About ABAX
ABAX is one of the largest IoT companies with solutions for mileage claim, tool tracking, and equipment control with over 500.000 tracked units all over the world. In 2020 ABAX started a journey expanding into developing mobility data solutions entering new verticals like insurance and leasing, being the preferred data provider for the B2B industry on a wider scale. Founded in 2003, they are active in Norway, Sweden, Denmark, Finland, the Netherlands, Belgium, Poland, Germany, and the UK. ABAX serves over 43,000 customers and has 350 employees.
ABAX’s telematics software tracks around 450,000 vehicles across Europe in addition to tools and equipment. Customers leverage the software to connect and survey company assets, monitoring the location and mileage of vehicles or the identity and behavior of drivers. ABAX partners with leading automotive companies such as Hitachi and Connected Cars to provide companies with detailed analytics for fleets of machinery and cars through their software platform.
ABAX’s information technology consists of two divisions. The Global IT team serves the organization internally, while the Development Operations team develops and maintains the telematics platform, ensuring it is efficient and resilient. The Development Operations team is led by Vegard Talmoen, Engineer Manager, with the help of Thomas Ornell, Principal System Engineer.
Overview
The Development Operations team transformed its information technology in 2021 following news of the unexpected and imminent closure of its dedicated cloud hosting provider. The team had only a few months to decide on and execute a new strategy.
The team decided to migrate their infrastructure away from their private hosted environments and into Google Cloud Platform, capitalizing on the opportunity to replace and modernize much of their infrastructure in the process. While they had, for years, been progressively migrating their workloads from legacy VMs to Kubernetes, the cloud migration accelerated the process.
“The cloud migration was a blessing in disguise.” - Thomas Ornell, Principal System Engineer at ABAX
Requirements
During the migration process, the Development Operations team had substantial requirements for their infrastructure. With vehicles sending their locations to ABAX’s telematics platform every second, ABAX stores and processes vast amounts of data in real time. The team needed an infrastructure that could keep up with the high demands of its business.
First and foremost, the infrastructure had to be highly resilient. The distributed system needed to continue functioning even if one service failed. Any disruption could potentially lead to regulatory difficulties for customers that are required by law to keep track of vehicles and equipment electronically.
ABAX’s infrastructure also needed to be scalable, as the number of requests received per second fluctuates heavily. The platform is used most actively during working hours. Observability and auditability were crucial, as the team must be able to have full visibility on their platform and pinpoint issues as they arise, as was security. ABAX’s network is very distributed and therefore has a broad attack surface that needs to be secured within each API gateway. It was necessary for ABAX to maintain control of its platform and safeguard the location of customer vehicles.
ABAX counts around 70 developers working on the platform. However, the Development Operations team provisioning infrastructure for these developers consists of only 3 engineers, meaning they did not have the luxury of managing an over-engineered infrastructure. Simplicity was a key requirement, as the infrastructure must be manageable and automated.
Cost was also another requirement for the infrastructure. Processing vast amounts of data on a daily basis, costs can multiply exponentially very quickly. A low cost per request is imperative for the business as a result.
“We process vast amounts of data, which we must maintain visibility into in a cost-efficient way.” - Thomas Ornell, Principal System Engineer at ABAXSecure, manage, & scale all your APIs.See how Traefik Enterprise simplifies, automates, and centralizes API management and security with one easy-to-use solution.Learn More
Challenges
The Development Operations team had little time to devise a new strategy given the unexpected disruption. They faced the difficult challenge of sifting through competing and overlapping technologies within the infrastructure. Over the years, the various development teams working on the platform had adopted solutions on an ad hoc basis, resulting in the simultaneous use of multiple networking solutions such as Nginx, Kong, and Traefik Proxy. Ornell saw the need to cut through Shadow IT and consolidate their technology stack. As he and his team had successfully relied on Traefik Proxy for ingress control and API gateway, it was a natural choice for consolidating the networking stack.
As the Development Operations team migrated more critical workloads into Kubernetes and Google Cloud Platform, they quickly realized an enterprise ingress solution was mandatory. ABAX’s infrastructure is mission-critical, and each outage or even latency leads to a direct loss of revenue. High-availability clusters, advanced security features, and a number to call 24/7 were the primary drivers for ABAX requiring an enterprise solution.
“As we migrated more services to Kubernetes, the risk of failure for ingress controllers increased significantly. We saw the need for a solution like Traefik Enterprise.” - Thomas Ornell, Principal System Engineer at ABAX
Solution
Today, around 90% of all ABAX’s deployments are in Kubernetes running exclusively on Google Cloud Platform. They use Traefik Enterprise’s middleware to rewrite URLs when routing services into containers. The team maintains four production clusters, one staging cluster, and a specialized configuration of Traefik Proxy to around 70 instances of K3D.
Traefik Enterprise is the default networking stack and is used in all Kubernetes clusters. ABAX uses Traefik Enterprise for its all-in-one ingress, API gateway, and service mesh. Here are several reasons why Traefik Enterprise was the obvious choice for ABAX:
Traefik Enterprise is a highly automated solution that is easy to use.
With only three system engineers on the team, ABAX’s Development Operations team cannot afford to spend vast amounts of time training people on a complex ingress solution. Traefik Enterprise is easy to use and configure with Kubernetes allowing the team to spend time creating value instead of training developers on how to use the solution.
The team is also a heavy user of GitOps. Traefik Enterprise is GitOps-workflow ready, allowing Git to be the source of truth for infrastructure configuration management. Changes made to the infrastructure are processed through the Git repository, which automatically applies changes to all clusters. Configuration changes are continuously reconciled, and the infrastructure can be automated and made immutable.
“Traefik Enterprise is an easy product to use on Kubernetes, and that’s not a given” - Thomas Ornell, Principal Systems Engineer at ABAX
“We're spending very little time training our people on Traefik. We give them the basic understanding they need, and then we move on.” - Thomas Ornell, Principal Systems Engineer at ABAX
“Everything is mostly automated, and we maintain functionalities that our developers and operators rarely see because they just work.” - Thomas Ornell, Principal System Engineer at ABAX
Traefik Enterprise is a highly secure solution.
Traefik Enterprise enhances network security. Authentication and authorization are handled at the ingress controller level. JWT tokens redirect traffic to the correct service based on tokens added in the header, creating a secure pre-routing solution. The network is further secured by a web application firewall, as ABAX places Cloudflare in front of all Traefik Enterprise instances.
Traefik Enterprise offers enhanced load performance.
Traefik Enterprise makes it easy for the team at ABAX to deliver the performance at load, as it excels at the handling of WebSockets compared to other ingress controllers. In particular, the team found it challenging to handle WebSockets with Nginx, which keeps some open when being flooded with requests over a short period. The product is easy to manage, and the enterprise version makes it exceptionally seamless to configure new services.
“Traefik Enterprise is much better than Nginx at handling WebSockets, which is quite important on our end.” - Thomas Ornell, Principal System Engineer at ABAX
Traefik Enterprise comes with an array of advanced features
ABAX takes advantage of Traefik Enterprise’s advanced features, making it easy for them to deploy at scale. Its library of plugins includes custom features and behaviors that allow the Development Operations team to automate several key processes and also integrate with third-party solutions, such as Datadog. The Datadog dashboard is used to visualize the architecture as a whole while providing advanced logging capabilities. Traefik Enterprise includes custom middleware that allow ABAX to rewrite URL paths based on specified rules and was proven especially useful for their cloud migration. Additionally, ABAX uses Traefik Enterprise’s service mesh capability to route and monitor service-to-service communication allowing them to monitor internal and external traffic.
“We are using a significant part of Traefik Enterprise.” - Thomas Ornell, Principal System Engineer at ABAX
“The Enterprise functionality takes away quite a few of the pain points you have in the open source version, especially when it comes to configuration.” - Thomas Ornell, Principal Systems Engineer at ABAX
Traefik Enterprise offers unparalleled support.
Stability is a core requirement of ABAX, and the Development Operations team requires enterprise-grade support to ensure the system remains operational. Traefik Enterprise offers unparalleled support to ensure the stability of critical pieces of infrastructure. ABAX has had a very positive experience with the support team at Traefik Labs.
Traefik Enterprise offers competitive pricing.
Part of the team at ABAX had started to use Kong several years earlier, and it had become part of the Shadow IT that the Development Operations team had to sift through. Kong increased their prices by 30% per year over three years and maintained a billing framework that charged per API request. This made it an unviable solution, especially as ABAX ran everything within their infrastructure. Traefik Enterprise was an obvious choice because of its pricing model.
“Traefik Enterprise is pretty competitive on price.” - Thomas Ornell, Principal System Engineer at ABAX
Bottom Line
The Development Operations team navigated a chaotic cloud migration with discernment and today maintains a cloud native infrastructure that is consistent across all environments. Since the migration, ABAX has continued growing and the infrastructure network has seen an increase in traffic of 70% totaling almost 500M requests a month.
With the help of Traefik Enterprise, now used across ABAX’s cloud and remaining on-prem Kubernetes and VM environments, ABAX successfully completed its cloud migration, while harnessing the benefits of a cloud native networking solution.
“I would absolutely recommend Traefik Enterprise.” - Thomas Ornell, Principal System Engineer at ABAXSecure, manage, & scale all your APIs. See how Traefik Enterprise simplifies, automates, and centralizes API management and security with one easy-to-use solution.Learn More
This is a companion discussion topic for the original entry at https://traefik.io/blog/abax-migrates-with-traefik-enterprise/