PTC Story
PTC’s Vuforia Expert Capture is the fastest, easiest way to create powerful step-by-step augmented reality (AR) instructions to help frontline workers get their jobs done quickly and accurately – delivered through SaaS and enhanced by Kubernetes, Envoy, and Edge Stack.
Background
PTC is a global computer software and services company with over 6,000 employees in 30 countries and over $1 billion in revenue. The company began developing solid modeling and computer-aided design (CAD) software in 1988. The company has expanded its offering recently to include the Internet of Things (IoT) and augmented reality (AR).
Today, PTC is a leader in the industrial augmented reality space. Its Vuforia Expert Capture team is building an augmented reality solution for workforce productivity, which provides customers with a fast and easy way to create powerful step-by-step instructions.
Challenge & Solution
Challenge
As PTC migrated its monolith to Kubernetes services they needed a better way to implement authentication within the platform and simplify their development workflow.
Solution
PTC chose to use Edge Stack to integrate with Azure Active Directory, enabling a single point of authentication, and accelerating their development workflow with Edge Stack Service Preview functionality.
Challenge:
The content management and editing software behind Vuforia Expert Capture runs on Azure Kubernetes Service (AKS). Since migrating its application to microservices running in Kubernetes, the company has been focused on creating an effective and efficient developer experience for its development team and centralizing their security authentication on their platform.
In the process of their migration, the team was tasked with the challenge of maintaining multiple ingress controllers for the legacy monolith and the new services. At this stage in the migration, application security became a vitally important concern. The team knew they would need to integrate with Azure Active Directory for Single Sign-On, as well as be able to set min_TLS_version when configuring transport security. This wasn’t possible with the default ingress they had been using, as it lacked support for OpenID Connect (OIDC).
Solution:
PTC’s Vuforia Expert Capture team has an application that consists of multiple microservices, and the resulting codebases are stored across multiple repositories. The team uses trunk-based development, which means that the master branch has to be deployable at any time. When a pull request is issued, integration tests are run automatically, and they must pass before the code in the branch can be deployed.
To conduct integration tests, a Docker container that runs the service under test is spun up. Within this container, the team must deploy several critical development tools, including Telepresence, headless Chrome, etc. and then run the tests on that container. Telepresence is used to connect the service on the container with the other services running in the AKS cluster, and this provides reliable two-way proxying of traffic throughout the test run.
Now, thanks to Service Preview, the team simply uses the Ambassador “apictl” sidecar and command line tool. All the services in the cluster run with an application sidecar that is managed via Kubernetes configuration. Test traffic is sent to Edge Stack with a specific HTTP header, and the sidecar component of the apictl tool intercepts this traffic and routes it to the service running in the container for testing.
PTC wanted to implement authentication in one place – in the platform – rather than having to build it into every single service. The Ambassador Labs team worked closely with PTC to put quite a few enhancements into this capability to make it even more advanced. The API gateway’s native OIDC support allowed them to integrate with Azure Active Directory and get single sign-on enabled quickly and easily.
Results:
The PTC team has seen the biggest benefits come from a single point of authentication and from the time savings brought on by Edge Stack and Telepresence. Before this, they didn’t have an ideal way to test changes or bug fixes in a production-like environment before they were deployed. This means that they can focus on implementing automated testing to ensure that regressions seen before are already being tested for. Ultimately, Edge Stack enables the QA team to spend more time bug hunting and to make sure the product is running smoothly.
The PTC team is confident with their decision to use Edge Stack and Telepresence, and excited to have been able to collaborate with Ambassador Labs on new, and innovative ways to implement our products. They are looking forward to integrating these tools with more of their workflows and platforms in the future, which includes building and deploying serverless applications with Knative!