Terraforming Nye Presentation

Health
About Nye health
• Nye Health, a UK-based health technology company enabling thousands
of doctors and nurses to provide safe care from anywhere.
• They are in collaboration with Oxford University/Astra Zeneca vaccine
trial and a number of critical research studies across the UK.
• Nye Health in the UK built a scalable desktop and mobile-based NHS-
compliant platform that allows all NHS staff ….
• UK ..to offer consultations to patients via video or phone call from any
device, anywhere.
• COVID-19 crisis
• AWS base solution, Nye Health has the flexibility to scale its business
quickly and easy. Nye Health’s telephone and video call system is fully
encrypted and compliant with NHS Digital standards.
• The platform currently covers more than 10 million patients and is
growing by as much as 150 percent a week, servicing thousands of
patient consultations each week.
Cloud Services Types
What is Terraform?

• Terraform Meaning
• Transform another planet to make it habitable and more like
Earth
History

• AWS Service which were Configured through AWS Console

• Product ran on EC2 instance (single stateful )
• (Ellastic Compute Cloud) This is service. there is lot of doamins in the AWS model such as database, Storage, migration .This E2C2 belongs to
Commpute node.

• Separate AWS account required for staging where we could test our server and client apps, prior to releasing the latest improvements.
• subtly to AWS account for staging and production release
• A failed deployment of a new key feature with one release as the firewalls between production and staging environments were subtly
different.
• These two environments were subtly different and both risky to configure which inevitably resulted in service issues, for instance we had (to
name but a few):

• Version Control
• Not properly use with Tripwire.
• patch production manually
Issue / Problems

• A failed deployment of a new key feature with one

release as the firewalls between production and
staging environments were subtly different
• Tripwire was installed on the EC2 instance at the very
early stages of Nye to help protect against threats and
vulnerabilities, but was no longer in use disk space
which cause to cease the Server.
• Then we had started to patch production manually.
Earlier Problem / Issues

• subtly to AWS account for staging and production

release
• A failed deployment of a new key feature with one
release as the firewalls between production and
staging environments were subtly different.
• Version Control
• Not properly use with Tripwire.
• patch production manually
Problem Solution History

• started to tackling some of these issues by developing

Nye infrastructure using Terraform.
• configured single EC2 instance to a high availability
Auto Scaling Group, configured in a software
development lifecycle
• Nye’s infrastructure is now configured as code in git
repositories
• Now Nye setup and provisioning of infrastructure: load
balancers, security groups, firewalls, user policies and so
on.
• Then we used Packer which control the configuration
of the EC2 server and further unify staging and
production environments at the operating system and
application level of Nye servers that host web
applications.
Tripwire

Tripwire is a leading provider of security, compliance and IT

operations solutions for enterprises, industrial organizations,
service providers and government agencies. Tripwire solutions
are based on high-fidelity asset visibility and deep endpoint
intelligence combined with business context; together these
solutions integrate and automate security and IT operations
Space
Nye Health Product

• Infrastructure based Solution using Terraform

• Solution base / on Aws E2c instance address all these issue
• Infrastructure is now configured as code in git
repositories.
• Nye Health have an auditable log for our entire
history
• Transform to single to Highavailblity
• Work with Terrform
• AWS Console vs Infrastructure as Code (IaC)
• The setup and provisioning of our
infrastructure: load balancers, security
groups, firewalls, user policies and so on, are
all safely stored.

Solution
Benefits

• Configured state in AWS S3 with Dynamo DB providing

locking
• The automation has improved our speed and our safety
of our deployments
• Documentation is as code, not locked away in an
engineer’s head - the state of the infrastructure is there
for all to read and understand
• Avoid the temptation of a quick AWS Console fix and to
keep all work as IaC in order to avoid conflicts
• Actual re-use!!!! Nye Health adhered to Terraform best
practice and developed modules in a separate
repository and built up the infrastructure piece by
Solution Technologies

• Hashicorp
• Terraform
• Packer
• gruntwork.io
• Terragrunt
What is Terraform?

• Terraform is an open-source infrastructure as code software

tool created by HashiCorp.
• Users define and provision data center infrastructure using a
declarative configuration language known as HashiCorp
Configuration Language (HCL), or optionally JSON
• July 28, 2014
Why we use Terraform

• Self-service
• Version control
• Documentation
• Reuse
• Speed and safety
Terraform Life Cycle

Step-1 Init Step-3 Apply Step-4 Destroy

Initialize the working
Step-2 Plan Apply desired changes to Delete all the old
Execute desired Plan the plan infrastructure resources
Directory
Terraform Architecture
It has 2 components
• 1. CORE
• 2. Cloud Provider
Packer

• Packer is an open-source tool by Hashicorp.

• It helps us in building identical machine images(which is a
snapshot of a machine that includes the operating system and
all other installed software).
• Build machine images for multiple platforms from a single
config file
• Version controlled
Terragrunt

• Open-Source tool
• Terragrunt is a thin wrapper that provides extra tools for keeping
configurations DRY(Don't repeat yourself ), working with multiple
Terraform modules, and managing remote state.