NowWith - DevOps Modernization with AWS

The Challenge

Heroku’s limited number of dynos (containers) made horizontally scaling during peak demand difficult, and it suffered from availability issues at times. There was a lack of DevOps best practices embedded at the company. Finally, the system had a lot of streaming content with network traffic they wanted an easier way to secure and observe. 

The Solution  

 

Sela’s experts met with NowWith to review their organizational and product goals. Careful consideration was taken not to disrupt their running, production platform. 

 

Sela started by performing an in-depth review of the existing platform, analyzing its usage, interfaces, and patterns.

 

It was determined that a cloud-native, serverless, multi-account, AWS architecture would best achieve NowWith’s organizational and product goals. The new platform was built in parallel to production so there would be no chance of any disruption.  There would also need to be DevOps training and skilling to enable the organization to optimize the way they built and maintained their infrastructure.

 

DevOps became a defining aspect of the organization. Separate accounts were set up for logging, shared services, development, testing, and production workload components split up by stages. This increased security by limiting the blast radii of search breaches, provided greater velocity for development teams, and better platform flexibility. Logs were sent to the shared logging account where they were stored on Amazon S3. 

 

Amazon OpenSearch was deployed to detect security issues and report problems sooner, increasing observability and security. Infrastructure on the platform was deployed through code (IaC), using Terraform and GitHub actions. AWS Control Tower was implemented to standardize accounts.

 

Kubernetes was ruled out in favor of AWS and Amazon ECS. AWS Fargate clusters were used to make the platform more scalable and available. Workload features were rebuilt using AWS Lambda, Step Functions, Amazon Kinesis, Amazon SQS, and Amazon DynamoDB. Amazon Cognito and AWS SSO (now AWS IAM Identity Center) were used for authentication and role-based security.