SysOps teams for enterprise projects of medium complexity
We can set up cloud infrastructure & optimize the resources of your project
Project of medium complexity is:
SysOps Engineer – 1.
DevOps Engineer – 1.
from 20 hours / week for each engineer.
1 cloud-based platform, consisting of 1-2 large monolithic applications and several microservices.
– QA-, Stage-, Production-environments for monolithic applications.
– QA-, Stage-, Production-environments for microservice applications.
– 3 Kubernetes clusters: QA, Stage, Production.
– 3 scaling groups for virtual machines, or 6-8 physical servers.
Building and configurating cloud solutions
We build project infrastructure based on Amazon, Azure, Google Cloud: enhance performance, reduce support costs, and automate the main project security tasks.
Setting up links with programs
We link the deployment program, configuration management and infrastructure using Kubernetes, Ansible, Terraform, and Serverless Framework tools. We provide a unified approach for the initial configuration of the client's infrastructure and its further upgrade.
Implementing Infrastructure-as-Code practice(IaC)
We automate routine tasks, reduce configuration costs, accelerate deployment and project management.
Analysing the current infrastructure, architecture, CI / CD-tools and processes
We analyze project infrastructure, implement continuous integration CI / CD tools based on GitLab CI, AWS CodePipeline, Jenkins, Nexus, Docker, and accelerate software development and delivery.
Technical Support of the Project
Support and debugging of cloud infrastructure
We analyze and reconfigure resources based on AWS Trusted Advisor, Azure Advisor services as well as improve resource allocation, reduce costs, and increase project reliability.
Analysing infrastructure for security
We analyze the infrastructure for compliance with the minimal security requirements, build additional tools into the continuous integration and delivery process - these are the utilities checking the code for vulnerabilities and eliminating security threats.
Configuring PCI DSS and SOC 2 security compliance
We use modern information security methods and reliable encryption algorithms. We configure services in accordance with security requirements: we check the infrastructure settings when it comes to personal data of cardholders who pay online.
We implement the necessary tools for backing up project resources, prepare a disaster recovery plan and ensure the availability of applications and data. We use such tools as: Bacula, Veeam, DPM, Zabbix, and Grafana.
Using monitoring tools and special scripts, we improve database performance: we accelerate processing user requests, prevent server overload and reduce the waiting time for page load.
Setting up the monitoring system
We use automated monitoring tools: Zabbix, Prometheus, Grafana, Elastic Stack, AWS CloudWatch, Azure Application Insights to identify any faults in the application and promptly respond to them.
Optimizing infrastructure costs
We analyze the resources in use by infrastructure monitoring and system analysis. If we find bottlenecks where your company could be wasting money, we introduce performance optimization processes: we transfer a part of the infrastructure to free resources, enable compression, traffic caching, etc.
We choose most convenient channels for interaction: Slack, Zoom, Skype.
We give our clients access to task managers where we display the progress on the project.
We team up with each client, sharing experience and responsibility.
With the growth of the customer base, the clients faced the increase in the number of alternative resources to be supported outside the main platform. These resources included sites on CMS Wordpress and Magento. So, there came up a need to build a fault-tolerant infrastructure with load balancing. As a result, the current Linux infrastructure had to be improved.
Using the Ansible configuration manager, we were able to develop an infrastructure consisting of a pool of nginx balancers and backend servers that receive and process the load. As a result, we collected all the settings for the Linux infrastructure in a single place, which greatly simplified the process of scaling and maintaining it. We also improved the processes of deploying new sites and eliminated the factor of human errors in configuration.
When starting to develop the project, we used the classical deployment model, with the dynamic IP address of the balancer, which could cause inconvenience to our platform users in the future.
The migration process coincided with a recent upgrade to the Azure cloud and the coming of a resource deployment model that enabled building a balancer with a static IP assigned to it and linked to our account. As a result, we migrated the existing web cluster to the resource model, successfully converting and linking to it the dynamic IP from the classical model.
When the number of domains on the project reached 4,000, we faced the problem of managing SSL certificates on Internet Information Services (IIS) web servers. Despite the complete automation of obtaining certificates for platform clients, the installation of each certificate took place on IIS on every server, causing the following problems:
– there were downtimes when certificates were installed (once a day) caused by the restart of the application after the certificate installation in IIS;
– clients had to wait for 24 hours to get their certificate installed (in order to reduce the number of downtimes, the installation took place once a day);
– there were also difficulties with horizontal scaling. When introducing a new server into the infrastructure, it was required to install all SSL certificates on it (several thousands of them).
We decided to use the nginx balancer in the Azure AKS cluster, which was configured by our separate application with the base in the etcd cluster. The flexibility of this solution allowed us to significantly speed up the process of managing the bindings of new SSL certificates, as well as launch the process of migrating the entire platform to microservices.
Our qualifications and expertise
We have been working in software development since 2006 and we know what sort of difficulties technical specialists might face in the development, delivery and operation of software. We help our clients transform creative chaos into a centralized development automation process. We provide ideological training for employees. We implement DevOps practices aimed at integrating development and operation teams. We prepare technical documentation and analyze metrics. We save time and budget for your project.
We follow trends in software development and operation: we take part in top online and offline conferences: DevOops, Container World, FDevOpsCon. We get certified by Microsoft, improve our qualifications in the Google Cloud Platform, and apply the knowledge and experience gained on our internal and commercial projects.
Valuation and costs
Determination of cost
We can tell you the exact cost of the project after evaluating our labor costs: firstly, we estimate the number of technological components used, the composition and size of the team, and the complexity of the project architecture.
We work under both fixed-payment contracts and the time & material model.