Application Migration to Public Cloud for a Mobile Video-on-Demand Service

A global mobile video-on-demand service with millions of subscribers had an on-premise infrastructure for its applications. It aimed to move the applications to the cloud for greater agility, scalability, high availability, access to managed services and more automated operations management.

Biarca successfully moved all the client’s applications to Google Cloud Platform (GCP), leveraging GCP’s Cloud SQL, GCE, Kubernetes, VPN and networking features. Biarca also provided a highly-available, dedicated, virtual network interface to each outside carrier.

Finally, Biarca performed functional, performance, auto-scaling and high availability (HA) testing of GCP components to ensure that the solution was robust. With this solution, the client obtained both CapEx savings due to GCP’s low system resource costs and OpEx savings because of GCP’s automation of several resource management tasks.

The Challenge

The mobile video-on-demand service had the following requirements for migrating its on-premise applications, like billing to the cloud:

  1. Re-architect existing stack, mapping to Google Cloud managed services where possible, or to compute equivalents
  2. Create a detailed networking design
  3. Bring up the entire stack on Google
  4. Perform functional and performance tests
  5. Test auto-scaling and HA across regions
  6. Test whitelisted IP availability
  7. Create and test whitelisted IP NATing
  8. Improve network performance and make network highly available

Customized Solution from Biarca

After careful study of the client’s application migration requirements, the Biarca team architected a solution involving five components:

  1. Cloud SQL
    Google Cloud SQL is a fully-managed database service that enables users to set up, maintain, manage, and administer their relational databases on Google Cloud Platform. Biarca installed and configured a Cloud SQL instance with the fault tolerance option to migrate the client’s existing database to Google Cloud Platform.
  2. GCE Instances

    Google Compute Engine delivers virtual machines running in Google’s worldwide network of data centers. Biarca installed and deployed the client’s backend applications like Redis, Kafka, RabbitMQ etc on GCE instances. No public IPs have been assigned to any of these applications to isolate them from external access.

  3. GKE Services

    Google Container Engine (GKE) is a management and orchestration system for Docker containers and container clusters that run within Google’s public cloud services. Google Container Engine is based on Kubernetes and Google’s open source container management system. Biarca installed and deployed several client applications including billing and front end UI on GKE services.

    All the above services are deployed in different clusters with their own subnets. This provides network isolation between applications. Firewall rules have been configured on the GKE instances to make sure that no unauthorized hosts/VMs can access these machines. Default compute service account is enabled for all of these GKE nodes.

    GKE offers autoscaling capabilities that automatically add or remove instances from a managed instance group based on increases or decreases in load. GKE also offers auto healing capabilities that enable the nodes in the group to be recreated as needed.

  4. NAT VM – Design and Specification

    Biarca deployed NAT VMs as GCE instance groups, for serving traffic from the cloud applications to the outside carriers. Biarca installed two NAT VMs, an active and a passive, in different zones to ensure high availability. Each carrier has a whitelisted static public IP of the active NAT VM to ensure traffic isolation.

  5. Hashicorp Consul Configuration – Service Discovery of Applications

    Hashicorp Consul is a tool for service discovery and configuration. Hashicorp Consul is distributed, highly available, and extremely scalable. It provides several key features like Service Discovery, Health Checking, Key/Value Storage, Multi-Datacenter, etc.

    Biarca has created five GCE instances for Hashicorp Consul Servers in two GCP managed instance groups with different zones for HA. One server (primary) in one group and four servers (secondary) in another group. All the client applications are registered to the Hashicorp Consul and thereafter they will be discovered and maintained in the Hashicorp Consul registry.

  6. VPN

    Google Cloud VPN securely connects a client’s on-premise network to the Google Cloud Platform (GCP) Virtual Private Cloud (VPC) network through an encrypted IPsec VPN connection.

    Biarca configured Google Cloud VPN to establish a secure connection between Google’s network and the client’s on-premise data center network. Biarca also configured firewall rules to provide necessary security between the networks.

Google Cloud VPN between GCP and Client On-premise Network

Customer Value Proposition

The solution that Biarca designed for migrating the client’s existing infrastructure to Google Cloud Platform had the following benefits:

  1. GKE cluster and instances are run in a fully a managed environment. This reduces the burden on users for deploying, managing, and scaling containerized applications. It also ensures high availability of services.
  2. Cloud SQL runs in GCP’s managed environment. Database operations like applying patches and updates, managing backups and configuring replications, etc. are automated. So users don’t need to worry about managing/maintaining the database and can fully focus on application development.
  3. By using GCE instances, users need to pay only for the compute time that they use since the billing is calculated per second. Users can also choose custom machine types that match their needs.

Contributors: Harish K and Ganesh Kaila

Leave a Reply

Your email address will not be published. Required fields are marked *