Development of a Central Platform for Service Interruptions at DB Regio Bus
As a contracted Professional Service Partner, PROTOS Technologie GmbH supported the planning, integration and transfer of the application into the DB Regio Bus operation following DevOps principles.
The Client:
The Deutsche Bahn AG has consolidated its entire bus business in the DB Regio business unit, namely Bus division (DB Regio Bus). DB Regio Bus focuses on local public transport in rural areas. The bus companies, which were independent in the past, have been merged regionally and are market leaders in the German public transport market.
The Challenge:
As a central service provider for mobility, unplanned service interruptions caused by events such as staff shortages, accidents or natural disasters must be eliminated quickly and in a well-coordinated manner. DB Regio Bus provides a central platform for coordinating service interruptions for this purpose. On this platform, local bus companies can dynamically make capacity available in an emergency in order to minimize the consequences of train cancellations for customers.
The development of the central application and IT infrastructure was handled by an external service provider. The challenge was to integrate and adapt the existing software system to the internal standards of DB Regio Bus. Besides the technical implementation, PROTOS Technologie was also responsible for the collaboration with external personnel.
The continued development of the software system is an essential component of the application and ensures that new features and security patches can be provided continuously. For this further development, an environment that is familiar with agile methods and uses them successfully is required. To achieve this goal, a CI/CD process was established from deployment to operation. In addition, the customer’s employees were trained in DevOps-based operating methods.
In terms of the IT infrastructure, it had to be ensured that the infrastructure developed by the service provider complied with the compliance and security guidelines of the Deutsche Bahn Group. In addition, manual processes from the development phase had to be automated in staging and production operations. Since the development environment on the part of the external service provider was not provided via infrastructure-as-code, the infrastructure had to be provided on a versioned code basis, taking AWS Well-Architect into account.
The Solution:
As a centrally contracted Professional Service Partner, PROTOS Technologie GmbH supported the planning, integration and transfer of the application into operation according to DevOps. To ensure a smooth process between all parties involved, one of the main tasks was the internal and external stakeholder management.
In addition, the existing customer organization was taken into account when creating and adapting processes. As a certified IT service provider according to ITIL, a continuously developed application could not be easily transferred to the standardized processes. Instead, solutions had to be found within the framework of the existing processes in order to integrate a DevOps-based project into the company’s day-to-day operations.
In addition to organizational challenges, various IT infrastructure requirements had to be implemented. DB Regio Bus has already relied on the Infrastructure-as-Code framework Terraform for several years. Therefore, the entire infrastructure was mapped using Terraform and combined with the software versioning technology GIT to enable reproducibility, testability and automatic rollbacks. An advantage for DB Regio Bus is the mapping of infrastructure as program code. Changes to the infrastructure code are made fully automatically using the AWS Developer Tools (AWS CodeCommit and AWS CodeDeploy) and can be stored and documented centrally. This means that you are no longer tied to the original programmers and can work independently.
The use of Terraform enables the portability of the infrastructure into different environments. As a result of best practice approaches, a staging and production environment was provided in order to be able to test changes and new features of the application before the rollout to the production system.
In order to be able to automatically roll out changes to the application, the rollout for frontend, backend, and dedicated API was automated analogously to the infrastructure and for both environments with the help of AWS CodeCommit, AWS CodeBuild, AWS CodeDeploy, and AWS Pipeline as CI/CD pipeline. The unit and integration testing of the application artifact within the CI/CD pipeline is also automated.
In order to maintain compliance guidelines of Deutsche Bahn Group, requirements such as end-to-end encryption in transit and encryption of data at rest were taken care of during the development of the infrastructure code. In addition, the “least privilege” principle would be implemented in conjunction with role-based access concepts. The logging implemented by PROTOS Technologie also ensured that accesses to S3 buckets, application logs and real-time monitoring are noticeable at all times. Corresponding alarms are generated and the log data is stored in a dedicated AWS account in an audit-proof manner.
For the infrastructure components, AWS services were used such as AWS Beanstalk in the application backend, Lambda functions in combination with AWS API Gateway for API requests, S3 in combination with CloudFront for delivering web content, and AWS Cognito as an authentication service for external access.
The development team of the external IT service provider does not have direct access to the AWS account and the application components deployed in it within the described process. However, the team is informed about the respective status of CodeBuild / CodeDeploy actions within the CI/CD pipelines during each deployment and can act in case of failure depending on the status message. In addition, application events are transferred in real-time via AWS Kinesis to the IT service provider’s AWS account to enable more effective debugging of the application.
The Benefits:
A digital process for managing service interruptions:
Digitization of a formerly analog process for managing unpredictable service interruptions in local rail traffic.
Project management of internal and external stakeholders:
The in-house specified configurations meet all corporate requirements regarding security and compatibility.
Advantages of the implemented architecture:
Maintaining compliance requirements such as full encryption of data at rest and in transit, least privilege principle, and centralized, audit-proof logging.
A scalable, highly available solution:
Achieved by using S3 for web hosting, AWS Elastic Beanstalk and AWS Relational Database Service. Additionally, the implementation of CI/CD pipelines for fully automated deployments with integrated testing.
Introduction of DevOps processes and cultural change:
The developed application and infrastructure are the starting point for further DevOps-like projects. With the experience gained, future projects can be developed and integrated more easily and quickly at DB Regio Bus.
Client Feedback:
“PROTOS Technologie GmbH provided us with support during the integration of a central platform for the coordination of business interruptions in local rail traffic. Thanks to the cooperation, we were able to successfully implement and realize compliance requirements, high availability and automated deployments. The qualified staff of PROTOS Technologie accompanied and supported us in a highly professional manner throughout the entire process.”
Jörg Dierks, Head of Cloud & Network – DB Regio AG, Bus Divison
Graphics: Prosymbols, Freepik, Becris, Ralf Schmitzer from Flaticon.com