KPA offers Environment, Health, and Safety (EHS), HR Management, and Finance & Insurance compliance software and services to businesses. KPA utilizes cloud software, online training, and on-side audit and loss control services to help over 10,000 client locations achieve regulatory compliance, control risk, protect their assets, and cultivate their workforces.
Elastic Compute Cloud (EC2)
Relational Database Service (RDS) for MySQL
Elastic Kubernetes Services (EKS)
Elastic Block Storage (EBS)
Elastic Load Balancing (ELB)
Virtual Private Cloud (VPC)
Identity and Access Management (IAM)
HanaByte was chosen as a partner due to a proven track record in performing updates to Kubernetes, adhering to DevOps best practices, and their expertise in workloads running in AWS. When using HanaByte as a partner, KPA was able to have assurance that DevOps solutions and cloud infrastructure can be built with well-architected best practices and a proper security check in every step of the Kubernetes upgrade process.
HanaByte was able to answer the needs of KPA by working side-by-side with their team, collaborating and consulting on best practices every step of the way. In-depth discovery sessions were held to understand the Compligo solution and its microservices, enabling HanaByte to identify dependencies and plan a successful migration. To ensure a smooth transition, HanaByte developed backup and rollout plans and established new CI/CD pipelines.
Terraform was utilized as the infrastructure as code tool to create a new EKS cluster that conforms to security best practices, deployed within a Virtual Private Cloud (VPC) with public and private subnets as well as having appropriate IAM policies for interactions with AWS resources. Terraform modules were developed for both EKS and VPC, and code pipelines were created in Azure DevOps to deploy infrastructure as code into the AWS environment and set up the EKS clusters.
AWS Relational Database Service (RDS) was also implemented, with security groups configured to interface with the VPC networking and EKS clusters, ensuring connectivity without compromising security. Elastic Load Balancing via Application Load Balancing (ELB) was also used for networking, routing to microservices running in EKS. Route 53 was utilized for Domain Name Service (DNS) routing throughout the solution as well.
HanaByte was able to successfully create an automated solution for upgrading Kubernetes clusters at scale, while taking into consideration the many microservices dependencies that constituted the Compligo solution. With this solution, KPA experienced an increase in availability, reliability, and security of its deployments, while bringing secure infrastructure and lifecycle provisioning under a single infrastructure as code solution.
Prior to HanaByte’s solution, upgrades to the Kubernetes cluster were performed once every three years. However, HanaByte’s solution enabled KPA to match the release cadence of EKS updates, which occur around three times per year, thereby accelerating their upgrade cadence by 9 times.
True to HanaByte’s motto, KPA has chosen us as their “best friend” when it comes to providing ongoing DevSecOps support to their existing AWS environment. HanaByte looks to further increase the partnership with KPA by offering full-stack development application support and continuing to enhance their CI/CD systems, Kubernetes configuration, and security posture.
HanaByte is a cloud security consultancy focused on compliance automation based out of Atlanta, Georgia. We are a remote-first consulting firm, working with cloud-native technologies and processes. HanaByte is an AWS APN Consulting Partner.