How CloudJournee transformed a legacy on-premises infrastructure into a scalable, containerized AWS architecture — reducing costs by 42%, achieving 99.95% uptime.
About the Customer
Our client is a cloud-based physical security company delivering Video Surveillance as a Service (VSaaS) and Access Control as a Service (ACaaS). Their unified SaaS platform enables enterprises to manage video feeds, access control systems, and security policies across distributed environments — including transportation hubs, logistics facilities, enterprise campuses, and critical infrastructure.
The platform was experiencing rapid customer growth, with enterprise clients increasingly requiring, guaranteed uptime SLAs, and the ability to onboard new sites within days rather than weeks. The existing infrastructure could not support these demands.
Business Challenge
The customer’s on-premises infrastructure — 50 Linux servers running monolithic Java applications with self-managed MySQL and PostgreSQL databases in a co-located data centre — could not keep pace with rapid growth and enterprise-grade requirements.
| Challenge | Business Impact | Quantified Loss |
|---|---|---|
| Slow time-to-market | Bi-weekly releases with manual Jenkins deployments and no automated testing gates | 35% slower feature delivery vs cloud-native competitors |
| Scaling bottleneck | Every new customer required manual server provisioning, blocking enterprise sales pipeline | 2.5× longer customer onboarding cycles |
| Over-provisioned infrastructure | 50 servers running at 15–30% average CPU utilisation with 70–85% idle capacity | $180,000/year operational cost with significant waste |
| Downtime risk | No failover capability, no Multi-AZ, no automated recovery — single points of failure across the stack | Frequent unplanned downtime with no formal SLA |
| Operational overhead | 2.5 FTEs dedicated to infrastructure management (patching, provisioning, backups, incident response) | Over 20% of engineering capacity consumed by undifferentiated work |
CloudJournee Assessment
CloudJournee conducted a comprehensive assessment of the existing infrastructure using AWS Application Discovery Service (ADS) with agent-based profiling across all 50 servers for a 14-day continuous collection window. ADS captured CPU and memory utilisation patterns, disk I/O, and network dependency mapping — identifying 127 application dependencies that informed the migration wave planning and microservice boundary definitions.
Structured interviews with 6 customer stakeholders (CTO, Engineering Lead, DevOps Lead, Security Lead, and 2 Senior Developers) captured business priorities, application architecture details, and operational pain points not available from automated tooling.
The analysis revealed that a simple lift-and-shift would not address the core business drivers. The 20+ Java services already had clear API boundaries and independent codebases — making them inherently suited to containerisation with minimal code changes. CloudJournee recommended a full Refactor/Re-architect strategy, decomposing the monolithic deployment model into containerised microservices on Amazon EKS with managed data services replacing all self-managed databases and middleware.
Migration Approach
CloudJournee executed the transformation using the AWS methodology: Assess, Mobilize, Migrate, and Modernize — delivered across 4 structured phases over 11 weeks.
| Phase | What CloudJournee Delivered | Key Activities | Duration |
|---|---|---|---|
| Phase 1: Assess | Infrastructure discovery, readiness assessment, business case | ADS 14-day profiling on 50 servers, 127 dependencies mapped, Modernization Readiness Assessment across People/Process/Technology, TCO model showing 42% savings ($180K → $103K) | Weeks 1-2 |
| Phase 2: Mobilize | Landing zone, migration planning, team enablement | Multi-account landing zone via AWS Control Tower (6 accounts, 4 OUs), Transit Gateway with Site-to-Site VPN, 4-wave migration plan from ADS dependency data, Terraform IaC for all infrastructure | Weeks 3-5 |
| Phase 3: Migrate | Server and database migration execution | 50 servers via AWS MGN (4 waves), 17 databases to Amazon RDS Multi-AZ via AWS DMS (full load + CDC), ~12 TB data to Amazon S3, Kafka to Amazon MSK, Elasticsearch to Amazon OpenSearch | Weeks 6-9 |
| Phase 4: Modernize | Containerisation, CI/CD, observability, security | 24 Java services containerised to 4 Amazon EKS clusters, ArgoCD GitOps deployment, Jenkins modernised with Spot agents, full observability (Prometheus + Grafana + SigNoz + PagerDuty), Zero Trust security baseline | Weeks 10-11 |
Solution: Cloud-Native Architecture on AWS
CloudJournee transformed the legacy environment into a fully containerised, cloud-native architecture on AWS, enabling automated scaling, high availability, continuous delivery, and enterprise-grade security.
Architecture Highlights
| Layer | Before (On-Premises) | After (AWS) |
|---|---|---|
| Application | 20+ monolithic Java services on 50 bare-metal servers, manual SSH deployments | 24 containerised microservices on 4 Amazon EKS clusters with ArgoCD GitOps, HPA auto-scaling, zero-downtime rolling updates |
| Database | Self-managed MySQL (12) and PostgreSQL (5) with manual replication, 12 hrs/week DBA overhead | Amazon RDS Multi-AZ with automated failover (<60s), Performance Insights, automated backups (35-day retention, PITR) |
| Messaging | Self-managed Apache Kafka (3 brokers) | Amazon MSK (managed Kafka). Same APIs, zero application changes. |
| Search | Self-managed Elasticsearch (3 nodes) | Amazon OpenSearch Service (managed). API-compatible. |
| CI/CD | Manual Jenkins + SSH rsync to production. 3-5 day cycle time. | Jenkins (Spot agents on EKS) + ArgoCD GitOps. Build time: 4.2 min. Cycle time: <1 day. 12-15 deploys/week. |
| Security | Flat network, no encryption, OpenLDAP without MFA | AWS Control Tower (35 guardrails), IAM Identity Center, KMS encryption (at rest + in transit), GuardDuty, WAF, Network Firewall, Security Hub. |
| Monitoring | Nagios + Zabbix (~60% coverage), reactive troubleshooting | CloudWatch + Prometheus + Grafana + SigNoz (distributed tracing) + PagerDuty. 100% coverage. Proactive alerting. |
| Networking | Single VLAN, no segmentation | Multi-account VPC (6 accounts), Transit Gateway, private subnets across 2 AZs, Network Firewall (Suricata IDS/IPS) |
AWS Services Deployed
| Category | Services |
|---|---|
| Compute & Containers | Amazon EC2, Amazon EKS (4 clusters), Auto Scaling Groups, EC2 Spot Instances (Jenkins agents) |
| Databases | Amazon RDS (MySQL Multi-AZ, PostgreSQL Multi-AZ), Amazon DynamoDB, Amazon ElastiCache (Redis) |
| Messaging & Streaming | Amazon MSK (Managed Streaming for Apache Kafka) |
| Search & Analytics | Amazon OpenSearch Service |
| Migration | AWS Application Discovery Service (ADS), AWS Migration Hub, AWS MGN, AWS DMS |
| Networking & CDN | Amazon VPC, AWS Transit Gateway, Site-to-Site VPN, Application Load Balancer, Network Load Balancer, Amazon CloudFront, Amazon Route 53 |
| Security | AWS IAM & Identity Center, AWS Control Tower, AWS KMS, Amazon GuardDuty, AWS Security Hub, AWS WAF, AWS Network Firewall, AWS Secrets Manager, AWS Certificate Manager |
| Operations & Storage | Amazon CloudWatch, AWS CloudTrail, AWS Systems Manager, Amazon S3, AWS Backup, AWS Config |
Results
All metrics measured using CloudWatch, AWS Cost Explorer, CI/CD pipeline metrics, and operational logs during the 30-day hypercare period:
|
Customer Testimonial
“CloudJournee didn’t just migrate our servers — they fundamentally transformed how we build, deploy, and operate our platform. The move to EKS and ArgoCD GitOps has changed the pace of our engineering team. What used to take days now happens in minutes.”
— CTO, Physical Security SaaS Platform
Business Value Delivered
Operational Excellence
CloudJournee eliminated infrastructure-driven downtime and established 99.95% measured availability with automated Multi-AZ failover, container orchestration via EKS, and proactive observability through Prometheus, Grafana, SigNoz, and PagerDuty. MTTR dropped from 90 minutes to 35 minutes through structured incident response with 7 operational SOPs.
Faster Time-to-Market
The shift from bi-weekly manual deployments to ArgoCD GitOps with 12-15 deploys per week transformed the engineering team’s velocity. Build time dropped from 15 minutes to 4.2 minutes. Cycle time from commit to production dropped from 3-5 days to less than 1 day. Feature delivery is now limited by product decisions, not infrastructure constraints.
Cost Optimisation
Right-sized cloud infrastructure based on ADS utilisation data (15-30% average CPU on-premises → right-sized EKS nodes and RDS instances) reduced annual infrastructure cost from $180,000 to approximately $103,000 — a 42% reduction. An additional ~1.5 FTEs were redeployed from infrastructure management to product development, representing ~$54,000 in redirected labour value.
Security and Compliance
CloudJournee implemented a Zero Trust security model from Day 1: 35 AWS Control Tower guardrails, 47 AWS Config rules, GuardDuty across 6 accounts, WAF with OWASP managed rules, Network Firewall with Suricata IDS/IPS, KMS encryption on all data stores, and IAM Identity Center with zero long-lived access keys.
Scalability and Future Readiness
The platform now supports dynamic auto-scaling via EKS Horizontal Pod Autoscaler and ASG, handling demand spikes without manual provisioning. Customer onboarding dropped from 6-8 weeks to 2-3 weeks. The architecture is built to support 3-5× current capacity without infrastructure changes, positioning the business for rapid enterprise customer growth.
About CloudJournee
CloudJournee is an AWS Advanced Tier Partner based in Bengaluru, India. We specialise in cloud migration, modernisation, and AI/ML delivery for mid-market enterprises and technology companies across India and globally.
Our team brings deep expertise in AWS infrastructure, containerisation (EKS), serverless architectures, data platform modernisation, and generative AI solutions — delivering measurable business outcomes like this case study: 42% cost reduction, 99.95% uptime.
Ready to modernise your infrastructure?
CloudJournee helps enterprises migrate to AWS with scalable, secure, and future-ready architectures — without disruption.
