Hexagon is a global leader in digital reality solutions, combining sensor, software and autonomous technologies. The company is putting data to work to boost efficiency, productivity, quality and safety across industrial, manufacturing, infrastructure, public sector and mobility applications. The company’s technologies are shaping production and people-related ecosystems to become increasingly connected and autonomous — ensuring a scalable, sustainable future.
Hexagon’s Geosystems division provides a comprehensive portfolio of digital solutions that capture, measure and visualize the physical world and enable data-driven transformation across industry ecosystems.
Hexagon has approximately 22,000 employees in 50 countries and net sales of approximately 4.3 billion euros ($4.49 billion).
At-a-Glance
Hexagon’s Geosystems division, a leading provider of digital solutions, wanted to accelerate the development and scaling of innovative products. To run a new generation of applications, including microservices reliably, the division needed to modernize its practices and infrastructure. Working with SUSE partner, FullStackS GmbH (a specialist in automation and digital transformations), Hexagon’s Geosystems division evaluated Kubernetes solutions and selected Rancher Prime as its cluster and application management platform. The open source solution enables DevOps best practices and supports scalable GitOps workflows with Infrastructure as Code (IaC). By managing globally distributed clusters centrally with Rancher Prime, the division’s IT function delivers cloud-native IT services to development teams, reduces shadow IT and achieves its vision of, “You build it, you run it.”
Moving toward DevOps
To continue delivering innovative solutions to its clients, Hexagon’s Geosystems division constantly needs to modernize and adapt to new technologies. A key challenge for its centralized IT operations team is to offer an agile and smooth developer experience, while ensuring the highest levels of reliability for mission-critical services across the entire group.
The IT function wanted to increase operational efficiency and get ready for a new generation of applications and solutions. Christian Leitgeb, systems engineer, DevOps, at Hexagon, explains: “After one of our manufacturing system support teams experienced performance and reliability issues, we decided to use this opportunity to modernize a key application by moving to a container architecture. Our task was to make sure we could run shiny new solutions securely with high availability and optimized performance.”
To be able to support flexible and scalable microservice architectures with complex dependencies between different components, the IT function needed a state-of-the-art container orchestration and management layer.
“As teams started to build fully containerized applications and microservices, we realized that our existing operational processes needed to change to give our group businesses and development teams the best tools and resources for global rollouts and fast releases,” adds Leitgeb.
The division wanted to embrace a Dev-Ops mindset and supercharge its IT capabilities. It was essential to provide a standardized solution with built-in reliability that could be managed by the central team and reduce the complexity of deployments across the entire group.
“We wanted an infrastructure solution that would help us to provide high availability with lower management and administration overheads,” says Leitgeb. “Our goal was to automate everything, including scalability and incident mitigation, so that we could focus fully on delivering innovative solutions.”
With several teams across Hexagon’s Geosystems division already using container solutions such as Kubernetes, a key objective for the company was to catch up with shadow IT deployments.
“We wanted to offer a smoother and safer developer experience on our centrally managed platform,” notes Leitgeb. “While it was important to reduce operating costs by enabling higher density of workloads on a smaller number of physical and virtual servers, the other key driver for our modernization and DevOps initiative was to increase control and compliance.”
“For us, Rancher Prime is a long-term solution to application management that will help us accelerate innovation and focus on delivering value, not infrastructure.”
Modernizing IT processes with Rancher Prime
Finding a solution that fits
Seeking to transform and simplify deployment and application management, the IT team evaluated a number of solutions.
“We wanted to support Docker containers and orchestration with Kubernetes to foster strong DevOps and IaC best practices,” elaborates Leitgeb. “There are many different products on the market, but not all of them suited our requirements. Our infrastructure and development teams have a strong preference for open source software without proprietary vendor lock-in.”
The IT team reached out to FullStackS GmbH, a specialist in digital transformations based in Vienna, Austria. Its high level of expertise in a wide range of enterprise technologies (including automation, CI/CD, containers, Kubernetes and cloud) made FullStackS the perfect partner to deliver a new IT operations platform.
“FullStackS spoke our language and understood precisely what we needed,” recalls Leitgeb. “Some Kubernetes solutions are overly complex; others are not yet mature enough; some are a bit like a black box; and others simply target different use cases. FullStackS is a DevOps and site reliability engineering (SRE) consultancy with a strong focus on Rancher Prime Kubernetes solutions. We went through all the options with them, and pretty quickly, it became clear that Rancher Prime offered exactly what we were looking for.”
Hexagon’s Geosystems division wanted to find a freely available open source code when evaluating cloud-native solutions. It required full compliance with the Cloud Native Computing Foundation (CNCF) guidelines for Kubernetes distributions. The CNCF is a vendor-neutral organization that ensures interoperability between Kubernetes distributions and tooling.
With Rancher Labs (now Rancher by SUSE) being a Silver Member of the CNCF, SUSE fully supports the standardization and certification efforts. The strong open source credentials of Rancher Kubernetes Engine (RKE), in combination with the unified management of Kubernetes clusters with Rancher Prime and the Certified Kubernetes Installer, struck a chord with the developer and infrastructure teams at Hexagon’s Geosystems division.
“We have been following the development of Rancher Prime for a while,” confirms Leitgeb. “We already knew about the solution from conference talks, meetups and other developer events. With Rancher Prime, we get a CNCF-certified enterprise-grade and open source Kubernetes solution with complete tooling for easy deployment and maintenance.”
Implementing best practices together
After selecting Rancher Prime, the team worked closely with FullStackS to set up the environment and establish the needed DevOps management and deployment processes. It helped that FullStackS has comprehensive experience in SRE and a profound understanding of the entire technology stack, including bare metal infrastructure, hypervisors and storage management, as well as platform and application monitoring.
“FullStackS has an excellent reputation in the industry, and we are pretty sure that we couldn’t find a better and more competent implementation partner in the entire region,” says Leitgeb. “The highly competent team knows the current best practices and goes the extra mile to get things done.”
With many separate development teams, all with disparate needs and responsibilities, the infrastructure team needed granular control over platform access. Being able to group Kubernetes namespaces in so-called projects in Rancher Prime helps to offer secure, multi-tenant clusters with fine-grained permission management and role-based access control.
As a globally distributed group, the division also wanted to manage deployments around the world. With offices, production facilities and data centers in Switzerland, the U.S. and China, as well as hosting partners in various countries, the team implemented a central control plane with a highly available Rancher Prime server. Based on this setup, the IT team can handle Kubernetes cluster management on-premises across all data centers, as well as in cloud environments, or even at the edge.
Working in sensitive industries with additional security requirements, Hexagon’s Geosystems division had to be ready to support different types of regulations. Rancher Prime offers the company flexible options for every use case. The solution includes RKE2, a fully conformant, security-hardened Kubernetes distribution used widely within the U.S. Federal Government sector.
Focusing on scalable GitOps workflows
Hexagon’s Geosystems division also uses Fleet — an open source project developed by the Rancher Prime team, now integrated into the Rancher Prime platform. Fleet is a Kubernetes cluster controller using standard Kubernetes API interfaces to enable GitOps best practices at scale based on an IaC deployment model.
With Fleet, the division’s developers can standardize deployments of whole Kubernetes clusters, as well as complex Kubernetes applications, across its entire Rancher Prime landscape. Fleet builds on the Helm tool to install applications or other Kubernetes resources. In Fleet, deployments are defined as bundles and stored in version-control repositories. Hexagon uses GitHub Enterprise for its application development and infrastructure definitions. With Fleet, Hexagon’s Geosystems division gains even more control to ensure consistent deployments for highly standardized and efficient operations, while reducing manual maintenance overheads.
Reducing risk and increasing reliability
Thanks to Rancher Prime and FullStackS’s advice, Hexagon’s Geosystems division can now offer a cloud-native developer experience for secure on-premises deployments.
“With Rancher Prime and FullStackS’s support, we made a huge step toward establishing a new DevOps mindset throughout the company: you build it, you run it,” notes Leitgeb. “Based on flexible self-service features and advanced automation, Rancher Prime delivers a true democratization of IT resources. For us, Rancher Prime is a long-term solution to application management that will help us accelerate innovation and focus on delivering value, not infrastructure.”
Streamlined and automated deployment processes are helping Hexagon’s Geosystems division to transform its applications. Now, development teams can easily use microservices architectures without increasing management and administration workloads.
“Offering Rancher Prime, Fleet and Kubernetes to our development teams gives them even more flexibility and autonomy to choose the best software stacks for their tasks and deliver new features and services more efficiently to optimize production lines and processes,” explains Leitgeb.
To support the transition to DevOps processes, the entire IT team gets to learn about how Rancher Prime works and how to use it. This ensures that nobody feels left behind. The new capabilities are not seen as threats or black-box solutions, but as opportunities to learn and improve the IT environment.
“The Rancher Prime management console is also a great education tool for us,” says Leitgeb. “We can quickly show system and network administrators what happens on an infrastructure level, how existing network, storage and virtual machine resources are integrated into Rancher Prime, and so on. And they can see that they still have full control over all components.”
Using the Rancher Prime management console, teams can configure and deploy new applications easily by selecting from a list of pre-defined templates and adjusting the performance and configuration as needed. In many ways, this looks and feels very similar to what system administrators already know from provisioning new virtual machines in environments like VMware.
A key benefit of Rancher Prime for Hexagon’s Geosystems division is the opportunity to centralize the management of distributed clusters and deployments. This helps the IT team to strengthen compliance and get ready for stricter requirements in the future.
Moving to containerized deployments with built-in, high-availability features will also help increase the availability of applications.
“In the past, we needed to reboot systems regularly to install patches,” says Leitgeb. “Moving workloads into containers adds features like automatic scaling, which allows us more flexibility. Our goal is to leverage the self-healing features to maximize our reliability and manage high-availability configurations more easily on a higher level.
“Implementing Rancher Prime has been a big success. Together with FullStackS we have taken our automation capabilities to the next level. Thanks to the powerful RESTful HTTP API and the Terraform provider plugin developed by the SUSE team, we can now deploy a complete cluster with three nodes within just 15 minutes — something which would usually take us several days — a massive time saving of 99.7%. We can use the time saved for other tasks and support the business more effectively.
“We can run our infrastructure and applications much more efficiently with Rancher Prime and Fleet,” adds Leitgeb. “Process automation also reduces the risk of human errors and inconsistencies. It can take hours to patch and verify complex distributed systems manually. With Rancher Prime and Fleet, we can achieve faster patching and higher compliance within minutes — and without any downtime for our developers and users.”
What’s next?
Leitgeb concludes: “For us, Rancher Prime is an investment in the future, enabling us to deliver more flexible and reliable IT infrastructure services. As a next step, we will evaluate the migration of large internal services onto Rancher Prime, like our GitHub Enterprise system.”