Overview
A company undertook a significant transformation of its application deployment infrastructure, moving from a GitLab CI environment with runners to a robust, scalable and secure solution based on Azure. This change was driven by the need to improve security, scalability and overall performance, in line with the company’s strategic objectives.
Context
The company’s legacy system was mainly on-premises, relying on GitLab CI for continuous integration and job execution via runners. This configuration had limitations in terms of scalability, security and operational efficiency. After an in-depth audit, it became clear that the transition to Azure could solve these problems and provide a more resilient infrastructure.
Objectifs
The main objectives of this transformation included :
- Improve scalability: Take advantage of Azure Kubernetes Service (AKS) for dynamic resource allocation.
- Enhance Security: Implement Azure’s comprehensive security features.
- Increase Operational Efficiency: Use Azure DevOps for streamlined CI/CD processes.
- Ensure High Availability: Deploy applications in several availability zones.
- Facilitate Better Monitoring and Logging: Use Azure Monitor and Azure Log Analytics for centralised logging and real-time insights into applications.
Architecture Solution
Migration to Azure :
- Azure Kubernetes Service (AKS): Deployed for container orchestration, enabling automatic scaling and high availability of applications.
- Azure Container Registry (ACR): Used to securely store Docker images, seamlessly integrated with AKS for smooth deployments.
- Azure DevOps: Central to the CI/CD pipeline, encompassing Azure Repos for source control and Azure Pipelines for automated build and deployment processes.
- Azure Blob Storage: Used to host static web applications and trigger deployments.
CI/CD Workflow transformation :
- Migration from GitLab to Azure DevOps: GitLab CI has been migrated to Azure DevOps, ensuring better integration and more robust automation of pipelines.
- Automated Job Execution: Jobs previously launched via GitLab runners are now managed by Azure Pipelines, with deployment jobs scheduled and managed in AKS via Helm.
- Environment Management: Separate environments for Development, QA and Production, managed via Azure DevOps, ensuring clear separation and effective lifecycle management.
Secuirty improvements :
- Azure Key Vault: Implemented for secure management of secrets, keys and certificates, strengthening data protection.
- Microsoft Defender for Containers: Deployed for real-time vulnerability detection and security monitoring of containerised applications.
- Enhanced authentication: Use of Azure Active Directory for robust authentication mechanisms throughout the deployment pipeline.
Monitoring and logging :
- Azure Monitor and Application Insights: Integrated for real-time monitoring and proactive performance management.
- Centralised logging with Azure Log Analytics: Providing a unified view of logs from all applications and infrastructure components, simplifying troubleshooting and performance analysis.
Advantages
Scalability and high availability :
- Dynamic scaling with AKS ensures applications can handle variable loads efficiently.
- Multi-zone deployments for high availability and resilience.
Security and Compliance :
- Centralised secrets management and real-time security monitoring enhance overall system security.
- Full logging and monitoring to facilitate compliance with industry standards.
Operational Efficiency :
- Streamlined CI/CD processes with Azure DevOps, improving deployment speed and reliability.
- Automated workflows and environment separation reduce manual intervention and errors.
Profitability:
- Cloud-based infrastructure reduces the need for physical hardware and the associated maintenance costs.
- Optimized resource utilization thanks to automatic scaling and efficient resource allocation.
Conclusion
The transformation of the company’s application deployment from GitLab CI to an Azure-based solution has resulted in a more scalable, secure and efficient infrastructure. By leveraging Azure’s capabilities, the company has not only resolved the limitations of its previous configuration, but has also positioned itself for future growth and innovation.