Building scalable and agile services with DevOps for Bokbasen
A key challenge was to deliver these new products, with an IT department of just five employees. The solution was to use a combination of flexible managed services from AWS, in combination with experienced subject matter experts from Orange Business.
Bokbasen chose to use a container based microservice architecture to enable their new services to be easier and more agile to extend with new functionality, while also allowing the component services to scale independently. Orange Business worked with Bokbasen to deploy and manage DevOps Pipelines, which seamlessly automate the process of releasing updates and new functionality.
Setting clear goals for seamless DevOps transformations
Driving innovation through DevOps: seamless deployments for Bokbasen
DevOps fosters collaboration by uniting coding and operations teams, enabling frequent, smaller releases to minimise disruption.
The customer chose to use a deployment strategy that involved:
Infrastructure as Code
Utilizing Infrastructure as Code technology (IaC), Orange Business and Bokbasen can automate the deployment of infrastructure, application services and CD/CD pipelines across environments.
HashiCorp Terraform is used to deploy Bokbasen’s infrastructure. Self-service terraform templates are being used to provide quick and easy creation of new pipelines.
Many great IaC modules from the Hashicorp Terraform registry, and from Orange Business, have simplified the transition. The use of IaC ensures a consistent and repeatable method of deploying and managing infrastructure across environments.
Spring Cloud Config and AWS Systems Manager securely store configurations and encrypted secrets, ensuring auditing and protection.
Deployment Pipelines
Orange Business Professional Services worked with Bokbasen to develop pipelines to build application artifacts and deploy microservices across Bokbasens Test, Stage and Production accounts, integrating with the following main AWS services:
- Lambda
- Fargate
- Batch
- API-Gateway
- Static websites on S3 (utilizing CloudFront CDN)
When a member of the DevOps team commits to selected branch, the pipeline is triggered, which builds artifacts, such as docker images that are part of the service and submits those images to the container registry. The pipeline then deploys the container to the Test environment. A smoke test using RunScope is launched and the results of the test are manually verified by the DevOps team before approving the release to be deployed to stage, where the same smoke test and additionally verification tests are undertaken before approving deployment in Production. DevOps have read-only access to stage and production environments. The pipelines are allowed cross-account deployments assuming IAM roles.
Database schemas are also modified as part of the deployment pipelines using Flyway.
Similar pipelines are created for CI/CD of batch jobs, lambda functions and S3 hosted websites.
Empowering DevOps efficiency with secure CI/CD pipelines for Bokbasen
The solution enables self-service of CI/CD pipelines where the customer DevOps team have full control over the IaC defined pipelines without direct access to Staging and Production environments.
The design supports separation of duty between the continuous improvements to microservices and the management of services and secrets in production. Encrypted secrets are kept within the realm and IAM of each account.
Improvements to the services and architecture are continuously discussed between Orange Business operations and Bokbasen DevOps through frequent dialog on slack as well as scheduled meetings.
The solution allows Bokbasen to integrate new functionality faster through continuous deployments, with greater degrees of reliability. The engagement with Orange Business has provided a sound footing for Bokbasen to undertake further migration activity towards AWS.
Bokbasen
Bokbasen's central catalogue simplifies data use for publishers, stores, and schools. With AWS since 2012, they’ve driven e-book innovation and launched digital platforms like Digitalelev and Allvit.