FP Tech Science

FP Tech Science

About Client

The Client Tila is a modern lifestyle retail e-commerce brand established and launched in Saudi Arabia in 2020. Earlier part of FP Tech Science, which is a payment gateway now merged into TiLa- an e-commerce shopping destination designed to meet the lifestyle aspirations of the Saudis. With a compelling range of products across its Fashion, Lifestyle, Electronics and Groceries categories Tila levergares innovation while retaining Arabian traditions and culture.

Problem Statement

The monolithic applications were needed to be migrated, containerized, and to be run on AWS cloud with high availability, scalability, security, cost-optimized and monitorable infrastructure with continuous integration and deployment in place by following best DevOps practices.

Business Objectives

• Highly scalable solution for high customer traffic on e-commerce website, Android, iOS applications
• Highly available website with backend APIs with low latency
• Scalable databases with growing customer base and product catalogues
• Aiding Data analytics and business intelligence on the existing customer base and search results

Technical Objectives

• Applications are needed to be deployed across multiple environments
• Network level separation of Infrastructure for each environment
• Designing highly available, scalable microservices infrastructure on AWS
• Designing highly available, failover cluster setup for databases and Apache services
• Establishing network connectivity between cloud and office location spread across the globe
• Leverage DNS routing to resolve internal service endpoints and internet facing endpoints
• Implement CICD which supports hot fixes
• Implement Identity and access management, detective controls with incident response in place

Design Factors

• To ensure network-level isolation across environments dev, stage, pre-prod, and production, centralised services termed as management are placed under different VPC. The security groups are configured as virtual firewall for EC2 instances to control incoming and outgoing traffic accordingly. WAF rules are in place to prevent DDoS on web applications
• VPC Transit Gateway routes are configured between dev, stage, pre-prod, and production to centralised services (Management VPC) to ensure secure data transfer between environments during data sync operation and for management accessibility
• VPN tunnels with failover are set up between VPCs and corresponding office networks to ensure secure private data communication to AWS via Transit gateway. VPC endpoints are used to privately connect VPC to supported AWS services
• To ensure higher control of NoSQL databases, the databases were deployed on EC2 instances for Arango, Mongo, Aerospike, Couchbase DB as clusters for failover
• To ensure high availability of Apache services like Solr, Kafka, Zookeeper all are deployed as clusters on EC2
• Amazon RDS, ElastiCache, Elasticsearch managed services are deployed with high availability for MySQL, Redis and Elasticsearch services respectively.
• CICD implementation is in place with GitLab, Jenkins, JFrog Artifactory, AWS CodePipeline ensuring faster deployments with approvals
• Highly available, scalable, fault tolerant microservices are deployed on ECS clusters across environments with Autoscaling and Application Load Balancers in place
• Once the setup is validated and approved, a CloudFormation template is designed to perform deployment of the infrastructure for all the services and new features are added to the same
• Infrastructure and application monitoring are in place with AWS CloudWatch, Prometheus, Glowroot and NewRelic. Alerting systems have email, Microsoft Teams channels. AWS Lambdas are generating audit reports for known security vulnerabilities. Graylog multimode setup is deployed for centralised logging

Amazon Services

• Amazon EC2
• Amazon VPC
• Amazon CloudWatch
• AWS Elastic Load Balancer
• AWS Auto Scaling
• Amazon Route 53
• Amazon RDS (MySQL)
• Amazon CloudFormation
• Amazon S3
• AWS CodePipeline
• Amazon ECS
• AWS Elasticsearch Service
• Lambda
• ElastiCache

Architecture Diagram and Designs

Tila Infra
Tila DevOps CICD

Outcome

• The multi environment set up for the E-commerce platform is deployed which satisfies the given organizational SLAs and internal process framework
• Best DevOps practices implementation which support new feature releases
• Provides seamless information from the Data analytics deployed
• Fast, accurate and highly available for high customer traffic on e-commerce website
• Easily deployed on various environments like Android, iOS and also on mobile applications

Lessons Learned

• Successfully incorporated microservices with best DevOps practices in coordination with developer teams
• Redesigning network connectivity by leveraging AWS Transit Gateway between AWS cloud and office network spread across the Globe