Hello, everyone! I am Hardik, working as an Account Manager of Technologies here at IAMOPS. Today, I’m going to speak about a recent migration that we have completed for one of our FinTech customers. This included migrating from Render to Google Cloud. Let me share the motivation that we had for this customer.
We wanted to achieve high availability. Which is maximum uptime on the platform. Next, scaling to handle the increasing workload of the customer. Resiliency is to create a fault tolerant system.
As every platform, the customer had its own pain points, which was basically, the long downtimes where proper support from the platform caused extended downtime.It was a bit frustrating for the customer.
Backup support to look into the infra and application. Around the clock, you know, as a single person, it’s time consuming and you need proper professionals, who can be available around the clock for you to monitor your systems. Also the security risks, it included exposure of sensitive information, such as DB credentials and so on.
So these were basically the pain points of the customers. Here is the high level overview of infra on Render, which did not involve infra deployment or enhancement using automated deployment best practices for infra required implementation of load balancing for the backend services as customer is required to handle.
As traffic increased, they needed effective and faster scaling of the backend services with more options. Sensitive information was stored in environment variables and not in the secrets. Database connection was using the public connectivity over the internet. As we can see in the diagram, there’s lack of effective permission implementation on the platform.
Value for money was impacted due to long downtime.
So here, this is the GCP infrastructure. It represents the high level infra of the services on GCP and improvements made using the best practices. The frontend, as we can see in the diagram, the front end is leveraging the Google Cloud CDN to serve static content and improve the performance using Google Cloud Load Balancer, which would distribute the traffic.
For the backend services, services are properly containerized and it is deployed on GKE Private Cluster. This will help achieve scalability, highly available and resilient platform to run the application logic.
For the database services, a private connection is created between the GKE cluster and the Mongo, MongoDB Atlas database using the private service connect on Google, MongoDB on Atlas is also moved to the same region as the backend infrastructure.
This would provide a secure high performance connection between the application and the database. Apart from this necessary identity management for frontend and backend communication. As well as for the GKE cluster to access other GCP resources like cloud storage or any managed services was implemented.
Terraform, which was used as Infrastructure as a Code. It is used to provision and manage the entire infrastructure, including the CDN, load balancers, GKE clusters, and any other supporting resources. This would ensure that the environment is deployed consistently and can be easily replicated among other cloud projects or cloud providers.
Cloud and application security was taken care of by using the managed services such as CloudArmor, security command center, cloud key management, secret management for Kubernetes. Secrets are used to manage the security posture of the platform and monitoring of application and platform are using the services such as logz.io, cloud logins, entry, and cloud metrics.
This is the high level overview of how we implemented the services using the GCP Cloud best practices. Technically, this resulted in zero downtime where at first the customer was facing long downtimes, lack of support was there, even the lack of support was solved by leveraging NOC 24/7 support services from IAMOPS.
Lastly, increased security as I mentioned. Using the different GCP managed security services, we were able to increase the security for the customer.
If you have any questions related to DevOps or NOC 24/7 Monitoring, please reach out to us at www.iamops.io. Thanks for watching!