Elevating Quality & Efficiency in the Optical Lenses Industry through Infrastructure as Code

• Enhancing the quality of internal tools for deployment and upgrade by employing Infrastructure as Code (IaC) solutions.
• Adapting Azure’s architecture to ensure a secure and highly available Azure Kubernetes Service, complete with custom routes essential for Firewall service.
• Multi-cloud strategy for security and cost optimization

Our client is a well-established German company with a rich history dating back to 1846. They are known for their expertise in optical systems and optoelectronics. Their business operations span across four major segments – Industrial Quality and Research, Medical Technology, Consumer Markets, and Semiconductor Manufacturing Technology. The company has a strong global presence, operating in nearly 50 countries with approximately 30 production sites and around 25 development sites worldwide.

The optical lenses industry is a realm where precision and detail are paramount. A leading player in this sector faced significant challenges in managing the deployment and upgrade of their internal tools. The existing Azure architecture did not provide the desired level of security and availability for their Azure Kubernetes Service, and the need for custom routes for the Firewall service was not being met. The objective was to enhance the infrastructure quality for their lens calculation components, addressing all pain points such as security updates and bug fixes.

The primary challenge was designing a new architecture on Azure based on the Azure Kubernetes Service solution, packed in Terraform modules. It was crucial that all outbound and inbound traffic went through the Firewall service. Additionally, the Azure Kubernetes Service needed to use Azure Active Directory to authenticate users inside the Kubernetes cluster.

The client’s internal tools, essential for the DevOps team, needed to be easy to update, fix, or rollback. Creating test scenarios for Ingress Nginx upgrade in the Kubernetes cluster, including SSL certificate generation and testing current rules on the cluster, was another critical requirement.

With our expertise in CI/CD pipelines, DevOps, advanced Terraform usage, Python, Docker, and Azure cloud, we set out to transform the client’s technology landscape.

We began by redesigning their Azure architecture, integrating Azure Active Directory with Azure Kubernetes Service for user authentication inside the Kubernetes cluster. All inbound and outbound traffic was directed through the Firewall service, enhancing security and control.

The internal tools were migrated to the AWS cloud, where we prepared a Terraform module to manage them effectively. This change significantly improved the tools’ management, making them easier to update, fix, or rollback as needed.

To further streamline operations, we converted all infrastructure from Terraform code to Terraform modules. This approach reduced the use of the same code across different environments, minimizing human errors and differences between environments. For instance, we were able to reduce the code five times across five environments.

The transformation was profound. We designed a clear and understandable flow of changes within the infrastructure, providing an easy-to-follow model for feature development, version upgrades, and rollbacks.

The new infrastructure not only improved the quality of lens calculation components but also significantly enhanced security updates and bug fixes. By leveraging cutting-edge technologies and advanced practices, we delivered a solution that truly revolutionized the client’s operations in the optical lenses industry.