Moving to a Docker container-based cloud required a different approach to monitoring and security for Sysdig customer, Quby. The Amsterdam-based developer of the smart thermostat and service platform ‘Toon’ needed something to keep pace with their dynamic services. This includes Java apps orchestrated by Mesos Marathon on Amazon Web Services (AWS). Luckily, they found Sysdig. The Sysdig Secure DevOps Platform helps Quby resolve issues faster, and reduces monitoring system administration effort by 400%.
Business drives a move to the CloudIn 2016, Quby began to experience significant growth as the popularity of its smart, in-home thermostats began to skyrocket. With growth came challenges. “Quby was a very classical ops kind of organization,” explains Nicolas Kramer, Infrastructure Team Product Owner at Quby. “It was a company that made everything themselves.” Meanwhile, when customer count rapidly expanded to 300,000, Quby’s datacenter infrastructure – designed to support 10,000 customers – was holding them back. Move to the Cloud‘ project. “The strategy was to take our existing applications into the cloud,” describes Kramer. As a result, Quby achieved more scalability and stability. The company recognized that if they wanted to make the best use of cloud, they needed to move IT towards becoming a DevOps-based organization.” As a part of the shift to the Amazon Web Services (AWS) cloud, the company chose Mesos Marathon for cloud orchestration. In addition, they use Docker as the container platform for applications. “We chose Mesos because it gave us a way to easily scale our services with demand. As we bring on more clients, the system is able to auto-adjust and make sure users have a good experience.”
Better monitoring = lower costsAfter moving its applications and databases to AWS, Quby started looking at how to do monitoring in the cloud. “Moving to the cloud doesn’t just mean, ‘Hey let’s just run applications on someone else’s computers,’ it also means changing your mindset on how you monitor applications, on how you optimize your environments, and on how you handle misbehavior of your applications, containers, and everything else.” Subsequently. the company started to use Sysdig Monitor as a way to monitor the health of the environment. “Primarily it was first just to see if things were going OK in the cloud. Little by little our use of Sysdig started growing from there,” Kramer points out. The move to Sysdig massively reduced the effort and cost of managing and operating monitoring for Quby. For instance, prior to Sysdig maintaining monitoring was a two-person job. Specifically, Quby employed one person to define, install and maintain all of the required agents and applications checks. Another reviewed that everything functioned properly. According to Juan Morales, DevOps engineer at Quby, “It used to take two admins a lot of time along the whole year just to keep monitoring in place. To keep Sysdig updated takes less than 30 minutes each month.”
Quby resolves container issues faster, and reduces #monitoring administration 400% with Sysdig Monitor and Sysdig SecureClick to tweet
Doing more from a single agentA huge part of the value of Sysdig solutions for Quby is that Sysdig Monitor and Sysdig Secure utilize a single point of instrumentation. In fact, the company saves time and resources by delivering monitoring, security, troubleshooting, and forensics from the same software agent. “If you’re moving into the cloud, there’s so much about the process, the people, the organization you need to change that every tiny win in time and every tiny win in energy is highly appreciated. The way Sysdig delivers security means we have one thing less to worry about,” concludes Kramer.
Monitoring and securing dynamic services“Old-fashioned monitoring requires declaration of resources – usually at both ends,” explains Morales. “You have to configure not just checks on the client and the server. You need to configure the clients on the server and the servers on the client, which means you need to know where the server is when you provision the client, which is something completely against the design paradigm we have in this new platform.” In short, for Quby, everything is now defined as infrastructure-as-code. To meet the needs of a dynamic environment, they identified the need for a monitoring solution that could do automatic discovery. “I don’t want to tell my monitoring system what my infrastructure looks like.”
Monitoring Java Applications“We have some legacy applications, but Java is basically what you’ll find around here,” indicates Morales. Applications in use at Quby include Spring Boot, Apache Tomcat, GlassFish, and Liferay. “And not to forget OpenVPN,” adds Kramer. “Every device, every display at the customer is connected through a VPN tunnel to our service center. Sysdig is important in monitoring that all these things are working. It’s a good way for us to measure if it’s our problem and our back end has broken down or if AWS has some EC2 problems.”
Exploring with Sysdig“Sysdig has a lot of strong advantages in that it is monitoring, but it is also very exploratory. It allowed us to get acquainted with the system. It helped in educating the team when we were getting into cloud orchestration,” emphasizes Kramer. For example, Sysdig Monitor allows Quby to bridge and empower different stakeholders and share information cross-company. It provides visibility for monitoring and operational teams in addition to development. “With Sysdig we have a single place with a common language,” notes Morales. “We are also on-boarding management teams. Let’s say the CFO is having some questions about our infrastructure, we can bring up Sysdig and show our dashboards.”
Securing the Cloud with Sysdig SecureIn addition, Quby recently added Sysdig Secure to its environment to aid with container security monitoring and forensics. “Sysdig Secure was very well-timed for us in the sense that we were looking internally at what kind of things we needed to do with cloud security,” reveals Kramer. For instance, one of the key security challenges identified by Quby was the complexity of performing investigation post incident.
“In our search for a solution it was very hard to find something that took into consideration the aftermath of a problem,” says Kramer. “It is complex to collect the logs and follow the tracks of what happened. You’re really happy when you see that something went wrong because you can learn from it. In the cloud more often than not, things break and self-heal without you noticing much. You still want to see what happened. Sysdig Secure is a great fit to solve this from a runtime security and forensics standpoint.”