How Glonur was able to increase the speed of innovation and go to market with DevOps adoption
Glonur is a healthcare and nursing resources augumentation portal that provides professionals to connect with and be recruited by global healthcare organizations. Glonur is a privately held company. Glonur is in a regulated industry has implemented secure data policies and has achieved ISO-9001:2015 certification, and complies with HIPAA and GDPR regulations.
Glonur is a start-up in the healthcare industry, and, in the midst of current challenges, is working within tight budgetary constraints. However, the need to constantly innovate, bring better features, and constantly be one step ahead of competition meant that the platform had to have the ability to rapidly test, deploy and scale. It is also essential that the platform be highly available, fault tolerant and secure. In the times of Covid-19, Glonur had to have a system of people working from different places, but at the same time, have a secure development environment.
Glonur’s transition to the cloud started by a comprehensive analysis of their existing infrastructure, applications and integrations. Glonur management was able to drive and create an unfied, but multifuctional team to be in charge of the modernisation project. A resilient, highly available and auto-scalable infrastructure with CI/CD integration was implemented. We provided them with the necessary hand holding in terms of transitioning to a DevOps model for the company. The implemented architecture included a production environment well as staging and development environment with pipelines doing automated deployments.
The most important component of the workload is Amazon Workspaces for Glonur’s developers. Glonur development team selected AWS Workspaces for their everyday operations in order to provide developers with a safe, secure, and robust environment in which to build a code base for glonur.com. This helps the management in keeping tight controls on data and other proprietary information, as mandated by various compliance regimes.The workspaces are only accessible from specific static public IP addresses. Traffic to restricted number of ports is permitted from whitelisted IP addresses, ensuring that malicious or unwanted traffic is restricted. AWS services such as CodeCommit and S3 are connected with Interface endpoints that are attached to workspace subnets. The traffic to these services are internal to the AWS network and data is fully encrypted at rest and in transit.
A cloud native development model was attained with the transitioning to the AWS cloud. A DevOps culture was created and encuraged within the organisation by key stakeholders. Prior to the move to the cloud, code was manually deployed to servers, and this meant a lot of effort, delays, and downtime while building, testing, and deploying code on separate servers. Now, using the Amazon CI/CD tools, Glonur’s developers push their code to a single repository with Development and Production branches. User actions in AWS CodeCommit repository is controlled with IAM policies. Depending on the developer's role, they are given various degrees of access through fine-grained IAM policies attached to the IAM user. CodePipeline is used for continuous deployment of applications; there are various phases inside the pipeline such as Staging, Approvals, and Deployments. This helps in automating the deployment and in updates of applications and infrastructure. Approvals are used to streamline the workflow from one stage to another. Developers use AWS CodeDeploy to deploy changed code initially to the staging environment. Deployment strategy used in staging environment is In-Place deployment. In the Production environment, Blue-Green deployment strategy is used.
After the successful migration of Glonur’s infrastructure and apllications to the AWS, and by adapting the DevOps best practices, the Glonur team achieved many benefits like
- Automated CICD Pipelines with approval mechanism.
- Elasticity / High availability/Reliability of application.
- Granular role-based access control.
- Security automation for application protection.
- Cost effective, pay-as-you-go billing.
- Audit/accountability of infrastructure and configuration.
- Zero downtime deployments.
- Continuous monitoring and alarms.
- Reduced RTO with multiple backup options.
- Multiple layers of security for managing access.