2022
About MNC Portal Indonesia (MPI)
MPI Okezone is an online news and entertainment portal that focuses on Indonesian readers, both within the country and abroad. MPI Okezone has various types of content such as general news, politics, events, international news, economy, lifestyle, celebrities, sports, soccer, automotive, technology, travel, food, Hajj, and Muslim-related news.
MPI Okezone was officially launched as a news portal on March 1st, 2007. The birth of MPI Okezone was the beginning of the first online business owned by PT Media Nusantara Citra Tbk (MNC), the largest integrated media company in Indonesia and Southeast Asia.
MNC Portal Indonesia Challenge
Based on the problem statement, MPI Okezone is experiencing downtime and slow response time when handling high traffic. To resolve this issue, the MPI Okezone team needs to increase the server capacity by adding more servers, increasing the amount of RAM or CPU on existing servers. This will help improve the website’s performance and prevent downtime.
However, sometimes hardware failures occur, and replacement hardware can take 1-2 months. This can cause downtime and disrupt business operations. To prevent such occurrences, MPI Okezone needs a high availability infrastructure that can handle planned and unplanned outages and provide continuous processing for business-critical applications.
A high availability infrastructure can be achieved by implementing a redundancy strategy for critical components of the system. For example, having multiple servers running in parallel with load balancing mechanisms can ensure that if one server fails, the others will take over without disruption to the system’s performance. Similarly, having redundant power supplies, network connections, and storage devices can also ensure system availability during hardware failures.
In addition, the MPI Okezone team should also implement a disaster recovery plan that includes regular backups of critical data and applications, as well as a clear procedure for restoring the system in case of a catastrophic failure.
Heru Tjatur Tjahja W.P, MNC Portal Indonesia’s Chief Technology Officer said “We require a high availability infrastructure along with disaster recovery plan which can help MPI Okezone ensure continuous processing for business-critical applications and minimize downtime during planned and unplanned outages, that is our main idea in moving to AWS””
ICS Proposed solutions & architecture
- This project will be conducted in the AWS Singapore Region.
- Deployment in each account will use 1 VPC in 2 AWS Availability Zone (AZ), and each AZ will have 3 subnets (public subnet, private subnet and DB Subnet). By use 2 Availability Zone the application will have more availability.
- Migration for all app workloads will use manual installation
- AWS backup will be used as a media backup server where the backup server can be launched on 2 AZs in the VPC.
- To make the environment more secure, the access are limited to below details :
- AWS IAM user will be created limited (in production account only for main administrator)
- AWS KMS will be used for data at-rest encryption
- AWS WAF is a web application firewall that helps protect web applications from attacks by allowing you to configure rules that allow, block, or monitor (count) web requests based on conditions that you define.
- AWS GuardDuty will be use for threat detection services that continuously monitors your AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation
- AWS Cloudtrail will be used to monitor governance, compliance and risk in customer AWS account
- AWS backup will be used as a media backup server where the backup server can be launched on 2 AZs in the VPC.
- AWS Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost.
Metrics for success
- High Scalability, high traffic applications can still be accessed properly by enabling the auto-scaling feature. We set the threshold if CPU Utilization is more than 60%, then autoscaling will trigger to launch 2 new EC2 web servers.
- Applications can be accessed quickly by users from various locations (under 50ms)
- The application infrastructure was made secure. By enabling WAF, suspicious traffic has been blocked and prevented.
Lesson learned
Additionally, it is important to thoroughly test the migrated application before going live to ensure that it functions properly in the new environment. This can help to avoid any unexpected issues or downtime for the end-users.
Furthermore, it is crucial to have a well-defined cutover plan in place to ensure a smooth transition from the old environment to the new one. This should include procedures for switching over to the new servers, verifying that everything is functioning properly, and rolling back to the old environment if necessary.
Overall, proper planning, testing, and communication are key to a successful migration process. It is important to involve all stakeholders and ensure that everyone is aware of the migration plan and its potential impact on the business. By taking these steps, companies can minimize downtime, reduce risk, and achieve a successful migration to the cloud.