AWS Partner Network (APN) Blog
AWS Container Competency Partners Help Customers Deploy Applications Quickly, Reliably, and Consistently
By Chris Alvarez, Sr. Partner Program Manager at AWS
We announced the AWS Container Competency for AWS Partner Network (APN) Partners at AWS re:Invent 2018.
Launch Partners in this program have built solutions on Amazon Web Services (AWS) that improve customers’ abilities to run workloads on containers on AWS. They help customers optimize orchestration and scheduling, infrastructure, application build/test, and deployment on containers, as well as with monitoring, logging, and security of containers.
The AWS Competency Program helps customers identify and choose the world’s top APN Partner for their AWS projects and workloads. To give you an idea how AWS Container Competency Partners are helping customers package and deploy application in a scalable, secure environment, we are excited to share a couple customer stories from APN Partners Aporeto, Dynatrace, and Weaveworks.
See the full list of Launch Partners >>
Etherparty & Aporeto
About the Customer: Etherparty Smart Contracts, Inc. aims to build easy-to-use blockchain-based applications for the creation, use, and management of smart contracts. They want to bring immediate and notable value through blockchain technology to people in everyday situations.
About the APN Partner: Aporeto provides critical security capabilities required for cloud applications, including network security, runtime protection, and API access control. These security capabilities are powered by application identity instead of IP addresses, a distinctive approach that allows customers to abstract away infrastructure complexities and apply uniform security policies in hybrid cloud environments.
The Story: Etherparty has unique and complex security needs. The company’s solution is built with containers and is orchestrated with Kubernetes on Amazon Elastic Compute Cloud (Amazon EC2). The solution depends on Hardware Security Module (HSM)-based keys for secrets management in their highly-secure application architecture.
This architecture is replicated in multiple AWS Availability Zones (AZs). The core HSM service is located in two proprietary data centers, and Etherparty must ensure that no rogue services or containers attempt to access their HSM services.
Because container IP addresses are constantly changing, Etherparty opted to use Aporeto to generate cryptographic application identity to authenticate and authorize HSM requests. Aporeto auto-generates application identity through three steps:
- Monitor for new processes and containers workloads.
- Collect metadata from the orchestrator, operating system (OS), and other available resources.
- Generate unique list of key value pairs, inject nonce, and cryptographically sign.
The Result: Aporeto helped Etherparty achieve stronger protection with identity-based security for Zero Trust environments, and simpler operations by reducing appliance maze and options for a flat L3 network. Etherparty is also enjoying Zero Touch for developers with no process, framework, or code changes.
In Etherparty’s Own Words:
“We wanted to ensure that users of Etherparty and its software products were provided the most secure operating environment, and Aporeto’s track record of experience spoke to their ability to help us achieve this. We’re truly excited about our blockchain platform’s progress to-date and are always looking to improve our technology to offer the best product experience in today’s blockchain market.” – Kevin Hobbs, CEO at Etherparty
Connect with Aporeto >>
CDL & Dynatrace
About the Customer: CDL is a leading provider of technology for the high-volume personal lines insurance sector in the United Kingdom, providing retail platforms to banks and household brands including motor manufacturers, supermarkets, and department stores. As such, availability and security are key requirements, both for core applications and CDL’s new suite of InsurTech and FinTech products.
About the APN Partner: Dynatrace provides software intelligence to simplify enterprise cloud complexity and accelerate digital transformation. With artificial intelligence (AI) and complete automation, their all-in-one platform provides answers, not just data, about the performance of applications, the underlying infrastructure, and the experience of all users.
The Story: CDL applies the latest technologies—machine learning (ML), AI, big data, and chat and voice interfaces—to transform the insurance shopping experience and meet the expectations of today’s digital consumer. Ensuring their dynamic enterprise cloud and application ecosystem works flawlessly, in the context of rapid expansion of the customer base is an ongoing challenge. With full-stack visibility, from the application layer and underlying infrastructure to the digital experience of all users, CDL relies on Dynatrace to provide real-time intelligence into the performance of their enterprise cloud.
One of the primary use cases of Dynatrace is to monitor AWS container platforms at scale. Dynatrace is installed at host level, using a single agent (OneAgent) that enables rapid instrumentation of hosts and automatic visibility of containers at scale when its’s deployed into the bootstrap process for container instances. This not only gives an effective configuration-less deployment to a large number of guest containers, but also gives seamless integration for hosts being deployed into the Amazon Elastic Container Service (Amazon ECS) cluster.
For enhanced security, CDL opted to connect to Dynatrace through AWS PrivateLink for AWS-deployed infrastructure. Additionally, CDL routes all on-premises monitoring over AWS Direct Connect to the PrivateLink connection.
The Result: Dynatrace provides considerable value to CDL through automated deployment, configuration, and visibility into their AWS and on-premises ecosystem. This automation provides visibility into their dynamic full-stack, with containers detected and monitored without manual configuration. The value to the CDL team includes:
- Less time manually configuring and deploying monitoring, enabling the team to focus more time on innovation and value-added work.
- The automatic instrumentation of containers at host level, coupled with the automatic agent updates (managed by Dynatrace), is a considerable time saver for the team.
- The all-in-one full stack visibility of Dynatrace limits the need for other monitoring solutions, so the team can get real-time answers in a single dashboard.
Ultimately, Dynatrace enables CDL to make decisions faster, identify any problematic performance issues with precise root cause answers, and make considerable productivity savings. We estimated that the deployment has created additional capacity equivalent to three to four FTEs.
In CDL’s Own Words:
“Containers and microservices have made IT environments too complex, difficult, and inefficient for traditional monitoring tools to keep up with anymore. Dynatrace provides a new level of real-time visibility into containers and our AWS environment, with a simple setup, intuitive toolsets, and in-depth root-cause analysis, that have made monitoring drastically easier for our teams.” – Rob Trueman, Head of Software Engineering at CDL
Connect with Dynatrace >>
Soho House & Weaveworks
About the Customer: Soho House & Co was founded in London in 1995 as a private members club for people in the creative industries. The Ned, a joint venture with Sydell Group, is one of Soho House’s exclusive establishments. The heritage building hosts nine restaurants, 252 bedrooms channeling 1920s and 1930s design, a range of men’s and women’s grooming services, and a members’ club.
About the APN Partner: Founded in 2014, Weaveworks makes it fast and simple for developers and DevOps teams to build and operate powerful containerized applications. They minimize the complexity of operating workloads in Kubernetes by providing automated continuous delivery pipelines, observability, and monitoring. One of the first members of the Cloud Native Computing Forum, Weaveworks also contributes to several open source projects, including Weave Scope, Weave Cortex, and Weave Flux.
The Story: Soho House’s development team had been through a year-long replatforming exercise, developing and operating applications using a microservices architecture. They evaluated various cloud providers but AWS was the preferred choice as it gave them the production confidence they needed for their new platform. The team mainly relies on Amazon Relational Database Service (Amazon RDS) outside of Amazon EC2 instances alongside ancillary services such as Amazon CloudWatch. Without Amazon RDS, the team wouldn’t be able to use PostgreSQL in a reliable setup, which has been a game-changer for their future roadmap.
While the Soho House team had been successfully deploying various microservices on Kubernetes, they were still searching for DevOps best practices that allowed them to run with confidence. Production stability and reliability are key to delivering a world-class experience for their exclusive establishments.
In order to achieve production reliability and optimize deployments workflows, Soho House needed to introduce observability—a holistic approach to understanding system health. That includes understanding your deployment successes and failures and monitoring application and infrastructure analytics in real time.
The Result: Weaveworks provided Soho House with the confidence and tools they needed to operate a reliable and stable Kubernetes production environment for The Ned. The Soho House engineering team can now fully observe their system thanks to the reliability of their sophisticated monitoring and release automation systems. The team spends up to 75 percent more time on improving their application code and adding business value, instead of caring for their infrastructure and application management.
Due to this success, Soho House will also be rolling out its new membership experience across all sites, which will be entirely managed by Weave Cloud.
In Soho House’s Own Words:
“Weave Cloud helped us build our new Kubernetes clusters with confidence. The Weaveworks team went above and beyond to make sure we have the right monitoring, but also helped us to determine a proper deployment pipeline.” – Jeroen Serpieters, Head of Engineering at Soho House
Connect with Weaveworks >>
About the AWS Competency Program
If you want to be successful in today’s complex IT environment, and remain that way tomorrow and into the future, teaming up with an AWS Competency Partner is The Next Smart.
The AWS Competency Program verifies, validates, and vets top APN Partners that have demonstrated customer success and deep specialization in specific solution areas or segments.