Ruppek Fintech

Customer Background
Customer Challenge
Assessment
Business Objectives
Proposed Solution
Design Factors
solutions used

Customer Background

Rupeek Fintech Private Limited is India’s no.1 online gold loan brand which works on a
technology-driven gold loan process with a mission to bring transparency, simplicity,
flexibility, and affordability to the gold loan industry. Rupeek is disrupting the traditional
brick-and-mortar lending model to bring maximum benefits to the end customers and
the lending partners. Rupeek has challenged converting the gold loan process to online
transactions through their branchless model. The goal is to ease the gold loan process
and make things more convenient for its customers (borrowers). Rupeek ensures that
each of its customers can access gold loans that are fair, fast, and flexible. Rupeek is
partnered with esteemed privatized banks. These banks utilize Rupeek’s services for
their customers looking out for gold loans. As per customer review, Rupeek services are
hassle-free as the company agents interact with the customers over mobile/ website to
answer any customer queries and provide immediate assistance.

Problem Statement​

The monolithic applications were needed to be migrated, containerized, and to be run on AWS cloud with high availability, scalability, security, cost-optimized and monitorable infrastructure with continuous integration and deployment in place by following best DevOps practices.

Business Objectives

• Highly scalable solution for high customer traffic on e-commerce website, Android, iOS applications
• Highly available website with backend APIs with low latency
• Scalable databases with growing customer base and product catalogues
• Aiding Data analytics and business intelligence on the existing customer base and search results

Technical Objectives

• Applications are needed to be deployed across multiple environments
• Network level separation of Infrastructure for each environment
• Designing highly available, scalable microservices infrastructure on AWS
• Designing highly available, failover cluster setup for databases and Apache services
• Establishing network connectivity between cloud and office location spread across the globe
• Leverage DNS routing to resolve internal service endpoints and internet facing endpoints
• Implement CICD which supports hot fixes
• Implement Identity and access management, detective controls with incident response in place

Design Factors

• To ensure network-level isolation across environments dev, stage, pre-prod, and production, centralised services termed as management are placed under different VPC. The security groups are configured as virtual firewall for EC2 instances to control incoming and outgoing traffic accordingly. WAF rules are in place to prevent DDoS on web applications
• VPC Transit Gateway routes are configured between dev, stage, pre-prod, and production to centralised services (Management VPC) to ensure secure data transfer between environments during data sync operation and for management accessibility
• VPN tunnels with failover are set up between VPCs and corresponding office networks to ensure secure private data communication to AWS via Transit gateway. VPC endpoints are used to privately connect VPC to supported AWS services
• To ensure higher control of NoSQL databases, the databases were deployed on EC2 instances for Arango, Mongo, Aerospike, Couchbase DB as clusters for failover
• To ensure high availability of Apache services like Solr, Kafka, Zookeeper all are deployed as clusters on EC2
• Amazon RDS, ElastiCache, Elasticsearch managed services are deployed with high availability for MySQL, Redis and Elasticsearch services respectively.
• CICD implementation is in place with GitLab, Jenkins, JFrog Artifactory, AWS CodePipeline ensuring faster deployments with approvals
• Highly available, scalable, fault tolerant microservices are deployed on ECS clusters across environments with Autoscaling and Application Load Balancers in place
• Once the setup is validated and approved, a CloudFormation template is designed to perform deployment of the infrastructure for all the services and new features are added to the same
• Infrastructure and application monitoring are in place with AWS CloudWatch, Prometheus, Glowroot and NewRelic. Alerting systems have email, Microsoft Teams channels. AWS Lambdas are generating audit reports for known security vulnerabilities. Graylog multimode setup is deployed for centralised logging

Amazon Services

• Amazon EC2
• Amazon VPC
• Amazon CloudWatch
• AWS Elastic Load Balancer
• AWS Auto Scaling
• Amazon Route 53
• Amazon RDS (MySQL)
• Amazon CloudFormation
• Amazon S3
• AWS CodePipeline
• Amazon ECS
• AWS Elasticsearch Service
• Lambda
• ElastiCache

Architecture Diagram and Designs

Tila Infra

Tila DevOps CICD

Outcome

• The multi environment set up for the E-commerce platform is deployed which satisfies the given organizational SLAs and internal process framework
• Best DevOps practices implementation which support new feature releases
• Provides seamless information from the Data analytics deployed
• Fast, accurate and highly available for high customer traffic on e-commerce website
• Easily deployed on various environments like Android, iOS and also on mobile applications

Lessons Learned

• Successfully incorporated microservices with best DevOps practices in coordination with developer teams
• Redesigning network connectivity by leveraging AWS Transit Gateway between AWS cloud and office network spread across the Globe