Automated Containerization of Payment Gateway Applications on AWS

Automated Containerization of Payment Gateway Applications on AWS
May 27, 2021 Eshan Sarpotdar

About the Client

The client is a leading PCI-DSS compliant payment gateway, the company caters to millions of financial transactions happening round the clock via a variety of products that support net-banking, online and POS card payments, UPI, and IVR based functionalities. Considering the nature and criticality of the business, the client approached CloudHedge to manage and optimize primarily their AWS cloud infrastructure spend, performance and provide automated containerization for their applications.


The Business Challenge

Before approaching CloudHedge, the client’s applications were already migrated (Lift & Shift) to AWS from legacy on-premise infrastructure with only minor architectural changes. Also, being a traditional on-prem shop they lacked the DevOps methods such as Blue/Green, IAC, CICD, etc. and the skills to reap the key benefits that AWS offers such as pay-per-use, cloud-native databases/data warehouses, and data streams, load-balancing, and auto-scaling, serverless architecture, reserved instances/capacity, storage lifecycle management and a plethora of other cloud-native services. As a result, while they were overshooting their OpEX budget, they were also not achieving the performance that they should from being on the cloud.

  • Hence the main challenge was to align their operations and architecture to maximize the return on their AWS investment while also improving the performance of their various applications that practically run 24/7.
  • Secondly, there was a strict timeline of 3 months to achieve this for over 12 different applications running on 50+ AWS instances and external elements such as PRI and co-located DC/DR connected via AWS Direct-connect into the mix.
  • Last but not the least, the client had plans for modernizing their mission-critical applications by containerizing them to support sharp variations in transaction volumes which is typical of payment gateways, and focus more on business growth.

How CloudHedge Helped? 

We assessed the client’s AWS infrastructure and as part of the Managed Services offering and performed the following, the bulk of which was accomplished within 4 weeks:

  • Configured scripts, Nagios, Zabbix, and Grafana dashboards to effectively monitor and automate supervision of App Servers, DBs Network, Firewalls, and OS Services.
  • Setup and configured JIRA service desk and defined stringent SLAs to address queries and support issues (tickets) through 24/7 shifts.
  • Implemented AWS client VPN, Elastic load balancing using both NLB and ALB as applicable, Cloudfront, AWS WAF, EC2 auto-scaling with high availability, and also leveraged other AWS services such as S3 lifecycle management and storage classes, Cloudwatch, Athena/Glue to optimally store and query various logs.
  • Provided AWS and Co-location infrastructure support along with recommendations for cost optimization and performance improvement.
  • Started building DevOps processes such as CICD, IAC, GIT, and initial assessment for application containerization through CloudHedge’s own App Modernization Platform.

Benefits

CloudHedge brought the following benefits with its Managed Services offering:

  • Achieved 99.9999% uptime and performance improvement of their applications with 24/7 operations support. This is on top of the uptime SLA that AWS provides.
  • Optimal configuration and leveraging key AWS services ensured savings in operating costs (30%) with greater visibility and control on the spending.
  • Enhanced decision-making capabilities by providing actionable insights via dashboard with regards to application and infrastructure.
  • Incorporated industry best practices such as DevOps and automation.
  • Paved a roadmap for automating containerization of current applications hosted on AWS and extract further savings in operational costs while improving efficiency and performance.