Kargo360– Modernize E2E Air Cargo Platform into Microservices & Build the industry best security Practices on AWS
Challenges:Kargo360 is expanding their existing Recruitment & Proctoring platform globally. They have several offering to meet client requirements, Resume Screening, Assessments, Proctoring, Results Analysis and Analytics. Kargo360 partnered with Kube8Cloud to Re-Architect, Re-Platform, Migrate and Deploy their GDPR complaint applications and databases on AWS.
The existing Applications were Monolithic with most of the Application code and database components hosted on VMs. As part of migration and modernization, Kube8Cloud recommended the Kargo360 team to Re-Architect, Replatform, then migrate their applications, databases and help them deploy the application adhering to all GDPR standards which was one if their primary asks due to compliance requirements.
Key goals of the new architecture for Application & Database:
- Build highly scalable Frontend and Backend
- Adopt Microservices Architecture
- Up to 99% SLA on database uptime
- Encrypt data in transit and at rest
- Want to get rid IT of the overhead of managing databases
- DevOps for faster deployment
- Automated Patching and upgrades.
Kube8Cloud Solution:
Kube8Cloud & Ambition hire had several brain stroming sessions and deepdive sessions to understand As-Is application Architecture. We have agreed to host the microservices in AWS EKS, as it is quick to adopt. EKS provides native integration with AWS Services and easy to implement IAM Policies for RBAC. AWS RDS for MySQL was used for the Database. The high level architecture and implementation is as follows:
- Create VPC for all the AWS Resources
- Create EKS Cluster
- Define Tasks for each Microservices
- Enable CloudWatch Monitoring
- Create Amazon RDS Database
- Configured Multi-AZ for High Availability
- Encrypted Data at Rest using AWS CMK
- Encrypted Data in Transit by using SSL
- AWS CodeBuild, CodePipeline and CodeDeploy for DevOps
- Create CI/CD DevOps Pipeline
- Migrated using Backup and Restore Approach
- Enabled Automated Snapshots with 15 days retention
- Chosen Maintenance Window for automated Patching and upgrades
Business Impact:
- Highly Scalable front-end & back-end
- Enhanced Database Security
- Reduced the burden of managing the databases
- Achieved 99.99 % availability of databases
- Redesigned the architecture helped the team to handle the peak load without any timeout errors
AWS services leveraged in this deployment:
- AWS EKS
- AWS RDS MySQL
- AWS RDS DocumentDB
- KMS
- Trusted Advisor
- AWS WAF
- AWS Shield Advanced
- AWS IAM
- AWS S3
- Application and Network Load Balancer
- VPC Private endpoints
- AWS Certificate manager for SSL certificates
- CloudTrail
- AWS Lambda
- API Gateway
- AWS CloudFormation
- CloudWatch
