About the customer

• Leading provider of connected safety solutions.
• Delivers safety products across government, commercial, and industrial sectors.
• Subject to extensive regulatory compliance requirements.

How can you outsource mission critical infrastructure without compromising compliance?

Apache Kafka® is at the heart of this safety technology company’s operations, enabling the flow of data to and from countless distributed solutions. As part of its ongoing mission to make its applications more available, reliable and resilient, the business decided to pivot away from managing Kafka in-house and instead look for external support. However, no SaaS vendors or managed service providers could readily navigate the complex requirements to deploy Kafka on Azure Government cloud – that is, none except Canonical.

Challenge

Modern safety technologies come in countless shapes and sizes, but they all have one thing in common: they produce and consume significant volumes of data. This industry leader delivers a broad portfolio of smart safety products – including safety lighting, video systems, and emergency services equipment – which are deployed as distributed applications. This makes the company’s Kafka messaging system, which enables those applications to communicate with each other and transfer data to and from the cloud, among the most critical elements of the company’s infrastructure.

The organization managed its messaging system in-house, but since Kafka was not the team’s core expertise, this led to various inefficiencies and challenges. As part of the company’s mission to continuously improve the availability, reliability, and resilience of its applications, it decided to rethink its Kafka strategy.

A spokesperson for the company explains: “With Kafka being such an important component of our architecture, we understood that we didn't have the expertise and we didn't have the proper implementation in place to get to where we needed to get. Every time we had an issue with Kafka, it could take hours to troubleshoot, which risked impacting our apps and our customers.”

The final straw was the inability to upgrade the Kafka deployment in place. Every time that the version of Kafka that the company was using was deprecated, it had to create a new cluster and migrate unprocessed data – a highly impractical and time consuming task that wasn’t sustainable long term.

“We decided that if we had to migrate again, we wanted to migrate one last time to a solution that supported in-place patching right out of the box,” says the spokesperson. “This meant refreshing the Kafka implementation, which gave us the ideal opportunity to outsource Kafka management. We wanted to work with someone who could not just provide a version of Kafka, but also maintain it and optimize it.”

Solution

The safety specialist initially explored software-as-a-service options for Kafka, but quickly realized that no SaaS vendors were capable of navigating the company’s compliance landscape. The safety sector is subject to an array of regulatory requirements, so the company operates primarily on the Azure Government cloud, and no SaaS provider was able to deploy Kafka in this environment.

It was beginning to look like the goal of outsourcing Kafka would remain out of reach; but fortunately, this was when the company discovered Canonical’s Managed Kafka. Uniquely of all the vendors that were considered, Canonical was able to deploy Kafka on top of the existing Azure Government cloud, and maintain and operate it as a fully managed service.

Canonical made sure that the company was confident the solution would work in the compliant cloud. In a series of pre-sales meetings going through technical requirements, constraints, and processes, Canonical demonstrated that it could deliver the same Kafka capabilities that would be expected on a regular commercial cloud.

Going a step further, Canonical also put the company in touch with an existing customer using the same solution. The spokesperson recalls: “That customer was fully transparent, even sharing the challenges they had encountered in implementation. We really appreciated that Canonical was willing to connect us. It helped us understand the road that lay ahead and set expectations, and gave us even more faith in the solution.”

This project was the first time that the safety technology company had used a managed service, so it did involve an element of risk. That’s why it was so important to be able to fully trust Canonical. Between the presales sessions and interviewing another customer, it was clear to the company that Canonical offered a proven solution backed by extensive expertise.

“The Canonical name also gave us peace of mind,” adds the spokesperson. “These are the guys behind Ubuntu. They know what they’re doing, and they’re not going to release something or change something that would negatively impact us”.

Results

Canonical designed and implemented a new, optimized Kafka deployment on the company’s Azure Government cloud, based on Canonical’s solution for Apache Kafka. And post-deployment, Canonical now delivers a fully managed service that covers everyday maintenance, planned changes (upgrades, patching, security enforcement) and incident recovery, ensuring that the customer can focus on its core business.

“We’re gaining significant savings per year between Kafka implementation, maintenance, and troubleshooting,” says the spokesperson. “The ticketing system works phenomenally. Canonical is very proactive and does all the heavy lifting. I can’t think of a single outage in the last year.”

Crucially, the new Kafka implementation supports upgrades in place, so whenever the business is ready to move to a new release, Canonical can seamlessly update the cluster without a disruptive migration.

From a security perspective, Canonical is taking care of monitoring for vulnerabilities and patching CVEs, both for Kafka itself and the underlying Ubuntu OS. What’s more, Canonical’s Managed Kafka helps the company remain compliant with industry regulations despite no longer managing Kafka in-house.

“Vendor management with Canonical is easy because everything is hosted in our cloud. We haven’t had any issues with any of the audits we’ve been through since outsourcing Kafka to Canonical.”

Overall service levels have also improved, leading to happier customers. The company has hundreds of microservices relying on Kafka, and in the past it had to respond reactively to ensure that applications were getting the right resources. Now, the cluster is provisioned to support all the applications on top of Kafka. Canonical’s monitoring enables the company to see well ahead of time if it’s running out of resources, so it can act preemptively to prevent any issues.

“The decision to go with a managed service has 100% paid off,” concludes the spokesperson. “Kafka was never our core focus. It would take us years to get to the level of expertise that Canonical already has.”