Overview
Our story is not complete without a talk about technology. We are a technology driven innovation company first, therefore we want to give you an insight on how we see the role of technology in the realm of innovation and logistics.
Innovation and technology
Innovation is what changes the world and although reasons are as diverse as mankind, the shared denominator is improvement. Improvement of a process, improvement of a personal situation or - for the big thinkers - improvement of the world.
One might say that innovation is an important and inseparable part of “la condition humaine” - it is never finished and the improvements realised will never satsify everyone or everything.
Innovation comes with the belief that a better world is possible and that it can be created by using the history of improvements - formed by knowledge and tools, in short technology - and creativity.
Therefor we consider tech driven innovation not predictable: it is even non-deterministic because it is based on creativity, on humans and their motivations.
Customer value is the most important driver for the future of our industry, meaning your customer - the company or person that buys and receives your goods - deserves an excellent delivery journey. And so do you!
We commit ourselves to providing you that excellent delivery journey by using the best technology available and our dedicated creativity to not force but allure users to better solutions for there problems.
Fundamentals
Were we used to embrace Microsoft technology as the heart of our product, we now moved to using the great opportunities that open source software, cloud native development and standardisation can bring us.
And wat is not to love: the power of communities brought us great tech products that improve all our lives on a daily basis! Although we are not very mature yet in offering open source software ourselves - we do have some small projects running - we love adding fixes and knowledge to the products we use.
Once we have figured out the right business model for our context and we are proud of the quality of our creations, we will for sure extend our offering of OSS products.
The organistion that - in our opinion - shows the way forward in the IT industry best is the Cloud Native Computing Foundation - an organisation that has been very inspiring and deserves your attention.
We embrace the ideas of a cloud native product, a product that:
- has an immutable runtime environment
- is scalable by default
- has security as a design basic
- is platform agnostic
- is open and accessible
- offers fair and equal opportunities to all
- is continuously and automatically deployed
We also embrace the power of the community, we:
- use open source solutions where feasible
- give back by providing open source tooling
- help improve the open source projects we consume
- empower customers by actively stimulating community boards
- use open standards for data and code where feasible
This does not make us better persons or a better company. It does help you, your customer and ourselves to create the best possible solution and add the most value with creativity not restricted by company boundaries.
Technology we use
This is not an extensive list of products and solutions we have in place, it is more a sketch of the choises we have made. As those changes are altered every day this should give you the gist of where we are going, while more detail will be published in more specific blog posts.
Inspired by the cloud native movement we use a GitOps strategy to running our products, with the help of:
- Github (code repositories, actions and workflow)
- Google Gloud
- Kubernetes (stateless scalable computing)
- linux (core-os as basis for our pods)
- mongoDB (hosted at the specialists themselfs)
- SOPS (making sure passwords are only available when they should)
- Ory (hosted authentication, a specialists job)
- C#, python, go-lang and Scriban backend programming languages
- json (data)
- yaml (configuration)
- Prometheus, Grafana (operational reporting and alerting)
Architecture
Tenant Isolation
Your Viya instance is setup as an isolated environment where you are the only tenant. Isolation of stored data and runtime environments gives the best option to restrict access to your data - both in rest and in transit - to people and applications that are explicetly allowed to have access.
To get access to a tenant a user needs to be identified (authenticated) by a independent authentication provider, confirming the users identity. From their access to your application is defined in a authorisation module - Open Policy Agent (OPA). The authorisation defines if and what functionality can be used.
State management
Optimising availability, persistance and recovery, each tenant is split in a statefull and a stateless domain. The stateless part contains the runtime, hosted withing Kubernetes and isolated by using Workload Identity. Statefull are the
- Do we know you and are you who you say you are
- Do you have the rights to access the application you requested access to
- What can you do in the application
- now you only have access to the functionality and data you have been given access explicitly
Tenant creation and scaling
Authentication and datastorage have been outsourced to external parties because securing and handling these functionalities is a fulltime specialists job on its own. By using the expert knowledge of the creators of that software - the functionality is hosted by the creators - than to host it ourselves means that we can shift our attention from maintaining expert technical infrastructure to adding business value.
Scaling
- Kubernetes auto Scaling
- MongoDB Scaling
Configuration and Authorisation versioncontrol through git