Greentech in the Cloud
About Burgenland Energie
BE Technology GmbH develops innovative digital solutions and enables the necessary broadband infrastructure in Burgenland
Green energy is needed more than ever in mankind history. What can help the adaption of Greentech more than the most innovative cloud technologies as a service? Learn how we support our customer BE Technology becoming a champion in an competitive environment.
About the Customer
BE Technology GmbH develops innovative digital solutions and enables the necessary broadband infrastructure in Burgenland. Activities are focused on four areas:
- The development of innovative, digital products and services for private customers, companies and municipalities.
- The management of weiterdenker.at, a digital platform for products and services, as well as a strong community for the exchange of information on the topic of climate neutrality and sustainability.
- The management of selected, innovative digitalization projects of Burgenland Energie.
- Coordination of further broadband expansion in order to provide every household in Burgenland with "high-speed broadband" by 2030.
When you want to be a greentech champion, short lead times of your ideas is critical to your success. In times when the situation on the energy markets change rather hourly than daily, you want to be able to release your ideas within one week, from the idea to the customer facing launch. This is the true business agility.
On-premise infrastructure faces big challenges when talking about hardware upgrades. Changes and hardware purchase approvals, scheduled downtimes and maintenance windows and multiple stakeholders all contribute to longer lead times that span from days to weeks, all the while production performance is impacted. Traditional CMS systems (Typo3 and Wordpress) are rather designed for convenience but not for scalability.
Real innovation requires multiple tries , multiple fails and multiples restarts. Launching your MVP should not require significant investment infrastructure costs. “Failures” should be “cheap”, successes should scale up. Traditional IT infrastructure require significant upfront investment costs. Adapting major architectural aspects require even more investment. Cross cutting concerns like security, DDoS protection etc. also require upfront investments.
The solution was designed to address and resolve the above challenges by leveraging AWS serverless technologies. By migrating the workload to AWS, the customer’s business is direct beneficiary of the advantages offered by AWS.
Compute: Relying on AWS Lambda provides highly-available, highly-scalable, highly-performant and very cost-efficient solution. The functions are consisted of two types: Lambda@Edge functions, which handle static content redirect and drastically improve performance by utilizing the CloudFront’s Edge backbone and by bringing code’s execution closer to the end user. The second type are Lambda functions that handle the backend logic of the application.
Storage and Database: The content of the web application is generally static and is stored in S3, which provides highly-available, secure, cost-efficient and maintenance-free storage solution. DynamoDB is used for data needed by the backend components, which by definition is fast, reliable and scalable. The CMS database is hosted in RDS, a fully managed service which reduces the operational overhead a traditional database system usually needs.
Logging and Monitoring: The application (Lambda) and CMS logs are sent to CloudWatch Logs to utilize the cloud native solution for it and to have all data in a central place.
Security: The workload is not only relying on the build-in security provided by the AWS services, but data encryption is enabled at rest and in-transit as well. All stores where data resides are encrypted: S3 buckets for static content and website data, RDS database for the Strapi instance and DynamoDB tables for the application backend. AWS-KMS is used as key-management system. Data in-transit is encrypted by TLS-enabled protocols fully supported by the two services in use: CloudFront CDN and Application Load Balancer.
Deployment and orchestration: Atlantis is a utility that enables infrastructure deployments by following the GitOps operational framework. The infrastructure is described in configuration files (infrastructure as code) and stored in central GitHub repository. Changes and new additions are submitted in pull requests that trigger deployment orchestration via webhooks. During this operation, Atlantis instructs Terraform to ‘plan’ and ‘apply’ the new changes. Both tools run in an ECS container hosted in separate AWS account. Part of the workload - the Serverless Application Model (SAM) backend - is deployed via GitHub Actions.
The following key results have been achieved at Burgenland Energie by leveraging the new architecture in AWS:
- The duration from setting up a new landing page until Go-Live has been reduced from several weeks or even months to 1 week
- The serverless architecture can handle almost infinite requests without any performance degradation
- Costs for running the application have been dramatically reduced due to serverless technology - no demand, no costs
Infrastructure as Code (IaC)
- The infrastructure is described and kept in configuration files, and all changes are tracked in version control system.
- The entire infrastructure can be deployed in under two hours.
Isolation of duties using AWS accounts
- In terms of infrastructure deployment, the workload has two stages: production and staging. Each one contains full deployment in a dedicated AWS account.
- Deployments, re-deployments and tests are much simpler to execute, and errors can be detected and fixed early.
High availability and scaling
- Loading the content and media is much faster thanks to CloudFront and Lambda@Edge.
- Backend services respond to increased demands and are capable of automatic scaling.
- Data is encrypted at rest and in-transit.
- Headless CMS significantly reduces the attack surface by decoupling the frontend delivery layer from the application backend.
- Only specific endpoints are exposed to the world and access to internal resources is tightly scoped
About the Partner
ByteSource Technology Consulting GmbH based in Vienna is one of the leading experts in the DACH region for AWS, Atlassian, DevOps and agile software development as well as technical consulting. As the largest Atlassian Platinum Partner and AWS Advanced Tier Services Partner in Austria, ByteSource proves their expertise in scaling the Atlassian toolset and agile transformation on the innovative Data Center platform. With a focus on DevOps & Cloud Journeys as well as migration and advise, ByteSource realizes large-scale projects up to three times faster than IT companies with conventional approaches.