Use Cases: Real-World Applications
Explore our Use Cases to see how Naviteq’s innovative solutions in DevOps, cloud optimization, and IT infrastructure have helped businesses overcome challenges and achieve their goals. From streamlining operations to boosting scalability and efficiency, these real-world examples showcase the impact of our expertise across various industries. Discover practical insights and proven approaches that could inspire your next big transformation.
Empowering Startups: Scalable CI/CD for Node.js Microservices on GCP hosted in GitHub Monorepo
At the inception of their startup journey, our client recognized the critical need for a robust and scalable CI/CD infrastructure for their Node. js-based microservices. Our engineering team collaborated closely to address the unique challenges of a growing startup, implementing a mono-repo structure for code reusability and introducing versioning for individual microservices. The result was a tailored CI/CD solution that not only met current needs but anticipated future growth.
- Tailored a CI/CD solution suitable for the dynamic environment of a startup, ensuring rapid scalability and adaptability to changing requirements.
- Implemented a mono-repo structure to maximize code reusability, facilitating shared modules and libraries across microservices to fully address initial functional and non-functional requirements from the Client.
- Introduced versioning for microservices, enabling targeted builds and deploys based on specific Git changes, reducing unnecessary overhead and “false” version releases.
- Leveraged the power of GitHub Actions and Node.js capabilities to automate the entire CI process, from building Docker images to conducting unit tests and seamless releases.
- Orchestrated continuous delivery with ArgoCD, providing a streamlined and automated deployment process for microservices in the GKE cluster.
- Conducted a rework and optimization of existing Terraform code, ensuring adherence to best practices and enhancing the efficiency of infrastructure deployment in Google Cloud Platform.
Heroku to AWS Migration: A Comprehensive Journey
Embarking on a transformative journey, we executed a meticulous end-to-end migration from Heroku to AWS, empowering our client with enhanced scalability, security, and geographical flexibility. Our dedicated team orchestrated the entire process, from strategic planning to flawless execution, and delivered everything on time (as usual).
- Leveraged Terraform and Terragrunt to create a fully automated, highly secured infrastructure on AWS, setting the stage for a robust and scalable environment.
- Implemented a second tenant for a multi-regional setup, enabling the client to support customers across different geographical locations with minimal latencies.
- Established a streamlined CI/CD pipeline using GitHub Actions, automating the build, test, release, and deployment of application microservices into the target Kubernetes cluster.
- Provided the client with the flexibility to support clients in different regions, enhancing user experience and reducing latency.
- Integrated a mix of NewRelic, CloudWatch, and OpenSearch for comprehensive monitoring and logging, ensuring real-time insights into system performance. Implemented PagerDuty for alerting including escalation policies and other configurations from scratch.
- Seamlessly integrated Akamai as the Content Delivery Network (CDN), optimizing content delivery and enhancing user experience.
The Seamless Dev Environment built using cutting edge technologies
Our team undertook the challenge of creating a Development environment on top of on-premise virtual servers the client has. We meticulously designed and implemented the environment that leverages cutting-edge technologies to elevate efficiency, reliability, and agility together with the fully automated CI\CD pipeline.
- Employed Ansible automation to deploy a resilient Kubernetes cluster (k3s), reducing deployment time and ensuring consistency.
- Configured GitHub Actions and ArgoCD for end-to-end CI/CD, automating the entire software delivery process and adhering to industry best practices.
- Implemented a robust monitoring system using Loki, Promtail, Grafana, and Tempo, offering a real-time view of system performance and health.
- Conducted a high-level Knowledge Transfer session, empowering the client to seamlessly manage and maintain the deployed environment.
- Delivered detailed documentation to ensure transparency and facilitate future maintenance and enhancements.
Optimizing CI Pipeline: Scalable and Cost-Efficient CI/CD on Azure
In response to the challenge of a resource-intensive CI pipeline, we undertook a transformative journey to optimize and streamline the process, reducing costs and enhancing scalability. Our team seamlessly transitioned from a VM-based setup to a Kubernetes-based infrastructure on Azure, leveraging partnership discounts for an economically efficient solution.
- Utilized Terraform and Terragrunt automation to deploy and configure self-hosted GitHub runners in Azure Kubernetes Service, enabling rapid scalability to support multiple concurrent executions.
- Transformed the CI/CD pipeline to handle builds for different platforms (Windows, Linux, Mac, Android) with optimized Docker images for GitHub Actions executions.
- Seamlessly migrated from a VM-based setup to a Kubernetes-based infrastructure, enhancing flexibility, and reducing resource overhead.
- Achieved a balance between performance and cost efficiency, ensuring optimal resource utilization during CI/CD executions.
- Implemented ongoing optimizations to maintain peak performance while keeping costs in check, ensuring a sustainable and efficient CI/CD pipeline.
Migration from manually created Amazon ECS clusters to IaC Amazon EKS clusters
Our team of engineers did a migration of QA, Prod, Staging, and UAT environments from manually created Amazon ECS clusters (by the customer in the past) to modern Amazon EKS stack with full coverage of Terraform and Terragrunt.
- We did write a Terraform/Terragrunt code with modules to provision environments in Amazon Cloud
- We created Helm3 charts for workloads running in those clusters
- Migration from Codebuild\Codedeploy that was created to deploy applications in old ECS to GitHub Actions and ArgoCD
- Provisioned highly-performant shared cluster file system AWS FSx into AWS EKS Kubernetes clusters for stateful applications
Migrating monolith workloads based on AWS EC2 instances in AWS Amazon to microservices and AWS EKS clusters
We helped our customer and his developer teams to decompose the gigantic Ruby on Rails monolith into microservices. Prepare an infrastructure in AWS Amazon Cloud, set up from zero CI/CD (based on GitHub Actions and ArgoCD) processes, including tests and security scanning.
- Helping the backend development team to decompose a monolithic core and migrate it to a microservices architecture
- Writing down Terraform/Terragrunt code for AWS Amazon
- Dockerizing all microservices and preparing Helm3 charts
- Migration from monorepo to multi repositories
- Creating complete CI/CD process for each microservice, including adding to CI unit tests, security tests, and e2e tests.
AWS EKS Kubernetes hardening
Our customer was very focused on security challenges and Naviteq suggested hardening strategies for the customer’s Kubernetes infrastructure and implemented them. We also trained customer’s dev and sys-admin teams.
- Authorization and authentication for different development teams via Okta SSO with completely different privileges in the Kubernetes cluster
- Okta authentication for restricted access into AWS EKS cluster, along with RBAC for authorization
- Restricted access of our users to some namespaces via AWS IAM and RBAC
- Mapping of namespace per Okta group
- Installing Istio for safe intercommunication between pods in the cluster
- Using OTP, Push notifications, and AWS STS tokens
- Perimeter isolation with HA Wireguard VPN solution
- Scan containers and Pods for vulnerabilities or misconfigurations
- Run containers and Pods with the least privileges possible
Security audit, tests, and hardening for the Google Cloud Platform environment
This project was all around Cloud Security, hardening, active cyber threats protection, and searching for different weaknesses in the system with the purpose to fix them. Also as part of the project, we prepared the customer’s infrastructure for SOC2 certification.
- Running security audit with the help of Wazuh
- Vulnerability scanning with Snyk
- Active protection of cyber threats with the help of Wazuh
- Hermetically closing the perimeter with the built-in tools of Google cloud and redesigning some parts of it
- Providing users access to the client’s Google Cloud Platform environment via VPN only with the integration of Okta SSO
- Hardening Linux Server with SELinux
- Running CIS benchmarks for Google Cloud Compute images
- Complex routing for full subnet isolation