How E Voyageurs SNCF Uses HAProxy as a Security Gate Between the Cloud and On-premises Datacenters
One of the hottest cases of HAProxyConf 2021 was pairing cloud infrastructure with HAProxy. Antonin Mellier and Samuel Duvieubourg of E Voyageurs SNCF participated in HAProxyConf 2021 and described how they came to use HAProxy as a security gate to the cloud.
During the last few years, E Voyageurs SNCF fast-tracked adoption of the cloud by launching their own Cloud Acceleration Program to migrate all applications to the cloud in 18 months and close two data centers by the end of 2021. The challenge? Evolving their approach to security to fit the migration.
Until now, they had secured communication between information systems through standard machine-to-machine filtering based on firewall rules. They wanted to improve this process so that it would better respond to the scaling capabilities of the cloud—a solution that would be cloud-native while retaining the same level of trust.
They immediately recognized that HAProxy could be the component that would take care of the management and security of these flows. In this talk, Antonin and Samuel described how they used HAProxy as a security gate between the cloud and their on-premises data centers, the latter of which still ran information systems to which their cloud application would need to connect.
While comparing HAProxy to alternatives, such as AWS Network Load Balancer, Antonin confirmed that HAProxy offered them many advantages such as cost savings, extensibility, and observability. E Voyageurs SNCF’s solution is scalable, resilient, and fully automated with GitLab AWS Lambda and HAProxy Data Plane API. If you are interested in full details, watch their HAProxyConf 2021 presentation above. Also, you can read about how major companies power up their cloud infrastructure with HAProxy Enterprise.
Here you can view the slides used in this presentation if you’d like a quick overview of what was shown during the talk.
Cloud Architect, E Voyageurs SNCF
Antonin is a Cloud Architect at EVoyageurs SNCF. With about 10 years experience in technical teams at EVoyageurs SNCF, he has participated in the constant evolution of the IT infrastructure, always with a main objective to make movements to production go without a hitch.
Infrastructure Engineer, E Voyageurs SNCF
Samuel has been an Infrastructure Engineer at E Voyageurs SNCF since October 2019. He works on the CDN as well as the cloud landing zone. Passionate about web technologies, he stays tuned to open source news.