Wholesale Restaurant Food Distributor

Building a CI/CD pipeline for implementing containerized workloads

An Overview

The Challenge

Changes in security and governance requirements provided the company the opportunity to accelerate feature development and create an enhanced client experience, by moving their produce distribution application to infrastructure that was approved by the company, tightly managed, and highly stable.

The Solution

2nd Watch identified the company’s produce distribution application as the perfect candidate for legacy containerization. They were already interested in moving to containers but didn’t know how or what strategy fit best. With the help of 2nd Watch, the wholesale restaurant food distributor successfully migrated its application from its previous architecture to the ECS platform, running on ECS.

The Outcome

With the help of 2nd Watch, the wholesale restaurant food distributor successfully migrated its application from its previous architecture to the ECS platform, running on ECS.

01

About the Business

The wholesale restaurant food distributor company, a $52 billion dollar corporation, is the global leader in selling, marketing, and distributing food products to restaurants, healthcare and educational facilities, lodging establishments and other customers who prepare meals away from home. Its family of products also includes equipment and supplies for the foodservice and hospitality industries. With more than 57,000 associates, the company operates 326 distribution facilities worldwide and serves more than 625,000 customer locations.

02

The Business Challenges

Primary Driver

Changes in security and governance requirements provided the company the opportunity to accelerate feature development and create an enhanced client experience.

When the company was required to move its resources out of legacy AWS accounts into a tightly regulated and managed enterprise governed account structure frameworks, they capitalized on the opportunity to move their produce distribution application, an application essential to their business, to infrastructure that was approved by the company, tightly managed, and highly stable. The application serves as the ordering website where all the company’s customers order produce, allowing them to list what they’re purchasing and dictate when to have it delivered. The site ran in Java with two database backends – AS400, which already had an API abstraction on top of it and needed no updates, and MySQL for session data.

Refactoring applications has previously proved too time-consuming in their experience, so they were hesitant to refactor the produce distribution application along with migration. The company also had new security requirements from its cyber security team, including SAST and DAST scanning requirements. These had previously been soft requirements but were now necessary for key applications like their produce distributor. Not abiding by these requirements could have resulted in cross-site scripting vulnerabilities and other security risks. With limited internal development cycles to comply, the company couldn’t add new features or changes to the application with the new requirements.

03

The Solution

After completing an application assessment, 2nd Watch identified the company’s produce distribution application as the perfect candidate for legacy containerization. They were already interested in moving to containers but didn’t know how or what strategy fit best. Additionally, outside of slight configuration changes, 2nd Watch determined that minimal changes to the existing application were required to run it in a stateless manner

Some of their key development pain points would be alleviated by containerizing their Java application and moving it into their managed Amazon Elastic Container Services (Amazon ECS) offering with CI/CD functionality. The ECS platform provided numerous beneficial features including optimized CI/CD for the company’s applications using GoCD, native Signal Sciences WAF integration to meet cyber security mandates, the ability to run and test the application in dynamic environments that closely resembled production, and improved testing options as the application was rolled out from source control to the production environment.

With the help of 2nd Watch, the wholesale restaurant food distributor successfully migrated its application from its previous architecture to the ECS platform, running on ECS. The company was already using a managed container platform, so the first step was determining what it would look like to run the application in a container and assisting the company’s developers in learning how to use Docker. Once the application was running in the container, 2nd Watch provisioned a development instance of the container platform and developed the end-to-end CI/CD pipeline for the application. 2nd Watch then repeated the process in a QA environment, staging, and finally in the production environment. Since the application was nearly stateless initially, the migration could be performed side-by-side with existing development and production instances in an iterative fashion.

The application’s new architecture includes improved features like an official Java Tomcat container on ECS, GoCD for CI/CD, Signal Sciences WAF front-end, AWS Application Load Balancer, Telcommanaged TLS certificates, and vanity URLs, and AWS Certificate Manager for end-to-end encryption inside the ECS platform.

04

The Business Benefits

With 2nd Watch serving as the company’s trusted advisor, training their development team on best practices, the process of migrating and containerizing its legacy application saved the company’s team nearly a year of efforts to learn basic Docker, understand how to separate their configuration into environment variables, and learn basic differences between running sticky-session load-balanced Amazon EC2 instances and running in Amazon Elastic Container Service (ECS). Now the produce distribution application is more performant, loading faster in the containerized environment. The company can focus on feature releases and quickly push changes out through a pipeline process rather than a manual process, reducing time to production from weeks to days.

As a result of this project, the wholesale restaurant food distributor is considering further changes to the application, including moving off MySQL and onto Redis for session data, and adding unit and integration tests to decrease development cycles, move to QA faster, and improve the quality of their software releases.