Download the case study
CarSaver: A complete one-stop solution for all your car buying requirements
Services: DevOps, Cloud Architecture Design and Review.
- 40-50% reduction in development and staging infrastructure cost
- Reduced the overall downtime of the system by 3X
- Infrastructure as a code, hence faster provisioning
CarSaver is a solution where the users can quickly and easily buy, rent, lease, insure and upgrade all new and second-hand cars of their choice. CarSaver has tie-ups with all the leading car brands. The company’s USP is its lifetime warranty that covers engine, transmission and drivetrain.
The Infrastructure that they had was manually managed, without infrastructure as code, which made it challenging to manage as the number of services and users increased. This led to overheads on maintaining the entire infrastructure through the AWS console and difficulties in maintaining security and compliance status. The client also wanted to leverage the cost-saving benefits of AWS to reduce their development and QA environment infrastructure costs. As a result, the client was looking for a solution to streamline their AWS infrastructure management while maintaining security and compliance requirements and reducing costs.
Proposed Solution & Architecture
To tackle the problem that they had, we proposed the use of AWS CDK as an infrastructure as code solution. With AWS CDK, the client can reduce the overhead of infrastructure provisioning for large infrastructures. Additionally, since AWS CDK supports various programming languages, it enables the developers to deploy their service infrastructure in a programming language they are familiar with, thus making the process more seamless.
As part of our DevOps services, we took the initiative to set up the core platform infrastructure for the client using AWS CDK. This involved setting up the networking, compute, and database stacks. To streamline the infrastructure provisioning process, we also set up the CI/CD pipeline for the client. This allowed for the seamless deployment of infrastructure changes in a timely and efficient manner.
As a DevOps team, we have implemented various security measures to ensure that our client’s infrastructure remains protected from potential security threats. We have set up AWS WAF and network firewalls to protect against unauthorized access and attacks. Additionally, we have implemented AWS Config to monitor and evaluate compliance of the infrastructure with industry standards. We also set up AWS GuardDuty and Security Hub to proactively identify and remediate potential security issues. Through these measures, we were able to maintain a secure and compliant infrastructure for our client.
Metrics for Success
We implemented Infrastructure as Code (IAC) using AWS CDK, which has significantly reduced the time it takes to provision new infrastructure for our client. Previously, it would take 4-6 hours to set up a new environment, but with IAC in place, we are now able to spin up new infrastructure within just 1 hour. This has resulted in a major improvement in the overall development lifecycle and has enabled the client to adopt and implement SDLC concepts more efficiently.
We have explored various cost-saving measures for development and staging infrastructure. One approach we have implemented is leveraging spot and reserved instances. Spot instances are spare EC2 instances that are available at a discounted rate, while reserved instances are purchased for a fixed period at a lower hourly rate. By using these types of instances for our non-production environments, we have significantly reduced the cost of our infrastructure without compromising performance or availability. However, we ensure that we do not use these types of instances for our production environment to maintain high availability and ensure that our customers’ experience is not affected. By using these approaches, we were able to achieve a 40-50% reduction in costs.
With the implementation of new security and network solutions, our client is now able to better track the compliance status of the infrastructure. They can quickly identify any security vulnerabilities or network issues and take immediate action to resolve them. This has significantly improved their ability to maintain a secure and reliable platform for their customers. Our team worked closely with the client to implement solutions such as AWS WAF, network firewalls, AWS Config, AWS GuardDuty, and Security Hub to ensure that their infrastructure is protected against potential threats.
AWS Services Used
- AWS Lambda:- We ran ETL jobs on AWS Lambda for generating prospects for the client, for marketing, for nurturing these prospects, generating deals for the users.
- Amazon Aurora:- Database storage solution , we used for database compliance purposes also.
- Amazon CloudWatch:- We used AWS cloudwatch to generate alarms and for application log generation and as a monitoring solution to monitor the resource utilization metrics.
- Amazon CloudFront:- We have used cloudfront to serve static content.
- Amazon S3 buckets:- We used AWS S3 buckets to store configuration files and to store customer data files.
- Amazon Elastic Container Service:- All application services run in the container service. Thus we used the Amazon Elastic Container Service for application deployment as a container orchestration tool.
- Elastic Load Balancing:- The AWS elastic load balancing service is used as a service load balancer.
- AWS Auto Scaling:- The client wanted a scalable solution. So we used AWS autoscaling to scale up or down according to incoming traffic/load.
- AWS ELasticache:- To cache session and common data to reduce pressure on backend database.
- AWS CDK & cloudformation:- For IaC(infrastructure as a code).
- AWS ALB:- We are using it for load balancing.
- AWS WAF:- AWS WAF helps us to protect against common web exploits and bots that can affect availability, compromise security, or consume excessive resources.
- AWS Config:- AWS Config is a fully managed service that tracks the configuration history and configuration change notifications to use security and governance.
- AWS client VP:- A fully-managed remote access VPN solution we use to securely access resources within AWS.
- AWS network firewall:- AWS Network Firewalls intrusion prevention system (IPS) provides active traffic flow inspection so we can identify and block vulnerability exploits.
- AWS SecurityHub:- AWS Security Hub provides a comprehensive view of our security state in AWS and helps check our environment against security industry standards and best practices.