EXECUTIVE SUMMARY
GMoney is a platform facilitating the loan transactions between the borrowers and the NBFCs/Banks. All loan applications are approved and sanctioned by NBFCs/Banks registered with RBI and communicated upfront during Loan application. The Platform provides access to an online platform bringing together consumers, financial institutions, data partners and other partners willing to abide by their respective Terms & Conditions. GMoney’s lending partners provide various kinds of medical loan products as specifically supplied by the Users through the Platform.
THE CLIENT’S CHALLENGE
Client was looking to expand the reach to consumers and for that they are looking for settings up the secure AWS Infrastructure which follow all the compliance and have the flexibility to deploy the builds easily. Previously infrastructure was configured as RAW with all instances accessible over Public IP Including databases and as they grew they wanted to make sure that infrastructure is 3 Tier with proper Web, Application and Database segregation. While setting up the infrastructure client was also concerned about cost. They are also looking for help in Database optimization where they are lacking the expertise.
PROPOSED ARCHITECTURE
DEPLOYMENT AUTOMATION
The GMoney application development team uses Github as their code repository. Jenkins is used as the CI/CD tool here. The deployment to the production environment is kicked off manually using Jenkins. The backend application services (written in Node.js and Python) are deployed in a blue-green fashion where new sets of auto scaling instances are spun up. Once the new set is healthy, they are replaced in place of the original instances (the original instances are killed thereafter). The frontend application (written in AngularJS) code is placed in AWS S3 and served to end customers using AWS Cloudfront. This CD process is set up in Jenkins and kicked up manually during production deployment.
INSIGHT TO ACTION
The TECHPARTNER team worked with the GMoney management team and tech leads to understand the project needs. Together we chalked down the plan and finalized the architecture. Our focus was towards securing the infrastructure, highly available and with an easy CICD process. We also worked with the client’s database team to understand the slow queries identified the missing indexes as well as the queries which were not written optimally. We shared the query execution plan and helped them to tune the database for better performance. With optimized query and schema help the client to downgrade the DB instance without compromising the performance.
BENEFITS
Scalable Architecture: With the scalable architecture GMoney was able to serve the user with improved response time which in turns helped to acquire more users
Performance: As the application and deployment is modular, the whole CI/CD process became easy and efficient
Automation: Automation reduced the manual deployment time by 90% giving free hand to developer to concentrate on Innovation
Optimisation: Optimized queries for the database reduce the usage by 70% and which in turn help to downgrade the DB Size and reduce the cost/month by 50% for DB itself.
With Scalable architecture, the client was easily able to handle the more than Million of requests/min on the hybrid infrastructure without any hiccups.
AWS STACK
- AWS WAF: Since this is a consumer facing application, WAF is used for better security.
- AWS CloudFront: The frontend of the application is served via CloudFront for quicker response to customers and take advantage of CloudFront edge locations.
- AWS Application Load Balancer (ALB): The application is hosted on private auto scaling group instances and ALB is used to load balance and expose the application to the internet. ACM is used to generate SSL certificates and applications are made to serve only SSL encrypted payload to end customers.
- AWS EC2 Auto Scaling Groups (ASG): The application is set up using auto scaling group ec2 instances so that ASG is used for auto-scaling. Whenever the application usage crosses a threshold of 60% CPU usage, the ASG horizontally scales out to accommodate the inflow of requests, enabling seamless scale and user experience. The ASG scales-in whenever the load subsides; this helps keep costs in control.
- AWS Cloudwatch: AWS Cloudwatch is used for monitoring and alerting. Resource usage of the infrastructure is monitored using Cloudwatch dashboards. Whenever any critical threshold is breached (e.g. too many 5xx on ALB), an alert is sent out to the Operations and Engineering team for investigation. Billing alerts have also been set.
- AWS Route53: Route53 is being used for DNS. DNS zones are set for internal as well as public facing records.
- AWS S3: S3 is used for storing frontend application code and static assets (which are served by CloudFront eventually). S3 is also used to store backup data. Long term data to be retained will be moved to Glacier periodically.
- AWS CodeBuild: It is used to build and compile the application.
- AWS CodeDeploy: It is used for deployment and it helps to make deployment in blue/green.
- AWS Lifecycle Manager: It is used to take instance’s image backup.
- AWS RDS (PostgreSQL): This is the backend for the python applications.
- AWS KMS: It is used for encryption of instance’s disks
