This leading freight brokerage firm connects customers with shipping needs to carriers with available capacity and services. The company has a network of 160,000+ carriers and moved 3 million+ loads in 2022. The company strives to exceed customer expectations while handling their transportation requirements 24/7/365.
At-a-Glance
In an ambitious effort to modernize its data center and applications, a leading freight brokerage firm encountered challenges initially using Docker containers on Windows. Hindered by limited scalability, no self-healing properties and unexplained system failures, the company adopted Rancher Prime, SUSE Linux Enterprise Server (SLES) and Buoyant’s Linkerd service mesh for a robust, all-inclusive solution. This led to a 13.5x speed improvement in generating complex bids, allowing the company to initiate a global expansion with a considerable competitive edge.
Preparing for global expansion
This organization’s culture emphasizes innovation, viewing IT as a differentiator rather than a cost center.
In 2009, the company had 40 developers with diverse skill sets working on Windows, handling everything from databases and networking to server installation and maintenance. This structure served the company well, but as the team sought new hires to meet the growing company’s needs, it noticed that the hiring pool for multiskilled developers was shrinking — developers entering the workforce were more specialized, often lacking experience in managing servers and load balancing.
Concurrently, the company planned international expansion, requiring new tools for its sales force to navigate overseas shipping nuances, customs requirements and international addressing methods. Its developers had to create these tools to stay competitive, but time spent on infrastructure detracted from innovation. Implementing a containerized infrastructure became crucial, as use cases showed improved availability, security and agility compared to increasingly complex legacy systems.
Considering these factors, a senior software developer proposed creating a platform engineering team to executives in 2020. Choosing a platform view over the DevOps model, this team would boost developer productivity and bridge gaps between developers, security and infrastructure teams. Developers would handle their own application deployments, providing sales with additional tools to outshine competitors faster, while the platform engineering team would manage crosscutting responsibilities such as build agents, SSL certificates, containerization and other key components.
The executive team readily accepted the proposal and named the senior software developer its platform architect.
“Employees who have left the company have returned, stating that the tools [here] were far more advanced than those at competitors, allowing them to be more productive and efficient. This, in turn, enables them to close more deals faster, increasing annual income and employee satisfaction.”
Journey to open source
Rancher Prime
The new team’s first step was to containerize the company’s applications. With high stakes (a $50,000 per minute outage cost), the team needed to carefully choose technologies for continued success and growth.
The team had three requirements for a solution. First, security: the team wanted a container solution that would help it move toward a Zero Trust environment and improve security.
Second, self-healing and horizontal scaling: the team wanted a container solution that would allow it to add capacity without having to manually start up a new virtual machine and install components. It needed horizontal scaling, meaning more application instances without new virtual machines.
Third, high availability: the team required a container solution that could distribute workloads across multiple data centers without affecting developers. It wanted to use Global Server Load Balancing Protocol (GSLP) for this, without needing developers to learn new tools or add deployment layers.
The team started its containerization path with Docker on Windows but soon realized that the solution failed to meet requirements. Docker on Windows struggled to scale, lacked self-healing and sometimes stopped without notice, needing manual restarts. Additionally, applying upgrades to containerized applications in Docker required a lengthy manual process.
“These issues slowed internal adoption, as developers were reluctant to use a product that they felt would hinder their productivity,” says the platform architect.
Believing Kubernetes would be better, he sought a new containerization solution and began conducting proofs of concept (POCs) with several platforms, including the community versions of Rancher and OpenShift.
“The community version of Rancher allowed us to showcase all the benefits immediately, helping us verify factors that led us to choose Rancher Prime,” he says. “First, Rancher Prime’s ease of use was critical for our team newly adopting Kubernetes. Second, Rancher Prime’s features aligned well with our plans. Next, we liked that we could transition from an open source to an enterprise support package, giving us the option of obtaining additional support whenever needed. Finally, the passion and enthusiasm of Rancher personnel, evidenced through their training programs like Rancher Academy, gave me confidence in the product and the support behind it.”
SUSE Linux Enterprise Server
As the team prepared to transition to Kubernetes and Rancher Prime, the company’s CIO agreed to adopt Linux for the first time. Although Kubernetes could run on Windows, the team believed a Linuxbased system offered better performance, native support and compatibility with containerized applications and tools.
“Since we chose Rancher Prime, using SUSE Linux Enterprise Server for unified support made sense,” says the platform architect.
Linkerd by Buoyant
Wanting to take the opportunity to replace the inherent vulnerabilities of its legacy Windows API system with a Zero Trust security environment, the platform engineering team looked for a service mesh tool to encrypt every connection point. The team evaluated Istio, which has built-in support on Rancher, but preferred Buoyant’s Linkerd for its ease of use for providing mutual TLS (transport layer security), cryptographic workload identity and granular authorization policy to Kubernetes applications. At the time, however, Linkerd didn’t have an established relationship with Rancher or SUSE.
In a testament to the power of open source, SUSE and Buoyant collaborated to make Linkerd available in the Rancher Apps and Marketplace, allowing the customer to plug in its tool of choice.
“When we told SUSE and Buoyant that this is where we wanted to go, both companies were really interested in how to improve their communication,” says the platform architect. “After that point it became super easy for us to make a plan that involved a Linkerd solution and a Rancher Prime solution and resolve any configuration issues that were coming up in Kubernetes.”
The impact
Now with a robust toolset, the platform engineering team aims to modernize most of the company’s applications within 24 months. The team is also working with the infrastructure team to migrate 1,400 Windows VMs to SLES. The combination of Rancher Prime, SLES and Linkerd enables the company to create a modern infrastructure that supports the its growth and evolving needs with a host of notable benefits.
Liberates developers from infrastructure tasks
The new system lets developers view pods and deployments without needing Kubernetes familiarity. This allows them to focus on application performance without getting bogged down in the intricacies of Kubernetes, accelerating their time to launch for updates or new services.
“Even a 5% improvement in developer productivity could result in faster launches or upgrades, translating to happier external customers or stealing customers from the competition,” says the platform architect. “So, now we’re keeping our developers productive at as high of a level as possible. They have access to Rancher Prime, they can see their pods, they can see their deployments. They can’t make the changes, but now they still feel part of that whole aspect.”
Accelerates bidding process
The new containerization solution significantly impacted the company’s bidding process. A batch rating tool, taking over 90 minutes before, now takes 10 minutes, with an 11x to 13.5x speed improvement after migrating to Kubernetes and Rancher Prime. “This faster turnaround improves our chances of delivering bids quicker than competitors and winning new customers,” he says.
Guarantees cloud readiness
The company’s operations rely on a SQL database. When the platform engineering team first experimented with hybrid-cloud operations, communications between the monolithic database and cloud caused increased latency. The team, therefore, pivoted to cloud readiness instead of cloud-first, planning a Microsoft Azure migration by early 2024. Rancher Prime’s seamless operation between cloud and on-premises environments, and consistent user interface, will enable a smooth transition without interrupting developer workflows.
In parallel, the platform engineering team is utilizing its on-premises environment to deepen its Kubernetes skill set.
“Because Rancher Prime works just as well on-premises,” says the platform architect, “We’ve been able to gain a deeper understanding of the full Kubernetes stack, including the control plane, which is typically obscured by cloud providers. This enables us to tackle a wider range of challenges, ultimately reducing risk and producing better engineers.”
Provides high observability and error detection
Linkerd and Rancher Prime offer high observability and error detection. Unlike the Windows platform’s performance monitoring and failure identification challenges, the new solution tracks communication success rates and node latency. This level of detail allows the team to focus on the individual components that make up the end-to-end process and pinpoint areas that need improvement, resulting in more efficient operations.
“Rancher Prime and Linkerd are great for beginners but also have the depth to go to where we want to go as an organization,” he says.
Streamlines role-based access controls (RBAC)
Rancher Prime’s RBAC feature enhances security, providing the security team with better visibility and control. By leveraging existing Active Directories with Rancher Prime’s built-in integration, the security was able to easily employ a “least privileges” access control model. Adopting preestablished role-based administration controls from the corporate directory streamlined the process for the security team, saving time and effort while maintaining secure infrastructure.
“Rancher Prime provides our security team with a user-friendly interface that allows them to easily monitor assigned security controls, track changes and view previous configurations,” he says. “This clear visibility quickly convinced them of the benefits of adopting Rancher Prime.”
Boosts company loyalty
The company’s dedication to technology innovation results in enhanced company loyalty. “Employees who have left the company have returned, stating that the tools [here] were far more advanced than those at competitors, allowing them to be more productive and efficient,” says the platform architect. “This, in turn, enables them to close more deals faster, increasing annual income and employee satisfaction.”
Ensures system reliability with enterprise support
SUSE’s collaborative approach to helping customers, whether it be from the customer success team, the presales team or technical support team, has proven to be invaluable for addressing the customer’s challenges. “Our platform’s success is measured by how fast we can migrate the company to the new system while maintaining reliability and efficiency,” says the platform architect. “One of our goals was to have as much support as possible to quickly achieve the level of reliability we needed.”
In one instance, the team faced a network issue that caused communication disruptions and packet losses, threatening Kubernetes as a reliable enterprise platform solution for the company.
“We reached out to SUSE Support, and they worked closely with us to identify the problem,” he says. “SUSE Support broke down the whole process, examining the communication layer and the operating system. After about a week and a half, they helped us pinpoint the issue as a combination of factors. They discovered the necessary configuration changes, which we implemented. Since then, we haven’t faced any networking issues.”
He continues: “Throughout the process, SUSE provided the support we needed without making us feel like we were a burden. Their assistance reassured my director that we had made the right decision in selecting Rancher Prime and SLES.”
The team now calls upon SUSE Support whenever it can’t resolve a problem within two days. “I always tell our engineers that if they spend more than two days struggling with a problem and can’t figure out what’s going on, it’s time to involve support. I’d rather use a few hours of support to resolve the issue within three days, instead of wasting two weeks without finding a solution or ending up with a poor one. This approach allows us to move faster,” he says.
What’s next?
As of early 2023, the company is concentrating on enhancing its disaster recovery systems and maintaining stability amid potential data center failures. A primary concern is the possible failure of an application when launched on a different node without recognizing the location change. The team aims to guarantee that the application identifies the proper mounting point during recovery.
To accomplish this, the team is incorporating Longhorn, a distributed state management system, for managing application data across multiple nodes, including the ability to track and manage mounting points across different nodes. The company also plans to explore Longhorn’s ability to span multiple data centers, further enhancing infrastructure resiliency and redundancy.
With plans to explore solutions like Longhorn for even greater resiliency, the company’s dedication to harnessing technology to drive growth and success remains unwavering. This steadfast commitment positions it as a leader in the logistics industry, equipped to face future challenges and seize its international expansion with confidence.