How one Global Healthcare was able to increase the speed of innovation and go to market with DevOps adoption
How one Global Healthcare was able to increase the speed of innovation and go to market with DevOps adoption
The Customer
A healthcare and nursing resources argumentation portal that provides professionals to connect with and be recruited by global healthcare organizations. It is a privately held company. It is in a regulated industry has implemented secure data policies and has achieved ISO-9001:2015 certification and complies with HIPAA and GDPR regulations.
The Challenge
It is a start-up in the healthcare industry, and, in the midst of current challenges, is working within tight budgetary constraints. However, the need to constantly innovate, bring better features, and constantly be one step ahead of competition meant that the platform had to have the ability to rapidly test, deploy and scale. It is also essential that the platform be highly available, fault tolerant and secure. In the times of Covid-19, It had to have a system of people working from different places, but at the same time, have a secure development environment.
The Solution
It's transition to the cloud started by a comprehensive analysis of their existing infrastructure, applications and integrations. Its management was able to drive and create an unfired, but multifunctional team to be in charge of the modernization project. A resilient, highly available and auto-scalable infrastructure with CI/CD integration was implemented. We provided them with the necessary hand holding in terms of transitioning to a DevOps model for the company. The implemented architecture included a production environment well as staging and development environment with pipelines doing automated deployments.
The most important component of the workload is Amazon Workspaces for Its developers. Its development team selected AWS Workspaces for their everyday operations in order to provide developers with a safe, secure, and robust environment in which to build a code base for glonur.com. This helps the management in keeping tight controls on data and other proprietary information, as mandated by various compliance regimes. The workspaces are only accessible from specific static public IP addresses. Traffic to restricted number of ports is permitted from whitelisted IP addresses, ensuring that malicious or unwanted traffic is restricted. AWS services such as Code Commit and S3 are connected with Interface endpoints that are attached to workspace subnets. The traffic to these services is internal to the AWS network and data is fully encrypted at rest and in transit.
CI/CD
A cloud native development model was attained with the transitioning to the AWS cloud. A DevOps culture was created and encouraged within the organization by key stakeholders. Prior to the move to the cloud, code was manually deployed to servers, and this meant a lot of effort, delays, and downtime while building, testing, and deploying code on separate servers. Now, using the Amazon CI/CD tools, its developers push their code to a single repository with Development and Production branches. User actions in AWS Code Commit repository is controlled with IAM policies. Depending on the developer's role, they are given various degrees of access through fine-grained IAM policies attached to the IAM user. Code Pipeline is used for continuous deployment of applications; there are various phases inside the pipeline such as Staging, Approvals, and Deployments. This helps in automating the deployment and in updates of applications and infrastructure. Approvals are used to streamline the workflow from one stage to another. Developers use AWS Code Deploy to deploy changed code initially to the staging environment. Deployment strategy used in staging environment is In-Place deployment. In the Production environment, Blue-Green deployment strategy is used.
The Result
After the successful migration of its infrastructure and applications to the AWS, and by adapting the DevOps best practices, the Its team achieved many benefits like
- Automated CICD Pipelines with approval mechanism.
- Elasticity / High availability/Reliability of application.
- Granular role-based access control.
- Security automation for application protection.
- Cost effective, pay-as-you-go billing.
- Audit/accountability of infrastructure and configuration.
- Zero downtime deployments.
- Continuous monitoring and alarms.
- Reduced RTO with multiple backup options.
- Multiple layers of security for managing access.
Technologies and Services Used
- AWS RDS MySQL
- Amazon EC2
- Amazon Workspaces
- NAT Gateways
- Amazon S3
- AWS Code Pipeline
- AWS Code Deploy
- Auto Scaling Groups
- Application Load Balancers
- AWS Certificates Manager
- AWS Systems Manager
- Amazon Route53