Customer Case Study – Education Babbly helps babies communicate with a HIPAA- compliant Kubernetes infrastructure. This child development start-up needed to address industry compliance needs while strengthening platform security, scalability and reliability. Our customer The obstacles they faced Babbly is an AI-powered platform that helps Babbly needed to develop and manage parents interact with, track and improve a stable, future-ready Kubernetes their children’s speech development from infrastructure that could support frequent birth to two years using machine learning application releases and automate as well as expertise from pediatricians and security. It also needed to meet industry language therapists. compliance requirements. How we helped What we achieved together Public Cloud — Amazon Web services (AWS), In just six weeks, Onica (a Rackspace AWS CloudFormation, Kubernetes, Amazon Technology company), built a production Certificate Manager, Amazon EKS, Amazon ready Kubernetes architecture for the Babbly RDS, Amazon CloudWatch Container Insights, application. Security increased with the Amazon Route 53, Amazon Web Application deployment of tools that enabled several Firewall, Elastic Load Balancing, AWS WAFv2, capabilities, including end-to-end encryption. AWS Managed Rules, Linkerd, Bitbucket, Customer experience was enhanced with Runaway, Kustomize. improvements in uptime and reliability. “We were looking for an experienced partner that can help us achieve our desired production-ready infrastructure within a very short timeframe. Onica came on-board matching the high standards the Babbly team embodies, and worked closely with us so we could release our application on schedule.” Carla Margalef Bentabol CTO and Co-Founder, Babbly Seeking a stable and logging solutions that would support Choosing the right AWS One of the initial priorities was to meet production workloads. a submission deadline for a closed beta. future-proof experienced partner This deadline had to be met before the The application had been using Kubernetes application could go live on the Google Play Babbly helps young infants build their Babbly chose Onica, a Rackspace Technology clusters on Amazon Web Services (AWS) store. Work began with the implementation communication skills. The software start-up company. Onica is a leading AWS Partner with a development pipeline that used of a productionready Kubernetes cluster. had an infrastructure that was still in the Bitbucket for planning and management. Network (APN) Premier Consulting Partner. development stages, but needed to be made Basic deployment processes were also The expertise in DevOps and AWS services To achieve this, an Amazon Elastic stable and future-proof, while also improving already in place. that Onica could bring to the project made it Kubernetes Service (Amazon EKS) customers’ experiences. Additionally, the a perfect choice. There was an urgent need infrastructure with Amazon Relational application required security features Babbly’s team of two developers had no for support to get the application ready for Database Service (Amazon RDS) for database to achieve compliance with the Health spare capacity to develop or manage a robust a marketplace launch, while also enhancing management was implemented. Insurance Portability and Accountability foundational infrastructure. The Babbly team operations and maximizing efficiency. Act (HIPAA), which sets standards for using was aware of the breadth of AWS services The infrastructure was built using a sensitive patient data. available, so decided that a technology The Onica and Babbly teams worked closely multi-stage pipeline for development partner with deep expertise was necessary. to ensure that all of the requirements and production that supported Also needed were comprehensive automated It needed a partner who could both identify and pain points were well understood improved QA testing. pipelines to manage infrastructure suitable services and implement them to from the outset. and application deployments. Another enable Babbly to meet its goals. requirement was for monitoring and Rackspace Technology Customer Case Study 2 services to function. They meet the industry Deploying security and standard of “least permissive” access, as encryption each container is granted its exact needs. Bitbucket pipelines were used for deployment Security and end-to-end encryption were and AWS CloudFormation was used for an important part of Babbly’s design from standing up all of the infrastructure as code. the outset. The application had to be robust against cyberthreats. Amazon CloudWatch Container Insights provide monitoring and metrics of the Achieving this requirement began with Babbly application stack. This allows the the Amazon Certificate Manager’s native application’s current logs and performance integration with the Elastic Load Balancer information to be seen from a single view. service. This made it simple to secure public All logs are shipped to Amazon CloudWatch endpoints hosted on Amazon Route 53. The log groups, which are critical for compliance Amazon Web Application Firewall service requirements and auditing. integrated with the Elastic Load Balancing service provided protection against common The CLI tools meant for creating Amazon cyberattacks, such as SQL injection and EKS clusters were moved to a managed cross-site scripting. infrastructure-as-code approach. This allows greater flexibility, improved compliance The AWS WAFv2 service also allowed the checkpoints and increased control over ability to attach AWS Managed Rules, deploying Amazon RDS and the virtual private which support many of the Open Web cloud (VPC), as well as the overall cluster. Application Security Project’s (OWASP) This level of flexibility and control provides top 10 security risks. The OSWAP is an Babbly with a strong foundation upon which international non-profit organization to meet HIPAA compliance. dedicated to web application security, which advises on the highest threats to protect against cyberthreats. Ready to keep growing What normally takes several months Meeting HIPAA was achieved in just six weeks as the production ready Kubernetes architecture compliance goals was ready-intime to meet the application To meet HIPAA compliance, intra-cluster launch deadline. Onica’s own open source encryption was achieved by deploying the development tools, such as Runway, helped security-first service mesh, Linkerd. Linkerd achieve this goal. added critical security, observability and The Runway tool was built based upon reliability features to the Kubernetes stack previous customer experiences. It can with no application code changes required. It coordinate and accelerate infrastructure- effectively secured pod communication. ascode deployments, and includes native Within the Kubernetes stack, the team support for Kustomize, allowing for easy deployed the ALB Ingress controller and deployment of Kubernetes manifests. external DNS module to seamlessly modify Security and monitoring enhancements were Amazon Route 53 records as new services also added with encrypted file systems and were provisioned. The pod-level permissions SSL. Amazon CloudWatch Container Insights of the Amazon EKS service enable these Rackspace Technology Customer Case Study 3 were set-up to facilitate troubleshooting right About Rackspace down to the container level. The addition of these features will help the infrastructure Technology meet HIPAA compliance standards. Rackspace Technology is the multicloud The infrastructure was built with automated solutions expert. We combine our expertise scalability capabilities so that fluctuations with the world’s leading technologies — in demand can be met. Babbly also benefits across applications, data and security — to from continuous integration and continuous deliver end-to-end solutions. We have a delivery (CI/CD) efficiency improvements. proven record of advising customers based Other introductions include an automated on their business challenges, designing application deployment pipeline, which solutions that scale, building and managing allows the development team to ideate, those solutions, and optimizing returns implement and deploy updates and into the future. features quickly. As a global, multicloud technology services Throughout the process, Onica’s team pioneer, we deliver innovative capabilities held working sessions with Babbly’s of the cloud to help customers build new DevOps engineer and provided ample revenue streams, increase efficiency and documentation to educate the company create incredible experiences. Named a best on both the enhancements as they were place to work, year after year according to implemented and how to operate the new Fortune, Forbes, and Glassdoor, we attract infrastructure independently. and develop world-class talent to deliver the best expertise to our customers. Everything Additions to the infrastructure have we do is wrapped in our obsession with improved customers’ experiences in our customers’ success — our Fanatical uptime. The infrastructure lives in different Experience™ — so they can work faster, availability zones, and there are automated smarter and stay ahead of what’s next. database backups that ensure a reliable end-user experience is maintained becomes Learn more at www.rackspace.com or call more diverse, we will need to incorporate the 1-800-961-2888. flexibility and dynamic nature of the cloud. This case study is for your informational purposes only. RACKSPACE MAKES NO WARRANTIES, EXPRESS