Successful Cloud Migration for a Voice-Controlled Medical Assistant
Nodus Medical is a healthcare startup developing a voice-controlled digital assistant for surgical teams performing an operation.
The Zurich-based company was founded by a group of leading surgeons, Air Force pilots, and technology enthusiasts. Nodus offers an aviation-inspired, tech-enabled workflow solution for surgical procedures.
Netguru partnered with Nodus, designed the UX and UI for the platform, and developed the frontend. If you want to learn more about Nodus and our first project together, read the interview with the company's former CEO Lukas Vogt.
The Nodus Medical platform is available for surgical teams in a Software-as-a-Service (SaaS) model and is being used in hospitals across Europe to streamline the surgical process by providing valuable data during the procedure while lowering the mental stress of surgeons.
Having gained strong market traction, Nodus needed to make the next step to scale their product in a secure and robust way due to the mission-critical data they provide during life-changing procedures. Nodus turned to the Netguru DevOps consulting team who successfully migrated their infrastructure to the Amazon Web Services cloud.
The challenge of proper preparation
When migrating to AWS, you need to make dozens of critical choices, from which service you should use and how to configure it, to data preparation planning.
Hiring an experienced DevOps engineer is not enough. You need a team of engineers with a broad business perspective and a lot of experience in migration planning and total cost of ownership (TCO) – migrating to the cloud is by no means an easy job.
We are specialists in DevOps and site migration. Netguru is a member of the AWS Partner Network (APN). As APN Consulting Partners we are certified experts in designing and building AWS architectures as well as migrating applications to the cloud and managing them post-migration.
Nodus Medical had to reach a number of goals:
- Easy deployment with optional scalability,
- Operational excellence,
- Essential security,
- Highest reliability & availability,
- Performance efficiency,
- Cost optimization.
Our team had to factor in all of the clients’ goals to build a robust and carefully planned site migration process.
After an in-depth analysis of the infrastructure and business goals, we designed the new architecture based on the 6 Strategies for Migrating Applications to the Cloud (6R rule) and AWS Well-Architected Framework.
Additionally, we decided to use AWS Fargate as a focal point instead of Amazon Elastic Container Service (ECS). Fargate provides the same functionalities, however, you don't have to provision, manage, and scale servers. In the case of Nodus, it proved to be a perfect solution.
Fargate makes the process of building, deploying, and managing AWS containers much easier. Containers are self-sufficient units of software (code with libraries and dependencies) that can run anywhere.
With Fargate all you have to do is package your application, specify the CPU and memory requirements, define networking and Identity and Access Management (IAM) policies, and launch the application.
AWS accounts setup
We decided to use a single master AWS Organizations account (instead of multiple accounts - one per environment) for easier maintenance. All environments running the application are separate. They are running on isolated Amazon Virtual Private Clouds (VPCs), which provides a level of isolation between the different organizations.
We also included another AWS account that is a part of this Organization (called Black Hole) where all of the logs and audit data will be stored. We can change this configuration anytime if the platform needs to scale up.
We want to make the lives of surgeons easier by eliminating as many organizational and administrative tasks as possible so they can focus on taking full care of their patients
Former CEO at Nodus Medical
For the time being, we did not enable replication in the Amazon Relational Database Service (RDS) to optimize cost. If the traffic increases in the future, we'll use replication to handle it.
Security and Compliance
The staging database is encrypted and the default key management service (KMS) is used to keep the keys secure.
For logging, we used AWS CloudWatch Logs, which let you centralize the logs from all of your systems, applications, and AWS services that you use, in a single, highly scalable service.
Additionally, to further strengthen security and operational excellence pillars, we implemented AWS CloudTrail to log all activities within the architecture. This data is used to determine potential security risks, internal compliance, and easy troubleshooting, as all recent changes can be tracked and, when necessary, reverted to a previous state.
Reliability and Availability
High availability is critical in the healthcare industry. In Nodus it is guaranteed by utilizing three availability zones (AZs) within the Frankfurt region (eu-central-1) with the same set of services in each subnet.
The databases on production have multiple availability zones enabled. In case of availability zone failure, the downtime shouldn’t be higher than 5 minutes. AWS Disaster Recovery is initiated if recovering a database is not available for more than 30 minutes.
We used DataDog, an external tool, to provide action per minute (APM) monitoring in addition to enhanced application and infrastructure diagnostics.
DataDog enables more detailed monitoring. Additionally, people interested in application-related monitoring no longer need access to the AWS Management Console.
DataDog is connected with the Nodus Medical AWS account via Amazon Web Services integration. That also includes integration with AWS Fargate - the cornerstone of the whole infrastructure.
To ensure reliability and availability of the database, four key metrics are monitored in Amazon CloudWatch:
- CPU utilization,
- Database disk queue,
- Database free storage space,
- Database freeable memory.
Based on these metrics and configured CloudWatch alarms it’s easier to maintain proper database instance performance.
Continuous Integration & Continuous Delivery
Thanks to CI and CD development practices the application code is integrated into a single repository and then delivered to production continuously.
New features are available instantly and bugs can be fixed in no time. We implemented a CircleCI workflow and the whole process is centered on branch switching between the development and production environments.
Optimization & Flexibility
We have migrated Nodus Medical into an infrastructure that's designed to perfectly meet the needs of the application at their stage of business development.
The solution is optimized for:
Netguru was able to provide clear Total Cost of Ownership and ensure easy deployment and high availability for the critical nature of the services Nodus provides.
Full AWS account set-up was completed, providing separation between databases, and CloudWatch was implemented to further enhance security. The infrastructure was carefully planned to offer high availability zone coverage and DataDog was used to monitor actions per minute, giving Nodus even more clarity on their application.
CI/CD was also used to allow new features to be deployed automatically with no interruptions to service, giving Nodus a highly robust configuration tailored to their needs.