nTier

About the Customer 

nTier FS provides a suite of software solutions for data and content management, including powerful data reconciliation and validation, flexible reporting, secure content management, and a configurable data model and integration layer, to provide their customers with the building blocks needed to transform their data and content.   

 

Customer Challenge 

nTier FS's original platform was a single monolithic application running on Rackspace. This application needed to be deployed many times with lots of different configurations per customer. As a result, the application had difficulty being updated and staying current. In addition to the architectural challenges, the customer's operations processes were very immature; builds were difficult and slow, and database maintenance had to be performed manually.  

 

Why AWS? 

AWS, as a leading cloud provider, boasts unmatched scalability, service offerings, and global infrastructure. By migrating their application to AWS, nTier FS gained access to a wide array of managed services, allowing for seamless integration and enhanced functionality. The flexibility of AWS allowed the organization to tailor their infrastructure to the unique requirements of their platform, optimizing performance and cost-efficiency. Altogether, AWS provided a comprehensive, future-proof solution for migrating and modernizing nTier FS’s monolithic application, positioning it for sustained success in the cloud-native landscape.  

 

Why Sela? 

The Sela team’s in-depth knowledge of both Rackspace and AWS environments ensured a seamless, efficient migration of the customer’s platform to AWS. nTier FS trusted that, by leveraging our expertise, not only would their migration process be accelerated, they would also maximize the usage of AWS services to optimize their platform’s performance, scalability, and cost-effectiveness.  

 

Partner Solution 

Sela's experts began with an in-depth review of the existing platform, analyzing its workloads and implementation. The Sela team designed a more modern, cloud-native architecture using containers, infrastructure as code (IaC), and cloud native database services to support the system.  

Using the AWS cost calculator, the Sela team also provided a TCO that estimated the cost for each network isolated and enterprise grade, security hardened environment. The automated tenant provisioning was enough of a value add for the customer to justify huge margins per-customer. This was a project that sold itself when it became clear how much more easily tenants would be able to be onboarded and how much our customer would profit per tenant.  

The monolith was transcribed to a container-based architecture on ECS. Builds and tenant infrastructure were automated through terraform scripts. RDS was used to alleviate database maintenance administration work.  

 

All access to customer's environment to users was provided identities federated from customer's third party IdP, and accounts were not shared by users. Permission sets assigned to production accounts were read-only, and break-glass production access was granted during production deployments. The customer's root account was not used in day-to-day operations and was secured using a hardware MFA token. 

Workload stages were separated following the AWS multi-account strategy. AWS Control Tower is used to provision new accounts and terraform is used to complete the landing zone. All foundational infrastructure (VPC, IAM) was deployed with Terraform. The project contained a number of microservices that were replatformed from running on Rackspace servers to Docker containers and deployed in Amazon Elastic Container Service (ECS). The ECS services were built and managed using Terraform. 

Tenant configuration was defined in a file per tenant, and fully automated and battle-tested scripts take this data and use it to configure updates using Terraform and some data manipulation utilities. Scripts are interactive, prompting users for validations as deployments are sensitive and must follow strict processes. 

ECS services were auto scaled based on CPU and memory metrics. Health check configurations with Application Load Balancers automatically swapped out non-responsive ECS tasks to enable self-healing. Container images were stored in the shared services account in ECR. The same container images were used for all stages of the workload, with a semantic container versioning strategy. 

Application operational and deployment practices were centered around GitOps. All changes to application deployments were handled via git tags and deployed to customers via CI/CD pipelines. Infrastructure and security configuration changes were managed through interactive Python scripts that prompted authorized deployers for interactive approvals as each step of an update took place. 

 

Results and Benefits 

As a result of Sela's implemented architecture and GitOps-based automated deployment practices, the operations processes for the customer's development team evolved, reducing the time to build, deploy, and onboard new tenants. The utilization of RDS allowed the customer to regain resources previously wasted on manual database maintenance, and the automation of these processes reduced the opportunity for error. nTier FS also realized exceptional cost savings through automated tenant provisioning, as opposed to the manual onboarding process that they had previously implemented. This optimization not only increased their profit per tenant, but also freed up resources and cash flow for further feature development and innovation.