Germany-headquartered but operating worldwide, Rhenus Freight Logistics GmbH provides logistics services. It offers transport, controlling and optimizing the entire transport chain, part-load and full-load transportation, and interface control using barcode scanning. Rhenus experienced super growth during the pandemic, expanding to Germany, South Africa, India, US and Canada. The migration project started as a small-scale project in Singapore, and was later expanded across the countries.
Challenge
Amid the fast growth during the pandemic, Rhenus found it hard to scale with their previous infrastructure due to rising costs from operating an on-premises data center, given increasing data volume and analytics use cases. They needed to reserve capacity to manage the peak traffic and it was often the capacity standing by in normal periods. The invisibility of infrastructure, maintainability of services, and not having a Disaster Recovery (DR) solution were pain points for the organization. The code automation is maintained locally and difficult to manage collaboratively. In addition, the data center
environment lacked security and access controls, and there was no standard process or guidelines when it comes to deploying these data resources through automation. Moreover, billings were not consolidated, leading to gaps in reporting.
Solution
Cloud Comrade helped Rhenus scale by moving from on-prem to AWS cloud, providing support and helping it capture cost optimization opportunities. Before, Rhenus stored multiple apps in over 40 silo accounts on their data center with no visibility into resources being used, leading to resource wastage and forgotten accounts. With AMS, Rhenus has a single pane of view for billing and accounts. The change management procedure is enforced by the platform improving the auditability and accountability of user actions. The accounts are provisioned through automation of account vending machine with no
human intervention in the creating process. Some of the workloads were migrated and modernized using AWS managed services, some with Auto Scaling capability, leveraging managed benefits of having all the support needed, not mentioning the high availability by default.
The infrastructure deployments are integrated with pipelines using Infrastructure as Code (IaC) which require less effort with high consistency. Through the pipelines, there are automated code reviews and testing applied to ensure its readiness. The patching is set in a periodic window to make sure the environment is secure to known vulnerability. The DR was delivered in cold standby which is backed up in several schedules with different retention, and replicated to other data center for redundancy. Lastly, there are operation teams supporting the infrastructure 24/7 following the operation and integration (OI) document which has gone through a chaos testing / gameday process, simulating operation and incident management.
Results
AMS landing zones were built, on which different IT infrastructures from acquired organizations can easily integrate as Rhenus acquired these businesses globally. AMS out-of-box security and compliance helped Rhenus meet each country’s compliance standards, near 100% global IT compliance. With AMS, Rhenus transitioned seamlessly to the cloud as it guardrails for unexpected or incorrect changes in their new IT
environment. We also set up interconnectivity between Regions to enable global networking optimization using AWS managed services like AWS Client VPN, Transit Gateway, and Route53.
Rhenus also saved operations cost due to increased internal efficiency. The lower TCO allowed them to easily scale and expand into 5 new markets. Using AWS CloudFormation and Gitlab as the CI/CD tools for application delivery, the time needed for delivering improvements for their customer-facing mobile app was shortened from weeks to days. Engineers have time to focus on innovation, shortening time spent for
new features development. Critical applications now can meet the demand whenever the high traffic comes with transparent cost with no engineer manual effort. The DR solution overcomes application interruption scenarios, simulated in regular gamedays. The OI document becomes handy in onboarding process with detailed information of the environment. By having the regular gamedays and OI document in place, Rhenus can achieve Recovery Time Objective (RTO) of 2 hours by redeploying IaC resources, and
Recovery Point Objective (RPO) of 30 minutes for zonal outage and 24 hours for regional outage. AWS Backup and built-in AWS services zonal redundancy are the key to achieve the RPO figures.
Services
AWS Service: EC2, EKS, Lambda, Aurora RDS, CloudFormation, Security Hub, Inspector and DMS
3rd Party Service: Gitlab and Kafka
