Migrating a Large-Scale Technology to AWS: Achieving Success in Transitioning from a Different Cloud Platform
Migrating a Large-Scale Technology to AWS: Achieving Success in Transitioning from a Different Cloud Platform
REGION
United Arab Emirates
COMPANY TYPE
Internet & Technolgy
INDUSTRY
Healthcare IT
CLOUD SOLUTION
This migration will not just improve the Customer’s cloud infrastructure but also empower them with advanced security and optimized performance.
Hisham Sheikha - Senior DevOps Engineer at Bespin Global., Bespin Global
THE CUSTOMER
The Customer is a modern-day healthcare platform building software to make patients’ access to medication easy and affordable. Since its inception in 2018, the Customer employed technology to integrate healthcare players, manage a vast network of pharmacies, improve complex supply chain ops, and utilize data to overcome stockouts.
Dealing with 100,000 API requests per day, 4 million prescriptions processed, and covering 38 cities in Egypt, makes the Customer the backbone of Egypt’s healthcare, in addition to partnering with 3000 pharmacies, 200 corporates, and 15 insurance companies.
THE CHALLENGE
Although the Customer’s initial cloud environment was functional, it presented limitations as its platform matured. Managing a complex healthcare system with more than 60 CI/CD pipelines and multiple environments demanded a more efficient and scalable solution. Additionally, the Customer sought to enhance security for sensitive patient data and optimize cloud spending for long-term sustainability.
The Customer planned to migrate their microservices’ environments from their current public cloud provider to another one. This move was driven by a desire to find a cloud provider with superior capabilities in:
- Infrastructure: Gain access to a robust and scalable infrastructure.
- Security: Enhance security controls and benefit from advanced security features
- Orchestration: Improve microservices orchestration with efficient management tools.
Here’s a deeper look at the specific challenges the Customer faced:
- Security Concerns: the Customer, dealing with sensitive healthcare data, required a robust security posture. While the other cloud offered security features, the Customer needed a more comprehensive security suite.
- Time Constraints: the Customer required a rapid migration to reduce the cost of parallel run, encompassing numerous applications, microservices, and critical infrastructure components. This condensed need demanded meticulous planning and execution to ensure minimal disruption to ongoing operations.
- Reducing Management Overhead: Managing the infrastructure, caches, passwords, and many other processes was a big challenge for the Customer, as it would cost a lot of effort and time which would require additional resources in their team.
- Maintaining Compliance: Throughout the migration process, the Customer needed to adhere to strict industry regulations and compliance standards for healthcare data. This added layer of complexity required careful consideration during each step of the migration.
- Maintaining Multiple Environments: the Customer needed to create a streamlined process for deploying and maintaining multiple containerized microservices environments, ensuring consistent configuration, version control, and automated deployment.
These combined limitations spurred the Customer’s decision to choose Amazon Web Services (AWS) as the destination for their migration journey.
THE SOLUTION
The Customer partnered with Bespin to execute a meticulous migration strategy:
- GitOps for Infrastructure as Code (IaC): This methodology ensured version control, collaboration, and automated deployments, reducing errors and streamlining infrastructure management using Infrastructure as Code (IaC) principles, specifically leveraging Terraform methodology.
- AWS Control Tower Landing Zone: AWS Control Tower simplifies the management of multi-account AWS environments by automating governance with preventive and detective guardrails, standardizing security practices, and centralizing logging and monitoring. This reduces operational overhead and enhances security across all newly created the Customer’s accounts, allowing their applications teams to focus on strategic growth.
- Comprehensive Security Stack: The Customer’s leveraged a robust suite of AWS security services, including AWS Config, GuardDuty, Security Hub, CloudTrail, and Detective, to ensure comprehensive security and compliance across all environments.
- Optimized Infrastructure Design: Dedicated Virtual Private Clouds (VPCs) were established to secure each environment, isolating them, and fostering network control. Additionally, scalable Elastic Kubernetes Service (EKS) clusters were provisioned to manage containerized applications and microservices.
- Integration with AWS Services: The Customer integrated with essential AWS-managed services such as Amazon RDS, ElastiCache, Route 53, AWS Secrets Manager, Elastic Container Registry (ECR), CloudFront, Certificate Manager, and CloudWatch Container Insights. This comprehensive ecosystem provided optimal functionality and scalability for the Customer’s cloud environment, reducing the management overhead.
The migration process proposed by Bespin involved building a secure, performant, reliable, and cost-optimized AWS environment with the following components:
- Microservices on Amazon Elastic Kubernetes Service (EKS): Deploy and manage microservices in a containerized environment.
- CI/CD Pipelines: Implement automated continuous integration and continuous delivery for streamlined development workflows.
- Database: Migrate the existing database using AWS Database Migration Service (DMS) to an RDS MySQL cluster.
- Caching: Leverage AWS ElastiCache for Redis to improve application performance.
- Logging and Monitoring: Enable CloudWatch and CloudTrail for comprehensive logging and auditing.
- Security Services: Implement robust security with services like AWS Secrets Manager, Key Management Service (KMS), Web Application Firewall (WAF), GuardDuty, and Security Hub.
“This migration will not just improve the Customer’s cloud infrastructure but also empower them with advanced security and optimized performance”. By Hisham Sheikha, Senior DevOps Engineer at Bespin Global.
THE OUTCOME
Bespin and the Customer worked closely to plan a rapid migration of the Customer’s large technology infrastructure to AWS. Clear communication and careful scheduling were key to overcoming the challenges of migrating and launching each application on time.
Here are AWS Security Services suggested and applied by Bespin to secure the Customer’s environments:
- AWS Config: to monitor and manage the configurations and relationships of AWS resources ensuring compliance and best practices. AWS Config facilitates centralized logging by directing config logs from a dedicated S3 Bucket.
- Amazon GuardDuty: a threat detection service that continuously monitors AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation.
- AWS Security Hub: for monitoring the security posture of the Customer’s multiple AWS environments, offering a unified view that aligns with industry standards and best practices.
- AWS Secrets Manager: a critical service for managing sensitive information such as database credentials, API keys, and other secrets. It provides a secure hub where these secrets can be stored, accessed, and managed – including robust audit abilities.
- AWS Certificate Manager (ACM): for the Customer’s web applications, simplifying simplifies provisioning, managing, and deploying SSL/TLS certificates, which are essential for securing communications over the internet. Before the introduction of ACM, managing these certificates was a manual and often complex process for the Customer
In the broad, AWS resources such as Elastic Load Balancer and Amazon CloudFront distributions were also automated by integrating them with AWS Certificate Manager. This automation saves time but also helps avoid potential outages that might occur due to expired certificates, ensuring that secure communication is maintained consistently
RESULTS & BENEFITS
The migration to AWS yielded significant advantages for the Customer:
- Enhanced Scalability: The AWS infrastructure readily scales with the Customer’s growth, ensuring smooth handling of increased traffic.
- Improved Security: Robust security measures safeguard sensitive patient data, providing peace of mind for the Customer and their patients.
- Increased Efficiency: IaC (Infra as Code) streamlined infrastructure management, reducing manual configurations, and simplifying deployments.
- Cost Optimization: the Customer achieved cost savings by leveraging AWS’s pricing models and efficient resource utilization.
This migration is a major milestone for the Customer. They successfully moved over 60 applications, and microservices from another cloud platform to AWS. This achievement makes the Customer a leader in digital transformation within the healthcare sector.
About Bespin Global, an e& enterprise company:
An AWS Premier Tier Services Partner and AWS Managed Service Partner, BESPIN GLOBAL MEA (Middle East and Africa) is a leading provider of automated cloud solutions and consulting services, including cloud adoption, strategy, migration, implementation, Managed Services, DevOps, FinOps and Data & Analytics. Bespin is positioned as a Leader in Gartner’s 2020 Magic Quadrant for Public Cloud Infrastructure Professional and Managed Services, as well as a “Visionary” in Gartner’s 2022 Magic Quadrant for IT Transformation Services.
In late 2022, Bespin Global MEA and e& enterprise formed a joint venture with the aim to assist enterprises in their digital transformation journey and eventually become the largest pure-play public cloud-managed and professional services provider in the Middle East, Turkey, Africa, and Pakistan.
Bespin’s cloud FinOps management platform, OpsNow offers an automated end-to-end solution for customers to effectively manage cloud assets and costs, optimize cloud expenses, and automate the implementation of cloud governance policies across multi-cloud environments.
Address: The Offices 4, #138-139, One Central, Dubai World Trade Center (DWTC)
Telephone: 800 BESPIN (237746)
P.O. Box: 340729