AWS Infrastructure / Migration

Case Study:
Setting up a Kubernetes Cluster on EC2 Instances using Ansible and Terraform

Introduction:
The client wanted to set up a highly available and scalable Kubernetes cluster in AWS EC2 instances for their production applications. The cluster was to include several components, such as etcd, Calico, Helm, Istio, NetApp NFS, Prometheus and Grafans for cluster monitoring, ElasticSearch, Logstash, and Kibana (ELK) for cluster logging. The client also wanted to secure the cluster through DEX and Gangway components and RBAC.

Solution:
To fulfill the client’s requirements, the following solution was implemented:

1. Terraform was used to set up the AWS infrastructure for the cluster. This ensured that the infrastructure was easily manageable, version controlled, and repeatable.
2. Ansible playbooks were created to automatically set up the Kubernetes cluster and install other components in the cluster. This allowed for easy and efficient management of the cluster components.
3. The cluster was set up with multiple master nodes to ensure high availability and scalability.
4. DEX and Gangway components and RBAC were used for cluster security, including authentication and authorization.
5. A CI/CD pipeline was implemented through Jenkins, allowing for efficient and streamlined deployment of applications.

Conclusion:
The Kubernetes cluster set up on EC2 instances using Ansible and Terraform met the client’s requirements and provided a highly available, scalable, and secure solution for their production applications. The use of Terraform and Ansible ensured that the infrastructure and components were easily manageable, and the CI/CD pipeline through Jenkins provided efficient deployment capabilities.

Case Study:
Modernizing Customer’s AWS Infrastructure with Eurus Consulting Services

Introduction:
Optimisers was engaged by a customer to modernize their AWS infrastructure. The initial phase of the project was focused on four key areas: integrating a Security Information and Event Management (SIEM) solution, evaluating and integrating a single-sign-on solution, moving from IAM users to IAM roles, and integrating OpenVPN with SSO if the chosen SSO solution had a LDAP/Active Directory endpoint.

Solution:
The following steps were taken to modernize the customer’s AWS infrastructure:
Integrating a Security Information and Event Management (SIEM) Solution:

The customer had two options to choose from: Option A) AWS Security Solutions (AWS GuardDuty, AWS Inspector, and AWS Security Hub) or Option B) AlertLogic SIEM Solution. The customer chose Option A and Optimisers integrated the AWS security solutions to provide comprehensive security visibility and protection for the customer’s AWS environment.

Evaluate and Integrate a Single-Sign On Solution:
Optimisers evaluated the customer’s requirements and recommended Okta or AWS SSO. The customer chose AWS SSO and Eurus integrated it with the customer’s AWS Console Login, providing a streamlined and secure login experience.

Move from IAM Users to IAM Roles:

1. Optimisers helped the customer move from IAM users to IAM roles for automated AWS API access. This provided enhanced security and management of AWS API access.
2. Integrating OpenVPN with SSO:
3. Optimisers integrated OpenVPN with SSO to provide secure access to the customer’s AWS resources.
4. After the initial phase, Optimisers worked with the customer to prioritize and plan other items from their DevOps backlog. This included advising on the current architecture and ongoing migration from EC2-based services to Lambda and helping with the adoption of App sync and Cognito.

We also carried out a Well-Architected Review on the customer’s AWS infrastructure, providing best practices and recommendations to improve the architecture, security, and reliability of the customer’s AWS environment.

Conclusion:
The modernizing project was a success and the customer was extremely satisfied with the results. The customer now had a secure and streamlined AWS infrastructure, with a comprehensive SIEM solution and single-sign-on solution, and was well on their way to adopting other AWS services to meet their business needs. Optimisers’ expertise and experience in AWS helped the customer achieve their goals and set the foundation for ongoing success.