Superside is a VC-backed (Y-Combinator) always-on company that supplies marketing and sales design, at scale, to enterprise teams. Benefiting from the gig economy, Superside provides its clients with a dedicated team of pre-screened freelance designers via a design subscription service. Superside’s platform enables design collaboration, and it delivers reliable and fast (12-hour) turnarounds at one-third the typical agency cost. To learn more, go to www.superside.com.
Online, Subscription Design Services
Palo Alto, CA
Improve performance efficiency, enhance security, and optimize costs.
Migration, DevOps — Infrastructure Buildout using GitOps methodology
Improved performance efficiency
We were impressed with nClouds’ recommended architecture for a unified deployment platform. They truly became an extension of Superside’s team as we implemented the migration.”
CTO & Co-founder, Superside
An AWS account manager introduced nClouds to the Superside team. After a series of calls to discuss Superside’s current-state architecture, nClouds determined that Superside would benefit by migrating services from AWS Elastic Beanstalk to AWS Fargate on Amazon ECS, and converting staging from Amazon RDS for MySQL to Amazon Aurora MySQL. Impressed with nClouds’ assessment, Superside decided to move forward with nClouds’ proposal.
Superside wanted a unified deployment platform to provide improved performance efficiency, enhanced security, and optimized costs for their compute workload.
Superside's existing workload had services running in AWS Elastic Beanstalk (in multi-container Docker mode), and Amazon Elastic Container Service (Amazon ECS). nClouds used HashiCorp Terraform to build the infrastructure to support apps in a serverless environment using AWS Fargate on Amazon ECS, and built a CI/CD pipeline for these services in Jenkins (replacing Atlassian Bamboo). The new Amazon ECS cluster has multi-zone availability, AWS Auto Scaling policies, and integration with AWS Systems Manager Parameter Store.
Before migration, Superside was using two databases — RDS Aurora MySQL in prod and RDS MySQL in staging. Post-migration, Aurora MySQL is being used in both prod and staging.
nClouds used GitOps methodology to provide Superside’s new architecture with infrastructure as code (IaC), system configuration as code, application configuration as code, and application source code.
In the new architecture, AWS Security Hub, Amazon GuardDuty, Amazon SQS, Amazon SNS, Amazon CloudWatch, Amazon Route 53, and Datadog reside on AWS.
nClouds implemented an Amazon VPC on AWS consisting of a multi-AZ setup (three AZs) to handle failover. Within the Amazon VPC resides AWS ALB, AWS WAF, Amazon CloudFront, three private subnets, and three public subnets.
An internet gateway enables two-way communication between public subnets and the internet. An Amazon VPC NAT Gateway enables a one-way connection for resources in the private subnet to access the internet.
Teaming with nClouds, Superside migrated services from AWS Elastic Beanstalk to AWS Fargate on Amazon ECS to create a unified deployment platform for their compute workload. The project has yielded numerous benefits:
nClouds integrated Distributed Load Testing for Superside’s web application in the build stage to capture performance metrics that identify bottlenecks or excess capacity. Amazon CloudFront accelerates both static content such as images, scripts, and videos, as well as dynamic content such as APIs or web applications. AWS ALB distributes incoming application traffic across multiple targets in multiple AZs to improve application availability. Amazon Route 53’s latency-based routing helps improve Superside’s application performance for a global audience.
The new infrastructure includes AWS Security Hub to aggregate, organize, and prioritize security alerts or findings from multiple AWS services. IAM users have been moved to IAM roles wherever possible to enable the granting of temporary access to AWS resources for a particular user instead of providing automated access. OpenVPN in a public subnet provides secured access to Amazon EC2 servers in the private subnet. Amazon GuardDuty is enabled in the Region where the workload is deployed. Managed rules have been implemented for Superside’s existing AWS Web Application Firewall (AWS WAF). SonarQube and Clair were integrated during the build stage of the CI/CD pipeline.
Superside’s containers have been cost-optimized by implementing need-based scalability. Amazon SQS and Amazon SNS scale in performance and cost in line with usage, allowing efficient cost allocation and attribution. AWS Auto Scaling adjusts Superside’s capacity to maintain steady, predictable performance at the lowest possible cost.
You can also email us directly at firstname.lastname@example.org for your inquiries or use the form below