Achieving Automation, Reliability, and Peace of Mind
The State of Montana launched its first web service in 2000, and today its eGovernment program offers approximately 300 online services to 36 agencies and more than one million Montana citizens. Montana Interactive is the organization that develops, deploys, and maintains online services and secure payment processing solutions.
Montana Interactive has more than 200 eGovernment applications that serve approximately 650,000 users per month. Until recently, all public traffic was load balanced on two production virtual machines (VMs) running Pound as a reverse proxy, load balancer, and HTTPS front end. Heartbeat probes checked IP availability and failed over if necessary. Public traffic arrived over the Internet, was load balanced, and directed to the appropriate agency’s servers.
But the system needed an overhaul. With this legacy system, the IT operations team had to specify the number of monitor threads that were needed for traffic flows. High loads caused timeouts between the load balancers and app servers. And because it was not possible to perform inline configurations, the IT team had to manually restart the systems whenever they needed to change something, which could create issues for customers. For example, if a citizen was completing a large form online and the servers had to be restarted, the session was sometimes dropped, requiring the person to start over. Because these are applications for services that many people rely on, Montana Interactive wanted to make sure that users had a smooth experience.
“Maintaining reliable performance was particularly challenging with one agency’s large payment application,” explains James Ridle, IT Operations Manager at Montana Interactive. “Each quarter we experienced large spikes in transaction traffic, which required me to add threads. However, to add threads I had to restart the VMs. In fact, moving a workload, deploying an application, or reconfiguring anything required a restart. Not only was it inefficient and time-consuming, it risked compromising application performance and the user’s experience.”
It was time to migrate the legacy load balancers to a modern, high-performance solution. However, a hardware-based approach would have required at least four systems costing approximately $30,000 each. Instead, Ridle turned to NGINX Plus.
“I’d used NGINX in the past, and noticed many other companies moving to NGINX for various reasons,” he says. “I evaluated NGINX Plus and was amazed at its power. The benchmarks just blew me away. The amount of traffic that NGINX Plus can handle is unreal – even beyond our needs.”
Montana Interactive chose NGINX Plus for its reverse proxy and high-availability load balancing. As an intelligent traffic gateway built on 10 years of battle-hardened software, NGINX Plus builds on NGINX open source and adds enterprise-ready features such as advanced load balancing, session persistence, health checks, and advanced monitoring and management capabilities.
Montana Interactive deployed NGINX Plus on VMs that are spread across different hypervisors and data centers. NGINX Plus operates as a dynamic reverse proxy, determining where to route each request in real time. Two VMs are dedicated to development and user acceptance testing; two additional VMs are used for the production network.
>Things Just Work Better
According to Ridle, NGINX Plus provides massive improvements in terms of speed, flexibility, and ease of use. The NGINX Plus load balancer is delivering consistently fast experiences for users. In addition, Montana Interactive is excited to fully deploy features such as on-the-fly reconfiguration, with the goal of eliminating manual restarts at two o’clock in the morning and dropped sessions, even during periods of heavy workload.
>A Big Impact from a Small Investment
NGINX Plus is built to handle thousands of requests per second and millions of concurrent users. Even if every person in Montana used eGovernment applications simultaneously, the infrastructure could easily scale. With NGINX Plus, Montana Interactive can handle a significant amount of traffic with a small investment.
Montana Interactive has improved security by using NGINX Plus features such as SSL offloading and role-based access. For example, some protected information or applications must be available only to appropriate agency staff. NGINX Plus provides fine-grained control over who can access which applications. In addition, as a government agency, Montana Interactive is subject to various compliance tests. With the security features in NGINX Plus, Montana Interactive earns As across the board.
>Increasing Application Availability Through Live Monitoring and Health Checks
Ridle says that the live activity monitoring dashboard is a tremendous help. So far, he is using it to see detailed performance and health information for each upstream node in real time. At a glance, he can see all active and idle connections, requests, services status, server zones, and caches.
Health checks help him ensure that the user experience isn’t disrupted due to a failure. Health checks continually test upstream servers and instruct NGINX Plus to avoid servers that have failed, so users don’t see error pages when servers fail or are taken down for maintenance.
>Automation Delivers High Responsiveness
Automation is a lifesaver, and Ridle is employing the automatic scaling and on-the-fly reconfiguration capabilities of NGINX Plus to manage dynamic changes to upstream server groups. In the past, safely deploying a new application meant several stages of testing and bringing servers online in stages. The process required several days.
“Now we can automatically deploy or take down applications,” says Ridle. “Instead of days, we can deploy in minutes and without any disruption to users. Automation gives us a new level of efficiency so that we can offer our agencies more dynamic services, features, and control without overloading our team.”
>Working Together Improves Operations
When it first deployed NGINX Plus, Montana Interactive had a legacy service that required leaving port 80 open. The team found it challenging to make this work with the new deployment, so they turned to NGINX technical support for help.
“The NGINX support team offered us multiple ways to efficiently achieve our goal,” says Ridle. “They had it figured out quickly and even tailored the solution to our environment. It worked like a champ. We worked with experienced engineers with deep expertise who are able to help in no time flat.”
Ridle plans to consolidate development, UAT, and production traffic to just two VMs and has complete confidence that NGINX Plus can handle the load with ease. Next, he plans to start taking advantage of even more of NGINX Plus’ capabilities. For example, by caching content, Montana Interactive will be able to offload some of the heavy lifting that some of their boxes do for serving up static content–such as large images and tables. Taking advantage of even more NGINX Plus capabilities will continue to drive improvements for agencies and citizens.
“NGINX Plus opens the door for us to transition to a DevOps environment,” says Ridle. “I can configure upstream servers on the fly, automate services, and enforce security and usage policies for our APIs. It’s exciting to see the ways in which we can innovate, now that we can count on having high performance and reliability.”
About Montana Interactive
Montana Interactive is a subsidiary of NIC and is responsible for developing, deploying, and maintaining the State of Montana’s eGovernment applications. NIC (NASDAQ: EGOV) is the nation’s leading provider of official government websites, online services, and secure payment processing solutions. The company’s innovative eGovernment services help make government more accessible to everyone through technology. The family of NIC companies provides eGovernment solutions for more than 3,500 federal, state, and local agencies in the United States. Forbes has named NIC as one of the “100 Best Small Companies in America” five times, most recently ranked at No.11 (2013), and the company has been included four times on the Barron’s 400 Index. Additional information is available at http://www.egov.com.