Learn how a large health care provider migrated their patient portal to Kubernetes
PROBLEM STATEMENT
One of our clients, a major regional HMO health care provider, looked to improve the capabilities of their transactional Member Portal website on behalf of their several hundred thousand members as part of an application transformation effort. Along with improving the portal performance and reliability, the client wanted
to make the site more like the latest mobile apps and offer no downtime upgrades and the ability to scale while still meeting regulatory requirements. Budget was tight, and the client wanted to implement the latest technical platforms while using existing staff to manage the new Member web portal.
EXECUTIVE SUMMARY
In less than four months a new website was introduced incorporating Kubernetes and a new Web Application firewall. The client is able to now offer twice-monthly
updates with no downtime. The new website is managed by existing team members and deployment is automated using Cloud Control’s AppZ. Communication to members has been improved making it easier for the client to be current on the latest changes necessitated by regulation and Covid-19.
PROJECT OBJECTIVES
- Working with Cloud Control and its local partner, Darsan Technologies, the Website transformation objectives were:
- 24×7 Client portal availability.
- Increased Application workloads (based upon WordPress and MariaDB) to process the user requests at the peak level without performance degradation.
- Improve the Web Application Firewall security by adding Signal Science’s capabilities.
- Provide capabilities to allow upgrades twice per month versus two times per year; with no downtime; a major requirement due to Covid-19.
- Provide a true Resilient application with robust Disaster Recovery capabilities.
- Offer full audit trail and logging capability for enhanced control and audit requirements.
- Eliminate Privileged Access while allowing the existing Infrastructure team members to manage the digitally transformed application.
SOLUTION
Cloud Control Systems (“CCS”) worked with the client to migrate their legacy applications running on VMs to on-prem Kubernetes (“K8s”) managed cluster managed by their existing development and infrastructure teams with ‘One-click’ deployment capabilities. This included the new Signal Science WAF capability.
DEPLOYMENT HIGHLIGHTS:
- A Kubernetes cluster built with a Master Node and 4 worker Nodes. Worker nodes are split between DMZ and Private VLANs (2 nodes each). While WordPress front end application is deployed in DMZ, MariaDB database is in private VLAN cluster.
- The Kubernetes Cluster was logically split into DEV, UAT and PROD regions with 50% resource quota allocation to the PROD region.
- Standard AppZ Stacks (re-usable, curated and scanned images) with client customizations were used to deploy the WordPress and MariaDB applications as well as the new WAF.
- Client Portal was up and running in the new production environment within eight (8) weeks. It took only Four months for the completion ofentire lifecycle – Planning, Development, QA, Production Parallel and Production.
BENEFITS
- AppZ Control Plane is used to demonstrate the true GitOps based automated deployment. Business Unit has been deploying on-going enhancements with full automation and control provided by the Control Plane, without any infrastructure admin support twice monthly
- The client has successfully performed multiple zero downtime upgrades of the Client Portal application and infrastructure using Cloud Control’s AppZ solution
- Client Portal Kubernetes Cluster is kept in sync at the DR site and able to meet the required RPO (Recovery Point Objective) and RTO (Recovery Time Objective)
- No new talent was required to manage the production environment
- Client is now able to offer it’s members frequent updates for better communication, marketing and client service.
ABOUT CLOUD CONTROL
Cloud Control Solutions (“CCS”) provides clients with an out-ofthe box low-touch software deployment solution with audit and controls that can be deployed in a matter of days. AppZ enables existing infrastructure teams to provide a resilient, multi-cloud operations capability by providing a framework to manage cybersecurity risk, monitor drift and eliminate privileged access as part of a one-stop and one-click solution. Further, AppZ can containerize legacy applications for deployment on Kubernetes for added scalability, resiliency and redundancy and offers comprehensive support. More than 1400 legacy applications have been transformed to leverage the cloud while meeting SOC2, NIST and CIS best practices for VMware, Private Cloud, Nutanix, AWS, Azure, Oracle Cloud and Google Cloud deployments.
Learn more at eCloudControl.com