cloud / aws / devops / support /

Open Universities Australia Case Study

"I believe base2Services was instrumental in the success of the project. In particular, their expertise and experience on the AWS platform, their proactive and dedicated people and their flexible service model contributed greatly to the success of the project."

Srini Nori, Manager - Design, Development & Implementation

A bit about Open Universities Australia

Open Universities Australia (OUA) is an online marketplace for higher education that provides students with access to universities from all over Australia. OUA was started by seven leading Australian-based universities and has become the destination for online higher education, currently offering courses from 12 different institutions. University partners benefit from OUA’s national digital sales and marketing channels, as well as a managed service for ongoing student enrolment and management.

What Open Universities Australia needed

OUA changed their business strategy in 2016, from having multiple businesses supporting different levels of education, to a single platform strategy, solely focused on higher education. To achieve this, as a completely online-based entity, OUA needed to bring all their core IT services and systems to one streamlined platform, allowing the business to leverage new opportunities for growth, new potential markets, and to increase provider revenue streams.

This digital transformation was by far the biggest and most important project OUA had undertaken since its inception. The transformation was business-critical and needed to be fully implemented in a very short timeframe and by an immovable delivery date, the 2018 academic enrolment deadline.

In order to achieve their goal, OUA wanted to combine AWS and Salesforce in one fully functioning platform while replacing every system the business uses with newer, more agile systems. OUA had utilised some AWS services prior, however in the approach to the redesign, OUA decided to commit entirely to AWS, and use extensive automation and serverless technology to increase efficiency and cost effectiveness. OUA needed a technical partner with extensive experience on the AWS platform, DevOps and automation but also with the ability to manage different stakeholders of a big project in a collaborative and efficient way.

What base2Services delivered

As part of our DevOps as a Service model, base2Services (base2) contributed and collaborated with the OUA team right from the beginning. base2Services were responsible for creating the overarching infrastructure architecture, the complete CI/CD processes for all products, the integration architecture, as well as the deployment and management of that architecture. We also provided guidance to all responsible stakeholders in relation to deployment and scalability, as well as management and 24/7 support of the entire system as an ongoing service.

base2’s team worked closely with the OUA team, and six technology partners throughout the redesign. We helped to identify key opportunities to innovate and fully utilise the AWS and automation potential, optimising from the previous landscape. base2Services implemented new tools, technologies and DevOps processes, whilst concurrently upskilling OUA’s internal team and that of the six other technology partners.

Our DevOps as a Service model complemented OUA’s new business strategy, as in addition to covering all phases of the onboarding and implementation of the project, base2Services will also continue to provide ongoing engagement and improvements, as well as 24/7 support of the solution’s infrastructure and deployments.

This incredible digital transformation completely transformed the way OUA does business, which as a result introduced some unique challenges that required a great deal of innovation.

Key innovations we implemented:

  • Implementation of one overarching Continuous Integration and Deployment (CI/CD) process to release changes across multiple applications and products with one execution step, and a synchronised rollback of all applications if any individual application fails – all at enterprise level
  • Throughout the project the OUA project teams had the ability to auto-provision whole environments on demand giving them great flexibility to continuously test all software components independently of other aspects of the project
  • Implementation of Hybrid Data Lake, meaning all data is found in one place, is the first building block to using AI and Machine Learning for OUA
  • Integration of all communications between applications following a central standard, that is based on serverless and microservices technology, reducing OUA’s overall spend on integration by 73%
  • Implementation of auto-scaling, i.e. OUA can now scale the entire platform, both back end and front end. This was achieved by enforcing certain architectural patterns with the technology partners to ensure the overall scalability of the entire platform was maintained at all times
  • Implementation of Security throughout all areas of the project, including AWS WAF, whilst adhering to the PCI compliance requirements of the business and associated applications

See the impressive results

  • OUA saved 3 times their potential costs by utilising base2Services rather than independent contractors, benefiting from a team working with them rather than for them
  • Massive increase in deployment frequency from monthly to daily deployments with 200+ releases in the first 3 months – meaning more new features, faster, with lower risk
  • 35% overall cost saving in the running of the platform mainly through reduced cost for compute and storage
  • Drastic increase in OUA’s ability to scale the infrastructure during the enrolment period, scaling to 3x their usual capacity within 30 minutes
  • Data Lake enables OUA to discover new business opportunities and trends using AI and Machine Learning
  • 20% Student growth compared to 2017 enrolments, after 20 quarters of decline
  • 93% Reduction in onboarding time of new universities, down from 8 months to 2 weeks
  • 73% Reduction of OUA's overall spend on integration

How AWS services were used to deliver for Open Universities Australia

Security
  • AWS WAF & Shield is used to restrict access to CloudFront distributions and prevent DDoS attacks and security vulnerabilities
  • Security Groups are used on Elastic Load Balancers and Amazon EC2 instances to restrict access
  • Applications are segregated in Amazon VPC whose access is restricted using Network ACLs, Route Tables and Subnets
  • AWS IAM Roles, Policies, identity providers are used to manage access to different AWS services such as ECR, S3, EC2. With KMS used to encrypt data at rest.
  • AWS Systems Manager Parameter Store is used to store all application passwords and secrets, which are made available to the application at runtime thus eliminating the need to having credentials saved in Git repos
  • Each VPC has a bastion host through which users can access other internal services
Monitoring
  • AWS CloudTrail is used to audit all API calls and these audit logs are stored in S3
  • Amazon CloudWatch is used for all monitoring and alerting
  • Amazon CloudWatch Logs is used by ECS and Lambda for application logs
  • Amazon SNS to trigger alerts from CloudWatch
CI/CD and Automation
  • AWS CloudFormation is used to deploy and manage all environment specific AWS resources, providing the ability to deploy and maintain consistency across all production and non-production environments. Application deployments and rollbacks are also performed
  • AWS CodeDeploy is used in dev environment, enabling in-place deployments for fast developer feedback and testing
  • Amazon Route 53 is used for primary DNS, in conjunction with AWS CloudFormation to automate the creation
Compute
  • Amazon EC2 and Amazon ECS is used to run main application and Integration services
Scaling
  • AWS Auto Scaling Groups along with Application Load Balancers are used to manage the state of running EC2 instances ensuring zero downtime during deployments
  • Amazon Elastic Container Service and Elastic Container Registry is used to manage and orchestrate Docker containers for integration services
Storage and Caching
  • Amazon S3 is used to store images, videos and files which are accessed via Amazon CloudFront
  • Amazon RDS is used to run the databases for all applications; the flexibility allows us to upgrade size and storage over time as the system usage grows
  • Amazon CloudFront is used as a global entry point to applications - providing fast response times for the system for both domestic and international clients
Artificial Intelligence /Machine Learning
  • Amazon S3 is used to store aggregated data from all systems and applications into a data lake
  • Amazon Redshift is used to stage from the data lake for analysis and reporting
  • AWS Data Pipeline is used to extract data from source systems and store the data in the data lake
Serverless
  • Amazon API Gateway is used to expose new enrolment service APIs and proxy calls to existing APIs
  • AWS Lambda is used to implement the enrolment service along with some other integration services
  • Amazon DynamoDB is used to store enrolment data as part of the enrolment workflow with Salesforce
  • Amazon SQS is used to provide asynchronous message exchange between Salesforce and various Integration services implemented as Lambda functions and applications deployed as containers to ECS
Read more

Srini Nori, Manager - Design, Development & Implementation, Open Universities Australia, on their partnership with base2Services

Srini Nori, Manager - Design, Development & Implementation, Open Universities Australia, discusses how partnering with base2Services helped them to combine AWS and Salesforce in one fully functioning platform while replacing every system the business uses with newer, more agile systems.

Duration: 2:33