BKJ Digital is a distributed team of engineers, strategists, designers, and problem-solvers that delivers product and software strategy, engineering, and enablement to enterprises. They provide their clients with strategic consulting, solution planning, user experience design (UX), visual design, and a complete suite of development, testing, and hosting services. To learn more, go to www.bkjdigital.com.
IT Services, Product Strategy & Engineering
San Francisco, CA
Enhance the flexibility, infrastructure reliability, security, and compliance of their application stack to support their fast-growth business.
Migration, DevOps Services – Infrastructure Build-Out and Automation, Containers, CI/CD.
Enhanced security and compliance
The BKJ Digital team needed to migrate a fleet of production applications from a legacy infrastructure provider to a modern, flexible, Kubernetes-based stack. The nClouds team's deep experience with Kubernetes on Amazon EKS helped us plan and execute our migration to AWS in record time.”
Director of Technology, BKJ Digital
BKJ Digital needed a sophisticated compute platform for their fast-growth business that provided the performance efficiency of a flexible, reliable infrastructure, and met the security and compliance requirements of their end-customers. They wanted to migrate their production applications from a legacy infrastructure provider to a modern, flexible, Kubernetes-based stack.
AWS recommended that BKJ Digital work with nClouds, a Premier Consulting Partner in the AWS Partner Network (APN), because of its AWS DevOps Competency and AWS Migration Competency status and deep experience in those areas.
BKJ Digital engaged with nClouds to help them migrate their application stack from SoftLayer (IBM Cloud) to AWS.
nClouds began by performing a Migration Readiness Assessment (MRA). BKJ Digital’s pre-migration infrastructure on SoftLayer had a self-managed MySQL database, Apache Solr servers, network-attached storage (NAS), applications on VMs, containerized applications on Docker Swarm, load balancers, a utility server, and no managed services. The workload on SoftLayer had five web applications and four backend CMS Applications (on the Drupal content management platform). The web applications were jointly running on three servers. All web applications had a Varnish Cache in front of them. The backend applications were running on Docker Swarm. Most applications were containerized.
During the assessment phase of the MRA, BKJ Digital indicated that they needed a sophisticated compute platform (re-platforming), with a caveat that downtime be minimized. They had security and compliance requirements from their end-customers and wanted managed services wherever possible.
During the readiness and planning phase, nClouds determined that BKJ Digital had a pilot and PoC workload already on AWS and needed to be better aligned with the AWS Cloud Adoption Framework. They had an Amazon EKS Cluster and network infrastructure in place (using Terraform), had two services running, and were using AWS CodePipeline and AWS CodeBuild for CI/CD. Their ELK Stack included Amazon Elasticsearch Service, Logstash, and Kibana running on Amazon Elastic Compute Cloud (Amazon EC2). Re-platforming was not a fit for some applications, and a hybrid model (existing setup plus AWS) would be feasible for some time.
During the migration phase, nClouds’ migration team integrated with BKJ Digital’s existing team to implement faster infrastructure build-out using the nClouds code library, best practices for CI/CD and monitoring, and multiple environments with an infrastructure as code (IaC) approach. nClouds evaluated all services for proper containerization practices and provided feedback to BKJ Digital’s development team to fix gaps.
In the new infrastructure, there is a prod VPC and a utility VPC on AWS. Each Amazon VPC connects to the internet through an attached Internet Gateway and has AWS Systems Manager Parameter Store and Amazon ECR. There are three Availability Zones (AZs) in the prod VPC and two AZs in the utility VPC.
In the prod VPC are the following:
In the utility VPC are the following:
Teaming with nClouds, BKJ now has a sophisticated compute platform for their fast-growth business. The project has yielded numerous benefits:
BKJ Digital required a hybrid model (a combination of the existing setup and AWS), as re-platforming was not a fit for some of their applications. Kubernetes provides this flexibility because it works with virtually any type of container runtime and any type of underlying infrastructure — whether it is a public cloud, a private cloud, or an on-premises server.
BKJ Digital achieved improved reliability by implementing monitoring of their workload components. An AWS Application Load Balancer (AWS ALB) in each of the public subnets provides support for monitoring the health of each AWS service independently. Reliability is also supported by Prometheus’ monitoring and alerting toolkit and ELK Stack’s real-time actionable insights and centralized logging.
BKJ Digital’s workload is protected at the AWS account level by Amazon GuardDuty’s continuous detection of malicious activity and unauthorized behavior. Vulnerability management is provided by Amazon Inspector’s configuration assessments against BKJ Digital’s instances for known common vulnerabilities and exposures (CVEs) against security benchmarks, with automated notification of defects. Alert Logic provides managed detection and response (MDR) coverage.
You can also email us directly at email@example.com for your inquiries or use the form below