To fulfill a business requirement for agile software development and increased capacity requirements, OpenNet needed a secure, scalable, and robust infrastructure platform for running their partner portal application, Etray. They chose an AWS Cloud platform because AWS offers a comprehensive catalog of services delivered on a globally leading and secure infrastructure.
Partner from design to operation
Conscia’s cloud team has helped OpenNet throughout the design phase, delivered both high-level and low-level designs, and acted as a trusted partner for both OpenNet and their application provider. Conscia also acts as a sparring partner for OpenNet on their cloud journey with sparring on expanding their solution to the benefit of OpenNet’s partners. Conscia also provides operational support through a Managed Service agreement that ensures high and stable uptime and quick handling of challenges.
Compliance, governance, and security with AWS Control Tower
The overall solution is based on a wide range of AWS Services with the greatest possible use of robust and scalable Managed Services. AWS Control Tower ensures continuous compliance, governance, and high security in a multi-account infrastructure.
Other AWS components in OpenNet’s cloud solution
The solution consists of the following AWS services: Route53, ACM, WAF, ALB, EC2, RDS, S3, AWS Transfer Family, AWS Backup, EC2 Image Builder, ControlTower, SSO, and ElasticSearch. The infrastructure for the solution is managed from an AWS Shared Services account under Control Tower. Additionally, some parts of the infrastructure are controlled through CodePipeline, which ensures that the DEV, TEST, and PROD environments are consistent, allowing for the deployment of software changes consistently and securely.
All configuration is delivered as IaC via AWS CDK, where the system code is held in CodeCommit, and changes are activated through CodePipeline. When a new software version is available, EC2 Image Builder will produce new “Golden Images” for web and application servers. The new image is delivered via an AWS Transfer Family’s SFTP server. The new “Golden Images” are distributed to the DEV, TEST, and PROD environments through CodePipeline, after which the new software is verified on DEV and TEST before deployment in PROD.
Web servers are behind an AWS Application Load Balancer with Autoscaling enabled. Different parts of the application’s data are stored in S3, through Filesystem Mount, and directly in an AWS RDS Oracle database.
Log files from the AWS platform are sent to ElasticSearch through an Elastic Agent and an elastic-serverless-forwarder. Through ControlTower’s SSO, OpenNet has controlled and non-destructive access to the infrastructure.
OpenNet provides a collaboration model and IT platform for opening up fiber networks in Denmark. Service providers and fiber network owners can easily collaborate through OpenNet’s IT platform. OpenNet helps service providers deliver internet and TV services to end customers on a range of established fiber networks in Denmark