Company summary
Headquartered in Bethesda, Maryland, Lockheed Martin is a global security, defense, and aerospace contractor that employs approximately 114,000 people worldwide. It is principally engaged in the research, design, development, manufacture, integration and sustainment of advanced technology systems, products and services.
Formed by the merger of Lockheed Corporation with Martin Marietta in March 1995, it is one of the largest companies in the aerospace, military support, security, and technologies industry. Half of the corporation’s annual sales are to the U.S. Department of Defense, and it is a contractor for the U.S. Department of Energy and the National Aeronautics and Space Administration (NASA).
Lockheed Martin operates in four business segments: Aeronautics, Missiles and Fire Control (MFC), Rotary and Mission Systems (RMS), and Space. The company has received the Collier Trophy six times.
The Challenge
DevOps inefficiencies led to elongated timelines
Lockheed Martin’s DevOps team was taking weeks to provision and develop new applications. Operations were unwieldy, with the team frequently requiring intervention from the infrastructure team in order to continue its operations. To optimize its cloud investment, Lockheed Martin needed an expert with experience in AWS well architected principles as well as a review and update of its permissions structure.
The Solution
Creating a secure, well-architected DevOps pipeline in AWS
To support Lockheed Martin’s developers’ GitLab Continuous Integration Continuous Development (CI/CD) application pipelines, and more efficiently deploy, manage, and scale its containerized applications, built a pipeline to take base images, customize them to established standards, deploy them to either VMware or AWS. It established three distinct Amazon ECS clusters, services, and task definitions, with one per development lifecycle stage (development, testing, and production).
To define and launch AWS resources in a logically isolated virtual network, CloudHesive deployed Amazon Virtual Private Cloud (Amazon VPC) with a Network Address Translation (NAT) service, ensuring that private subnet instances could safely connect to external services.
For security and to follow the doctrine of least permissions, CloudHesive used AWS Identity and Access Management (AWS IAM) to set and manage access guardrails and fine-grained access controls for specific developer and user roles. AWS Certificate Manager provisions, manages, and deploys public and private SSL/TLS certificates with AWS services.
To create, publish, maintain, monitor, and secure APIs at any scale, CloudHesive deployed AWS API Gateway.
To manage and configure Lockheed’s AWS services, CloudHesive deployed AWS Command Line Interface, while the Application Load Balancer routes all traffic to targets, including EC instances, containers, IP addresses, and Lambda functions based on the content of the request.
The benefits
Accelerating the CI/CD pipeline with AWS services and CloudHesive
By using the GitLab pipeline scripts and AWS architecture designed and implemented by CloudHesive engineers, LockHeed Martin’s front end and back end web development team is now able to provision and start developing new applications in hours rather than days or weeks.
CloudHesive designed and implemented a solution leveraging deployment to Amazon ECS via GitLab CI/CD Pipeline files. Lockheed Martin’s developers can now build new web applications and promote to development and quality assurance (QA) branches without the need for infrastructure team intervention, allowing for much more agile and efficient development processes.
Services that drive success
Devops
- Deployment of three Amazon ECS clusters, one each for development, staging, and production
- Deployment of Amazon VPC with a Network Address Translation (NAT) service for safe connections to external services
- Deployment of AWS IAM to set and manage access guardrails and fine-grained access controls
- Deployment of AWs Certificate Manager to provision private SSL/TLS certificates with AWS services
- Deployment of AWS API Gateway to secure APIs
- Deployment of Application Load Balancer for routing
Customer benefit summary
- Speed development time from day or weeks to just hours
- No longer require IT or infrastructure intervention
AWS Technologies used
- Amazon Elastic Container Service (Amazon ECS)
- Amazon Elastic Container Registry (Amazon ECR)
- Amazon Virtual Private Cloud (VPC) with NAT Gateways
- AWS Identity Access Management (AWS IAM) Roles
- AWS Command Line Interface (AWS CLI)
CloudHesive technologies used
n/a
Third-party technologies used
- C GitLab CI/CD Pipelines
Industry
Aerospace
Segment
Private
Region
NAMER