Hello from Engineering!
Hi!
My name is Kirill Proskurin, I'm the Head of DevOps Engineering at Behavox.
I'm excited to announce the beginning of our Behavox Engineering blog, where we'll talk about some of the technical challenges Behavox engineers have to overcome in both Operations and Development fields.
We wanted to create that blog to share some of the things we've been working on.
We'll try to aim for an "advanced+" technical audience, meaning we'll try to avoid explaining most of the simple things. Not another "What is Docker?" article, right?
We'll also try to keep it personal and genuine, with each author having their own style - instead of sterile corporate blogs.
Do you have feedback? Please write to the techblog@behavox.com
With that said, let's begin!
First, a preface - let's understand some of the business constraints that Behavox has as a company.
Behavox business model
from the technical perspective
Behavox’s software protects companies and their employees from bad actors engaged in illegal and malicious activities.
Behavox works with the world's largest financial institutions, like banks and hedge funds, so communication data security is absolutely critical to us.
Behavox is SOC2 Type II compliant and one of the core ideas from Behavox's inception was a single-tenant way of customer deployment. Behavox supports AWS, GCP, and on-prem deployments and for AWS and GCP we always create a separate, dedicated account for each customer. Nothing is shared.
That creates one of our biggest operations challenge: how to manage hundreds of big, geo-distributed, separated customer environments?
Let's try to unpack that challenge:
- How to provision hundreds of AWS and GCP accounts and instances?
- How to keep the application configuration for those clusters?
- How to deliver deployment artifacts on-demand in a fast and efficient way for clusters located around the world?
- How to have reliable and frequent deployments on those clusters?
- How to support day-to-day operations for hundreds of isolated environments?
There's more, but I think it's enough for now. Most would agree that solving all those problems for a single production environment is way easier than for hundreds of isolated ones. Especially if you take security into account: how to manage secrets? How to control access? And so on.
In the following articles, we'll try to explain how did we overcome all those challenges and what we learned along the way.
So stay tuned and subscribe via your favorite RSS reader. We just getting started.