We supported our client in moving the previous infrastructure from classic servers to a new Kubernetes infrastructure. The existing infrastructure had grown over the years and could not recognise, for example, that a web application had to handle many requests. Time and again, this meant that not only the web application, but also the customer's other web applications were not usable due to shared resources.
The goal of the new cluster environment was therefore to reduce fail-safety. The large data volumes of more than 2TB should be easy to handle. The Kubernetes infrastructure environment has become more cost-effective than the old infrastructure had been until then. For the monitoring and backup solution, we defined the individual requirements together with the customer and then worked them out.
Relocation of the existing infrastructure
We have set up a new Kubernetes cluster consisting of at least 3 nodes. SSL certificates are automatically issued for all web applications. With the newly set up S3 storage backend, the data separation can be secured; there is one bucket per system. By setting up the file system adapter, the old web applications can continue to run unchanged. The user-friendly monitoring solution automatically collects all messages from the applications running in the cluster, including its own. The Kubernetes cluster has minimal public endpoints and therefore offers a low attack surface .
The performance is ensured by our Elasticsearch backend. Through controlled alerts/authorisations, the admin is informed about the errors that were previously defined through rules. The release of new versions of web applications can be done directly by our customer (e.g. standardisation of workflows, automatic tests, builds & deployments) .With the roles and rights function, we have defined different access permissions for different areas. This particularly affects applications that are not intended for the public. Thebackups are created at web application level, then kept close to the cluster and replicated to offsite locations.
At the end of the project implementation, the employees were then trained to the new web application incl. the planned tasks and new monitoring monitoring functions.
We will continue to develop the project together with the client by making further adjustments.