Gett, a global on-demand mobility company that connects customers with transportation, goods, and services, is one of the biggest players worldwide in the very popular ride-hailing space. Users can order a taxi or courier either through the company website or via Gett’s GPS-based smartphone app. Gett currently operates in more than 100 cities across the United States, the United Kingdom, Russia, and Israel.
The original proposition of Gett was about saving time—instead of spending time hailing a cab or calling one, you only have to tap your smartphone to find a great riding experience in your area. Combine this with the ability to pre-order rides, and you can save even more time and remove some uncertainty from your life with one app on your phone. As the Gett business grew exponentially through expansion and acquisition of companies in the UK and the US, the internal IT team and infrastructure became fractured and decentralized. This created a challenge for managing IT in a dispersed global enterprise.
Over the years, the local, quite insulated teams built many different initiatives to improve operations within the country units—each with whatever was best for that particular job. The initiatives ranged from a local AWS account for BI, to a data center in Portugal for their SAP activities, to an acquired company in the UK running out of a seven year old server farm from the “dark ages.” The major challenge was figuring out how each of these pieces fit into the larger puzzle of the Gett corporate IT environment, figuring out what would be the right migration plan, and deciding on an architecture that could serve the company going forward.
Solution: Design and Implementation
By leveraging the AllCloud Cloud Architecture Workshop, Gett and AllCloud experts were able to get up to speed on the know-how necessary to migrate all of Gett’s corporate IT environments. Working closely with the various teams within Gett, the AllCloud experts determined the needs and limitations of each regional workload. The AllCloud team developed a deep understanding of Gett’s various projects. The team determined that the applications themselves did not need to be changed to facilitate a fast migration; instead, they merely needed to be adjusted to the new infrastructure.
This process allowed an efficient and effective integration between different services, as well as the migration of the data to the centralized BI and reporting servers. This deep understanding helped the AllCloud experts in tailoring an architecture that fit both Gett’s needs and the AWS platform like a glove.
One fundamental responsibility of Hanochi and his team was ensuring availability and security of the corporate IT workloads. Thus, the network security of the new consolidated environment would have to be airtight, including controlled access. At the same time, user flexibility needed to be maintained: the security policies needed to provide the necessary access for each independent country unit, as well as for third-party partners and suppliers. This paradigm posed a challenge that didn’t exist before, because every team was building their own little IT infrastructure in their own local bunker.
The teams deployed a Microsoft Active Directory (AD) domain running with all components to include two domain controllers, root certificate, intermediate certificate server and Radius server (for wireless authentication). This allowed Hanochi and his team to create and apply group policies so users could securely connect to their main consolidated AWS account. Moreover, for single sign on (SSO) they decide to utilize Okta.
In addition, utilizing the Sophos UTM firewall along with automated security groups created the robust security needed for this kind of task, while almost the entire infrastructure was isolated from the internet for extra protection. The AllCloud team utilized the Amazon Virtual Private Cloud (VPC) as another layer of defense and isolation for the product. But with such separation, how can the global team access the unified environment? Well, the Gett IT team and the team at AllCloud constructed a series of IPSec VPN tunnels stretching into every Gett office around the globe and even allowing team members to log in from their home. In addition, the teams ensured that third parties needing to interact with a specific part of the environment (recruiters needing to interact with the SAP server, for example) would not have access to any other part of the environment.
With this isolated style of security, AllCloud managed to adhere to the Gett corporate IT team’s strict security demands. The team then introduced and integrated Amazon Cloudtrail and DataDog for security monitoring and auditing purposes, ensuring an active hold on the environment’s security at all times.
Gett corporate applications are at the core of daily business operations. These mission-critical applications and data need to be highly available and protected. Before, each local team and each project was left to fend for themselves in case of an event such as an outage or data loss. Hanochi and his team wished to establish a unified DR and backup policy as part of the overall migration and consolidation. They looked for automated and reliable cloud solutions that would help them sleep well at night by ensuring that nothing would get lost—neither time waiting for available services nor valuable data lost in error.
Leveraging the AWS cloud, the teams had reaped the benefits of using Amazon’s services that come with backup and restoration procedures. Following this principle, the team decided to migrate databases to Amazon RDS, which makes it easy to run daily backup routines across Availability Zones. In addition, the AllCloud team built cross-zone redundancy for critical elements such as the Sophos UTM and the IPSec tunnels. The purpose of this was to eliminate any single point of failure, and protect the system’s uptime and global user experience.
Many of the projects planned for consolidation had been built on outdated infrastructure and in unstable environments. Gett’s UK unit acquired a London-based black cab company, Mountview House Group, for its B2B taxi service, OneTransport. Even though this was a production project, the fact that it was local put it under the responsibility of Hanochi. The acquired solution’s data was stored in a seven-year old physical server farm that had never been upgraded. The server farm had high risk of server failures. In addition,instability harmed end-user experience and caused customer attrition. A different problem arose in Portugal, where Gett’s SAP activity was managed in a remote data center. As the company experienced a massive boom in business and hiring, the physical hardware infrastructure failed to keep up and required an enormous upgrade. But the Gett and AllCloud team had a better idea.
While these were two very different problems, they had a similar solution: utilization of Amazon cloud scale and elasticity. The use of AWS auto-scaling groups gave both workloads the bandwidth they needed to operate. Mountview’s file repositories migrated to an Amazon Elastic File System (EFS) to replace the underperforming NFS system that they had used. The SAP hardware upgrade would have ended up costing more than the migration, which ended up doing more in terms of future proofing this critical enterprise application. In addition, in line with cloud best practices, the AllCloud team ensured the use of Amazon auto-scaling to protect the performance of web and Active Directory managers servers, for example.
When moving to the cloud and consolidating the mission-critical environments that support the global operations, the Gett and AllCloud teams had to ensure the systems are available to serve the growing company. Hanochi recognized the need to build an operations center that would be staffed around the clock. However, time to market considerations and the understanding that this is not a strategic move for Gett prompted him to decide to utilize AllCloud’s 24/7 support and monitoring center. In addition, he also recognized the need to keep cloud costs under control so as to not end up with a cloud sprawl.
As part of the migration and outsourcing of its cloud operation, Gett utilized AllCloud’s 24/7 cloud engineers and DevOps professionals. An essential part of the migration was to deploy and integrate tools to continuously monitor and log Gett’s corporate IT cloud environment, such as the aforementioned DataDog. If an event occurs, a notification is generated to AllCloud’s tier 1 team to inspect and remediate the issue. AllCloud’s support team has complete access to the environment, and is responsible for detecting root causes of any issues and acting according to predefined protocols. In case of an escalation, an AllCloud DevOps engineer or architect is on call because it’s only natural that the organization which built the cloud will also provide support. If an application issue arises, AllCloud support relay it directly to the Gett Corporate IT team.
Lastly, one of AllCloud’s most important responsibilities is to monitor and control usage and utilization, while continuously optimizing Gett’s cloud usage costs. As an AWS reseller, in addition to the discount on AWS services provided by AllCloud, the AllCloud FinOps team is constantly monitoring, auditing, and analyzing Gett’s cloud activity to find ways to reduce costs.