Remember the good old days when software was deployed on physical servers and then tucked away in a cabinet or data center? More often than not tens, or even hundreds, of servers were required to run the variety of applications included in the software and this meant teams being hired to manage these sensitive creatures, as outages brought everything to a screeching halt. The ability to deploy a standby server that would fire up in the event of a failure was considered a luxury because quite frankly the overhead costs for just getting going burnt a big enough hole in pockets. Upgrades were conducted outside of regular business hours as launching them often meant bringing down the software which would negatively impact front-end users. And in many cases, faults brought on by upgrades weren’t found until the software was live and tested. Okay, perhaps they weren’t quite the good old days after all.
We personally prefer these days and Sonar is proud to be a cloud-native company; we utilize Microsoft Azure as our Layer 0 provider which provides numerous perks for both our developer team and our customers. If you’re unfamiliar with Microsoft Azure, the long and short of it is that it’s a fully customizable cloud solution that gives us the opportunity to bring our software to new heights, rather than having to depend on sub-par physical data center options.
A feature of Microsoft Azure is their Azure Kubernetes Service (AKS). AKS is a managed container orchestration solution. But what exactly does this mean? Just like an orchestra that depends on a conductor to lead and ensure the song sounds like the composer intended, Kubernetes makes sure that services are operating the way we intended. It does this by governing applications that are made up of hundreds, or even thousands, of containers and assists in managing them as we scale up, deploy new features, and correct bugs. Below, we’ll touch on a few specific ways Microsoft Azure and the AKS feature benefits Sonar.
It’s undeniable that cybersecurity is of utmost importance when it comes to businesses and more often than not, data breaches are caused by human error. With Microsoft Azure, we can restrict access on a user and team level, thereby ensuring that only whoever needs access actually has access. This is similar to how your instance security works too; the instance administrator can configure roles based on what access they deem necessary.
Regulations and Compliance
We’ve already touched on the importance of cybersecurity, and you can be confident entrusting your data with Sonar as Microsoft Azure have more certifications than any other cloud provider; they meet a broad set of international and industry-specific compliance standards, such as the General Data Protection Regulation (GDPR), ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2 (for a full list of Azure’s compliance, click here).
AKS simplifies containerization with something called elastic provisioning. What this means is that we can deploy new nodes in real-time, as they’re needed. If our usage surges or something prompts the application to begin consuming more resources, additional nodes (virtual machines) are deployed instantaneously into the cluster. And if the usage tapers off, they are automatically retired.
With Microsoft Azure’s robust data recovery and backup solutions, all files are automatically replicated between regions for both redundancy and availability and Kubernetes clusters are rebuilt and deployed quickly in the event of data loss. In the event of a single failure (or even multiple failures), the integrity of both our data and yours remains intact.
Somewhat similar to this, updates and new features are deployed to the Kubernetes cluster by seamlessly flipping to new containers. Due to the mechanism of AKS, if issues are identified when the changes make it to production, we can easily revert back to the original containers while still keeping customer impact at an absolute minimum.
While we’ve covered many ways Microsoft Azure benefits Sonar, including their secure system, we also want to highlight that our security and compliance don’t stop there. In house we have our employees carry out mandatory security training with a DevOps Security engineer on an annual basis along with carrying out third-party penetration testing to identify any vulnerabilities in advance. On top of this, Sonar itself is CyberSecure Canada certified, which involves compliance of 52 unique controls and 13 key critical areas of cybersecurity. For more information on how your instance is kept accessible, and how your data is kept safe, you can take a look at the Being Cloud Native article, and our How your Data is Backed Up article.