Monitoring and Securing
Mesos Marathon & Java Applications
on AWS

Company Overview

Quby, the creators of the Toon® smart thermostat, are an Amsterdam-based smart energy technology specialist. Toon makes it possible to connect a range of technology and services in the field of energy, safety, comfort, and health. Quby’s main customer groups are European energy companies who offer Toon as part of a utility contract.

Moving to a Docker-based cloud orchestrated by Mesos Marathon enabled Quby to keep pace with the company’s rapid business growth. With it came the need to re-evaluate monitoring, security, and forensics to fit their new DevOps model. With Sysdig’s cloud-native visibility and security platform, Quby gained complete visibility into the performance, health, and security of its new infrastructure and container applications – including custom Java applications – all from a single point of instrumentation.

Solutions

Having achieved more scalability and stability, the company observed that if they wanted to make the best use of the cloud, they needed to move IT towards becoming a DevOps-based organization. As a part of the shift to cloud, for which Quby opted to use Amazon Web Services (AWS), the company chose Mesos Marathon for cloud orchestration, and Docker as the platform for applications. “We chose Mesos because it gave us a way to easily scale our services with demand. As we bring on more clients, the system is able to auto-adjust and make sure users have a good experience.”

“After moving everything – applications and databases – we started looking at how to do monitoring in the cloud. Moving to the cloud doesn’t just mean, ‘Hey let’s just run applications on someone else’s computers,’ it also means changing your mindset on how you monitor applications, on how you optimize your environments, and on how you handle misbehavior of your applications, containers, and
everything else.”

At this point in the project, the company started to use Sysdig Monitor initially as a way to monitor just the health of the environments. “Primarily, it was first just to see if things were going okay in the cloud. Little by little our use of Sysdig started growing from there, ” Kramer said.

For Quby, the move to Sysdig in its new environment massively reduced the effort and cost of managing and operating monitoring. Prior to Sysdig, maintaining monitoring at Quby was a two-person job – one to define, install and maintain all of the required agents and applications checks, and another to review that everything functioned properly.
According to Juan Morales, DevOps Engineer at Quby, “It used to take two admins a lot of time throughout the whole year just to keep monitoring in place. To keep Sysdig updated takes less than 30 minutes each month.”

“The real need came from changing the paradigm from a more traditional dynamic configuration management tool,” says Morales. “Old-fashioned monitoring requires declaration of resources – usually at both ends. You have to configure not just checks on the client and the server, but you also need to configure the clients on the server and the servers on the client. This means you need to know where the server is when you provision the client, which is something completely against the design paradigm we have in this new platform.”

For Quby, everything is now defined as infrastructure-as-code. To meet the needs of a dynamic
environment, they needed a monitoring solution that could do
automatic discovery.

“I don’t want to tell my monitoring system what my infrastructure looks like,” states Morales. “We didn’t have time for games. We needed to deliver results quickly – last month, yesterday – so that was a really big tipping point for Sysdig. With Sysdig, you only need to run a container on the host and it’s done. We get monitoring and security at the container level, at the host level, and at the application level.”

Monitoring Java Applications

Quby describes itself as mostly a Java house. “We have some legacy applications, but Java is basically what you’ll find around here,” explained Morales. Some of the applications in use at Quby include Spring Boot, Apache Tomcat, GlassFish, and Liferay. “And not to forget OpenVPN,” adds Kramer. “Every device, every display at the customer is connected through a VPN tunnel to our service center. Sysdig is important in monitoring that all these things are working. It’s a good way for us to measure if it’s our problem and our back end has broken down or if AWS has some EC2 problems.”

“Sysdig has a lot of strong advantages in that it is monitoring, but it is also very exploratory. It allowed us to get acquainted with the system. It helped in educating the team when we
were getting into cloud orchestration,” said Kramer. Sysdig Monitor allows Quby to bridge and empower different stakeholders and share information cross-company. It provides visibility for monitoring and operational teams in addition to development. “With Sysdig we have a single place
with a common language,” notes Morales. “We are also on-boarding management teams. Let’s say the CFO is having some questions about our infrastructure, we can bring up Sysdig and show our dashboards.”

Securing the Cloud With Sysdig Secure

Quby recently added Sysdig Secure to its environment to aid with container security monitoring and forensics. “Sysdig Secure was very well-timed for us in the sense that we were looking internally at what kind of things we needed to do with cloud security,” explained Kramer.
One of the key security challenges identified by Quby was the complexity of performing investigation post incident. “In our search for a solution it was very hard to find something that took into consideration the aftermath of a problem,” says Kramer. “It is complex to collect the logs and follow the tracks of what happened. You’re really happy when you see that something went wrong because you can learn from it. In the cloud more often than not, things break and self-heal without you noticing much. You still want to see what happened. Sysdig Secure is a great fit to solve this from a runtime security and forensics standpoint.”

A huge part of the value of Sysdig solution for Quby is that Sysdig’s cloud-native visibility and security platform utilizes a single point of instrumentation. The company saves time and resources by delivering monitoring, security, troubleshooting, and forensics from the same software agent.

“If you’re moving into the cloud, there’s so much about the process, the people, the organization you need to change that every tiny win in time and every tiny win in energy is highly appreciated. The way Sysdig delivers security means we have one thing less to worry about,” concludes Kramer.

Winning Customers With Sysdig

The Sysdig cloud-native visibility and security platform helps Quby provide confidence to the company’s clients who have questions about the service that Quby has built. Kramer explains, “Let’s say we have a potential customer coming along. The customer will often have concerns like, ‘You will be tendering to a million of my clients. If something goes wrong, they’re gonna blame me. You need to prove that your environments are stable and rock-solid.’ With Sysdig we can provide a level of transparency. We can show that we have ownership of the environment in a way that very few companies can. Essentially it works as a sales tool as well.”

“Our relationship with Sysdig feels very much like a good partnership. For us, agility within the companies we rely on is very important. Help from Sysdig is always quite speedy. Sysdig, as an organization, has shown us a lot of flexibility and we have found big benefits in working with a relatively new product and company.”

Visit www.eneco.com to learn more about Quby.