Investment Management, Retail, Property, and BankingLOCATION
The PhilippinesUSE CASE
Lead Time for Changes, Time to Restore, and Change Failure Rate Improved.
Introduction with a Summary of the Case Study
In this case study, we explore how an enterprise group of companies, SM Investments Corporation (SMIC), supports the application health of its business units, which are spread around different industries. This enterprise group is revolutionizing its software applications by using the latest modern approaches in the cloud, like “serverless.” There is a constant amelioration in SMIC’s applications through the use of efficient compliance and evaluation of success metrics. Thundra's important role in the perpetual improvement of software development practices and DevOps success metrics has made SMIC's job even simpler.
A 62-Year-Old Enterprise Foundation
SMIC is a dominant and dynamic conglomerate company in the Philippines that has major investments in market-leading businesses in retail, banking, and property. Founded in 1958, SMIC has demonstrated its leading presence with a rising presence in China, and by innovating to provide the best value in products and services across various customers.
The business units of SMIC are served by IT Shared Services, with Chester Brian Guerrero (Senior Manager and Cloud Security Architect) and his team serving as key players. This team’s mandate is to support all of the SMIC’s companies, which numbers around 500 companies in total at the moment. Elouise Cerrudo is working as a DevOps Manager in the DevOps team, helping the developers maintain their applications and ensure they work smoothly and flawlessly.
Supporting a Variety of Business Units in Various Industries
As mentioned before, SMIC invested in businesses in the retail, banking, and property industries. The IT Shared Services division supports all of the business units of SMIC in these industries using the following methods and strategies:
- Migration from On-Premises to Cloud Services
- Data & Analytics Services
- DevOps Services
SMIC’s companies have thousands of applications, both in-house and client-facing. All of those applications that are on the cloud are hosted on the AWS cloud, which is SMIC’s main cloud vendor due to the platform’s reliability and trustworthiness. The DevOps team provides a CI/CD platform specifically for the DevOps team of IT Shared Services, which is based on the cloud-based Jenkins enterprise and that offers integrated tools for software composition analysis, static application security testing, and dynamic application security testing. Overall, the framework provided is DevSecOps.
Thundra gives our developers meaningful insights, which eases the pain of debugging serverless application
In general, SMIC business units manage hundreds of applications. While some are still on-premises, there has been a major shift to the AWS cloud and serverless architectures. In SMIC, the architecture of a software application must comply with cloud standards and security policies. To ensure this practice, many solutions architects working for different business units evaluate the solutions going through the compliance processes, using the IT Shared Services division’s vital KPIs as Service Level Agreements (SLAs). The SLAs between IT Shared Services and the business units of SMIC essentially demonstrate how well they support the overall software infrastructure, and the IT Shared Services division makes sure that it maintains the uptime with the business units of SMIC.
The DevOps team in the IT Shared Services division has multiple environments (AWS accounts): Development, Test/QA, Staging, and Production. The team members manage hundreds of AWS Lambda functions in each environment, and the high-level architecture is event-driven. At the front door of the application, they have multiple APIs with Amazon API Gateway. For the backend logic, they naturally use AWS Lambda functions; for storing static assets, they use Amazon S3; and for the database, they use MongoDB. Overall, they support both a mobile application and a web-based application.
Shifting to AWS Cloud
When one of the business units that ITSS supports conceptualizes new digital services like the MySM project, the team begins by designing everything serverless from the ground up. This approach is the same when it comes to modernizing the legacy applications of SM, shifting them from on-premises to the AWS cloud.
As an example, there are multiple applications in the SMIC group of companies, such as SM Supermalls, SM Cinema, SM Ticket, and etc. All of those applications had separate authentication/authorization flows, which made it difficult to manage all of them in one place. They wanted to build an SSO for all those applications and consolidate them under an SSO.
The original idea was to create a single backend for all the applications so customers would be able to log in using the same account across all of SMIC’s applications. Developers started conceptualizing the project with the idea of leveraging containers, but eventually shifted to serverless instead because developers found it much easier to build the system this way. Additionally, serverless was much more cost-effective and scalable for the project compared to containers. At first, ITSS architects was concerned that the project might hit a wall with serverless, but as time went by, the team was able to meet all of their requirements by using AWS’s serverless services.
What About Observability? Challenges Bring Solutions
ITSS team leverages different tools to manage cloud applications, including Amazon CloudWatch and AWS X-Ray, which are native tools of AWS that are utilized for logs, metrics, and traces. Although these tools work well, they do not provide a sole focus for troubleshooting and debugging solutions while working with multiple event-driven applications.
One of the biggest challenges of the IT Shared Services division has been managing the uptime of services, making it the most critical problem for the DevOps team. Additionally, the developers need visibility in complex cloud architectures. They work with multiple AWS accounts and find it hard to understand errors and troubleshoot while keeping up with the SLAs.
How Thundra Came to the Rescue
AWS Marketplace is a marvelous place to find the best, most efficient solution for your company’s needs and requirements. That’s how Chester and Elouise found and subscribed to Thundra during their search for the best solution to detect bottlenecks in their complex event-driven architectures and trace those events across applications.
“The finest benefit of leveraging Thundra is that it provides us with a single pane of glass, disclosing where the anomalies in our applications are,” says Chester Guerrero. “It is also a great application monitoring tool, combining capabilities with performance optimization that we utilize to find the problematic parts of our applications.”
Another weighty requirement that Thundra resolves is visibility on cost. The DevOps team always keeps an eye on the most costly functions metric on the Thundra dashboard, along with daily and weekly Thundra reports. “All of these capabilities are not available in other tools under one platform. Thundra provides a holistic view of application health and makes our developers’ and DevOps people’s lives easier,” says Elouise Cerrudo.
A Perfect Fit for Continuous Improvement
Before leveraging Thundra as their observability platform, the developers were quite literally playing a guessing game. Thundra’s benefit to the developers was evident by the performance increase of applications. Before Thundra, the developers were trying to find the right balance between how much memory was used for the Lambda functions, how much they really needed to allocate, etc. They used to monitor applications manually. After leveraging Thundra, not only did developer productivity improve, but applications started to perform better due to the visibility that Thundra provided them. Using Thundra, developers are now able to find the optimal configuration for applications since they have granular visibility into application architectures.
Chester Brian Guerrero
Enterprise Solutions Architect
Thundra provided us that single pane of glass and ease of use that we just couldn’t find on any other similar tools.
Proof of Success
In terms of monitoring, there are four metrics that IT Shared Services management looks at: Deployment Frequency, Lead Time for Changes, Time to Restore Services, and Change Failure Rate, which are the four key DevOps metrics that many enterprise organizations turn to. The projects that leverage Thundra have seen the changes pictured below.
Thundra helps developers optimize the performance of their applications with ease. It acts as a magnifying glass for applications, revealing errors and latencies at a glance. As a result, applications’ health improves and SLAs are met. Developers love Thundra because it is one of the most developer-friendly tools available for overall application observability.