With growing Cloud adoption and need for Intelligent Infrastructure Automation, larger enterprises are adopting Hybrid-Cloud solutions like Terraform. Creating reusable templates for provisioning of complex infrastructure setups in Cloud and Data Centers, Orchestrating Cloud management with self-service Portals and full lifecycle monitoring of the assets can provide a flexible, reusable and scalable enterprise cloud solutions.
Relevance Lab is a Hashicorp partner with multiple successful enterprise infrastructure automation implementations using Terraform covering AWS, Azure, VMWare and GCP with 5000+ nodes setups.

Solution Highlights:

Our solution allows you to rebuild stacks using automation completely. It is instrumental in provisioning newer environments with minimal code changes.
It has the built in ability to replicate stacks across multiple regions with minimal code changes.
Capability to add / remove new instances to components with few code changes.
Simple code structure. Any new infrastructure needs can be easily provisioned by modifying the variables.
Ability to modify instances such as Volumes, Instance Sizing, AMI changes, Security groups with minimal code changes.

Tools & Technologies:
Terraform from HashiCorp has emerged as the best Infrastructure automation tool. Terraform helps in building, changing and versioning of the infrastructure efficiently. Terraform is a declarative and, with the help of configuration files, we can describe the components to be built and managed across the entire datacenter.

Design Considerations:
Below mentioned are some of our design considerations based on standard practices in infrastructure automation. These structures have helped us gain flexibility and ease in scaling stacks based on demand.

Code Repo Structure:

Each AWS stack is a separated GITHUB Repo while Terraform modules are a shared repo.

It makes the code design structure very scalable to create newer AWS stacks in a different region or re-build stacks in case of a disaster or scale more resources based on traffic/load.
A separate repo helps in maintaining isolation as each stack would have varied footprints of the resources.
It helps in security and compliance as audits can be performed against a specific stack.

Segmentation:

The below design model is showing the Automation build-out for each AWS account. Each layer is well segmented and can be easily scaled based on the needs. Making any specific change to each of the layers is easier.

Integration:

Fully integrated with GITHUB for Continuous Integration and Continuous Deployment.

Each change is performed on a branch which is merged via a Pull Request.
Each Pull request is reviewed and verified and combined with the Master branch.
Infrastructure changes are thoroughly tested during the PLAN stage and then terraform APPLY.

Code reusability:

Modules provide an easy way to abstract, common blocks of configuration into reusable infrastructure elements.

Modules can help with this as they significantly reduce duplication, enable isolation, and enhance testability.

Benefits:

Provides the ability to spin up an entire environment in minutes.
It reduces time to rollout complex network and storage changes to less than a few minutes.
Infrastructure is managed as a code, and all changes are tested well; resulting in fewer outages because of infra configuration changes.
It is easy to operate and maintain because terraform uses a declarative language.
Infra is Idempotent, and a state-based desired system.

Conclusion:
Using design best practices of terraform, enterprises can quickly build and manage infrastructure, which is highly scalable and efficient. Further, this automation can be hooked to a Jenkins pipeline project for automated code pushes for infra changes which can be tied to a standard release and deployment process.

Leveraging Chef for configuration management and managing all the application software installation and configurations via Chef cookbooks and recipes.
Leveraging InSpec for auditing the properties of the AWS resources.

There are few other additions which could be introduced to this design to do a tight bonding between security and compliance policies and infrastructure as code. That may be achieved by integrating with Sentinel It helps in prevention of infra provisioning if there are deviations in the Infra code which do not adhere to the security policies. Sentinel helps us in building a fine-grained, condition-based policy framework.

For more details or enquires, please write to marketing@relevancelab.com

0

2020 Blog, AIOps Blog, Blog, Featured

INTELLIGENT AUTOMATION : Automation Helps in the time of crisis with COVID-19

By RL Admin on

March, 2020

- 2020 Blog, AIOps Blog, Blog, Featured

The recent COVID-19 virus outbreak has driven many unanticipated changes in the way we do business. In particular, many people who usually go into the office are now required to work from home, which can mean different access methods (e.g. VPN Access) and permissions. These changing conditions have the potential to overwhelm service desks.

We have seen this with our clients in terms of a dramatic increase in service requests. We are pleased with the role our automation has played during these trying times. Our intelligent BOTs have enabled Relevance Lab to respond to upticks in service requests instantly.

Figure 1: Intelligent Automation Eliminated Service Desk Impact

With one of our significant clients with a large NYC footprint, daily inbound tickets increased 92% (Fig.1) during the March Peak Day (vs Feb avg) as the effects of the Corona virus forced people to work-from-home. Fortunately, nearly all those tickets are being managed using RL’s Intelligent BOTs, and we were able to handle the increased volume with no delay. Our Intelligent BOTs handled two and a half times (Figure 2)) their normal daily workload so that our service desk team could maintain focus on other critical business needs.

Figure 2: Dramatic Ticket Spike as People Prepared to Work-from-Home

Over the last year, we have increased the coverage and complexity of our Intelligent Automation to achieve 70-80% inbound ticket automation with an equivalent reduction in human efforts. Having a robust platform with standardized processes, BOTS driven automation and reliable Automation Analytics have helped better prepare for the unknowns.

As we all continue to weather this crisis together, please stay safe. We wish everyone the best.

For more information feel free to contact marketing@relevancelab.com

0

2020 Blog, AIOps Blog, Blog, Featured

Automated Patch Management for Cloud and Data Centre Assets using Intelligent Automation

By RL Admin on

February, 2020

- 2020 Blog, AIOps Blog, Blog, Featured

With distributed assets across Cloud and non-Cloud environments covering desktops, servers and other devices enterprises are still having a fragmented approach to basic needs of patch management. This brings in unique risks from a Security and Vulnerability perspective. Even when companies do have focus on this area there is a lack of integration between asset management, vulnerability assessment, patch management and governance to ensure a comprehensive solution that leverages “Automation First” Approach and integrated workflows. This is where RLCatalyst ServiceOne brings in a solution for enterprises to leverage this in a Managed Service Model.

The solution covers all enterprise assets and helps do a discovery, vulnerability assessment and then managing the full-lifecycle of Patch Management. The reason patch management is more complicated since large enterprises commonly have modern and legacy systems covering desktops (Windows, Linux, MacOS), Servers (Redhat, Debian, Ubuntu, CentOS, Windows Servers etc.), Network Devices and others covering assets in data centres and cloud (AWS, Azure, GCP, etc.)

RLCatalyst ServiceOne Solution – Five Layers of Vulnerability & Patch Management of your Infrastructure

The whole process of Intelligence Automation of SecOps starts with the asset inventory to ensure you have complete control and visibility of your Infrastructure. Once this is put in place, the next important aspect would be to run periodic Vulnerability Scans using third party applications like Qualys, AWS Inspector etc. Based on the VA scan report, we need to put an automated patch management solution, post which we can run the SIEM tools which can give a real-time analysis of security alerts. The dashboard or the reports provide a holistic view of the health of your overall Infrastructure from a security standpoint, which the CIOs of any Organizations would be keen to see daily.

ServiceOne Patch Management Solution:

ServiceOne Patch Management Solution is a fully integrated solution with Patching, Backup & recovery. Our solution is integrated with ITSM for the overall management of the solution which can help the organizations run periodic scheduled /unscheduled/ad-hoc scans on the system to identify the missing patches and patch them using an approval process.

The IT team verifies the patches based on the periodic scans and categorise them based on the criticality and bundle them. This can then be pushed to the Application owners who can login to ServiceNow and check the available bundles against their set of servers and approve them or reject them. Once approved, basis the next available scheduled maintenance windows, this can then be automated to schedule a backup of the image of the patching servers and then patch the development servers.

The next step would be an approval process post patching to the app owners to check and confirm the application compatibility and functionality of the patches against their applications.

The app owners in this case has the option to reject the patching in ServiceNow in which case, the image which was taken as backup would be restored back to the development instance and in case of approval, the same would get scheduled automatically for patching during the next maintenance window on the production servers

With RLCatalyst ServiceOne solution we provide enterprises a combination of Consulting, Technology and Integrated Services to take care of end to end patch management needs. Customers can leverage the best of the products in the industry across service orchestration, asset discovery, vulnerability assessment, patch lifecycle management and compliance. Enterprises can get started in less than 4 weeks for onboarding, setup, initial compliance and on-going upgrades. A large global enterprise saved $0.5 Million in the first year of operations as they transitioned 5000+ assets across 10+ data centres & Cloud regions into ServiceOne Integrated Patch Management solution with Relevance Lab Managed services.

For more information feel free to contact marketing@relevancelab.com

0

2020 Blog, AIOps Blog, Blog, Featured

Infrastructure Automation using Terraform

2020 Blog, AIOps Blog, Blog, Featured

INTELLIGENT AUTOMATION : Automation Helps in the time of crisis with COVID-19

2020 Blog, AIOps Blog, Blog, Featured

Automated Patch Management for Cloud and Data Centre Assets using Intelligent Automation

About

Recent News

Automation Service Bus (ASB) – A New Approach for Intelligent and Touchless Automation

Health Informatics and Genomics on AWS with Research Gateway

Intelligent Lifecycle Automation and Orchestration for Hybrid Cloud Workloads

Are you using your AWS Cloud, “The Right Way”?

Platform

Services

Frictionless Business

Resources

Quick Links

Policies