
DevOps Automation in AWS and OpenShift
By introducing DevOps processes, the release and deployment cycles in several OpenShift environments could be automated
AOK Bayern – The Health Insurance Company
Cloud DevOps Engineering
Insurance
2021
Stability and Quality
Faster Release Cycles
Higher Flexibility
Scalability
In A Nutshell:
-
SECTOR: INSURANCE
- Task: Provide a unified identity management system as a microservice architecture for all AOK services and team platforms:
- Team:
- 3 DevOps Engineers
- Multiple Architects
- 2x Project Managers
-
Project duration: +6 months
Challenges:
- Automation of various DevOps processes in OpenShift environments
- Acceleration of release cycles in different application teams
- Providing a uniform identity management system as a microservice architecture for all AOK services and platforms.
- Scaling of the software architecture for increasing customer demand
- Development of Helm deployments for cross-platform releases
- High security requirements due to strong legal regulations and data protection requirements
Solutions:
-
Automation of all release & deployment processes through CICD (ArgoCD, Jenkins, Bitbucket)
-
Implementation of release cycles in different stages
-
Implementation of security relevant features for the highly regulated processes (ImageScan, Nexus, SonarQube)
-
Introduction of DevOps processes and methods in all project teams
-
Deployment and implementation of cloud-native concepts
-
Building a modular architecture to increase security while achieving a scalable architecture
-
Helm deployments for the release on different environments (OpenShift, Rancher)
-
Hosting various OpenShift environments on AWS
-
Image Repository in AWS ECR
Results:
- Stability and quality in the deployment of releases through Jenkins
- Faster release cycles thanks to the use of CICD (ArgoCD, Jenkins, Bitbucket)
- Higher flexibility due to the modular structure of the software architecture
- Scalability through horizontal scaling in OpenShift Cluster
Project Events:
Special requirements from the customer
The project had special requirements because the demand for high security is given by the regulatory and legal processes. The team was very large and the infrastructure was spread across different environments. Due to the constant growing number of users, the software had to be adapted to meet the scaling requirements. The goal of the project was to optimize the release and deployment processes of all application teams in order to guarantee the timely delivery and commissioning of the identity management software for all cash registers.
Improvement of the release and deployment cycles
By building and operating multiple OpenShift stages orchestrated with Argo and Helm deployments, the customer has been able to shorten the time between releases and ensure organized quality assurance of the software. During the development of the pipelines, care was always taken to ensure that they cover the special security requirements. The pipelines serve to reduce error susceptibility and to make the rollout processes as standardized as possible without the need to give roles and rights to specific persons. SonarQube and automated tests were used to automatically check and report various vulnerabilities. Thanks to the newly introduced development and deployment workflows, consistent code quality was ensured and release cycles accelerated.
Project Status and Results
Thanks to the modular structure of the software and the implemented CICD and release processes, the customer has been able to provide numerous growing teams with the necessary versions of the software within short time frames, thus enabling deliveries to the end operator. In the process, both the security of the delivered artifacts and the software itself could be checked and ensured at all times. The further development of the project is ongoing. The benefits of the new technologies are already being felt by the customer as well as the users of the platform. Through the use of modern technologies and infrastructure, the solution is very robust and now scales with the requirements of the users.
Technology Stack:
Cloud infrastructure:
-
AWS-Amazon-Web-Service
-
Container Runtime: Docker
-
Orchestrator: OpenShift, EC2
Daten Services:
-
Postgres-SQL
CICD & IaC:
-
Jenkins
-
Bitbucket
-
ARGO-CD
Security Management:
-
Keycloak
-
NexusIQ
-
SonarQube
-
OWASP ZAP
Software Entwicklung:
-
Java SpringBoot
-
Ruby
-
Angular
-
Shell
-
Helm Charts
Why Choose Pexon Consulting?
Pexon Consulting is fully committed to your success and we believe in always going the extra mile for each of our clients:

Commitment to Success

Focus on Performance

Engineering with Passion
Your contact persons
Send us a message using the contact form on our contact page and we will respond within a few business days. All information submitted will be treated confidentially.
Are you looking for a partner for your Project?
We will do our best to satisfy you.