PatchKit conquers the gaming world with Chaos Gears’ optimization tips

Opportunity Improving customer experience with better performance

PatchKit is a Polish startup that has been dynamically evolving since 2015 with investment and support from The Knights of Unity and CShark. They operate a SaaS model solution built in the cloud, providing a game-oriented content distribution service that comes with a launcher and marketplace-related web services. The game distribution service has reached over 800 customers, and this number is constantly growing.

Continuity of content delivery is a key requirement for independent game developers to ensure a high level of player satisfaction. PatchKit uses the AWS cloud to maintain high availability of their platform with the content delivery network (CDN) delivery powered by Amazon Cloudfront. It also ensures that all legacy file data is protected, and provides reliable operations with minimal downtime and cost.

While PatchKit’s platform works without any problems, the client wanted to ensure a strong platform for growth through optimization, performance improvement and scalability to better meet the needs of customers. PatchKit wanted to ensure they were up to date with the latest best practices and newest services from AWS to help maintain the integrity of their platform and meet the compliance requirements of its users. The client wanted to ensure an objective and reliable assessment and make necessary changes with the support of a professional partner specialized in the AWS cloud.

Solution The pillars of Well-Architected cloud environments

Therefore, the client decided to undertake an external, objective review. The best solution for the client's needs was to conduct the Well-Architected Review, which gives a reliable picture of the current condition of the infrastructure and takes into account the risks and issues that may disrupt future performance.

AWS' Well-Architected Framework defines six key pillars meant to help review and optimize cloud-based architectures.

• Operational excellence, which includes monitoring systems to deliver business value.
• Security, which includes the ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies.
• Reliability, which includes the ability of the system to recover from infrastructure or service disruptions, dynamically.
• Performance efficiency, which focuses on the efficient use of computing resources.
• Cost optimization, which helps understand and control how money is spent.

Additionally, we included Sustainability in our illustration — the 6th AWS Well-Architected pillar. It was introduced just after the review and remediation of the client’s architecture were complete. It helps organizations learn, measure, and improve their workloads in accordance with environmental best practices for cloud computing. Similar to the others, the Sustainability Pillar contains questions aimed at evaluating the design, architecture, and workloads implementation to reduce energy consumption and improve efficiency.

Chaos Gears carried out the full spectrum of the review — from analysis and planning, to the actual implementation of improvements across the areas prioritized by PatchKit based on our findings.

The review was carried out in close cooperation with the client and performed in several stages that comply with AWS Well-Architected best practices to ensure the architecture’s quality.

1. Kickoff meeting — Our experts verified the client's needs at this stage. The consultation allowed us to identify the client's problems, understand their goals, and recommend optimal solutions.
2. Review — Detailed analysis of the client's current environment. Our experts performed a detailed review to develop a picture of the current infrastructure state. Our role was to go through the recommendations that AWS developed for each of the pillars and explain them in case of customer doubts. Taking a joint decision on whether the recommendations were important and worth implementing.
3. Report — Our experts prepared a full report of potential flaws and suggestions. We created a remediation plan with the document including priority-ordered risks diagnosed by our experts, along with the estimated resolution time.
4. Consultation meeting — We presented our findings. In cooperation with the client, we defined a strategy and selected significant risks that require resolving. We decided to choose and repair only those relevant from the company's operations view.
5. Remediation — We implemented specific high-risk areas covered by the plan. We ensured a team of cloud engineers who remediated the critical issues, as well as made needed optimizations.
6. Summary — All improvements were integrated in line with AWS best practices. Summary of the project and submission of documentation.

From the client’s point of view, the most important issue was to collaborate with a partner who understood what PatchKit is all about. One that would help select and apply only business-relevant recommendations from the available best practices.

Outcome Harder, better, faster, stronger

The result of the review was the selection and remediation of detected threats by Chaos Gears architects. In the case of PatchKit they indicated: 11 medium risks and 10 high risks.

Security (4 high risks), including:

1. Established the central management of the company's AWS accounts in one place with the implementation of a Security Control Policies (SCP) mechanism, defining the maximum permissions for account members in the organization.
2. Improved management of the AWS environment by launching the AWS CloudTrail service for the AWS accounts used, recording user actions, roles and AWS services. Implementing rules informs admins about unauthorized attempts to create a new IAM user or attempts to access the account without multi-factor authentication (MFA).
3. Restriction of permissions, e.g., for identity and access management (IAM) users by testing for automatic rules compliance with resources and the detection of weak policies.

Reliability (2 high risks), including:

1. Improve application performance and injection and other tests. Checking whether they pass tests from Chaos Engineering and FIS (AWS Fault Injection Simulator) services.
2. Creating protection against potential attacks on the client's environment by using test templates for selected services (e.g. simulating attacks on Lambda) created by Chaos’ engineers for the project.

Cost optimization (3 high risks), including:

1. Setting notifications about the upcoming, predefined monthly limit threshold and other overrun risks. Also, enabling standard budget monitoring through the activation of the AWS billing service.
2. Preparation of dashboards with visualizations of parameters detected by Amazon Trusted Advisor for all accounts in AWS organizations. This allows, among others, admins to identify unused resources versus costs or/and quickly locate accounts and users.

All actions set out in the recovery plan were implemented within the target deadline. All identified threats have been eliminated. After introducing changes to the infrastructure, a report was generated, highlighting improvements in the defined areas. Finally, the updated system is better secured and ready to serve customers, and to scale.

The cloud changes as the SaaS product evolves. Thanks to the revisions, PatchKit's AWS environment is better protected against attacks and failures. The SaaS is still evolving and more changes are needed. Thanks to the changes, the organization of work and operations is better optimized. Selected components are prepared to scale the product while maintaining appropriate performance and cost levels.