Australia's most visited online business-for-sale marketplace where business buyers are connected with business sellers.
The platform enables prospective entrepreneurs to realize their dreams by connecting them with nearly 20,000 opportunities advertised by business owners, business brokers, franchisors, licensors and distributors.
Our cloud migration consultants formulated a multi-faceted plan to modernize the enter application, including the deployment and monitoring aspects. The main goal of this plan was to migrate the existing application to AWS while establishing a clear path to systematically break down the monolithic application into more manageable, modern, microservices-based architecture.
A dedicated Virtual Private Cloud instance was set up in AWS, and the application was hosted across multiple EC2 instances running in different availability zones (data centres) with a load balancer, which enabled high availability and scalability. The database was migrated to AWS RDS with data replicated across multiple availability zones. The move to RDS meant that the database administration effort was significantly reduced with the database infrastructure, OS upgrades, snapshots and software patches were managed by AWS. System monitoring was moved to AWS CloudWatch to integrate to the Splunk platform, which enabled near real-time analysis, visualization and alerts.
Moving the existing application to the cloud was only the initial part of the story. To realize the true benefits of a cloud deployment, the application architecture needs to consist of granular, independently manageable, scalable and deployable components. This was achieved by modularizing the application using Domain-Driven Design inspired patterns.
Various business domain contexts were identified and extracted out into their own AWS lambda based Microservices, where the AWS API Gateway service was used as the orchestration point for all APIs. The idea being, eventually to be able to deploy the whole application as smaller Lambda based services. This move to a serverless deployment had many benefits, primary of which are significant cost reductions, theoretically unlimited scalability and the ability to deploy each microservice individually, without impacting any other services. This strategy also meant that the whole monolith did not have to be decommissioned and replaced at once, each functional context was extracted individually, which helped to localize the scope of change and significantly reduced the risk of impacting the day to day business of the platform. With AWS Lambda you only pay for what you use, there is no upfront or fixed re-occurring cost. Each service can independently scale up based on the user load. This type of infrastructure is ideal for workloads which vary with user behavior patterns (business hours, holidays etc.)
We adopted a mix of AWS CodePipeline and Buildkite for the CI/CD strategy. AWS CodePipeline was used for most of the Lambda/microservice deployments whereas Buildkite was used for the EC2 based legacy application deployment. All of the CI/CD pipelines were written as code so that it was easy to maintain/replicate them. One key achievement of this automation was reducing the main application deployment time from hours ( doing it manually) to a few minutes. This enabled a rapid deployment cadence which meant that the application could be deployed at any time, including business hours. This was a significant improvement on the previous fortnightly deployment strategy, which was mostly a manual process.
Another main aspect which was addressed during the modernization was the security of the application. Previously, the authentication and authorization were handled through an ASP.NET Identity backend. This was a key barrier to adopt RESTful API strategy. We designed and implemented a modern, OAuth2 based security strategy using Auth0. Auth0 is a flexible, drop-in solution to add authentication and authorization services to applications, and it manages all of the user and external application authentication and authorization aspects. This enabled a fast adaptation of microservice architecture and enabled some key strategic third-party integrations integration opportunities.
We consider this multi-faceted and phased out modernization strategy as a great example of adding business value and reducing cost with modern technologies and emphasizes the Kodez team's ability to deliver custom solutions to match the unique business requirements.
Containers have revolutionized the way applications are developed, packaged, and deployed, offering a modular and efficient approach to ensure consistent functionality across varied environments. To leverage the full potential of containerization, Azure presents an array of services and tools tailored to meet diverse needs. This article aims to dissect and compare three prominent Azure services: Azure Container Instances (ACI), Azure Kubernetes Service (AKS), and Azure Container Apps (ACA). We will delve into the distinct features, advantages, and ideal scenarios for each service, providing an analysis of their capabilities and applications.
Most developers are familiar with the OWASP Top 10 that describes the most critical risks to web applications. OWASP also produce a lesser known artefact called the OWASP Top 10 CI/CD Security Risks that describes risks that modern build and deployment systems face that is essential reading for all development teams.