Skill-Lync migrates to AWS from Digital Ocean

About customer

Skill-Lync offers industry-relevant advanced engineering courses for engineering students by partnering with industry experts. With 250+ expert-curated online engineering courses, it is one of the leading EdTech platforms in India. With 300+ hiring partners, Skill-Lync brings job assistance through their post-graduate programs.

Skill-Lync posted an annual revenue run rate of $40 million in the first quarter of 2022, growing over 4x, spurred by 3x student enrollments from 78 countries.

Executive Summary

Skill-Lync is among India’s leading EdTech platforms providing a project-based learning environment through its online PG courses. The client’s infrastructure was hosted in the Digital Ocean Cloud. The client needed to migrate this infrastructure to the Amazon Web Services (AWS) Mumbai region.

Challenges

The client’s infrastructure was hosted in the Digital Ocean Cloud. Digital Ocean is Infrastructure as a Service (IaaS), where Skill-Lync had to manage almost everything (like security, operating system, databases, and more). With the growing number of students and hiring firms subscribing to Skill-Lync, they desired to have a secure and scalable model with less management involved. AWS offers managed services (Platform as a Service or PaaS), which manage everything on its own except applications. The security and scalability that AWS offers were also deciding factors. Infrastructure security was a concern as compute and databases were publicly accessible.  Manual intervention was required for scaling the compute resources vertically. There was no firewall for protecting the application from DDoS attacks or common OWSAP vulnerability attacks. Skill-Lync thereby wanted to migrate its infrastructure to the Amazon Web Services (AWS) Mumbai region.

Skill-Lync migrates to AWS from Digital Ocean

Solution

It was decided that the application would be rehosted to Amazon EC2, as it is a monolith. Modernization would be taken up in the next phase of the engagement.

Comprinno initially did the CIDR block planning for setting up VPC and creating 3 public and 6 private subnets in the Mumbai region. 11 servers and 10 databases were in the scope of this migration. Applications are deployed on Amazon EC2 with auto-scaling groups in the 3 private subnets. The Auto Scaling group adjusts the desired capacity of the group, between the minimum and maximum capacity values that were specified, and launches or terminates the instances as needed.

Comprinno initially did the CIDR block planning for setting up VPC and creating 3 public and 6 private subnets in the Mumbai region. 11 servers and 10 databases were in the scope of this migration. Applications are deployed on Amazon EC2 with auto-scaling groups in the 3 private subnets. The Auto Scaling group adjusts the desired capacity of the group, between the minimum and maximum capacity values that were specified, and launches or terminates the instances as needed

Skill-Lync migrates to AWS from Digital Ocean

MySQL on Digital Ocean was continuously replicated in MySQL on Amazon RDS. The source database remained fully operational during the migration minimizing the downtime to apps that are on the database. Amazon RDS Read Replicas have been created to provide enhanced performance and durability for Amazon RDS database (DB) instances.

Amazon Route53 is used to register domain names and route internet traffic of Skill-Lync domain name to CloudFront web distribution. Amazon CloudFront improves the performance of the website as it is configured to cache contents from Amazon S3. Also, Amazon CloudFront was deployed with access restricted by an origin access identity (OAI) to secure Amazon S3 content and to use HTTPS with Amazon S3 so that connections are encrypted.

Transactions from Skill-Lync were directed by CloudFront to Application Load Balancer in a public subnet. The Application Load Balancer routes the request to the EC2 instance through a node that's associated with the public subnet in the same Availability Zone. The route table routes the traffic locally within the VPC, between the public subnet and the private subnet, and to the EC2 instance.

All the security best practices were implemented for the migrated infrastructure.

AWS WAF was configured for the application load balancer as an additional level of security against common web exploits and bots, that may affect availability, compromise security or consume excessive resources. For WAF, custom rate limiters and managed set rules were employed. AWS Key Management System (KMS) was used for encrypting data as per the AES-256 standard. AWS SSO was used to centrally manage single sign-on access and user permissions across all the AWS accounts in AWS Organization. AWS IAM was used to provide access with least-privilege permissions. AWS GuardDuty and AWS Security Hub were used for security threat detection and monitoring.

AWS CloudTrail was used to monitor and record account activity across AWS infrastructure, giving control over storage, analysis, and remediation actions. All AWS Services logs were generated and stored in Amazon S3. Amazon S3 buckets associated with Amazon CloudTrail logs were configured to use the Object Lock feature in Compliance mode, in order to prevent tampering with stored logs and meet regulatory compliance.

Prometheus and Grafana were used for basic metrics. Dashboards were created for these metrics for monitoring the health of the applications, alerts were configured for the same to alert on downtime faced. All AWS Services logs were generated and stored either in S3 or Amazon Elastisearch. All AWS Services metrics were aggregated to Amazon Elastisearch with alarms for any drifts.

Infrastructure was automated using Terraform. Terraform was an essential part disaster recovery strategy as it helps put up new infrastructure very quickly and efficiently.

Skill-Lync migrates to AWS from Digital Ocean

Benefits

- Skill-Lync does not need to do any infrastructure management as AWS offer managed services.
- High scalability has been achieved with the Autoscaling group in AWS, as compared to the prior setup in Digital Ocean.
- Latency is low owing to the use of AWS ElastiCache.
- AWS best practices have been adopted by the introduction of various AWS services for application security, infrastructure monitoring etc.
- Future deployments would be easier because of infrastructure deployments done via Terraform.

Related Case Studies

Skill-Lync migrates to AWS from Digital Ocean
Skill-Lync offers industry-relevant advanced engineering courses for engineering students
Leher migrates to AWS
Leher provides tools to creators for hosting exclusive communities
ISO 27001 compliant architecture
ISO 27001 compliant AWS infrastructure architected by Comprinno
Secure AWS architecture with data localization
FinTech company allies with Comprinno to clear data localization audit
GigsBoard
GigsBoard migrates to AWS with assistance from Comprinno
Bigyellowfish Technologies
Bigyellowfish engages with Comprinno to conduct a Well-Architected Review
Klub
Klub fortifies its AWS Cloud infrastructure by partnering with Comprinno
Neural Hive
Neural Hive launches its cloud journey by partnering with AWS and Comprinno
AyuRythm
AyuRythm gears up for high demand volumes for its wellness app
FinTech case study
Asia’s largest Fintech company partners with Comprinno for a PCI DSS Compliant infrastructure
boAt
DynamoDB Cost Optimization For boAt
Portea
AWS inter-region migration in record time during Covid-19 lockdown period
MediBuddy
Cutting edge cloud technology solution for India’s leading healthcare service provider
Mantle Labs  
High-Speed Satellite Image Processing for a Partner Geobotanic AI Platform
LightMetrics
Distributed database that is optimized for Partner handling heavy workloads for an AI platform
Ephicacy
AWS Workspace-based virtual ofce for a global Clinical Research Organization (CRO)
CreditMantri
Secure CRM access to WFH telemarketer during Covid-19 lockdown