Industry

F&B

Technology

Amazon EKS
Amazon ELB
Amazon RDS
Amazon EBS
Amazon S3

OVERVIEW

Sabeco is a Vietnamese beverage manufacturing company, with the full name of Saigon Beer-Alcohol-Beverage Corporation (SABECO). It is one of the largest companies in the fast-moving consumer goods sector in Vietnam. Several of SABECO’s beer and soft drink brands count among Vietnam’s most popular and well-known drinks.

KEY CHALLENGES

Similar to many companies in the manufacturing and services industry everywhere in the world, Sabeco is experiencing the push for digitalization and the need to respond even more quickly to new requirements and changing market situations. The existing network and infrastructure were running on the local data center server environment. This system was facing limitations, especially on scalability as Sabeco planned to introduce new services and expected the need for higher performance. In addition, it was challenging to monitor the configurations and the overall status of the system.

Sabeco’s main goals are achieving stability and high performance for all their services. Any unstable or low performing service would be a high risk for the company’s business-critical systems. Further, Sabeco puts a high value on the security of the whole system and efficient networking architecture with a well-documented configuration. Having up-to-date managed backups of the whole system is also essential. Finally, the cost and optimal sizing of the infrastructure is important.

As their trusted long-standing software partner SmartLog advised Sabeco to approach a cloud and hosting specialist company, Sabeco requested solutions from multiple providers. Renova Cloud presented a detailed plan of migration and implementation using AWS services.

SOLUTION

Renova Cloud analyzed the challenges faced by Sabeco and provided the plan, including special attention to the priorities highlighted by the customer. A full architecture on AWS was presented along with the details of each service used, and the software provider SmartLog was involved from the start to support Sabeco with their applications. Specific priority was given to performance, stability, network configuration, security, backups management, and container deployment.

The solution is centered around a Kubernetes cluster running on EKS (Elastic Kubernetes Service), a managed service by AWS. The Docker containers running all Sabeco applications are deployed to the managed Kubernetes service running load balanced (AWS ELB – Elastic Load Balancer) in multiple availability zones on AWS Singapore region, consisting multiple large nodes and ensuring the best performance with high stability and availability as guaranteed by AWS-backed SLA for EKS service.

The data layer of Sabeco applications uses a MySQL database for storage. For the highest reliability, availability and convenience of maintenance, and RDS instance using MySQL engine was set up with Multi-AZ configuration that ensures the high availability (HA) of Sabeco’s solution.

Highest security standards were followed and the networking rules for the EKS and RDS were fine-tuned including setting the security groups rules as strict as possible and providing the least privilege necessary for each IAM User allowed to access the AWS account. The Web Application Firewall (WAF) was set up with the rule sets to protect the applications from the most common vulnerabilities.

For the best monitoring experience and to enhance visibility into the system, CloudWatch was set up to track the metrics and alarms from instances and display the business-relevant information in easy to use dashboards. CloudTrail was enabled to provide a track record of all actions taken in AWS.

Backups management is essential for Sabeco to secure their data and make sure that they can recover from any possible incidents. For the data volumes of EKS cluster, this can be managed under EC2 service EBS Lifecycle Manager, where a Snapshot Lifecycle Policy was created to manage backups. In the case of MySQL database, RDS backups policy was enabled to ensure the ability to utilize the point-in-time-restore feature if necessary. For additional security, Lambda functions were configured to copy certain snapshots to S3 low-cost durable storage.

Reviewing the costs and optimizing the sizing and usage of all resources was done to complete the implementation and also as an ongoing process after delivery, to match the AWS services used to the actual business needs of Sabeco. In particular, Renova Cloud was able to identify over-provisioning of EC2 compute instances, EBS volume Provisioned IOPS and RDS instances, and support Sabeco with the guidance to achieve right-sizing for all their services needs. To ensure that there would be no surprises related to cost even after handover the project, Billing Alerts were set to send a notification to Sabeco admin as soon as specified cost thresholds are exceeded.

BENEFITS

Having migrated to AWS, Sabeco is capable of quickly responding to increased traffic and services’ usage when necessary, making running marketing campaigns and launching new features less risky. The ability to manage all configurations related to security in one platform makes it easier to gain an overview of any potential threats to the system. Centrally managed backups allow the ability to restore the services to any point of time if this becomes necessary. Having all the resources monitored in detail under the same dashboards and log insights in CloudWatch has given Sabeco the ability to detect issues before they would affect the user experience.

Running the services in managed EKS Kubernetes cluster and the database in managed RDS for MySQL significantly reduces the maintenance and administration overhead. The reduced number of incidents and the faster response times have further reduced the workload. This allows Sabeco to focus on activities that add value to the business. Finally, as both EKS and RDS are actively maintained platforms, upgrading to a new version to use more features is a simple process.