Overview:
In this section we’ll take a look at what computing infrastructure sits under the BlinkMobile Platform. Whilst the infrastructure is mostly invisible since activity-specific high-level interfaces such as CLIs and APIs shield you from the details of operations, most people want to know what’s going on “under the hood”.
The value of well managed Operations should not be underestimated. One of the great benefits of the BlinkMobile Platform is that it brings together a wide set of mostly open-source tools and services and hosts them in a robust and secure manner with SLAs for uptime and support. On top of that we simplify access to and operation of those services and provide single sign-on access to all of them. In this section and the next we look at the computing and software infrastructure components used.
Operational Features
All BlinkMobile services are run in Amazon Web Services (AWS). BlinkMobile are an AWS Advanced Technology Partner with Mobile Competency. That qualification requires considerable expertise and operational experience to achieve and maintain.
The key things to know about our operations are:
Robust Infrastructure
We operate a “designed for failure” environment. That doesn’t mean it’s designed to fail, of course, but that we anticipate a failure of any part of the operational environment and ensure there is an alternative resource that will be used.
For all clients (multi-tenanted or EPS) the BlinkMobile Platform operational architecture is deployed with multiple, load-balanced, server instances for every service which are spread over more than one AWS Availability Zone. Availability Zones are geographically separate data centres connected with low-latency links (ie. very fast ones) in the same region.
For some operations (such as running your custom Server APIs deployed with the Server API Deploy CLI) we deploy in a Serverless infrastructure that sits on AWS’s Lambda Compute Service. This really is the next generation of cloud services. Lambda effectively scales in an unlimited manner across multiple Availability Zones in an AWS Region so you do not run out of resources as you could on a more traditional virtual machine.
We run the AWS CloudWatch monitoring service extensively with alarms for hundreds of potential issues.
No-downtime upgrades
When BlinkMobile services are ready to be upgraded we announce parallel “release candidate” services against which to test your solutions prior to making the upgrades. Provided no major issues are reported the release candidates become the production services at an announced time by pointing the production Load Balancers at the new services. This means there is no downtime.
The previous production services are left running for a period. Should there be any issues with the new production services then the Load Balancers can be reset to point at the old services again.
Threat mitigation
At BlinkMobile, monitoring and dealing with potential threats is of utmost importance. Utilising AWS resources such as CloudWatch, third party services like Librato and BlinkMobile's own internal software, BlinkMobile Operations team members are alerted to any changes to any deployed service. All BlinkMobile AWS Infrastructure is architected with security in mind, with the use of Bastions, AWS Security Groups and AWS Access Control Lists to sufficiently lock down any service.
BlinkMobile developers and operation team members are active in the IT Industry and use this to gain information about disclosed vulnerabilities. When new applicable vulnerabilities are disclosed, BlinkMobile works closely with AWS to determine the impact, and form a plan of attack designed to mitigate the vulnerability.
EPS customers may run vulnerability scans on their solutions in collaboration with BlinkMobile and AWS.
Backups and Recovery
In the unlikely event of a customer deleting or corrupting aspects of their solution development or deployment environment, BlinkMobile can recover any solution assets kept within the BlinkMobile platform to any 1 minute period over the previous 35 days of operation through AWS recovery tools. Beyond that BlinkMobile keeps regular snapshot backups of all customer assets in the platform.
Next:
2.4 - Technology underpinnings - software