A company in the health services industry, using cellular devices to co-ordinate pharmaceutical logistics, needed to migrate to the Amazon Web Services (AWS) platform to attain a highly available and cost-effective cloud solution.
As an electronic pharmacy serving a variety of African countries, a fault-tolerant and highly available system is a critical requirement. The solution leverages a mobile application used by pharmaceutical distribution unit administrators, drivers and client administrators to track the end-to-end delivery of medical packages.
Objectives
BBD assisted in implementing and designing the architecture for the mobile solution on AWS. Optimising the operational cost associated with running applications on the AWS platform—while taking into consideration the appropriate availability, scale and security concerns—had been an integral component to the cloud consulting services delivered. We have provisioned the components and services on AWS to operate the mobile solution’s pre-production and production environments. Operational and billing alerts were set up to notify relevant stakeholders of operational failures and higher-than-expected billing accruing.
Overview of the solution
The company relies heavily on high availability as it offers a 24/7 service to clients. This requirement is catered for by the AWS platform, as it provides high availability in various forms. The current platform, developed with assistance from BBD, has a traditional three-tier architecture.
- The Route 53 service provides Domain Name System (DNS) availability and a 100% available Service
Level Agreement (SLA) from AWS - A CloudFront managed content delivery network, with a 99.9% availability SLA for content distribution
- Simple Storage Service (S3) for static content hosting, with a 99.9% availability SLA
- Elastic Compute Cloud (EC2), including elastic load balancers for the application tier, in a multiple availability zone (multi-AZ) deployment model
- Relational Database Services (RDS) for the persistence tier in a multi-AZ deployment model. RDS instances deployed in a multi-AZ fashion have a 99.95% availability SLA
AWS provides a 99.99% availability SLA for EC2, where non-availability is defined as either complete unavailability of an entire EC2 region or more than one availability zone. CloudFront enables the company to seamlessly distribute static content via the AWS Content Delivery Network (CDN) at edge locations across the world. The launch of AWS CloudFront points of presence in South Africa has allowed clients to download content at a significantly lower latency. Together with AWS S3 static website hosting, CloudFront is used to serve web content for the single page application. Using CloudFront dramatically reduces operational concerns by making use of the serverless computation paradigm.
Amazon Certificate Manager makes certificate management a non-concern and its integration with CloudFront allows for cross-cutting enforcement of encrypted network traffic. By using CloudFront to serve both static content from S3 and dynamic content from APIs running on auto-scaled EC2 instances, the Web Application Firewall (WAF) and Shield service makes it very easy to protect against common web attacks such as SQL injection and DDoS attacks from a security perspective. AWS RDS add immense value to the stack due to features such as multi-AZ deployments, automatic backups, point-in-time restore and easy set-up of read-replicas. Multi-AZ deployments with RDS means that it is possible to conduct operational tasks on the primary database and database operations will seamlessly be redirected to the secondary instance.
