Introducing SpecMesh: An open source spec-driven data mesh methodology

Read more
Start ups

How OSO helps Detected’s clients avoid the $200 billion fraud problem in B2B digital commerce

Created during the pandemic, Detected had a big mission and needed a partner with the technical ability to act as an extension of its own team and help it to scale its vision.

3

months from idea to production

2+

Releases per week instead of two a month

1

Month for new infrastructure to deployed

Quotemark

OSO took our startup prototype and turned it into a fully functioning platform in just three months. We’re so happy with the results.

Peter Youell CTO | Detected

What did OSO provide?

  • AWS infrastructure via infrastructure as code
  • Built secure, efficient cloud applications using AWS Well-Architected framework
  • Deploying various applications with Kubernetes
  • GitOps focused CI/CD pipeline
  • Datadog integration to analyse and protect the various applications

The Company: Detected

Critical infrastructure component for next-generation KYB compliance.

Based in London, Detected is a business verification platform with a global client base. As a Know Your Business (KYB) platform created specifically for marketplaces, it uses advanced analytics to protect buyers and sellers from fraud using thousands of data points to determine the identity, location, solvency, and capability of a potential partner in seconds.

High level process flow diagram for Detected

The Challenge ❌

Prior to OSO’s involvement, Detected’s team didn’t have enough capacity or the necessary skills required to build the infrastructure needed. Detected also needed to ensure it had the necessary cyber security requirements in place. As a start-up, budget constraints meant the platform needed to be as cost-effective as possible. The team knew they had a brilliant product that could be a real game changer in the industry from the initial prototype but needed more support to turn it from an idea into a fully functioning platform.

Detected was also required by its investors to acquire a certain number of new customers to get to the next level of funding available. This meant that the project needed to be completed quickly to unlock valuable investment.

The Solution 😊

To determine the level of support that the Detected team needed, OSO held a discovery workshop using the 5D methodology. During this phase we held a series of discussions to understand the product vision, features, the platform, and technology it would be built on. In collaboration with the application developers at Ranium, the OSO team took the time to understand the scope of the Minimum Viable Product (MVP) in order to create a cohesive infrastructure roadmap and the skills required to deliver each component.

 

To achieve Detected’s tight time deadlines, it was important to get Ranium developers building side by side with the OSO team. This team would share more than just skills, they were to share how GitOps can transform application delivery, empowering developers and how the model could boost collaboration, reliability and autonomy.

 

Detected’s product consisted of microservices, more or less independent from one another, running on two Kubernetes clusters, for development and production. The OSO team selected Kubernetes clusters for their ease of use and availability on the AWS platform.

Embracing GitOps

Following best practice OSO wanted to leverage the advantages of having a fully automated, independent delivery process for each microservice. Using GitHub actions to build a Docker image and store it in the AWS Elastic Container Registry, each development team could rapidly iterate on new features in a controlled and self container manner. Whenever a Pull Request (PR) is merged into the master branch of the source repository the GitHub Action would trigger, building the Docker image and publishing the latest changes to the AWS Elastic Container Registry.

 

Taking learnings from previous engagements, it is deemed best practice by the OSO team to group common manifests into a single responsibility and separate client specific deployments. This allows a relatively small skilled DevOps team to manage a large number of Kubernetes clusters across a wide range of clients, enforcing security, consistency and standardisation of repeatable components.

 

On the EKS cluster itself, FluxCD manages the lifecycle of Detected’s services. Flux is the main tool to facilitate GitOps, and it’s easy to install and comes with a number of other components (Source Controller, Kustomize Controller, Helm Controller and Notification Controller). A more detailed description of the ToolKit can be found here.

 

Flux pulls a configuration manifest like Helm or Kustomize from a private GitHub repository and applies it to a Kubernetes cluster. If there is an issue during deployment, Flux will continue to sync the current cluster state to the desired state, as defined and report back the status to the Notification Controller. To ensure only people with the correct permissions can see the cluster states, the OSO team integrated the full Role Based Access Control at the cluster level.

 

With the changes in place, Detected achieved a clean split between the image build and deployment processes. Flux and especially its toolkit have also lightened the cognitive load for engineers to monitor the deployment status of applications, allowing more focus on creating business value. A side benefit is that engineers are more confident about owning their services all the way to production, as they can now spot, mitigate, and fix problems in production quickly and independently.

 

And finally, this setup could be easily replicated as a template for new projects and services when Detected grows or when teams specialise further.

GitOps Deployment Process
What Did OSO Deliver?

Some of the most exciting things we are proud of:

  • Fully Functional Production Environment in 12 Weeks – Using the latest Infrastructure as Code (IaC) modules, the OSO team were able to stand up all the AWS services required by the Detected platform to serve its first customers.
  • Secure by Design – OSO followed the principle that everything is hardened by default, meaning the underlying operating system has been fine tuned on security.
  • Agile Project Management – OSO’s approach to project management favours small iterations and honest feedback throughout all phases of the project. And it just might change the way your organisation works.
  • Collaborative Relationship with Multiple Teams – Coordinated and assigned liaison activities to communicate across teams and with other development teams to avoid isolation and ensure information flow to be able to better foster innovation and inclusion.
  • Support – 24/7 support AWS infrastructure, from start to finish.
What Services did OSO Deliver?

Here’s a more in-depth look at the tools we configured:

AWS Services:
  • EKS (Elastic Container Service) A cloud based management service that allows companies to use Kubernetes without having to install, operate or manage container orchestration software.
  • ECR (Elastic Container Registry) A service to manage and deploy Docker images. This is where the applications built images are pushed, to be used in the cluster.
  • RDS (Relational Database Service) A managed service by AWS, that makes it easy to set up, operate and scale a relational database. 
  • EC2 (Elastic Compute) This provides a virtual computer. Kubernetes then manages clusters of EC2 instances and runs containers on those instances to deploy, maintain and scale applications.
  • S3 (Simple Cloud Storage) This provides developers and teams with secure, durable and scalable object storage. With this we can store and retrieve any amount of data. 
  • CloudFront (CDN) Is an AWS content delivery network. It’s a system of distributed servers (network) that deliver web pages and web content to a user based on their location, origin of the web page and the CDN server. In the case of Detected, it was used for their marketing site to provide an extremely quick website that benefits from edge locations/caching. The site’s static files are stored in S3 (the origin).
Tooling:
  • Terraform enabled us to build, change and version infrastructure safely and efficiently using the infrastructure as code (IaC) tool. This was used to create the parameter store secrets, RDS database, ECR repositories, S3 buckets, dns, cloudfront domains, cloudtrail, elastic cache and users. 
  • Kong Setting up the Kong API gateway. This was used to cache dynamic content and utilisee Kong plugins such as bot detection and rate limiting. We also took advantage of being able to create a consumer in Kong (which you can think of as a client), this allowed Detected to set different rate limiting rules and different Kong plugins, like whitelist ip, individually to a client. So large and small companies could have different rate limits and plugins applied.
 Monitoring:
  • DataDog Enabled apm in Datadog and the Laravel applications, this enables Detected  to analyse throughput of specific queries/requests. Taking advantage of Laravel as a service provider, the requests can be linked to a specific controller. This allows Detected to easily narrow down long lived requests and any bottlenecks to improve throughput and the overall speed of the microservices.
DevOps:
  • Github actions: We set up a full CI/CD pipeline for each microservice that would build a docker image and install required configuration via a Dockerfile, such as install/enabling supervisor and using environment variables within docker to set FPM values.

The Result 🎉

Detected was able to go from idea to production in less than three months thanks to the support it received from the OSO team. The Detected developers are now confident about the deployment process, so much so that they have increased the velocity of their updates, previously they were hitting around two per month, in August they reached 16 releases and a further seven in September 2021.

Unlocking the next level

The rockstars at OSO also played an integral role in supporting the delivery of milestones to unlock further funding as the Detected customer base grew. Having the confidence and go-to-market solution ready, allowed the Detected board members to showcase the flexibility and more importantly the viability of the platform to investors. Without OSO’s involvement, it would have taken Detected longer to get its platform to market and subsequently missed time-sensitive opportunities. 

As Detected CTO Peter Youell said: “OSO took our startup prototype and turned it into a fully functioning platform in just three months. We’re so happy with the results.”

To learn more about our DevOps services, click here.

Get started with emerging technologies today

Have a conversation with one of our experts to discover how we can work with you to adopt emerging technologies to keep your business growing.

Book a call