1,600+EC2 Instance
206Services
142Services
800+VM
Amorepacific is a global beauty company with a history of 78 years, and has more than 40 brands that encompass cosmetics, household goods, and healthcare. It is a leading company in the market by driving innovation starting with e-commerce and digital marketing.
MegazoneCloud has supported various businesses, including Amorepacific's cloud transformation into AWS, migration, data platform construction, and AI recommendation system, and completed Pre-Mig of 30 systems.
Challenges
- Management limitations on IT resources operating on-premise
- Migrating Microsoft Windows workloads and building servers in AWS
- Lack of expertise in managing cloud infrastructure
- Lack of efficient design, verification, and construction capabilities for cloud infrastructure
- Analyze whether your solution meets AWS and Microsoft best practices for security, availability, scalability and more
- Need for cost-saving measures based on diverse cloud operation experiences
Our Role
Amorepacific has aimed to step-by-step cloud transition to provide a differentiated customer service experience, and secured agile market response and service stability based on 100% cloud conversion.
[Key Point]
- Provides Dev Ops-based cloud management services
- Large-scale migration of IDC 800 VMs in progress
- Support for migrate Microsoft workloads such as Windows Server to Amazon EC2
- Build a solution that runs Microsoft Windows workloads with Amazon EC2
- Systematic documentation of the currently running cloud infrastructure
- Establishment of SR processing process based on SLA
- Continuous improvement of business processes to improve cloud infrastructure efficiency
- Realizing cost savings through regular evaluation of infrastructure usage
- Establishment of diagnosis and transfer strategy for the transfer of AWS of Songdo IDC Resources (800+)
Outcomes
Operation Process Improvement
- Customers run Microsoft Windows workloads from existing on-premises to AWS Cloud
- Establishment of cloud infrastructure operation indicators such as E2E Lead Time and downtime
- Securing operational governance and establishing clear CMS operation guidelines
- Improving the operation system and process based on quantitative judgments for each statistical indicator.
Performance Improvement
- Regular operational checks and proactive improvement to enhance user satisfaction
- Reduction of SR processing time for field requests and improved response time for incidents
- Cost reduction through infrastructure resource optimization
- Implementation of more than 10 business request forms in the Zendesk-based system and integration with Jira
- Systematic cloud infrastructure monitoring through Datadog
- Real-time integration and distribution of monitoring information through Slack channels
Architecture
Amorepacific Landing Zone Network Egress/Ingress Traffic Flow
Network Architecture
- Egress VPC: Configurate Each Prod/Stg/Dev
- Workload VPC: Production/Staging/Develop/Shared
- Availability Zone Using 2a/2b/2c (Main : 2a/2c)
- For Egress-Dev VPC, use only Availability Zone 2a
- VPC/Subnet is shared after created in Network Account
- Workload Prod/Stg/Dev/Shared VPC||
- Egress traffic configures GWLB FW Inspection (One-Arm)
- Ingress/East-West Traffic Does Not Configure FW Inspection
Traffic Flow
Case #1. HTTP/HTTPS Traffic →
- Request Client → IGW→ ALB→ WAF→ EC2
- Response EC2→ ALB→ IGW→ Client
Case #2. TCP Socket Trafic →
- Request: Client → IGW→ NLB→ EC2
- Response EC2 NLBIGW→ Client
Case #3. Workload Egress Traffic →
- Request: EC2 → TGW→ GWLBe→→ G/W LB → FW→ NAT→ IGW → Internet
- Response: Internet → IGW → GWLBE → G/W LB → FW → TGW → EC2