E-Commerce platform deployment on Oracle Cloud
Surging demand for air travel prompted GOL Linhas Aéreas Inteligentes (GOL) to modernize its passenger ticketing system, and scale out its infrastructure to accommodate record growth.
After refactoring its monolithic reservation system to a cloud-native platform that runs on Oracle Cloud Infrastructure (OCI), GOL has tripled its revenue, nearly doubled the number of departures, and forecasts continued net revenue increases, despite soaring fuel prices.
GOL is one of Brazil’s largest commercial airlines in both corporate and leisure segments, employing 15,000 staff, operating 127 Boeing 737 aircraft, and making 715 daily flights to over 100 destinations. Since deploying its ticketing application on OCI, the airline has reduced batch processing time to 30 minutes (down from 2.5 hours) and is currently helping air travelers spend 30% less time purchasing tickets.
During their Black Friday promotional event in 2021, GOL sold 30% more tickets than in previous years, while experiencing zero downtime during the burst in traffic. Today, GOL uses OCI to help sales, marketing, and operations teams adjust ticket prices, manage check-ins, change passenger itineraries, and launch promotions based on real-time ticket sales data. Travel agencies and other partners can also access GOL's ticketing application on OCI, giving them immediate insight into flight departures, arrivals, delays, and cancellations. GOL's e-commerce application, running in an Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) cluster, scales between 8-12 nodes in the instance pool during normal operation. When a sales campaign is released, the system automatically scales to 20-30 nodes during peak demand.
Architecture
Corporate travelers and vacationers can purchase plane tickets and manage their trips by first logging into the GOL Linhas Aéreas Inteligentes (GOL) website.
GOL has standardized on a network topology that uses two virtual cloud networks (VCNs). It is configured in a hub and spoke environment. The hub is configured as an edge VCN where a dynamic routing gateway (DRG) is deployed to connect on-premises systems. There are multiple connections to connect GOL's on-premises network as well as the rest of the GOL infrastructure. The GOL infrastructure uses FastConnect to connect to GOL's multiprotocol label switching (MPLS) cloud. The GOL MPLS cloud connects the rest of GOL's network infrastructure as well as a multicloud connection to Azure.
A secondary connection from GOL's on-premises network is a VPN connection using a site-to-site VPN tunnel connecting through the DRG to an OpenVPN instance. From the hub VCN, a local peering gateway (LPG) connects to the spoke VCN. The spoke VCN hosts the rest of the infrastructure containing load balancers, Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE), Autonomous Database, and Oracle Exadata Database Service. Each of these are isolated by using subnets, route tables, and security groups. An internet gateway provides an entry point for users to access the GOL e-commerce system as well as an egress point to interact with external systems.
The following diagram illustrates this reference architecture.
gol-ecommerce-oci-1-oracle.zip
To access the GOL e-commerce system, user traffic must first go through an Oracle Cloud Infrastructure Web Application Firewall (WAF). The WAF protects the GOL e-commerce application from malicious and unwanted Internet traffic by using threat intelligence and rule enforcement. After passing through the WAF, user traffic enters the spoke VCN where it is distributed through a public load balancer. The load balancer forwards the request to the appropriate microservices running in the backend subnet.
The backend subnet hosts an Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) cluster. Microservices running on the OKE cluster provide GOL travelers the ability to purchase and book flights, check flight status, change their itinerary, or cancel their trip. Using the ancillary external microservice and API services, GOL passengers can purchase rental cars and buy travel insurance from the GOL e-commerce application. The shopping and booking microservice uses the customer's address for address verification with an address validation system. The same microservice also passes the customer's address to a credit card validation system for payment verification. Microservices integrate with back end systems.
Marketing and customer relationship management (CRM) is also part of the GOL e-commerce system. The customer communication microservice interfaces with external systems such as Oracle Responsys and Oracle Service Cloud. Oracle Responsys provides personalized offers to customers through a mail marketing campaign and Oracle Service Cloud provides customer relationship management (CRM) services for customer who have questions, inquiries, or issues.
To satisfy the reporting and compliance requirement to report flight on-time and delay data to the government, the flight status microservice sends this information to a virtual machine instance called WS Infraero to process the data. GOL has deployed an ELK (ElasticSearch LogStash Kibana) stack for centralized logging to identify server and application issues.
GOL uses Oracle Autonomous Database to store user profiles and Oracle Exadata Database Service to store Lufthansa Netline/Ops++ data. With the architecture now in a flexible state, GOL is considering moving parts of the application to different regions and investigating database synchronization for disaster recovery.
In its multicloud environment, GOL uses Microsoft Azure Data Lake as its central data repository, which is fed by raw data from OCI and leverages Apache Parquet. Sales and inventory data passes through the IBM MQ application, which is deployed in OCI. Data feeds are then processed by Oracle Data Integrator for loading into Oracle Autonomous Transaction Processing. To manage bursty workloads, such as sudden spikes in online ticket sales, GOL’s IT team uses the Database Resident Connection Pool from Autonomous Database.
Integration with Oracle's CI/CD, Azure DevOps, and Oracle Cloud Infrastructure Resource Manager has helped GOL maintain and update their containers. The application front end is developed using Angular and the back end is developed using .Net Core. Azure DevOps is used for code management. Azure DevOps is accessed over the Internet and Azure is connected to OCI by using a secure site-to-site VPN tunnel. Through the use of Azure DevOps and OKE, updates to microservices can be accomplished within a few hours, rather than the weeks it took when it was running its application on premises.
The architecture has the following components:
- Tenancy
A tenancy is a secure and isolated partition that Oracle sets up within Oracle Cloud when you sign up for Oracle Cloud Infrastructure. You can create, organize, and administer your resources in Oracle Cloud within your tenancy. A tenancy is synonymous with a company or organization. Usually, a company will have a single tenancy and reflect its organizational structure within that tenancy. A single tenancy is usually associated with a single subscription, and a single subscription usually only has one tenancy.
- Region
An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).
- Compartment
Compartments are cross-region logical partitions within an Oracle Cloud Infrastructure tenancy. Use compartments to organize your resources in Oracle Cloud, control access to the resources, and set usage quotas. To control access to the resources in a given compartment, you define policies that specify who can access the resources and what actions they can perform.
- Fault domain
A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain has three fault domains with independent power and hardware. When you distribute resources across multiple fault domains, your applications can tolerate physical server failure, system maintenance, and power failures inside a fault domain.
- Web Application Firewall (WAF)
Oracle Cloud Infrastructure Web Application Firewall (WAF) is a payment card industry (PCI) compliant, regional-based and edge enforcement service that is attached to an enforcement point, such as a load balancer or a web application domain name. WAF protects applications from malicious and unwanted internet traffic. WAF can protect any internet facing endpoint, providing consistent rule enforcement across a customer's applications.
- Virtual cloud network (VCN) and subnets
A VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you complete control over your network environment. A VCN can have multiple non-overlapping CIDR blocks that you can change after you create the VCN. You can segment a VCN into subnets, which can be scoped to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.
- Security list
For each subnet, you can create security rules that specify the source, destination, and type of traffic that must be allowed in and out of the subnet.
- Load balancer
The Oracle Cloud Infrastructure Load Balancing service provides automated traffic distribution from a single entry point to multiple servers in the back end.
- Object storage
Object storage provides quick access to large amounts of structured and unstructured data of any content type, including database backups, analytic data, and rich content such as images and videos. You can safely and securely store and then retrieve data directly from the internet or from within the cloud platform. You can seamlessly scale storage without experiencing any degradation in performance or service reliability. Use standard storage for "hot" storage that you need to access quickly, immediately, and frequently. Use archive storage for "cold" storage that you retain for long periods of time and seldom or rarely access.
- Compute
The Oracle Cloud Infrastructure Compute service enables you to provision and manage compute hosts in the cloud. You can launch compute instances with shapes that meet your resource requirements for CPU, memory, network bandwidth, and storage. After creating a compute instance, you can access it securely, restart it, attach and detach volumes, and terminate it when you no longer need it.
- Autonomous Database
Oracle Cloud Infrastructure Autonomous Database is a fully managed, preconfigured database environments that you can use for transaction processing and data warehousing workloads. You do not need to configure or manage any hardware, or install any software. Oracle Cloud Infrastructure handles creating the database, as well as backing up, patching, upgrading, and tuning the database.
- Autonomous Transaction
Processing
Oracle Autonomous Transaction Processing is a self-driving, self-securing, self-repairing database service that is optimized for transaction processing workloads. You do not need to configure or manage any hardware, or install any software. Oracle Cloud Infrastructure handles creating the database, as well as backing up, patching, upgrading, and tuning the database.
Get Featured in Built and Deployed
Want to show off what you built on Oracle Cloud Infrastructure? Care to share your lessons learned, best practices, and reference architectures with our global community of cloud architects? Let us help you get started.
- Download the template (PPTX)
Illustrate your own reference architecture by dragging and dropping the icons into the sample wireframe.
- Watch the architecture tutorial
Get step by step instructions on how to create a reference architecture.
- Submit your diagram
Send us an email with your diagram. Our cloud architects will review your diagram and contact you to discuss your architecture.