IDMarco Elastic Container Service (ECS) & CI/ CD Pipeline Implementation

2021

About IDMarco Perkasa Indonesia

PT. Idmarco Perkasa Indonesia or known as idmarco.com is one retailer that focuses on selling daily needs to their customers. They are one the biggest conglomerates group in Indonesia, Salim Group. They sell not only for wholesalers but currently they also sell to personal people who require daily essentials, health products, and many other daily household products. They have been building their business since 2016, and they released their mobile apps for wholesalers in 2018. They currently have 1300 warehouses across Indonesia, and 30,000 members. They are building their business through Indonesia’s marketplace, where they could sell their products too and add more revenue streams to their business.

IDMarco Perkasa Indonesia Challenge

  • The average lead time is 7 days in current development and delivery process that was significantly impacting their ability to deliver critical features to their customers. This huge lead time ​​means code changes not delivered in front of users regularly and therefore not benefitting from feedback to refine the product. 
  • The deployments were manual that had scheduled downtime of ~15 minutes and did not have a properly documented backup and rollback plan. On an average development teams spent a lot of time debugging deployment and runtime issues. The deployment frequency of the product is twice in a month.
  • They did not have a clear branching strategy and all the branching, tagging and merging was being handled by one person. 
  • They did not have proper quality gates like static code analysis and test automation, this caused 1-2 times failed deployments for a month and 25-50% change failure rate which led to poor customer experience and also created tech debt for later releases.
  • They also lacked proper security practices, developers had access to production servers to debug issues and the systems were not designed to auto scale.

Reagan Dwinanda, Chief Operation Officer IDMarco said

“After implementation of DevOps, the deployment process of new features is no longer causes downtime. New features can be used immediately thereby increasing sales performance and customer satisfaction rate increased by 30%”.

ICS Proposed Solution

The application will be made in 2 environments, there are staging & production. We use CodePipeline as automatic deployment tools. So, it can save developer time and increase security because developers do not need to enter the server. We create 2 pipelines (production and staging).

The stages in CodePipeline are divided into 3 stages:

  • Source : to retrieve the latest code
  • Build : to check code quality automatically and build the latest docker image
  • Deploy : to deploy docker image to ECS

Sources are taken from IDMarco GitHub repository according to application and branch. Then the build process is done via AWS CodeBuild to check quality code automatically, write the application configuration and create the docker image. Including uploading to ECR, and creating ECS tasks

Overall average CodePipeline process from build to deployment, it takes less than 5 minutes. Compared to the manual deployment process takes 1 hour and causes 15 minutes of downtime. This deployment process is up to 12 times faster.

From the security side, we enable Amazon ECR basic scanning type which uses the Common Vulnerabilities and Exposures (CVEs) database from the open-source Clair project. Using automated image scans, we can ensure container image vulnerabilities are found before getting pushed to production.

By implementing CICD, developers do not need access to enter the server to carry out deployment and debug issues. Then we added auto scale based on the cpu and memory utilization threshold to anticipate traffic spikes

Results And Benefits

  • The source code is now divided into 2 main branches, production and staging. Each environment has a separate CodePipeline.
  • Previously twice in a month there was a deployment and deployment needed to be scheduled (because there was downtime). Right now, the deploy process can be done anytime without worrying about downtime issue.
  • High Scalability, high traffic applications can still be accessed properly by enabling the auto-scaling feature.
  • Secure access, by using the CodePipeline, the application server does not need to be opened publicly. And developers don’t need to go into the server to make changes.