Building a solid foundation with serverless Kubernetes and infrastructure as code

Project

Archive reached out to mkdev before the main product became available to the general public. From the start, it was clear, that the business will grow a lot, and this growth needs to be met by the underlying cloud infrastructure. Anticipating this growth, Archive required mkdev’s assistance to review the existing environment and set it on the right path to high availability and scalability. What started as an audit evolved into an implementation of the infrastructure roadmap built by mkdev experts.

Challenge

In a true startup spirit, the engineering team of Archive consists of developers, who are excellent at building the product at speed but lack deep knowledge of the DevOps and Cloud Infrastructure. Some of the initial decisions around AWS infrastructure led to a high-maintenance system, working on which consumed a significant amount of time for the most senior developers.

It became clear to mkdev team, that, going forward, every improvement to the infrastructure needs to be easy to build and require as low maintenance as possible, so that the Archive developers can focus on the product.

Solution

During the audit, mkdev found a number of low-hanging fruits, some typical mistakes, and misconfigurations around AWS accounts. Those mistakes are obvious to experienced cloud engineers but are often overlooked during the quick development lifecycle of a new product.

We helped the team to streamline the configuration of AWS resources and re-structure AWS accounts to follow best practices in terms of security and operations. But while it’s easy to overwhelm the customer with a huge list of minor fixes and call it a day, we at mkdev focus on bigger conceptual problems of the environment. We discovered two of those at Archive.

Our first focus was to make sure that infrastructure is fully managed as code, with Terraform. As it often happens, existing infrastructure was set up and configured manually, via AWS Console. mkdev consultants outlined and then executed a roadmap for migrating existing resources to Terraform code, without any impact on existing workloads. As part of this roadmap, we’ve handed over a complete set of practices on how to structure and deploy infrastructure code.

Fully understanding that infrastructure as code is a new practice for developers to adopt, we made sure to bring the internal team up to speed as quickly as possible, by providing them intensive hands-on training, reviewing the code, and answering any questions. By the end of the project, Archive team was able to manage complete AWS infrastructure on their own, primarily via Terraform. It is important for us that once our expert team leaves the project, the internal team is able to support and extend the solution we built.

The second big area we focused on was simplifying the application runtime of Archive. Initially, the team picked Kubernetes, with AWS EKS, as a way to run all applications. At mkdev, we know that Kubernetes is a powerful and complex system, that has many correct use cases — we helped some of the biggest companies in the world to run Kubernetes clusters at a huge scale. But Kubernetes is not always the simplest solution.

It quickly became clear to us, that in order to keep the development velocity high and infrastructure maintenance low, Archive required drastic simplification of the Kubernetes setup. What matters to developers is the deployment primitives and APIs that Kubernetes provides. What matters way less is capacity management, security hardening, patch management, load balancer scaling, and all the other things.

We like to make one big decision that removes many the need to make a lot of smaller decisions. In this case, this decision was to embrace the serverless Kubernetes offering of AWS called AWS EKS Fargate. Fargate completely removes node management from the picture and allows developers to focus on shipping their code, while still benefiting from many of the great APIs Kubernetes has to offer. In the same spirit, we overhauled the Ingress approach to be based on a cloud-based load balancer and cloud-native networking, thus fully benefitting from what AWS has to offer.

With the now bigger number of developers, infrastructure as code practices and much simpler, easier to maintain container runtime, Archive now has a solid cloud infrastructure foundation to build upon and scale as the product becomes more and more used. Thanks to the training and hands-on support from the mkdev team, Archive developers are now able to extend this infrastructure on their own, as well as quickly bring new applications and components without sacrificing the scalability and security of the underlying platform.

Conclusion

At mkdev, we are happy to help our customers with building and running Kubernetes clusters at any scale and in any cloud. Kubernetes’ core value is often confused to be its scheduler or the way it bins packs containers on the host.

For us, the main value of Kubernetes is the standards it brings around application deployment and configuration, service discovery, and APIs that allow building higher-level abstractions for cloud-native infrastructure. Underlying Kubernetes nodes are rather an unfortunate implementation detail.

In Archive’s case embracing the native capabilities of the cloud provider completely removed this implementation detail from the day-to-day business and accommodated future extension of the product while keeping the development team lean and focused.

Do you also realize that your infrastructure could use an improvement and your team could use more free engineering space? Give us a call and we'll discuss it!