ABOUT THE PROJECT
A Swiss-based technology company providing automated application, product, and workflow building solutions has contacted ITGix.
The client needed an end-to-end automation solution that will be used to spin up individual AWS or Azure accounts, deploy all necessary infrastructure and application services, and set up automated monitoring for all components. Additionally, all applications would be containerized and communicate with each other via REST API calls.
The biggest challenge in the project was the requirement to automate the installation, configuration, and monitoring of every single component running in the AWS/Azure account. Furthermore, our client needed to be able to spin up a multitude of individual Cloud accounts on-demand without the need for any manual configuration. Each of their sub-sequent clients would have a pair of AWS or Azure accounts, one for their Non-Production and one for their Production environments.
ITGix implemented a solution for end-to-end automation of all components. We maintained infrastructure as source code and security best practices.
→TERRAFORM MULTI-TENANT ROLE SETUP
1. Management account – stores centralized repositories and user management – Helm Chart repository, Docker Repository, LDAP, Identity Provide
2. Client accounts – setup 2 AWS or Azure accounts for Non-Prod and Prod applications. Includes EKS/AKS cluster and RDS/DB cluster
3. Helm provider integration used for automated deploy of applications in the Kubernetes cluster.
4. Automated monitoring and log aggregation setup – Prometheus-operator, OpenDistro/Elasticsearch, Kibana, Grafana
→GitLab CI/CD PIPELINES
1. Application pipelines for building and testing the latest version of the application and pushing containers to Docker registry and Helm charts to Helm repository.
2. Infrastructure and application deploy pipelines for executing Terraform in Client accounts.
Final infrastructure setup for a client looked like this:
Although there were many challenges in the goal of automating every step of the way, we managed to implement it in its entirety within the initially defined schedule. The Client is already using the automation stack to spin up multiple Cloud environments for their clients.