Migrate to AWS with EKS: Apodis case study
At Technofy, we're delighted to share with you the case of Apodis' migration to AWS. This article outlines the challenges they faced and the solutions we proposed as a trusted partner to ensure a smooth and efficient migration to AWS.
Apodis Pharma is a company that offers pharmacists a digital interface tool between pharmacies and healthcare partners. To meet their goals of modernizing their development practices and making their services available, our mission was to assist them in migrating to the AWS cloud, specifically to the Elastic Kubernetes Services (EKS) solution.
Until now, when deploying on public cloud, managing and making their services available posed resilience and availability issues. Additionally, using a monolithic deployment of their applications made it increasingly difficult to manage and maintain a viable environment. Finally, ensuring the interconnection of services became a compatibility nightmare.
- Building a resilient and highly available cloud architecture.
- Migrating services to the EKS solution and guiding the client team in adopting this new technology.
- Migrating the database to AWS solutions.
- Establishing CI/CD workflows.
- Abstracting Kubernetes complexity as much as possible to simplify team roles and access to necessary resources.
- Managing all infrastructure using Infrastructure-as-Code (Terraform).
- Guiding the Apodis teams through the transition, including learning Kubernetes, Terraform, and the AWS ecosystem.
- Implementing best practices in AWS, DevOps, and security.
- Cost management: ensuring an efficient infrastructure.
1. Study and design of a target architecture
The architecture presented below serves two major objectives:
- Separation of concerns: Encapsulation in logical management units (workloads and shared services) enables both limited and sufficient access to resources. What's more, managing the workload "staging" as an independent unit means that this environment can be "switched on" and "switched off" on demand, thereby controlling costs.
- The use of selected and targeted tools such as GIT® for code management, Jenkins® for application build and ArgoCD® for deployment offers simplicity, but also abstracts some of the complexity of Kubernetes for development teams who can use the graphical interfaces of Jenkins and ArgoCD to debug and deploy without needing to access the EKS cluster directly.
2. Build of the infrastructure and migration to AWS in several stages
- Setup of the IAC with the Terraform tool: The infrastructure is managed entirely from Terraform code. This stage was carried out in two phases, the first concerning the shared administration environment and the development environment. Once the tests had been completed, a second phase targeted the staging and production environments.
The staging environment is deployed and then shut down on demand, in isolation from the production environment. This division into two phases serves several purposes: the gradual build-up of the teams' skills via frequent and regular handovers, and the validation and testing of the architecture and solutions on the development environment before the production environment is installed.
- Creation of the organization and installation of the SSO for secure access in line with best practice.
- Creation of the shared environment, grouping together the AWS applications used by all the accounts. This shared services approach offers a number of advantages, including cost optimization, simplified maintenance and monitoring, and the separation of service provisioning (client applications) from management, build and deployment.
- Implementation of the CI/CD tools Jenkins (build) and ArgoCD (deployment).
- Creation of the "Development" environment and assistance with the deployment of customer applications.
- Creation of the "staging" and "production" environments
The following technologies were used during the migration to AWS:
- AWS Single Sign-On (AWS SSO) simplifies user access to multiple AWS accounts and business applications with a single set of credentials, improving security and management efficiency.
- Amazon Elastic Kubernetes Service (EKS): used to manage and centralize the deployment of containerized applications.
- Amazon Relational Database Service (RDS): used to host and manage relational databases in the cloud.
- Amazon CloudWatch: used to monitor and manage AWS resources and applications.
- AWS Identity and Access Management (IAM): used to manage access to AWS services and resources.
- Amazon DMS: Database Migration Service used to migrate databases from legacy cloud provider to AWS RDS.
- Amazon ECR: Elastic Container Registry used to store, manage and deploy Docker container images.
- Amazon KMS: Key Management Service used to create keys and control data encryption.
- Terraform: Open source infrastructure as a software code tool used to create, modify and version infrastructure - IAC (Infrastructure As Code).
The migration to AWS for the development environment is currently being tested. The expected results are as follows:
- Improved availability and uptime for the company's services
- Increased scalability and flexibility to meet changing business needs via Kubernetes deployments in the form of chart helm or yaml deployment files
- Enhanced security and strict access control for sensitive data
- Improved monitoring and management of AWS resources and applications
- Easier infrastructure management: version control and automated deployment
- Avoid the complexity associated with using Kubernetes by exposing graphical interfaces for deploying and building applications.
In conclusion, the migration to AWS supports Apodis' growth by enabling it to rely on a resilient and highly available infrastructure. Furthermore, by managing the code using the Terraform tool, they can effectively manage the resources and costs associated with this migration to AWS.
The AWS EKS solution, backed up by the Jenkins and ArgoCD tools, guarantees the teams the availability and maintenance of the Kubernetes environment. Finally, the automation of the build and deployment stages via the Jenkins and ArgoCD tools means that the technical teams can concentrate on the tasks that require the most attention, such as the development of new features for Apodis customers.