AWS Amazon Web Services

A Well-Architected review: what to expect

As businesses move more of their processes to the cloud, it becomes crucial to adhere to best practices for security, performance, or cost optimization. Recognizing this need, public cloud providers have provided frameworks to assist partners and customers in evaluating architecture designs against important criteria such as efficiency and reliability.

In this article, Sebastian Gavril, Engineering Lead at Levi9, takes a closer look at Amazon Web Services’ (AWS) “Well-Architected Framework,” which provides customers with a consistent approach for measuring their architectures against best practices and identifying areas for improvement.

What is the Well-Architected Framework?

The Well-Architected Framework provides a set of pillars – foundational concepts – that relate to critical aspects customers should consider when building cloud architectures. “It’s an architectural framework for designing and running workloads in the cloud”, explains Sebastian Gavril. He explained that a workload could encompass anything from a simple “to-do list” application to a complex e-commerce platform.

The framework aims to guide companies in implementing best practices across six key “pillars”: Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability. These pillars provide design principles, best practices, and questions to ask to determine how well an architecture is aligned.

The evolution of the Well-Architected Framework

The idea of Well-Architected originated in 2012 when AWS experienced a major outage that impacted many customers – but not all. “In 2013, a team of AWS solution architects investigated why some customers were affected by the outage while others continued business as usual. They noticed the group not impacted was doing certain things in a particular way,” notes Sebastian.

AWS formalized their findings into the first version of the Well-Architected Framework in 2014, originally consisting of just the first four pillars (Operational Excellence, Security, Reliability and Performance Efficiency). Amazon kept adding to the framework over the next few years, releasing Cost Optimization in 2016 and Sustainability in 2021. They also developed a Well-Architected Tool to facilitate reviews in 2018.

Sebastian stresses that the Well-Architected Framework reflects emerging industry consensus, not just the opinions of AWS. Five of the pillars – Operational Excellence, Security, Reliability, Performance Efficiency and Cost Optimization – are common across all major providers, which include not just AWS but also Azure and the Google Cloud Platform.

The 6 pillars of Well-Architected

Operational Excellence

The first pillar focuses on the operational aspects of running cloud workloads efficiently. “It means the ability to run, administer, and monitor systems that add value,” Sebastian explains. One example of a design principle in this pillar is the ability to anticipate failures before they occur. “No one deploys code to production, hoping nothing bad happens.” Proactively monitoring for failures allows companies to achieve operational excellence.

Security

This critical pillar focuses on system and data security. One of its guiding principles may seem counterintuitive. Sebastian sums it up nicely: “Keep people away from data.” Rather than relying on error-prone manual processes, people in companies should manage data through automated tools and systems with proper access control policies.

Reliability

Reliability emphasizes building applications that both “perform the intended functions and quickly recover to meet changing demands,” as Sebastian puts it. A best practice under this pillar is to automatically recover from failure, thereby avoiding business disruption.

Performance Efficiency

This pillar deals with getting optimal performance from cloud infrastructure. One of its design principles involves democratizing access to advanced technologies. Sebastian explains that companies should leverage managed services whenever possible rather than spend precious time on lower-level infrastructure management.

Cost Optimization

As cloud platforms have variable pricing, cost optimization requires continuously monitoring expenditure and right-sizing usage to meet business needs. Well-Architected Frameworks include, for example, an organizational role for cloud financial management, that blends business and technical acumen with financial concerns.

Sustainability

As the most recent pillar, sustainability focuses on minimizing the environmental impacts of cloud usage. Companies should architect solutions that avoid downstream waste. As one example, Sebastian said that software updates should not force customers to discard still-functional devices.

Lenses for Focused Analysis

In addition to the standard framework, AWS offers different “lenses” tailored to various types of workloads, like serverless applications and machine learning systems. “Lenses allow you to look at a workload from a particular perspective. For example, if you have a serverless workload, some standard questions like ‘how do you patch servers’ don’t make sense since there are no servers!” says Sebastian.

 

Some of the lenses available beyond the default include Healthcare Industry, IoT, Data Analytics and many others. Further, AWS customers and partners can create custom lenses tailored to their industry or based on an internal workload classification system.

Why conduct Well-Architected reviews?

Sebastian learned a precious lesson about conducting reviews as early as possible when building his own house. “I simply thought a balcony would be nice. But I did not consider the time we’d spend cleaning it, or I might have skipped the balcony. That was easier to do in the project phase; it’s much more difficult now.” This is why he advises that “it’s better to review sooner rather than later.”

There are three compelling reasons why a review may be the best option:

1. Identify issues early: It’s much easier to address gaps in reliability, security, etc. if they are spotted early in the development process.

2. Most workloads can be improved: Few companies score perfectly across all pillars. Reviews uncover areas needing enhancement.

3. Credits for customers: Customers can earn up to $5000 in AWS credits by fixing high-priority issues uncovered during official reviews.

How to conduct Well-Architected reviews

To properly conduct a Well-Architected review, Sebastian emphasizes that it should not be an audit-focused exercise. “You don’t have yes-or-no answers. We try to have an honest, constructive discussion.”

The team involved should include at least a technical lead and a business-minded team member. Levi9’s Well-Architected consultants can also provide guidance for framing questions and suggestions for best practice guidance. Unlike an audit, the purpose is not to pass with flying colors but rather to identify potential risks or improvements that should then be tracked and addressed.

Additional resources for Well-Architected Framework

Free hands-on workshops https://wellarchitectedlabs.com/

The AWS Well-Architected Map: https://wa.aws.amazon.com/wat.map.en.html

A Well-Architected review demo

You can use the Well-Architected Tool both to review your cloud applications and as a “reality check” on how robust your cloud architecture is. Here is a brief description of what you can expect during a Well-Architected review.

1. Define a workload

Go to the Well-Architected Tool and define a workload by giving it a name and description. For example: “Work From Office Application.”.

Select attributes like owners, regions, accounts, etc.

2. Activate Trusted Advisor

Within the Well-Architected Tool, activate the AWS Trusted Advisor. This will integrate recommendations from Trusted Advisor into some of the Well-Architected questions.

3. Apply relevant lenses

The “Well-Architected Framework” lens is selected by default, providing the core Well-Architected questions.

For this demo, we select another lens, such as “Serverless,” so we can see how serverless-specific questions apply here.

4. Answer questions

Each of the six pillars, like security, reliability, etc., has a set of questions you must answer. For example, one question in the Cost Optimization pillar asks, “How do you decommission resources?”. On questions like this, answers might be dependent on each other. For example, if you answer that you “Implement a decommissioning process,” you also need to have “Track resources over their life time “ selected.  You can also choose none of the options and skip most of the questions, in which case Sebastian warns that your scores will be very low.

5. Use Trusted Advisor for a reality check

Some questions integrate with Trusted Advisor. This integration checks your answers against actual configurations.

As an example, let’s take a look at the 5th question in the Security pillar. The question here is, “How do you protect your network resources?” If you chose “Control traffic at all layers,” you have the option to activate the Trusted Advisor integration and check the answer against reality. The tool might find some vulnerabilities that you were not aware of and point out that you have certain security groups for which traffic is not controlled. The integration alerts you to where you are missing insight about your cloud workload.

6. Apply lenses

If we apply a custom lens, such as Serverless, we also get a series of questions focused on serverless apps. One such example would be “How do you build resiliency into your serverless application?”— a  question that only makes sense in this particular case.

7. Use recommendations

Upon completion, the tool provides a visualization of the medium and high risks for each pillar. In Sebastian’s experience, the reliability pillar is the most riddled with risks. However, the tools also provide recommendations and insights to improve the workload’s alignment with best practices based on your answers.

By implementing the Well-Architected Framework early in the process, companies can feel confident that their cloud-based applications meet the highest standards for security, reliability and operational excellence. To prove his point, Sebastian likes to quote Jeff Bezos on this: “Good intentions never work. You need good mechanisms to make anything happen.”


Levi9 and Bizzdesign Join Forces to Amplify Enterprise Transformation Success Rates

Levi9 and Bizzdesign Join Forces to Amplify Enterprise Transformation Success Rates

From: Ben Ruck, Industry Director at Levi9

Levi9 has partnered with Bizzdesign, the creators of the powerful Enterprise Architecture Platform, to elevate the success metrics of enterprise transformations, strategic investment allocations, and risk management. This strategic collaboration is set to leverage the robust engineering expertise of Levi9 to enhance the Bizzdesign platform’s promise of enabling enterprises to “see the full picture, find the right path, and execute with confidence”.

With a common goal of assisting complex organizations thrive amidst change, the alliance looks to blend Levi9’s expertise in CloudOps, technical innovation, software development and seasoned talent pool with Bizzdesign’s intelligent architecture platform. This synergy aims to broaden and accelerate the evolution of the Bizzdesign’s SaaS platform, delivering higher strategic alignment between business and IT strategies.

Levi9’s involvement stems from its well-established track record of fostering long-term partnerships with clients, constantly enriching technical platforms while aligning with the product architecture & strategy. Their commitment to best engineering practices will accelerate Bizzdesign’s mission of facilitating swift business transformations, data-driven decision-making, and a collaborative environment from architects to the C-level cadre.

“Our partnership with Bizzdesign is a testament to our goal of aligning technical innovation with strategic business objectives,” said Ben Ruck, Industry director at Levi9. “We are proud to contribute significantly to the expansion and acceleration of Bizzdesign’s platform, reinforcing its commitment to simplified, agile enterprise architecture, and strategic investment allocation.”

The Bizzdesign platform stands as a vanguard in driving strategic coordination, data integration, multi-disciplinary collaboration, and advanced analytics, all under robust governance and security protocols. This partnership will see Levi9 playing a pivotal role in augmenting these capabilities, ensuring enterprises benefit from a more intuitive modeling environment, enhanced data management, and superior analytics and visualization tools.

“We are excited about the endless possibilities this collaboration with Levi9 brings forth. Their technical expertise aligns with our vision of empowering enterprises with agile architecture, and we look forward to redefining the landscape of enterprise transformation together,” said Peter Matthijssen, CTO of Bizzdesign.

Clients can expect a reinforced architecture platform capable of delivering more precise models and roadmaps, streamlined data integration, impactful analytics, and a collaborative environment fostering effective decision-making and implementation.

Bizzdesign is a premier provider of Enterprise Architecture solutions, aiding organizations in seamlessly navigating through business transformations. With its innovative platform, Bizzdesign has been instrumental in boosting the success rate of strategic investment allocation and risk management, empowering enterprises with a clear line of sight from decision-making to implementation.


E-Commerce product image background removal with machine learning

High-quality product images are critical for e-commerce sites. Clean backgrounds allow customers to focus on the products and provide a sense of consistency. However, manually removing or replacing backgrounds is an expensive and time-consuming process. Levi9’s data scientist, Simona Stolnicu, automated this process using deep learning image segmentation models. She improved the client’s time for image processing 36.000 times over—from 12 hours to 1.2 seconds for hundreds of images.

Levi9 worked with Wehkamp, a rapidly scaling e-commerce site, to better manage product image background removal. With over half a million daily visitors generating up to 30,000 transactions, Wehkamp processes orders amounting to €3 million in sales each day. Their catalog contains over 400,000 distinct clothing products. Wehkamp adds 10,000 new product listings every month, requiring an efficient system to handle the product images.

Wehkamp used to pay a contracted service up to twelve hours for each batch of several hundred images to be manually edited and prepared. The delivery deadlines were also frequently pushed back. This delay prevented new products from being added to the site promptly, which hampered the rapid iteration that was essential to the business.

Levi9 aimed to reduce the manual post-processing delay by creating its own model to separate products from their photo background. The technical challenge faced by Simona and her colleagues was training an algorithm to generate masks for images in order to delete the background of the apparel photos.

The machine learning project had five phases: data ingestion, data preparation, model training, model deployment, and monitoring.

Data ingestion: quality is key

The data ingestion phase was focused on developing a robust, accurate dataset. As Simona put it, “the first step in any machine learning project is gathering quality data.”

Levi9 obtained a set of 32,000 product images along with their corresponding human-made masks from Wehkamp’s third-party processing vendor. This “ground truth” data served as the predictive model’s target variable. These pairings between the real image and the binary mask would be used to test various technical solutions, types of algorithms, and finally to find the deep learning solution and train the algorithm.

Data preparation: clustering for better performance

The data ingestion phase was focused on developing a robust, accurate dataset. As Simona put it, “the first step in any machine learning project is gathering quality data.”

Levi9 spent a significant amount of time and effort preparing the dataset before training could begin. “We went through several stages of work,” Simona Stolnicu explained. “We manually analyzed the images, and then we noticed visually on certain sub-samples that the images are quite different, with far more pants than beach clothes.”

Based on preliminary tests, the team noticed that this variety affected algorithm performance and decided to cluster the images in several categories: long pants; shorts; short-sleeved tops or dresses; long-sleeved tops or dresses; beachwear, sportswear, accessories; and white-color products. All samples were resized to the same dimensions to ensure a consistent image size of 320×320 pixels.

Clustering was done using a semi-automated process that used principal component analysis (PCA) and k-means to group products into visually and stylistically similar categories. Afterwards, the team employed manual verification to polish the goups further.

Some images required augmentation during this stage due to the low contrast between the object of the image and the background. The team tested several augmentation techniques, such as vertically flipping the images or cropping, and performed small initial tests with the algorithm to find the optimal combination between the augmentation techniques and image segmentation.

In total, the team prepared a dataset of 32,000 images grouped into six product clusters. They used approximately 26.000 images for actual model training and 6.000 images for model validation.

Model training: finding the right architecture and performance metrics

To find the most suitable neural network architecture for the task, Simona did some research on the most popular State of the Art papers in the field. After experimenting with MaskRCNN and BASNet, Levi9’s data scientist found inspiration in a paper published in 2020 that detailed an image segmentation architecture called U^2-Net. “The architecture has a U shape, and in each block, the image is processed again in a U shape. Then each block returns a binary mask prediction, and all of these are aggregated together to obtain the final prediction,” explains Simona.

The U-net architecture proposed in the paper can be trained from the ground up to perform competitively. The innovative architecture enables the network to dig deeper and achieve high resolution while reducing memory and compute costs dramatically.

The core idea of training an image segmentation model relies on providing the algorithm with the original image to let it compute the image mask for background removal and then compare the model output with a human-made, validated image mask.

The optimization metric for this comparison is the so-called Intersection over Union (IoU) percent, which measures the similarity percent between the algorithm-generated mask and the real mask. It takes the two masks and calculates the area of the joint images and the area where they intersect. The higher the overlap, the better the IoU score. And the higher the IoU score, the more performant the algorithm is, explains Simona.

The Levi9 team aimed for a score of over 99%. After each round of training, the score would be checked and fed back to the algorithm so that it could adjust its weights for the upcoming training epoch.

The model was taken through 30 such training rounds, or epochs, which took 9 hours. To accelerate the model training, the team split the training data into several batches and used the Horovod library for distributed, parallelized processing across 20 single GPU machines. After each Horovod averages the scores computed on each device after every batch, it automatically adjusts algorithms on each machine.

After 24 rounds, the model had already achieved a 99% IoU score, but training continued for six more epochs. The final model reached a 99.4% score, with the highest score for images of shorts and the lowest score for white-colored clothes and beachwear. Careful inspection revealed remaining errors stemming primarily from low-contrast products or thin straps or details.

Deployment: instant triggers for background removal

Following successful training, the model was deployed in production using AWS Lambda functions. Any delay was eliminated by configuring a trigger function to fire at each new upload of a product image. This immediately passes the visual asset through a pipeline that checks for the product type and proceeds with the background removal step.

After this process, a team takes control of the image and uploads it to the website. Due to minor errors in the algorithm, about 600 images out of 10.000 still need manual adjustment. They are most commonly associated with low-contrast images, clothing that is the same color as the background, and very thin straps where the shadow may be the same color as the strap.

Ongoing maintenance: monitoring for decreased performance

The model’s performance is likely to deteriorate over time. This is why, in an ideal pipeline of production, the performance of the model should be carefully monitored, and lower IoU scores should trigger a retraining on new sets of data. Even a 6% error rate on real images could be significantly reduced with careful data set curation and adjustments.

After one and a half years of work, the deep learning algorithm now handles the majority of background removal for the e-commerce store. The model has been in production for over a year and flawlessly processes over 94% of product images without the need for manual intervention. The system has transformed the image processing workflow at Wehkamp, allowing for faster product launches and accelerating business growth.


Green News from Arch9!

🌳 Green News from Arch9!

Amsterdam, November 24, 2023

As part of our commitment to a greener future, we teamed up with Trees For All for this year’s #Arch9.

In the spirit of Green Friday, we promised to plant a tree for each attendee. We’re thrilled to announce that thanks to your participation, we will be planting 🌱 149 trees!  This is a small step towards a bigger goal, but every tree counts in making a positive impact on our planet.

A huge thank you to all our attendees for making this possible. Let’s continue to innovate and grow, both in technology and in our efforts to preserve our environment.


What to know before you migrate your business to the Cloud

Moving your business from your office servers to the cloud is quite similar to moving your home to a new neighborhood. You wouldn’t do it without the extensive planning and preparation required to ensure it’s the right long-term move. You might compare prices, figure out how well connected the region is, and determine whether it’s a safe area. Most of all, you will want to hear some informed opinions before taking this step.

For cloud migration, we recommend you listen to Teodor-Octavian Frunză, Levi9’s.Net software developer, who has more than 4 years of experience in cloud development. His most precious insights? Research thoroughly, prepare meticulously and don’t be afraid to experiment.

 

What is cloud migration?

At its core, cloud migration involves transitioning IT infrastructure and applications from on-premises data centers you own and control to renting already-scaled resources from a public cloud provider over the internet. There are three primary cloud service models to choose from:

  • Infrastructure-as-a-Service (IaaS): The cloud provider manages the physical hardware like servers, storage, and networking, while you control and configure the operating systems, applications, security, and storage. It’s like renting the walls and roof when moving to a new home.
  • Platform-as-a-Service (PaaS): The provider handles everything up through the runtime environments, databases, and middleware, while you just focus on the applications and code. This is akin to renting a furnished apartment ready to move into.
  • Software-as-a-Service (SaaS): The provider manages the entire software application, which users access over the internet. You simply use the software on a subscription basis. Think of this as renting a single room that’s fully furnished and decorated.

In addition to the public cloud, there are also private cloud options run on internal data centers, as well as hybrid models combining public and private.

Why migrate to the cloud?

Just like moving your home, choosing a new host for all your data and workflows can lead to savings, more flexibility, and being more welcoming to guests. But it’s a big move, and you must properly consider it first.

“The cloud can drastically reduce infrastructure costs compared to buying and maintaining your own hardware,” Teodor says. “It also enables much greater agility to scale capacity up or down as needed.” These advantages drive most companies to embrace some form of cloud transition.

The abundance of cloud offerings allows organizations to offload IT responsibilities at varying levels, freeing up resources to focus on core business goals.

Here are some of the main advantages:

  • Reduced infrastructure costs by eliminating expensive on-premises hardware, facilities, and maintenance
  • Increased business agility and ability to scale to meet demands. Cloud capacity can be adjusted dynamically.
  • Avoid end-of-life systems, as cloud providers manage upgrades behind the scenes.
  • Improved availability and resilience. The cloud leverages distributed resources across multiple data centers.
  • Enhanced customer experience capabilities as needs rapidly change.

Planning: see the neighborhood first

As Levi9’s cloud expert emphasizes, “Planning is key.” Migrating without careful preparation can lead to unexpected costs, technical debt, and other issues. Teodor outlines three essential planning phases:

  • Migration readiness assessment: Analyze on-prem environment, business needs, costs/ROI, and candidate cloud models.
  • Migration planning: Select cloud type, providers, design target architecture, address unknowns, and build a detailed roadmap.
  • Implementation: Follow the roadmap, migrating systems, and data in phases. Adapt as needed, but jumping straight into implementation without thorough planning is risky.

Just like warming up to the idea of choosing a new home on both economical and lifestyle factors, your cloud assessment should cover both business and technical considerations.

Skipping or cutting corners at any phase can derail projects, Teodor-Octavian Frunză warns. “Proper planning is absolutely critical,” he says. “You can do some patchwork, but avoid relying on it. Because of time constraints, you might end up with a system that is not secure enough or does not have the proper architecture.”

Metrics: prepare for a lifestyle change

After you’ve moved into a new home, you can’t take the same road to groceries anymore. You need to find new ways to go shopping, to work, and to measure distances. Similarly, cloud migration involves fundamental shifts in mindset and metrics.

“Working in the cloud involves distributed, event-based systems, which implies changing the way the data flows through the system and how it is monitored,” explains Teodor.

Some key considerations include:

  • Adopting asynchronous and parallel programming to leverage cloud-native architectures.
  • Focus on new critical metrics like fault tolerance and data consistency rather than just response times.
  • Take advantage of auto-scaling; make sure to be cost-optimized.
  • Rely heavily on extensive logging, monitoring, and analytics. Traceability is critical.

Security: don’t rely on the neighborhood watch

While the cloud offers many security benefits, risks must also be addressed. Much like a gated neighborhood, a cloud provider has better out-of-the-box security, but it can still be breached. With GDPR and its feisty fines in mind, Levi9’s cloud migration enthusiast advises security must be baked into cloud application design and configured correctly for each cloud service model.

“When we are working on premises, we have the data in our ecosystem, which means that we have full control over who accesses it and from where. However, in a cloud environment, the data stays somewhere else on a server, which is not in your ecosystem”, warns Teodor. However, the responsibility of protecting sensitive and personal data falls on you.

Some steps to keep data secure include:

  • Implement least privilege access strictly, to only give access to the only required permissions at a given time for a given use.
  • Encrypt sensitive data in transit and at rest.
  • Follow regulatory compliance requirements like GDPR to avoid heavy fines for violations.

Walk around before jumping on the Cloud

Would you move to a country, city, or area you’ve never visited before? Based on his extensive experience in cloud migration, Teodor-Octavian Frunză advises you to embrace the same attitude when it comes to choosing a cloud provider. “Always research various services and experiments. Don’t stop at the first option.”

Each cloud product has technical limitations and tradeoffs. Look for:

  • Quotas such as timeouts, request sizes, and maximum concurrent instances
  • Tradeoffs between pay-as-you-go versus dedicated instances in terms of cost savings versus performance.
  • Variations in metrics related to specific programming languages.

In the end, a new house must fit and serve you above all considerations. For the cloud, take Teodor’s advice: “Choose what best fits the business case”.


Levi9 and Bookaball Announce Strategic Partnership to Revolutionize Racket Sports Venue Management

Levi9 and Bookaball Announce Strategic Partnership to Revolutionize Racket Sports Venue Management

Amsterdam, October 31st, 2023
From: Wesley de Leeuw

We are thrilled to announce a strategic partnership with Bookaball, a pioneering SaaS platform transforming racket sports venue bookings, operating particularly in today’s booming Padel industry.

This collaboration aims to leverage Levi9’s deep technological expertise and Bookaball’s innovative platform to further empower venue owners. The synergy is expected to optimize venue occupancy, amplify revenues, streamline operations, and deliver unparalleled booking experiences.

“Levi9 has always believed in the endless possibilities of technology. Partnering with Bookaball, an emerging leader in the racket sports venue management space, aligns perfectly with our vision of making impactful contributions to businesses and, by extension, the world,” said Wesley de Leeuw, Account Manager at Levi9.

Bookaball, positioned at the intersection of sports and technology, is on a mission to provide venue owners with the best booking software and customer service. “Our collaboration with Levi9 will usher in a new era of innovation, making venue management seamless and efficient.” said Duco Smit, Managing Director at bookaball.

With a shared dedication to customer focus and a history of industry excellence, both companies are thrilled to redefine the standards of the racket sports venue booking industry.

About Bookaball

Bookaball is an innovative booking platform for racket sports venues worldwide, enhancing user experiences with features like Shared Payments and Open Matchmaking – enabling players to connect with potential playing partners directly through the app. It’s user-friendly system helps maximizing revenues by enabling players to book series and trainings online, and offering automated access control – all designed with venue owners in mind.


Levi9 Enters Partnership with Van Kaliber Software for Software Development

Levi9 Enters Partnership with Van Kaliber Software

From: Kristel van der Velden, Account Manager at Levi9

We are happy to announce our collaboration with Van Kaliber Software, which develops and manages software solutions for archive management and digital sustainability. This partnership aims to enhance the competencies of Van Kaliber Software with Levi9’s expertise in creating unique software and pioneering digital solutions tailored to the needs of its customers.

Van Kaliber Software originated from Van Kaliber B.V., known for its results-driven approach in ICT, information management, and digital archive management. They continually seek innovative ways to improve their services. This partnership emphasizes that objective.

Levi9, known in the Dutch market for excellent service, customer satisfaction, and a distinctive corporate culture, supports Van Kaliber in developing progressive digital products and scaling up their software infrastructure.

“We are delighted to collaborate with Van Kaliber Software,” says Kristel van der Velden. “Our partnership combines the expertise of Van Kaliber Software with the IT knowledge of Levi9. Together, we aim to achieve digital advancements that resonate with today’s dynamic landscape.”

“We are very pleased with our collaboration with Levi9,” say Marita Langerak and Carlo Huigen. “This partnership enables us to realize our innovative solutions, such as the development of our new app Bitstop, through which our customers gain access to advanced solutions ensuring the sustainability and accessibility of their digital archives.”

As both companies prioritize the needs of the customer, this collaboration promises to deliver outstanding value.

Van Kaliber Software develops and manages software solutions for archive management and digital sustainability. The company possesses the expertise to create innovative solutions for the government sector. Their approach, characterized by strong customer engagement and a structured, results-driven strategy, has fortified their position as leaders in ICT, information management, and digital archive management.


Levi9 Technology Services achieves Google Cloud Services Partner status

Levi9 achieves Google Cloud Services Partner status

From: Wesley de Leeuw, Google Cloud Partner Lead, Levi9

We are happy to announce a significant milestone in our journey towards providing top-notch cloud solutions. Levi9 Technology Services has officially attained Google Cloud Services Partner status, further strengthening our cloud agnostic capabilities.

This accomplishment represents a testament to our commitment to offering the most comprehensive and versatile cloud solutions to our customers. As a Google Cloud Services Partner, Levi9 gains access to a wealth of resources, expertise, and support, empowering us to deliver cutting-edge solutions on the Google Cloud Platform.

What does this mean for Levi9 and our customers?

Expanded service portfolio: Levi9 can now offer an even wider range of cloud solutions, including data analytics, machine learning, and application development, leveraging Google Cloud’s powerful services.

Enhanced Cloud agnostic approach: Our cloud-agnostic strategy ensures that we can choose the best cloud platform for each project’s specific needs. With expertise in Google Cloud, we’re equipped to provide tailored solutions for diverse customer requirements.

Access to innovative technologies: Becoming a Google Cloud Partner gives us access to the latest advancements and innovations in cloud technology, ensuring that our customers benefit from state-of-the-art solutions.

Reliable support: We can tap into Google Cloud’s extensive support network, allowing us to provide exceptional assistance to our customers throughout their cloud journey.

Cost-effective solutions: With expertise in multiple cloud platforms, we can help customers optimize costs by recommending the most cost-effective cloud provider and services for their projects.

At Levi9, we are committed to staying at the forefront of technology and providing our customers with the best cloud solutions tailored to their needs. Achieving Google Cloud Services Partner status is a significant step in this direction, and we look forward to the opportunities and innovations it will bring.

Levi9 Technology Services is your trusted partner for cloud solutions. Contact us today to learn more about how we can help you navigate the cloud landscape and achieve your business objectives.


GitHub Actions: Serverless on Google Cloud

Serverless computing through the Google Cloud Platform (GCP) is a great option for companies looking to host applications in the cloud without managing servers. GCP’s App Engine and Cloud Run allow apps to scale automatically in a cost-effective way.

App Engine was GCP’s original serverless platform, allowing autoscaling, automatic infrastructure setup like domain mapping, and supporting most of the common programming languages out of the box. Cloud Run and Cloud Functions became the more popular alternatives, as they improved upon App Engine as a more flexible option.

Developers can further increase this ease of use by automatically deploying updated versions via GitHub Actions in response to commits in a GitHub repository.

In this guide, I will explain how to set up GitHub Actions to continuously deploy an app on the Google Cloud Platform. The guide uses App Engine, as it is based on a real-life use case for a client who already had this set-up, but keep in mind that these steps can also be adapted to deploy to Cloud Run or Cloud Functions.

 

Setting up GitHub Actions

This article assumes you already have a GCP and GitHub working setup and that your account has all the necessary permissions to perform the actions in the article.

First, add a GitHub Action Definition file to your project:

Then, give the action a name, specify the permissions, and specify the branch that the action will be triggered from.

     name: Build and Deploy to App Engine

     run-name: Deploy to App Engine by @${{ github.actor }}

         on:

              push:

                     branches: [ “gcp-deploy” ]

TIP

Typically, the main branch is used as the default for smaller projects. However, if you only want releases to happen on demand, you can create a new branch with a different name, as I did for this demo, and push from the main to this branch for a new release.

The next step is to add job details and the checkout, auth, and deploy-appengine actions from the Actions marketplace. The GCP auth action utilizes Workload Identity Federation, an OAuth-based implementation. This allows the GitHub runner executing the workflow to perform actions on your GCP project.

Setting up authentication and required APIs

We are almost ready to test this out. However, since the workflow utilizes Workload Identity Federation (WIF) for authentication, a service account and provider will need to be configured if you don’t already have them in place. The setup can be done via the Cloud Console or using the gcloud Command Line Interface (CLI) as explained here.

Additionally, you’ll need to enable the App Engine Admin API, so head over to the Cloud Console -> APIs & Services -> Google App Engine Admin API and enable that.

Configuring secrets

The job configuration is managed in the Action file using environment variables and secrets, which must be configured in the repository’s Settings -> Secrets and variables -> Actions. It’s good practice to configure these keys per environment. The separate environments will need to be created if they don’t exist before defining the variables.

I chose Environment secrets for privacy reasons. Be sure to fill in the correct values for GCLOUD_PROJECT_ID, WIF_PROVIDER, and WIF_SERVICE_ACCOUNT. You should have the Identity Federation values from the initial set up of WIF, but they can also be fetched: you can use the CLI or the Cloud Console by navigating to IAM & Admin -> Workload Identity Pools and Service Accounts.

Performing a test run

Now everything is in place for trying out the workflow. Since I configured the Action to only run when there are commits on the “gcp-deploy” branch, let’s add some code that we can deploy.

I used the Quickstart for Node.js in the App Engine flexible environment sample code from the official Google App Engine docs available here, but you could use any existing application code.

Assuming you are using the node.js sample app from above, add the following to the Action file in order to have a working setup.

    jobs:
       build-image-and-deploy:
          runs-on: ubuntu-latest
          environment: staging

          permissions:
              contents: ‘read’
              id-token: ‘write’
          steps:
              – name: Checkout
              uses: actions/checkout@v3

              – name: ‘Google auth’
                 id: ‘auth’
                 uses: ‘google-github-actions/auth@v1’
                 with:
                     workload_identity_provider: ‘${{ secrets.WIF_PROVIDER }}’
                     service_account: ‘${{ secrets.WIF_SERVICE_ACCOUNT }}’

              – name: ‘Deploy to App Engine’
                 id: ‘deploy’
                 uses: ‘google-github-actions/deploy-appengine@v1’
                 with:
                    project_id: ‘${{ secrets.GCLOUD_PROJECT_ID }}’
                    deliverables: app.yaml

Once that is done, just create or checkout the “gcp-deploy” branch and push some code to it. This will trigger the build and the deployment to App Engine.

If all is well, you’ll see that the OpenID Connect integration is working through the Workload Identity Federation. WIF enabled seamless authentication between the GitHub Actions workflow and the Google Cloud service account, so we were able to run the build and deploy our service.

The source code for this article can be found here.

The advice was tested and summarised by our engineering lead from the Iasi office, Codrin Baleanu.


Levi9 and GiftShift Collaborate to Develop Donation Platform

Levi9 and GiftShift Collaborate to Develop Donation Platform

Amsterdam, October 3rd, 2023

Levi9 Technology Services and GiftShift, a Utrecht-based startup dedicated to bettering the world, proudly announce a new partnership. As part of this alliance, Levi9 will develop an advanced donation platform with GiftShift to enhance the positive impact of charitable organisations and donations.

Addressing Challenges and Enhancing Engagement

GiftShift recognises the challenge charities face in engaging and retaining younger demographics, despite this generation’s ongoing intention to contribute to a better world. Research has shown that flexibility, transparency, and user-friendliness are essential to engage (young) donors.

Inclusive Collaboration for Impact

Therefore, GiftShift provides a new channel that meets these needs for both charities and donors. Collaborating closely with a consortium of charitable organizations, including KWF, Greenpeace, Red Cross, Oxfam Novib, Doctors Without Borders, and Bird Protection, GiftShift operates from a shared vision. “Both the consortium and GiftShift welcome more charities to join this movement, especially because that’s what our target audience is asking for,” says John van Pijkeren, co-founder of GiftShift.

Expanding Reach through Commercial Collaborations

In addition to partnering with charities, GiftShift also collaborates with (commercial) organisations to increase visibility and, consequently, donations to charitable causes. “Through these fruitful partnerships, we are present where the audience is, lowering the threshold to ‘do good’. Moreover, it provides organisations a straightforward and accessible way to be socially involved and contribute to a better world,” asserts John van Pijkeren.

Leveraging Technology for Social Good

The donation platform that Levi9 will develop for GiftShift allows charities to benefit from advanced technology and innovative features. Offering flexibility, transparency, and ease of use to both donors and charitable organizations, the platform ensures the donation process is smooth and effective. This enables charities to continue their vital missions and contribute to positive change.

Shared Visions and Ambitions

The donation platform that Levi9 will develop for GiftShift allows charities to benefit from advanced technology and innovative features. Offering flexibility, transparency, and ease of use to both donors and charitable organizations, the platform ensures the donation process is smooth and effective. This enables charities to continue their vital missions and contribute to positive change.

About GiftShift

GiftShift, a Utrecht-based startup founded by Jelle Heijman, Richard Ritsema, Thierry de Groot, Jordy Dekker, and John van Pijkeren, is driven by entrepreneurship and the desire to bring about sustainable and positive change. With a mix of expertise in strategy, marketing, data, design, and technology, GiftShift seeks collaborations that create real impact and contribute to a better world.

Levi9’s Contribution to Society

Levi9, with years of custom software development experience, sees the partnership with GiftShift as an opportunity to employ their technological capabilities for a socially important cause. Through the development of the donation platform, they aim to make a positive contribution to society and support charities in their efforts.

Looking Toward the Future

Both organisations look forward to a long-term collaboration and are committed to improving the world together by combining innovation, technology, and social engagement