Optimising Kubernetes environment for ultimate data security and scalability
The Client
We were approached by an international ISV, or Independent Software Vendor, who wanted to utilise Kubernetes as their container orchestration platform of choice, since them principal benefits of Kubernetes–namely high-availability and scalability features–were not being taken advantage of in their existing deployment.
Project overview
- Client had an outdated Kubernetes environment had limited functionality.
- Client wanted an optimised Kubernetes configuration that would ensure data security, could be scaled and deployed overseas.
- DeeperThanBlue delivered a fully architected, optimised Kubernetes environment securely connecting the client’s data centre with agency-facing browser-based apps which could be deployed worldwide.
The problem
Our client’s solution already utilised Kubernetes and deployed various containers. However, the implementation was very old and not architected in a manner such that auto-scaling, high-availability or container load balancing could be achieved.
Following recent growth of the business, and further ambitions to move into wider geographical locations, the organisation wanted to take the opportunity to optimise their Kubernetes configuration before rolling it out to other countries. They also wanted to achieve application feature parity across the different geographies which was not possible with the existing Kubernetes architecture.
As a Kubernetes Certified Service Provider (KCSP), DeeperThanBlue was able to perform a full review of the existing configuration, understand its limitations and propose a solution that would give the client exactly what they needed.
The review stage revealed that the original Kubernetes environment, while functional, was not making use of the main benefits of a containerised solution, including scalability, health monitoring and self-healing, which allow a system to operate consistently regardless of demand, and permit rapid development and deployment of duplicate environments.
It was also clear that the existing system required significant manual intervention when a new client was onboarded to ensure that data was shared with all relevant agencies in a secure fashion. With many manual processes, this could be subject to human error.
The Objective
To create an optimised Kubernetes environment for our client that:
- Guaranteed security of confidential sensitive personal data
- Permitted scalability and migration to other countries
- Simplified new client onboarding
- Achieved application feature parity
- Managed spikes in demand without compromising quality and consistency of service
- Enabled quick, consistent and confident system management and development
The Solution
We used our knowledge as a Kubernetes Certified Service Provider (KCSP) and the expertise of our Certified Kubernetes Administrators to understand the client’s existing configuration and highlight its limitations and vulnerabilities. From this starting point, we were able to work with their senior management and technical team to develop a solution that would meet the project objectives.
This solution was a fully architected cloud-based Kubernetes configuration which sits as a secure intermediate stage between the organisation’s secure data centre and agency-facing browser-based applications. This allows these agencies to access an individual’s data using PHP over a private Microsoft Azure network, which provides data protection through encryption at rest aligned with 256-bit AES standard and encryption in transit through TLS 1.2.
As a UK-based KCSP, we were able to deploy Kubernetes configurations not yet available in other parts of the world and make new application features available to the client in whichever geographical region they needed them on the MS Azure network.
A further benefit of the fully architected Kubernetes configuration is that our client’s technical team are now able to deploy new pipelines in a matter of minutes, rather than in days or weeks as had been the case previously.
Final Thoughts
The implementation of a correctly architected containerised Kubernetes environment brings about numerous benefits, including scalability, data security, speed of deployment and consistency of performance.
Getting a configuration right first time saves a lot of time in the long run and enables rapid and reliable scaling when needed. It is also possible to optimise existing containerised configurations to make the most out of their potential and ensure long-term reliability and performance.
If you are thinking of migrating to a containerised solution, or have one in place that needs optimising, get in touch with DeeperThanBlue for a chat.