisferioD required a more efficient, preferably automated process for releasing new features and updates to customers.
Clouxter’s proposed solutionPara lograr estos objetivos, propusimos un proceso automatizado rápido y efectivo para lanzar nuevas funciones y actualizaciones a los clientes, donde se garantiza la entrega de un código seguro y confiable.
This automated process consists of a group of pipelines designed to build, test, and deploy each of its components separately. Each pipeline consists of the following stages:
- Source: Bitbucket is the source control tool used by HemisferioD, each pipeline points to a specific component repository and branch.
- Build: In this stage, the code is built and then tested within the same CodeBuild project, the builds are done with maven or flutter for the backend and frontend components and then SonarQube is invoked to perform some security analysis testing.
- Deployment: Applications run on EC2 instances, so CodeDeploy is perfect for deploying new versions of code during the pipeline. With CodeDeploy event hooks, we take actions at different stages of the process to ensure a successful deployment. These actions include scripts to stop the server application service, or start and test it automatically after deployment is complete.
Third-party applications or solutions used:
- SonarQube: This tool was integrated into pipelines to automate security testing of static applications.
- Bitbucket: Bitbucket is used as source control to implement a git flow strategy.
AWS services used as part of the solution:
Below are the AWS services implemented according to the proposed solution:
- CI/CD pipelines were created to incorporate automation of the software release cycle using AWS services such as Code Commit, Code Build, and Code Deploy.
- High availability was achieved on EC2 by configuring auto-scaling and load balancing.
- For automation and monitoring, all AWS resources are provisioned using CloudFormation and monitored with Cloudwatch.
- In terms of security, the KMS service is used to implement encryption (at rest/in transit) on services that require it. WAF is used to protect workloads.
- Development, staging, and production accounts were isolated
- Agility improvement: By implementing 26 pipelines in each environment, the client reduced the operational burden of manually deploying new versions of code, going from delivering once every two weeks to several times a week; The use of IaC and ASG simplified infrastructure management, reducing requests from 15 per month to just 1 ticket.
- More secure code: With the DevSecOps pipeline integrated with SonarQube, the customer now has visibility into the quality of their code; Quality and vulnerability reports are generated for each build cycle and a code quality threshold is defined to allow/disable deployment stages.
- Scaling to support higher demand: Due to the continued growth of HemisphereD, it was necessary to implement EC2 auto-scaling and they can now dynamically adjust the amount of computing resources to support high demand spikes. Currently, HemisferioD can support the demand of 600,000 users without problems, and related incidents have been reduced from 3 incidents to 0 per month.
- Isolated environments: Production, development, and testing environments are separated into different AWS accounts, allowing the customer to separate workloads and have separate billing per account; This separation has reduced incidents due to poor configuration of the environment by 100%.
HemisferioD is a company that develops high-impact content and virtual training tools, based on technology and aimed at generating tangible and measurable results for its client organizations. Since its inception, HemisferioD has managed to develop more than 700 courses and training materials.
At Clouxter we enable the adoption path and consolidate the cloud in organizations. Our focus is on DevOps, Migration, Security, and Analytics, providing the key pieces to have a great Cloud strategy. We have extensive experience in different industries such as Banking, Media, Fintech, Public Sector, ISVs, and Startups.
We accompany organizations on this path and accelerate their adoption curve, covering the Definition, Planning, Implementation, and Operations of their solutions, through our Professional Consulting Services, Managed Services, and Local Billing.