06.05.20

Troops Case Study

By JP La Torre

Company

Troops’ mission is to make business software human, so work gets easier, information improves, teams sell more, and business grows. Troops revenue communications software improves CRM data quality, automates administrative work, enhances visibility, and enables collaboration. Troops works with world-class brands including Slack, Twilio, DoorDash, and Stripe to improve forecast accuracy, organizational transparency, and win rates.

Project Dates
October 2018 – May 2020

Objective
Support all infrastructure and environment modernization (both non-prod and production environments) and provide much-needed resources to allow Troops’ in-house staff to concentrate on product development.


Caylent is an incredibly experienced and knowledgeable company. Their team helped us get up to speed with all AWS practices and quickly roll out Kubernetes.

– Greg Ratner, CTO @ Troops.ai


Challenge

Troops was seeking a DevOps partner with the expertise to manage day-to-day infrastructure administration and provide support for the Troops development team in accelerating product development and releases. The Troops team was looking for a broad scope of support, skills, and development expertise that made hiring an additional in-house team member challenging and expensive. The company had accrued a backlog of technical debt that they knew needed to be paid down while allowing internal staff to focus on value generation surrounding product innovation and delivery. Caylent’s deep domain expertise in Cloud Native and AWS offered a clear value proposition to free up precious development resources from time-consuming infrastructure management and provided operational enhancements in the form of best practice advice, skills, and tools.

Solution

Caylent’s initial work with Troops began with a simple pilot task to containerize a few services and develop Helm charts to manage the deployment and management of those processes that weren’t already running on Kubernetes. Caylent also began to migrate self-hosted Kubernetes deployed on EC2 instances using kops to Amazon Elastic Kubernetes Service (Amazon EKS) based on Caylent’s recommendation. Moving to EKS helped Troops leverage the benefits of Amazon EKS’ fully managed Kubernetes service without having to manage⁠ the control plane. The transition also liberated the company’s internal staff to concentrate on product development while Caylent managed all the heavy lifting in its cloud environments. 

Following the success of the pilot task, Troops and Caylent engaged on a long-term two-phase DevOps approach that deputized our team to oversee infrastructure governance and architect and implement a DevOps roadmap. The engagement began with a discovery process to get a clear picture of Troops’ baseline infrastructure, application, and database layers. Caylent’s discovery process examines and analyzes how such environments can be supported, audited, and improved over time.

As an enterprise B2B software company, SOC 2 compliance is integral to a security-conscious business like Troops. Recognizing this, Caylent conducted a highly compliant, collaborative onboarding process to provide technical support as soon as possible. This effectively established our team as an extension of the company’s entire IT department—Caylent engineers signed Troops’ Code of Conduct and Employee Handbook. Troops’ saved themselves the arduous task of hiring in-house and expedited DevOps support to make immediate advances in performance and operations. 

Given Troops’ SOC 2 Type II status, yearly audits are an important component in staying compliant, implementing successful vendor management programs, and outlining internal governance and risk management plans. Since engaging with Caylent, Troops has been successful in passing its full annual audit and disaster recovery exercises. As part of the company’s SOC 2 compliance process, Caylent assisted Troops in federating access to and encrypting it’s personally identifiable information (PII) data using StrongDM to ensure all the company’s sensitive information is handled according to information security risk procedures. Lack of federated identity access can pose significant challenges for IT organizations, especially those working with PII and PHI.

On top of compliance tasks, Caylent also supported the Troops team with the integrations between the company’s in-house CI/CD tool (written in Scala with controls baked in) and its new environments. The tool is instrumental to the code releases in all of Troops’ environments so the Caylent team helped make enhancement tweaks to provide the development team a greater degree of release autonomy.

As part of the engagement, the team at Caylent also managed all Troops’ Kubernetes environment upgrades starting in QA and Development before advancing on to all the Production environments more recently. We ensured all nodes were drained and carefully coordinated the work so that Troops’ clients experienced zero downtime during upgrades. We also helped the Troops team in designing and implementing a new application secrets management strategy, which was successfully implemented by leveraging Kubernetes ConfigMap objects and AWS KMS.

In addition, the team ported all the company’s legacy CloudFormation templates into Terraform. Terraform provides a way to view changes before they go live, the syntax (HCL, HashiCorp Configuration Language) is easier to read, and it allows code to be split into multiple files making future configuration management a lot easier. 

With these infrastructure improvements, Caylent helped Troops to ensure a smooth experience running production-grade environments in Amazon EKS. Ongoing tasks that Caylent covered from the company’s technical backlog included monitoring/logging/alerting improvements, applying patches, addressing service interruptions, and conducting other preventative maintenance via a proactive approach.

Within Amazon EKS, Caylent also assisted Troops in implementing a fine-grained IAM role for its service accounts solution (also known as IRSA), so each application component gets access to the AWS resources it needs according to the principle of least privilege. These unique IAM roles for service accounts can be used by individual pods running on a Kubernetes cluster to improve fine-grained control over the permission sets per pod. The different environments were isolated in AWS using one account for each.

Testimonial


Caylent is an incredibly experienced and knowledgeable company when it comes to DevOps. Their team helped us get up to speed with all AWS best practices and quickly roll out Kubernetes on EKS. We are fortunate that we were able to find such a reliable partner so we could focus on product development without sacrificing quality of infrastructure and ultimately reliability.

– Greg Ratner, CTO @ Troops.ai


About Caylent

Caylent provides a critical DevOps-as-a-Service function to high growth companies looking for expert support with Kubernetes, cloud security, cloud infrastructure, and CI/CD pipelines. Our managed and consulting services are a more cost-effective option than hiring in-house, and we scale as your team and company grow. Check out some of the use cases, learn how we work with clients, and read more about our DevOps-as-a-Service offering.