Leading Polish Carsharing Company: Streamlining Operations with AWS Cloud Migration
The carsharing company was established in 2000, operating a fleet of over 2,000 vehicles across 60 rental locations throughout Poland, including all Polish airports and locations in Lithuania.
Challenge:
The company sought our expertise to migrate its entire infrastructure to the cloud while simultaneously developing a new infrastructure for its next application version. Previously, their infrastructure was entirely on-premise. The company prioritized optimizing both performance and cost-effectiveness.
Execution:
We initiated the project with a series of workshops with the company’s developers, strategically planning to maximize the use of their current environment while designing a new one from scratch. Our focus was on employing the latest technologies to achieve optimal cost efficiency.
The first phase involved organizing existing resources and processes. We prepared secure subnets, and concealed elements from public view, ensuring the company’s technical team could rest easy.
Next, we developed a developmental infrastructure using Terraform workspaces, enabling rapid and efficient environment setups.
We then containerized the application, leading to orchestration implementation using Amazon Elastic Container Service (ECS).
We built an infrastructure that scales automatically and is hidden within private subnets behind a VPN, ensuring external access is blocked. All microservices operate correctly, verified through automated, multi-stage testing.
We implemented a robust application testing and deployment process, establishing two development environments and a pre-production environment. We incorporated SecurityHub auditing across all accounts, enhancing security measures and embracing best AWS practices to maintain cost efficiency and prevent technical debt accumulation.
Results:
We designed a new, scalable, and efficient AWS cloud infrastructure, incorporating proven scalability and performance solutions.
We introduced account management via AWS Organizations, creating a main account with consolidated billing and designated sub-accounts. This setup ensures all changes are synchronised and recorded, providing safeguards against disasters or breaches.
Cost Optimization:
OpenSearch: We deployed two OpenSearch clusters: one for logging and another for vehicle telemetry. By creating service-specific indexes in the logging cluster, we identified high-data logging services and optimized them at the application level, reducing storage use and instance sizes, and cutting costs from $100 to $54 daily. We plan to test and potentially switch to ARM-based instances for further price and performance benefits.
DynamoDB: One table was initially set to On-Demand mode due to uncertain pre-migration traffic and resource requirements. Post-migration traffic analysis allowed us to estimate and adjust the required WCU and RCU, reducing monthly costs from $670 to $128.
RDS: Plans are in place to reduce costs for this service, awaiting scheduling.
Fargate ECS: We achieved significant cost savings through strategic cost optimization, translating directly into monetary savings.
This comprehensive approach not only modernized technological infrastructure but also optimized their operational costs, laying a solid foundation for future innovation and growth.
Observability and Ops Management:
In this project, observability and operations management were key components of the successful migration and optimization process.
Observability:
To ensure robust observability, the following measures were implemented: each task has an additional Fluentd container with custom scripts for detailed monitoring of task health, visualized in self-hosted Grafana
we collect 2 major log groups: application logs are aggregated in the OpenSearch cluster with extended dashboards for easier analysis, with properly configured indices per service and auto retention with backups using native OpenSearch features for AWS services logs like Lambdas, API Gateway or WAF we use CloudWatch Logs Insights and for ALB logs aggregated in S3 Athena queries detailed monitoring of each component of the application, including specific errors on particular endpoints or services and standard metrics like CPU and memory, available thanks to AWS Cloudwatch and Telegraf
SecurityHub Auditing:
SecurityHub was integrated across all accounts to enhance security measures, facilitating for catching new issues and resolving already present ones. This auditing embraced AWS best practices, contributing to cost efficiency and preventing the accumulation of technical debt.
AWS Organizations:
At the initial stage, the project was assumed to be much smaller. Account management was introduced via AWS Organizations, creating a main account with consolidated billing and a few designated sub-accounts. As the project grew, we also did not see a need to change the approach, because AWS Organizations met our needs. New accounts were and are rarely added and if they are, we easily handle their configuration with ready Terraform modules and concept of workspaces, applied via GitLab CI/CD processes, so we didn’t see a necessity to migrate to Control Tower.
Terraform and Git:
Infrastructure was created using Terraform, configured using workspaces for multi-environment setup with versioned configuration. It was deployed with GitLab CI/CD processes, with proper testing on development environments, before applying to production.. This approach ensured that infrastructure could be easily replicated and managed and allowed for rapid and efficient environment setups.
CloudTrail:
We utilized Cloudtrail with a multi-region configuration for tracking activity on the account. This allowed us to verify various suspicious activities on the accounts of users and AWS services and generally helped debugging various events.