Our client needed to build a new secure and compliant customer-facing website that provides consumers details about a rebate program. The website also needed a portal that allows participating retailers to enroll for qualification, submit reimbursement claims, and report on program data (e.g., claims, status, reward amounts). The platform also needed to include a second portal that gives program administrators the ability to view reports and general program data, process submitted claims, validate, and mark them for payment.
We were approached by our client to help build and launch this new platform.
Creating a Resilient and Robust Cloud-Based Platform
We built the platform by using Acquia for front-end content management, Apigee for API management, Google Cloud Platform (GCP) with Google Kubernetes Engine (GKE) for back-end support, and Okta for customer identity and access management.
The admin portals were built using React and Drupal deployed within the Acquia hosting environment, which provides a platform-as-a-service (PaaS) solution for the hosting, security, and patching of Drupal. The portal accesses back-end services via Apigee, which provides a software-as-a-service solution for API management.
We leveraged various Apigee Edge components, including Apigee Edge Gateway, API Services, API Catalog, and API Analytics, for API Management. Apigee Edge provides the ability to enforce API management policies. API Services provide the foundation to manage, scale, secure, and build APIs. API backend-as-a-service (BaaS) simplified the functionality to build both web and mobile applications by providing a cloud datastore and services that include user management, push notifications, geolocation services, and social networking. The API Catalog allows developers to document their APIs for future learning, testing, and evaluation. Edge API Analytics collects information from the traffic flowing through the proxies and provides insights into trends, popularity, performance, and geolocation.
Back-end services were deployed within the GCP hosting environment to provide global, world-class security and scale with a multitude of service offerings to provide a rich and robust storage environment to support the rebate program platform. Specifically, we leveraged the following GCP components: GKE, Cloud SQL, Cloud Storage, Cloud Identity and Access Management, Cloud Armor, Pub/Sub, Cloud Scheduler, Artificial Intelligence/Machine Learning (AI/ML) AutoML for natural language processing and vision, Stackdriver, BigQuery, and Google Data Studio.
Microservices were deployed using GKE. The GKE clusters and the Cloud SQL instances were deployed regionally for high availability and application resilience. We implemented a fully managed PostgreSQL database service to store service data.
Next, we utilized Anthos Service Mesh for improved security and increased deployment velocity to enable the ability to observe micro-service communication with visual- and metric-driven dashboards. This improved the monitoring of services, which aided in identifying latency and error rates and allowed our client to implement service level objects (SLOs) to maintain 99.95% availability required for service level agreements (SLAs).
Additionally, we implemented globally unified, scalable, and highly durable object storage to store user inputs for additional processing from the service environment. GCP identity and access management service provided the appropriate access control for the rebate program environment with multi-factor authentication.
The remaining GCP components leveraged include Cloud Armor to restrict access to the back-end environment, Cloud Pub/Sub, a fully managed, real-time messaging service, that allows asynchronous messages to trigger processing of incoming user data, and Stackdriver to store, search, analyze, monitor, and alert on log data and events from the services.
The Okta Identity Cloud provided one trusted platform to secure user access into the portal environment. Okta is a single source for user lifecycle management, token management, and user identification, authentication, and authorization. Okta will also interact with Apigee for API protection.
GCP AI/ML services support claims processing of documentation, including customer agreements. The solution also utilizes Google Analytics to collect and present real-time program data.
DevOps Processes to Reduce Costs and Enable Rapid Adoption
We implemented DevOps processes following the “everything-as-code” principle to reduce costs and enable rapid adoption across the enterprise. We deployed infrastructure using Terraform and Kubernetes resources with a Helm chart. We maintained state of Kubernetes clusters with GitOps continuous deployments and Jenkins. We built and deployed applications to the development environment as Docker images using Helm and a shared library in Jenkins, reusing the same pipeline for over ten applications. Docker images and Bitbucket commits were tagged for auditing purposes. We deployed applications to test and production environments using a single pipeline leveraging Helm and per-application Helm settings files.
Results
Portal Delivers Immediate Value to Consumers and Retailers
The website successfully launched as an app available on both desktop and mobile browsers.
Due to a set release date, the infrastructure was built in parallel with the development of the overall solution. The project was tightly managed utilizing an Agile/Scrum approach and functionality was released every two weeks to align with the customer expectations.
Since the launch, millions of dollars have been rewarded to customers.
