AWS Summit Tel Aviv - Startup Track - Data Analytics & Big Data
Omise and AWS, A Lean Startup in Thailand
-
Upload
brfsa -
Category
Small Business & Entrepreneurship
-
view
394 -
download
0
Transcript of Omise and AWS, A Lean Startup in Thailand
© 2015 Omise
Startup always facing limited resources of
- Team- Skill- Fund- Time- Connections- Mentorship
Are you confident you can solve all of these?
Monday, 2 March, 15
© 2015 Omise
Find right VC is not easy.We’ve done over 100 pitched to VCs such as Silicon valley, Japan, Singapore, Indonesia,Thailand and many more oversea VCs.
- Mentorship- Their portfolio- Culture fit- Feeling- Their fund size
+Monday, 2 March, 15
© 2015 Omise
Execute as fast as possible.Roll out your product like an American muscle.This is Startup RACE!
In fact if you can find a good environmentplatform you can accomplish in short period.
Monday, 2 March, 15
© 2015 Omise+
From Idea, to Build, to Launch
2014 2015
2014 July : Omise got the idea to build an awesome payment gateway in Thailand.Close Seed Funding
2014 Aug : Development started
2014 Sep : Launch Sandbox at Echelon
2014 Dec : The final product was launched
2014 Oct : PCI-DSS 3.0 fully certified
2015 Jan~ : Today we have plans to extend in more countries in SEA
IDEA BUILD LAUNCH SCALE
Monday, 2 March, 15
© 2015 Omise+
How did we do it so fast?
The Lean Startup concept, we built and launch fast, iterate on the live product, immediate feedback.
The right TEAM with the right skills, with great working culture.
AWS allowed us to build fast and implement high security infrastructure required for PCI-DSS
Monday, 2 March, 15
© 2015 Omise+
Idea and Team
Omise had the idea to change the payment landscape in Thailand.There was no payment solution in Thailand with a modern restful API, fast support, near instant live activation, secure and fast response.Omise build a skilful team that achieved a fast development of a great code base, working long days and nights with passion.
Monday, 2 March, 15
© 2015 Omise+
AWS helped solve the biggest challenge
The biggest challenge for Omise was to build a secure and stable Payment Gateway API, PCI-DSS Compliant.
PCI-DSS compliance is hard to achieve, in both Software level (app, firewall, logging) and Hardware level (co-location, rack, physical access)
AWS being a PCI-DSS level 1 compliant service provider, lets us not have to worry about physical implementation of PCI. No investment required.
Monday, 2 March, 15
© 2015 Omise
PCI-DSS Physical Requirements
- Datacenter Security
- Biometric access
- CCTV
- Power Backup
- Network security
- Cabling, routers isolation
- Virtualization isolation
- Security of Host OS
- Disaster Recovery
Monday, 2 March, 15
© 2015 Omise
Building the Infrastructure with AWS
0
250000
500000
750000
1000000
AWS Reserved Instances Build in TH
฿1,000,000
฿90,000
Initial Investment to build infrastructure
0
1.5
3
4.5
6
AWS Build in TH
6 Months
3 Months
Time to build infrastructure
Monday, 2 March, 15
© 2015 Omise
Monthly operational costs
0
30000
60000
90000
120000
AWS Build in TH
฿120,000
฿30,000
Monthly cost
AWS allows us to operate at 1/4 the cost if we have to co-locate and use Leased lines in Thailand on our“Mini Datacenter”
We use reserved instances with mixture of partial upfront and and no upfront.
4 x RDS Reserved instances (multi-AZ)30 x EC2 Reserved Instances80 x EBS Volumes (some are encrypted) 4 x ELBs
Monday, 2 March, 15
© 2015 Omise
What if we did it by our self?If we had to build the hardware and network infrastructure for our payment gateway, being PCI Compliance, the estimate would be…
TIME
6 Month
Investment
1 Million THB (minimum)
Monthly
120,000 THB (minimum)
Monday, 2 March, 15
© 2015 Omise
With AWSWith AWS we would pay the same every month, have auto-scaling, Gbps uplink, cdn, better redundancy (ebs+s3), global network (Singapore).* Upfront down payments for reserved instances
TIME
3 Month
Investment
100,000 THB *
Monthly
30,000 THB (minimum)
Monday, 2 March, 15
© 2015 Omise
Scalability and Deployments
We use Opsworks and CHEF to deploy code, build servers and auto-scale.This allows us to build the whole infrastructure from a DB backup in 1 hour!
1 - Create Stack from our JSON2 - Create VPC with PCI settings3 - Build Security Groups4 - Build EC2 Instances with Chef5 - Deploy Code6 - Update DNS in Route53
All this can be achieved in 1 hour if we use C3/C4 instances. Longer if using slower instances.
Monday, 2 March, 15
© 2015 Omise
Reliability and FailoverAWS features for reliability and failover:
1 - Auto-Healing instances (Opsworks) : When an instance stops responding, stop it and and build a new one automatically.
2 - RDS Multi-AZ deployment: If primary DB faces a failure or crashes, the replica will be automatically promoted to master.
3 - Seamless DB upgrade and resizing (RDS): Slave db is upgrade, then promoted to master, Master is upgraded, synced and re-promoted back.
4 - Round Robin DNS (Route53): Distribute traffic between the two Availability zones in Singapore
RDS is a state of the art database service, you should use it for any critical application.
Monday, 2 March, 15
© 2015 Omise
Achieving Security
- VPC: Segment our network, no external IP, hide servers from the dangerous WWW :)
- ELB: Hide internal proxy IPs and balance traffic between availability zones.
- Security Groups and ACL: Implement Firewall rules and Access controls
- App Servers are hidden behind 3 layers of proxying- Access only by VPN + Authy
Monday, 2 March, 15
© 2015 Omise
AWS Business Support
Exchanged architecture diagrams with AWS engineers for feedback and advices.
AWS reserved instances can reduce our costs even further (36% on 1 year term, 54% on 3 years term)
Monday, 2 March, 15
© 2015 Omise
The cost of building our self (TH)
Servers and Backup: 320,000 BahtRack, Backup Power: 100,000 BahtBiometric, Security, CCTV: 80,000 BahtRouters, Cable, networking: 50,000 BahtDedicated Leased Lines: 40,000 Baht/monthCo-location + Surveillance: 20,000 Baht/monthExtra Labour (3 months extra): 450,000 Baht
Total: 1.0 MB
Monday, 2 March, 15