1001010110101010
Thank you! Our team will contact you soon
Migrate to AWS
contact us

AWS Fargate: From Start to DevOps

Summary
Zidyia is a skill-based learning approach offering continuous skill development through accredited content & lifetime credential storage in addition to integrating some AI tools that improve learning outcomes and reduce teacher workload with artificial intelligence technology while offering businesses the solution of employee engagement through an easy to use learning platform.

Ability to Run Anywhere:

Zidyia’s team decided to create a tailored made chatting service to meet the exact requirements needed for their LMS system while providing their clients with a highly available and secured chatting system with almost zero downtime in a very short period of time. Zidyia’s team approached Zero and One, a Premier AWS Partner to find a fast solution that will meet their client’s expectations. Zero and One team noticed the urgency of putting this system in production while taking into consideration the proper technology needed to develop it and have decided to build it in a dockerized environment.

Test, Roll Back and Deploy:

Ever since this project has started, our team of experts designed and constructed the Development, Staging, and Production environments following DevOps best practice when it comes to deployment, infrastructure provisioning, security, and monitoring. During this case study, we will go through each and every AWS service that was leveraged to build a robust infrastructure such as Amazon ECS on AWS Fargate, CI/CD Pipeline with Github, AWS CodePipeline, AWS CodeBuild, AWS CodeDeploy, AWS CloudFormation, and many other services that we will discuss later in this article. Together, these services help you securely store, and version control your application source code and automatically build, test, and deploy your application to AWS.

Let’s first provide you with a brief summary of this containerized application and how does is it work behind the scenes. First of all, the application is built on top of NodeJS (Typescript) using SocketIO library to create real-time communication across different clients. User will request a ConnectionId to share it with other User or Users, so they can join it and start the real-time communication. All messages will then be saved to DynamoDB in real-time by referencing the ConnectionId attribute. To avoid DynamoDB throttling and to ensure that all messages are sent and received to the client as soon as possible, all messages will be sent to an Amazon SQS queue which will get consumed by the same application to insert messages in the messages in DynamoDB.

To start with, instead of manually creating all the services that we have mentioned above, our DevOps team has configured the CloudFormation templates to automate all the provisioning for us while using code reviews and revision controls to review template changes and keep an accurate history of the running resources. AWS CloudFormation is a great tool that actually provides several benefits throughout the development life cycle and building services throughout the project cloud journey.

aws zidyia case study solution

We will now go through the provisioning process of the Zidyia Chat Service and explain how Zero and One team created a fully functional production environment with the help of the CloudFormation Nested Stacks where we can link templates together to achieve a successful Dockerized deployment with minimal efforts. The first stack will be responsible for getting user inputs such as the GitHub repository, branch, and credentials via the CloudFormation parameters option that will get referenced in all our nested stacks in addition to creating the Chat Service VPC, and AWS CodePipeline throughout the CI/CD process. During the stack creation, our CodePipeline template will compress and store all the required Python scripts and nested stack templates in an S3 bucket and use it during the build, and deployment stages. This type of configuration allows multiple source actions in a single pipeline where any change in either source will trigger a pipeline execution.

The first stage of the pipeline will fetch the latest Git version of the Dockerized application from GitHub and execute the build stage. Now that the source stage of CodePipeline has our latest Git version, AWS CodeBuild is now ready to start the build tasks that will first build our docker image, and automatically scan it for known vulnerabilities as well as the severity of the outdated libraries or CVE records right after pushing it to Amazon ECR. This build method will automatically scan the docker image for known vulnerabilities so as soon as we push the build, Amazon ECR will return all the discovered vulnerabilities as well as the severity of the outdated libraries or CVE records. Now, what if a high or medium risk vulnerability was found? In this case, a bash script will get executed in the buildspec.yaml file to check for high and medium severity vulnerabilities and fail the build automatically in the event of discovering a security threat preventing the pipeline from starting the deployment stage.

After successfully completing the initial build, a second build is also triggered to make sure that the Application Load Balancer exists, and outputs an artifact file containing the corresponding tags of the production and testing target group to identify which of them is in the production state. At this stage, the docker image has been built, pushed to Amazon ECR, and scanned for any potential vulnerabilities. Now it is time to deploy and test in production using AWS CodeDeploy.

DevOps Engineers at Zero and One have decided to deploy new releases using the Blue/Green deployment method which is a technique that reduces downtime and risk by running two identical production environments called Blue and Green. So, at any time either of those two environments will be in the production mode and then get shifted into a testing state upon releasing new features. In order to achieve this deployment method, we have automated the AWS CodeDeploy provisioning in CloudFormation which will get the tags generated from the previous build stage, identify which of the ECS services is in the production mode and create a new task definition with the latest docker image tag ID to the testing service inside the ECS cluster. Following this step, the new task definition will get attached to the testing target group on port 8080 and removes the older task accordingly. By following this method, the QA team is now able to test new features leaving the production environment untouched. Once all the testing scenarios are cleared and complete, our Lead DevOps Engineer will approve the swapping phase that will get executed by a Lambda function written in Python.

In order to make sure that the production release is functioning as expected even after shifting traffic to the production environment, our team of experts configured CloudWatch alarms that will monitor the status of the running services and notify them in the event of system failure to take actions on the spot.

In conclusion:

Now the company can guarantee that all of their services remain up and running, providing a great user experience for their customers. This solution helped Zidyia’s chat service achieve a highly available, scalable, and secured containerized application by providing it more consistency, and mobility using modern DevOps tools such as Git, AWS CodePipeline, and AWS CloudWatch. Zidyia’s team was so excited to witness smooth provisioning of their infrastructure in multiple accounts and regions with just a couple of clicks in addition to achieving a smooth deployment strategy for their chatting service which guarantees almost zero downtime within seconds. Zidyia currently has more than 5000 chat rooms running to help users communicate with each other and is ready to scale even to millions of chat rooms without affecting the user experience in any negative way.

About Zero&One

Zero&One is a leading Premier AWS Consulting Partners in MENA region with a vision to empower businesses of all scales in their cloud adoption journey. We specialize in AWS services like DevOps, application modernization, cloud migration and serverless computing. We currently operate from our offices in Lebanon, UAE, and Saudi with 100+ certifications in our hands and serve 50+ happy customers across the region.

01
Contact Us

We'd like to hear from you

Copyright © 2022 Zero&One. All rights reserved - Privacy Policy .
Protect yourself and others from the covid-19 pandemic. Learn more