Okta Case Study

Okta creates products that use identity information to grant people access to applications on multiple devices at any time, while still enforcing strong security protections. Okta’s products integrate directly with an organization’s existing directory and identity systems, as well as more than 4,000 applications. The company is based in San Francisco, California.

• Okta has been using an internally developed tool to deploy from development to production, and Docker Compose to create complex applications using Docker containers.
• The company needed a container-management solution without a steep learning curve, and was looking for something that was simple and easy to introduce to development and engineering teams.
• Okta evaluated other open-source cluster-management solutions, but was concerned operating these would distract from building and running the company’s apps.

• Okta started using HAQM EC2 Container Service (HAQM ECS), a highly scalable container-management service that provides cluster management and container orchestration.
• The Okta engineering team already had a deep understanding of how to set up AWS Identity and Access Management (IAM) permissions and roles, and was easily able to map network policies and IAM policies to the company’s HAQM ECS cluster.
• HAQM ECS has been an enabler to adopting Docker, providing an abstraction layer between operations and development. HAQM ECS is being used to run automated builds, tests, and microservices applications.

• Okta found HAQM ECS to be simpler to introduce, manage, and run compared to other solutions, because HAQM ECS comes as a managed service.
• HAQM ECS reduces microservices operations. The automatic health checks and restart functionality provided by the HAQM ECS scheduler reduce paging alerts, allowing Okta to focus on more strategic projects. HAQM ECS also provides automatic scaling and IAM roles for tasks, allowing for scalable and secure deployments.
• The company is seeing a reduction in operational costs, as operators no longer need to manually heal down nodes.
• HAQM ECS has reduced the complexity of deploying containers in AWS. HAQM ECS provides a set of APIs to launch containers on a cluster, allowing non-operational team members with no direct access to the underlying host to start applications. This has led to a much larger number of people doing deployments and has given each team ownership of its deployments.
• With the Okta’s framework created around HAQM ECS, the time it takes for developers to get new services in production is now measured in days instead of weeks.