Microsoft workloads migration on AWS
Nkid Group is running a number of Microsoft workloads in various environments including on-premises, local data center in Vietnam, Microsoft Azure and AWS.
With more than 44 TiniWorld Centers, 35 TiNiStore shops as well as 2079 retail shops serving 8 million customers all over Vietnam. The group is on a continuous expansion with opening of new centers and shops to serve customers all over the country.
Nkid Group is running a number of Microsoft workloads in various environments including on-premises, local data center in Vietnam, Microsoft Azure and AWS. Recently, Nkid see the need to move more workloads to AWS to utilize the benefits of AWS’s scalability, service integration and stability. A high priority were two .NET Core 2.2 web applications running on Windows Server 2016 with a Microsoft SQL Server 2016 Standard database. These two web applications, one of which also includes a reporting server, are all running in 2 standard Windows virtual machines with manually set up IIS web server.
Nkid needed the following:
– Migration Web server and Database server to AWS Cloud platform
– Monitoring and quick response to issues on Production
– Easy administration and maintenance of resources (should not have to remote to Windows Server and configure IIS web server)
– Leverage AWS services for full digital and online services, remote and automation, services monitoring and notification
– Auto scaling and elasticity to scale according to demand
– Infrastructure costs optimization
These needs should be covered by a service that supports auto scaling and allows customer to manage servers from the UI (AWS Console) with a good support for Microsoft – Windows Server and IIS.
Renova Cloud migrated Nkid Group’s workloads to EC2 for Microsoft Windows Server environment where the resources are provisioned by Elastic Beanstalk managed platform .NET on Windows. In this managed platform, IIS web server is configured to run the .NET Core apps using deployment manifest.
The solution runs Elastic Beanstalk with a CloudFormation template that can be automatically updated using a CI/CD workflow from 3rd party platform Travis CI. Elastic Beanstalk is set to auto-scale in to 1 instance outside operational hours and out up to 8 instances during times of high traffic. For new instances, Microsoft PowerShell script is implemented to adjust certain app pool settings in IIS, and to download certain files required by the app from a private S3 bucket. CloudWatch logs are used for all logging purposes, and metrics and alarms are applied to alert on the health of the solution.
Both Elastic Beanstalk apps EC2 instances and the separately deployed RDS for MS SQL Server are located in private subnets with security group rules restricting inbound traffic, while NAT Gateway and a bastion host in the same VPC are facilitating outgoing connections to internet and remote connections. The public-facing front of web apps are Application Load Balancer which also handles routing the traffic to EC2 instances. Route 53 is used to associate custom domain DNS to the load balancer, and ACM for applying the SSL certificate in ALB so that the sites are accessible only through secure HTTPS protocol. The Web Application Firewall (WAF) was setup in front of ALB and geo-blocking rules were applied.
Renova Cloud supported to modify app code and configuration to ensure functioning in auto scaling environment. This is necessary so that the app is not dependent on locally stored state in the hosting instance. In particular, the target of Nlog .NET logging framework was changed to store application logs in CloudWatch, instead of saving into the local file system of the Windows Server instance.
Highlights of the solution:
Elastic Beanstalk for both .NET Core workloads
Using managed platform: .NET on Windows Server
Advantages of Elastic Beanstalk
Managed platform which is pre-configured to run .NET Core
Load balancing and auto scaling support
Monitoring UI from AWS Console
Ease of use for Nkid
RDS with MS SQL Server Standard
Using RDS, database is managed and stable with backups, resilience
S3, EBS snapshots and RDS snapshot copy for backups
CloudWatch for monitoring and logging, event sourcing/scheduling
Lambda functions for scheduling, event bus with EventBridge
VPC services; VPN connections and NAT Gateway
The solution brings many benefits to Nkid Group. The right-sizing that is achieved due to better monitoring of the system and the combination of scheduled and dynamic auto scaling of the environments, answers two key business needs: firstly the system is capable of responding to highly variable and increasing traffic in a short time, allowing it to perform well and keeping end user experience excellent; secondly eliminating the waste of having to oversize instances, as the system can be scaled in to minimal number of instances during times of low traffic and outside operational hours. Cost optimization is one of the major benefits. The unified monitoring experience in CloudWatch allows Nkid to have a real-time overview of the system and respond quickly to any issues experienced.
The automation includig all the scripts, yaml files, CloudFormation templates and deployment manifests documented by Renova Cloud provides Nkid the means to fully understand the apps and the system. With this Infrastructure as Code (IaC) approach, everything in the system becomes reproducible. If an instance experiences a problem, it can be stopped or terminated, and new instance automatically set up. No manual access to IIS web server or app’s physical file system in the Windows Server instance is required. Troubleshooting can be done with CloudWatch Logs, instead of having to remote desktop into the hosting instance to analyze the app’s status and download logs. This significantly reduces the admin and operations workload and allows the team to focus on other tasks.
Renova Cloud’s solution leveraging Elastic Beanstalk .NET on Windows platform, RDS for SQL Server, and other AWS services is architected with the highest security, but without compromising the operational excellence or the cost effectiveness. The potential attack surface is minimized through the proper use of VPC, private subnets, security groups and WAF rules. As such, Nkid can be assured of the security.`
AWS Immersion Day với N GroupThe goal of this educational workshop was to empower N Group's IT team and leadership to confidently use the AWS platform for their benefit, and unlock new business opportunitiesRead more>
AWS - Serverless application implementationTadiran is a leading technical and electrical appliances manufacturer company. Some of the company’s more famous product lines include batteries and air conditioners. Read more>
Scratchpay - Financial servicesScratchpay is a financial service provided by Scratch Financial, Inc. hosting their workloads on Google Cloud Platform (GCP) Public Cloud infrastructure.Read more>
UAB - Connect. Create. Change.
UAB BANK CLOUD NATIVE APPSAs a part of the modernisation and digitalisation strategy, UAB is expanding its services to build mobile apps for payment and e-Wallet purposes to serve the growing Myanmar consumer banking marketRead more>
YOMA STRATEGIC HOLDINGS - HÀNH TRÌNH DỊCH CHUYỂN & DỊCH VỤ QUẢN LÝ HẠ TẦNGThe increasing demand for Yoma’s applications and business across different verticals requires to have a digital transformation journey with an effective migration to the cloud.Read more>
Nkid’s journey to the CloudNkid Group is running a number of Microsoft workloads in various environments including on-premises, local data center in Vietnam, Microsoft Azure and AWS.Read more>
DỊCH CHUYỂN & CI/CDAQUA is able to improve operations as result of the migration and CI/CD on AWS as well as able to release new features faster with minimal time and disruption to the end users.Read more>
Kymdan- Hành trình dịch chuyển Microsoft workloads lên AWSAutomate the processes on AWS and create an environment to test new features to support the Development & QA team to deliver jobs faster, automated and without a deep level of experience and skills on AWS.Read more>
SOVIGAZ HÀNH TRÌNH DỊCH CHUYỂN SANG AWSThe agility of the new infrastructure help Sovigaz to relieve the burden of on premise infrastructure management and limitations as well as access to advanced services offered on AWS platform. Read more>
NAVIGOS GROUP VỚI HÀNH TRÌNH DỊCH CHUYỂN & SAO LƯUAs part of the company commitment to it’s customers, it is essential to secure a robust disaster recovery process. Navigos’ application requires to have a fast and effective reaction in the disaster recovery scenarios.Read more>
KAOPIZ SOFTWARE TỰ ĐỘNG HÓA & CI/CDAutomate the processes on AWS and create an environment to test new features to support the Development & QA team to deliver jobs faster, automated and without a deep level of experience and skills on AWS.Read more>
SABECO - DỊCH CHUYỂN VÀ TỐI ƯU HÓA KIẾN TRÚC HẠ TẦNGHaving migrated to AWS, Sabeco is capable of quickly responding to increased traffic and services’ usage when necessary, making running marketing campaigns and launching new features less risky.Read more>