Koo is a microblogging platform built for Indians in order to be able to share their views using Indian languages. This website and app won the Atma Nirbhar innovation challenge and is a Made in India service.
This platform was co-founded by Aprameya Radhakrishna and Mayank Bidawatka and enables users to share their thoughts in text, audio or video.
Many prominent faces of India use Koo. It lets users to follow people they like, know what’s on their mind and share thoughts too. The Koo app has more than 13 million active users (as of Oct 2021) and is growing at a very high rate. Koo has users across the globe.
Koo needed a platform which is highly scalable, highly elastic, performant and secure at the same time. Being a social media and micro-blogging platform, It needs to be highly available.
The real challenge was to ensure that the platform scales for millions of users and autoscale. Other issues to be taken care of such as ….
1. Scale up fast
2. Data storage backends should have enough capacity to store and serve data
3. Manage high availability of the system
4. Manage the scale in a cost efficient manner
5. Identify stress points before any system fails
6. Keep the platform secure
7. Performance should be within SLA
TECHPARTNER was involved to design, implement and manage the solution.
The TECHPARTNER team worked with the Koo management team and tech leads to understand the project needs. Together we chalked down the plan and finalized the architecture. Our focus was to leverage AWS services and utilize the open source tools to achieve the required output.
For container orchestration we use AWS EKS to support the scale and faster rollout. The architecture consisted of setting of auto-scaling nodegroups using a mix of on-demand and spot instances for better performance, scalability and cost optimisation.
SECURITY BEST PRACTICES
- Active and passive security is implemented by using several AWS Services. All standard AWS recommended security best practices have been implemented
- Application code deployment via Jenkins is done after proper QA
- Terraform and Ansible is used to setup the entire infrastructure
- Scalable Architecture: With the scalable architecture Koo was able to serve the user with improved response time which in turns helped to acquire more users
- Performance: As the application and deployment is modular, the whole CI/CD process became easy and efficient
- Automation: Automation reduced the manual deployment time by 90% giving free hand to developer to concentrate on Innovation
For success of project, TECHPARTNER used below AWS Services
- Amazon EKS, the managed container service, helps reduce costs with efficient compute resource provisioning and automatic Kubernetes application scaling
- Amazon EC2 was used for compute with a combination of on demand and spot instances. Node Instance was configured to spin up automatically during load
- Amazon S3 was used to store mainly for the Images which need to be accessible across the instances
- AWS NAT Gateway Service was used to provide the Internet to systems in private subnet during patch management
- AWS CloudWatch was used to monitor to the Instance performance
- AWS CloudTrail was used to keep track of the activity across the AWS environment.
- AWS Config was used to track changes for AWS resources and also to alert with resources that are not compliant as per defined rules
- AWS Identity and Access Management (IAM) was used to provide AWS resources access as per company’s policy. Also wherever possible IAM roles were used to provide access to AWS resources as per IAM’s best practices
- AWS Trusted Advisor checks and provides recommendations that help us follow AWS best practices
- AWS Secrets Manager is used to protect secrets needed to access applications, services
- AWS Guardduty is being used to proactively monitor for threats. This helps mitigate threats early by triggering automated responses.
- AWS KMS – keys generated using KMS are used in encryption for secure data
- AWS Aurora RDS is used as the primary database backend with Postgresql engine
- AWS Elasticache Redis is used as the in-memory data-store
- AWS ECR is used to store the application containers
- AWS ELK is used for centralised logging. All applications log to this centralised ELK
- AWS Elasticsearch – The search in the application is powered by Elasticsearch