Tint found the solution they needed to build and automate a high-performance, scalable infrastructure in Qovery. However, before reaching this solution, they faced the challenges of growing a small infrastructure and encountered an initial failure while attempting to use Elastic Beanstalk and Terraform, but don't worry, you'll learn all the details of their journey in the paragraphs below.
Two years ago, the engineering team at Tint consisted of just two people, and their setup was quite different from what it is today. At that time, Kevin was manually provisioning only two EC2 instances from the AWS console, and there was no automation in place. As a result, the disk sometimes became full. While this was manageable in the short term, Kevin knew that this approach would not be sustainable as the company grew in terms of both customers and staff.
A few months after, Tint's product advanced and the company started to see success, the team began to grow rapidly, doubling in size every six months. While this was great for the business, it became clear that the two instances Kevin was managing manually would not be able to support the growing team and customer base. Additionally, Tint faced the challenge of needing to become SOC2 compliant in order to demonstrate their ability to handle data securely, which was a business requirement. To summarize, as Tint continued to expand both in terms of staff and customers, they realized they needed to invest more in their infrastructure.
Initially, Tint tried using Elastic Beanstalk as Kevin had experience with it in previous roles and found it to be a generic and easy-to-use platform. They also wanted to use Terraform to provision their new infrastructure, as it would allow them to have repeatable processes and the same infrastructure in both Staging and Production. However, they quickly ran into issues with Elastic Beanstalk and Terraform not working well together: while creating an ELB application on the AWS console is a piece of cake, everything is much more complicated using Terraform. After being able to provision one application and two environments, the issues started when it was time to run the API, as the configuration by default wasn’t satisfying enough, and they had to tweak it entirely (Ngnix, health check, instances, deployment, scaling…). Dealing with permission was another source of issues on Terraform, as the IAM policies can be pretty daunting. Despite spending a significant amount of time on it, the attempt was ultimately unsuccessful. After this setback, the team was stuck and that's when they discovered Qovery.
Initially, Tint thought that Qovery would simply be a solution to their issues with AWS and Terraform. However, they realized after a first demo that it would offer much more, including the ability to use Ephemeral Environments. This feature would allow Tint to adhere to the highest industry standards by allowing them to conduct automated tests in a production-like environment before releasing new versions. This would enable them to ship fast, frequently, and safely. The ephemeral environment was also useful for another goal Tint had, which was the revamp of their design system. It would allow for smooth iterations between the design and product teams.
After deciding to use Qovery, the implementation process went well. It took just one person and two weeks to get the entire setup running, starting with two EKS clusters (one for production and one for staging).
They had a few additional things to set up, as they had only deployed the API and not the other components, so the database and frontend were still deployed separately. There were some minor issues with Terraform that were resolved with the new version of the Terraform provider (the first version they used was in beta).
Kevin emphasized that the setup of Qovery did not impact their customers in any way, and there was no downtime at any point in the process.
Tint continues to use Qovery on a daily basis as their Kubernetes platform, with two clusters (one for production and one for staging). The staging cluster is also used as a development tool for quickly iterating on new projects. This is made possible through the use of Ephemeral Environments, which allow Tint to test and release new features in production-like environments. This has greatly relieved the burden on Kevin, as it enables developers to test before releasing without having to wait, which has increased the development velocity. Tint also holds a Hack Day once a month, during which everyone can try out a new product or technology. Qovery is helpful in this regard as well, as it allows them to quickly deploy environments hosted on their domain.
Before implementing Qovery, Tint's process for setting up new EC2 instances was manual. This was a time-consuming and potentially error-prone task, as it required manually provisioning and configuring the instances. Qovery introduced a more efficient method by allowing Tint to use containers. With just a single button push, the API can be quickly scaled up as needed. This is a significant improvement over the previous manual process, as it allows Tint to easily and quickly adjust the size of their API to meet the demands of their business.
Earlier this year, Qovery launched a partnership with Usage.ai in order to offer customers the opportunity to reduce their cloud costs. When a member of the Qovery team contacted Kevin to inquire about his interest in trying out this service, he decided to give it a try. As a result, Tint now realizes annual savings of over $10,000 on their AWS bill.
SOC2 compliance requires organizations like Tint to establish a disaster recovery plan in order to demonstrate their ability to handle data securely. Qovery has made this process simple for Tint by allowing them to deploy a new cluster in another AWS region in just 30 minutes. This is accomplished by backing up the database and shipping it to the new cluster, which can then be deployed using the Qovery Terraform provider.
Another important aspect of SOC2 compliance is vulnerability management. Here, Qovery has again made the process easier for Tint. They are currently using ECS to push their docker images to the ECS repository before deployment and have enabled AWS Inspector, which scans all the images in the ECS repository for vulnerabilities in dependencies. This provides an easy way to manage vulnerabilities and meets the SOC2 requirement. Overall, Qovery has made it straightforward for Tint to implement the necessary measures to achieve SOC2 compliance.