Templatize infrastructure for multiple clients in a SAAS Healthcare Environment
Healthplex is one of the largest dental insurance providers which provide Dental Insurance and Dental Discount plans for Individuals and corporates.
Problem Statement
An in-house analytics application developed by a healthcare organization was needed to be deployed on AWS, in a single tenant SAAS environment for multiple clients. Focussing on Application availability and data security, a one click solution needs to be designed to deploy the analytics application for each of the existing clients and forthcoming new clients.
Business Objectives
- One-Click secure deployment of the analytics application on AWS.
- Public data sources could be shared across clients but private client data to be private to respective clients.
- Prime focus on data security and Application availability with warm disaster recovery.
- Scalable solution to be provided that can help with the fast growing client base.
Technical Objectives
- Application to be deployed on Dedicated hardware on AWS
- Network level separation of Infrastructure of individual clients
- Warm disaster recovery set up for individual clients with data syncing in near real time
- Secure traffic moving between client datacentre to AWS during the initial private MySQL and MongoDB data migration
- Data to be imported from Public data sources onto MySQL and MongoDB destination and shared across applications of all the clients
- Leverage DNS routing to set up Active-Passive failover between production and Disaster recovery set up for individual client
- Implement a one Click solution to deploy Production and DR Infrastructure
Design Factors
- To ensure high availability, both the environments viz Production and DR were placed under different availability zones and to ensure network level separation, one VPC per environment per client was used.
- VPC peering was configured between production and DR VPC of respective client infrastructure to ensure secure data transfer between environment during data sync operation.
- Both Mysql and MongoDB database Masters to be running in production with one slave each running in DR environment.
- To ensure higher control of databases, the databases were deployed on EC2 instances.
- All the EC2 Instances were Dedicated EC2 instances and databases were EBS Optimized High memory instances
- Complete application set up was done on both Production and DR environment and Active-Passive routing configured on using Route53.
- Autoscaling was configured on all the production application layers for automated scalability.
- One VPC was created which contains publicly available data to be used by the application. The VPC to have MySQL and MongoDB databases syncing regularly from public healthcare data sources. Public data sources VPC was peered with all the client production environment.
- VPN tunnel was set up between client VPCs and corresponding data centers to ensure secure private data migration to AWS
- Once the set up was validated and approved, a CloudFormation template was designed to perform single click deployment of the infrastructure for multiple clients. The template was used to set up the application for existing more than 100 Clients and to be used for new clients.
Amazon Services
- Amazon EC2
- VPC
- VPN
- Elastic Load Balancer
- Auto Scaling
- Amazon Route 53
- Amazon RDS (MySQL, MongoDB)
- Amazon CloudFormation
Architecture Diagram and Designs
Outcomes
- The multi environment set up for the application was deployed which satisfies the given organizational SLAs and internal process framework.
- The application availability was ensured with Active-Passive failover, near real time data sync between Databases across environments and by leveraging Auto-scaling.
- Data movement between environments was secure using VPN Tunnels and VPC peering connections.
- Deployment on AWS Cloud and using Cloud Formation to templatize the infrastructure has helped the organization accelerate the application deployment to each of the client.