About the Project

  • Industry
    Optical Lenses
  • HQ
  • Duration
    2 years
  • Area
  • Enhancing the quality of internal tools for deployment and upgrade by employing Infrastructure as Code (IaC) solutions.
  • Adapting Azure’s architecture to ensure a secure and highly available Azure Kubernetes Service, complete with custom routes essential for Firewall service.
  • Multi-cloud strategy for security and cost optimization

About the Client

Our client is a well-established German company with a rich history dating back to 1846. They are known for their expertise in optical systems and optoelectronics. Their business operations span across four major segments – Industrial Quality and Research, Medical Technology, Consumer Markets, and Semiconductor Manufacturing Technology. The company has a strong global presence, operating in nearly 50 countries with approximately 30 production sites and around 25 development sites worldwide.

Background info

The optical lenses industry is a realm where precision and detail are paramount. A leading player in this sector faced significant challenges in managing the deployment and upgrade of their internal tools. The existing Azure architecture did not provide the desired level of security and availability for their Azure Kubernetes Service, and the need for custom routes for the Firewall service was not being met. The objective was to enhance the infrastructure quality for their lens calculation components, addressing all pain points such as security updates and bug fixes.

The Challenge

The primary challenge was designing a new architecture on Azure based on the Azure Kubernetes Service solution, packed in Terraform modules. It was crucial that all outbound and inbound traffic went through the Firewall service. Additionally, the Azure Kubernetes Service needed to use Azure Active Directory to authenticate users inside the Kubernetes cluster.

The client’s internal tools, essential for the DevOps team, needed to be easy to update, fix, or rollback. Creating test scenarios for Ingress Nginx upgrade in the Kubernetes cluster, including SSL certificate generation and testing current rules on the cluster, was another critical requirement.

The Solution

With our expertise in CI/CD pipelines, DevOps, advanced Terraform usage, Python, Docker, and Azure cloud, we set out to transform the client’s technology landscape.

We began by redesigning their Azure architecture, integrating Azure Active Directory with Azure Kubernetes Service for user authentication inside the Kubernetes cluster. All inbound and outbound traffic was directed through the Firewall service, enhancing security and control.

The internal tools were migrated to the AWS cloud, where we prepared a Terraform module to manage them effectively. This change significantly improved the tools’ management, making them easier to update, fix, or rollback as needed.

To further streamline operations, we converted all infrastructure from Terraform code to Terraform modules. This approach reduced the use of the same code across different environments, minimizing human errors and differences between environments. For instance, we were able to reduce the code five times across five environments.

The Outcomes

The transformation was profound. We designed a clear and understandable flow of changes within the infrastructure, providing an easy-to-follow model for feature development, version upgrades, and rollbacks.

The new infrastructure not only improved the quality of lens calculation components but also significantly enhanced security updates and bug fixes. By leveraging cutting-edge technologies and advanced practices, we delivered a solution that truly revolutionized the client’s operations in the optical lenses industry.

Scope & Highlights

Multi-cloud solution

Reduction of human error

Cost optimization of each cloud environment

1 Senior DevOps/ Cloud Engineer


What our partners say about us

After carefully evaluating suppliers, we decided to try a new approach and start working with a near-shore software house. Cooperation with Hicron Software House was something different, and it turned out to be a great success that brought added value to our company.

With HICRON’s creative ideas and fresh perspective, we reached a new level of our core platform and achieved our business goals.

Many thanks for what you did so far; we are looking forward to more in future!

hdi logo
Jan-Henrik Schulze
Head of Industrial Lines Development at HDI Group

Hicron is a partner who has provided excellent software development services. Their talented software engineers have a strong focus on collaboration and quality. They have helped us in achieving our goals across our cloud platforms at a good pace, without compromising on the quality of our services. Our partnership is professional and solution-focused!

NBS logo
Phil Scott
Director of Software Delivery at NBS

The IT system supporting the work of retail outlets is the foundation of our business. The ability to optimize and adapt it to the needs of all entities in the PSA Group is of strategic importance and we consider it a step into the future. This project is a huge challenge: not only for us in terms of organization, but also for our partners – including Hicron – in terms of adapting the system to the needs and business models of PSA. Cooperation with Hicron consultants, taking into account their competences in the field of programming and processes specific to the automotive sector, gave us many reasons to be satisfied.


PSA Group - Wikipedia
Peter Windhöfel
IT Director At PSA Group Germany

Get in touch

Say Hi!cron

    Message sent, thank you!
    We will reply as quickly as possible.

    By submitting this form I agree with   Privacy Policy

    This site uses cookies. By continuing to use this website, you agree to our Privacy Policy.

    OK, I agree