AWS for Industries

How Grocery Retailers Grow With Hybrid Architecture Best Practices

Grocery retailers typically operate high-volume, low-margin business models. All the retailer’s resources need to be deployed in a way to maximize productivity and minimize cost. This isn’t a simple ask because the majority of applications in the industry have grown organically over a long period of time. In the UK, the top five grocers—with the exception of Lidl—are each over 100 years old with renowned legacies. The application landscape for retailers typically includes a mixture of commercial off-the-shelf products as well as bespoke in-house applications built on premises, in the cloud, or both. In this hybrid model, grocery retailers juggle moving services and data to the cloud, while some traditional on-premises technologies remain. Today, retailers must find their place with the hybrid model intentionally and with full knowledge of how they got there.

We’re also noticing alternative grocery store formats pop up around the globe. Supermarkets, convenience, checkout-free, store-within-a-store, and kiosks—each has unique demands in a hybrid landscape. Still, at the heart of all these formats and applications stands the customer. Customer experience and opinion of their interactions with a business are increasingly critical to monitor, especially now that brand loyalty by consumers is on a decline. In this blog, we’ll describe some of the best practices for grocery retailers to adopt in order to delight customers as a result of an intentional move to a hybrid architecture.

Making the most of cloud resources with hybrid best practices

Connectivity from stores to the rest of your corporate network and the internet needs to be managed effectively. Modern use cases, such as computer vision, place a heavy demand on this kind of infrastructure. Hybrid best practices can help you make the most of your cloud resources, management, and intelligence while handling data and bandwidth-heavy use cases at the edge in store.

Hybrid architectures make use of the right technology in the right place—one of the keys to achieving strong business outcomes. They can drive efficiencies and clear the way for innovation and experimentation. Let’s look at four best practices in hybrid architectures for companies to adopt in order to capitalize on the constraints above while still delivering an outstanding customer experience.

1. Make use of local and edge computing

We typically see three types of in-store computing in grocery retail:

  • Customer facing: Point-of-sale, customer-assistance kiosks, and customer-facing hardware like self-checkout devices and customer handheld terminals.
  • Store operations: Back-of-store servers, usually running a mixture of virtual machines (VMs) and containers. These VMs and containers typically power in-store printing and labeling requirements, point-of-sale data processing, and a steady, store-level stock view.
  • Colleague facing: Back-of-store computers, staff handheld terminals, and staff mobile devices for the completion of administrative and operational tasks.

Low-bandwidth workloads in store can typically make use of technology services hosted in the cloud without any challenges. However, the introduction of high-bandwidth use cases often means that most retailers have to fall back to using the back-of-store servers. This may become the default option because it’s the way things have always been done. These emerging high-bandwidth use cases could be linked to computer vision, local regulatory requirements, or in-store experiments as the face of retail transforms. Utilizing the in-store servers for these use cases presents problems for deploying, operating, and gathering feedback from these workloads because they are now constrained by your traditional on-premises servers and management tooling in the store. Experimentation and rapid iteration are difficult, and insight is sparse.

Thankfully, the management tools and automation capabilities within Amazon Web Services (AWS) can be used to deploy, operate, and manage workloads in both the cloud and on your own servers. Customers can now utilize the API-driven management and automation on AWS that they’re already familiar with. This means that the cloud becomes the common control plane for your workloads, but you can use in-store hardware where it makes sense by using Amazon Elastic Container Service (Amazon ECS) Anywhere, which lets customers easily run and manage container workloads on customer-managed infrastructure. Customers can maintain container images stored in Amazon Elastic Container Registry (Amazon ECR) and choose to deploy them to the cloud or their commodity hardware in store using Amazon ECS Anywhere. From there, customers can manage their tasks on Amazon ECS—a fully managed container orchestration service that makes it easy to deploy, manage, and scale containerized applications—as they would in a normal AWS Region. When combined with AWS Systems Manager—a secure end-to-end management solution for hybrid cloud environments—customers can manage their on-premises container hosts, provide an interactive remote console, and run maintenance commands while also making use of any automations built using AWS.

If your applications aren’t yet container ready, you also have the option of selecting AWS Outposts and using AWS Outposts servers, which provide local compute and networking services for sites with space and capacity constraints. These 1U or 2U servers are delivered to your site where you then provide power and network connectivity. From this point, you can make use of a range of AWS services that run on AWS Outposts.

Architecture diagram showing 2 grocery stores, 1 with AWS ECS Anywhere, 1 with AWS Outposts Servers

Amazon ECS Anywhere and AWS Outposts both provide the flexibility to reduce dependency on out-of-store resources when it comes to data-intensive use cases as well as simplify management and automation tasks. Whichever path you take, you can take it incrementally and validate your approach as you go without having to make large commitments up front. Experiment, then scale.

There may come a day when high-bandwidth wide area network (WAN) connectivity is sufficiently fast and cost effective that customers decide that no local computer hardware is required anymore. Until that time, make use of local and edge compute where the workload and constraints demand it, and use the right tool for the job.

2. Verify that your network is robust and adaptable

Whether your compute and data stores are on premises or in the cloud, one thing is for certain: modern applications generate and move data quicker than ever. In response, networks are under unprecedented levels of stress. Having high-speed, reliable, flexible network connectivity within the store and making the best use of your WAN connectivity are key to building a robust in-store experience. Undertaking a network upgrade or hardware replacement project, though complex, can help establish a foundation for reliability and flexibility and cater to use cases today and in the future.

Optimizing your network paths is a good practice to establish. If your corporate data center is at the core of your network design, that’s probably an antipattern. While your data centers may be an important part of your technology estate, there’s often no good reason for an in-store client device—such as a handheld terminal—to communicate with its cloud-hosted service through your data center. If traditional network security solutions deployed in your data center are a required hop for traffic between your in-store customers and your AWS services, then you may need to reconsider your topology.

The telco providers that manage your WAN will typically have either an SD-WAN or MPLS offering that helps you move the focal point of your network away from your data center. There is also the opportunity to get your in-store network traffic into the global AWS network quickly with AWS Direct Connect, which helps users create a dedicated network connection to AWS. AWS Direct Connect is a private connection into the AWS global network that can be purchased directly with AWS or through an AWS Direct Connect Delivery Partner as a hosted connection. Alternatively, if you have diverse connectivity with many providers, you can use AWS Cloud WAN, which provides a central dashboard for making connections between your branch offices, data centers, and Amazon Virtual Private Cloud (Amazon VPC) (which gives you full control over your virtual networking environment), to create your own software-defined WAN inside the AWS global network. In both scenarios, the objective is to move the hub of your network from your data centers to a scalable and extensible WAN that can adapt to your needs over time.

When your AWS Direct Connect or AWS Cloud WAN connectivity arrives within the AWS Region, connect it to an AWS Transit Gateway, which connects your AWS VPCs and on-premises networks through a central hub. This step helps you follow AWS best-practice guidance for using multiple AWS accounts to deploy applications while minimizing the management burden of connecting AWS VPCs yourself. AWS Transit Gateway provides a software-defined interface to specify your network routing rules between any infrastructure connected to it.

Architecture diagram showing WAN connectivity from stores back to AWS cloud

As you plan your long-term network strategy, stay informed on future innovations that can move you beyond wireless internet and managed WAN networks, like AWS Private 5G, which is a managed service that makes it easy to deploy, operate, and scale your private cellular network, with all required hardware and software provided by AWS. The widespread move to 5G is helping retailers achieve full mobile coverage in challenging locations like back-of-store warehouses or large supermarkets. Consider if this technology could unlock your connectivity challenges.

3. Reduce dependence on traditional storage

The amount of data we generate continues to grow exponentially. If your business depends on data—and it probably does and should—then you need to consider your long-term storage needs. In a grocery context, the need for data storage is expanding: you need streaming event data from your point-of-sale systems, the ability to store pricing and labeling data locally for compliance, and stock availability information for customers actively consuming your services.

Not all data is the same, and not all storage options are equally useful in every context. Certain data must always be available in store for legal or compliance reasons, depending on geography and local legislation. In other cases, it’s beneficial to have some data cached locally for performance purposes, such as product detail information and product photography. Conversely, useful data related to customer habits and behaviors is often trapped in store and can’t be analyzed more broadly. In this last use case, data can easily be sent to the cloud to help business-intelligence and data-science teams find patterns, trends, and insight.

When using services like ECS Anywhere in store, you have the flexibility to connect to existing local file servers for any data storage and processing needs, but how can you liberate the in-store data and make good use of it? A great choice of storage location could be Amazon Simple Storage Service (Amazon S3), an object storage service offering industry-leading scalability, data availability, security, and performance. You can make use of the AWS Transfer Family, which helps you manage and share data with simple, secure, and scalable file transfers. You can place an FTP (SFTP, FTPS, or FTP) endpoint in front of an Amazon S3 bucket with authentication and authorization. Simply use an existing FTP client or script to upload your files, and they will be usable within Amazon S3 immediately.

Once data is stored in Amazon S3, you can use a wide array of data and analytics tools to deliver your business outcomes. Query your data in place with no need for extract, load, transform using Amazon Athena, an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Train machine learning models in Amazon SageMaker—which helps you build, train, and deploy machine learning models for any use case with fully managed infrastructure, tools, and workflows—using your data. Or understand your data with Amazon QuickSight, a cloud-native, serverless business intelligence service.

Your data in Amazon S3 can be intelligently tiered to optimize your price/performance point. For example, less frequently accessed data can be automatically moved to more cost-effective storage, keeping your long-term costs manageable. This is one of the economies of scale gained from using AWS for your data storage. It is practically impossible to achieve this on a store-by-store basis using hardware distributed over your store estate. But with AWS, it takes less than 1 minute to create archive configurations using Amazon S3 Intelligent-Tiering, which automates storage cost savings by moving data when access patterns change.

These services and features give you the peace of mind to know your data is safe, close to its consumers, and—when necessary—easily liberated from your store servers to provide business value. Once these strategies are put in place, you can make effective use of the data and move toward decision engineering.

4. Simplify observability and configuration management

One of the big challenges with managing a distributed estate over many physical locations consisting of hardware and software of varying ages is the inability to use consistent management tooling. AWS has consciously decided to deliver its services with API-based provisioning and management to help all customers make use of automation and management through the AWS Console, AWS software development kits, and AWS Command Line Interface (AWS CLI), a unified tool to manage your AWS services.

This management approach offers easy monitoring and automation, so why not extend the same strategy to your in-store systems? For that, try Amazon CloudWatch, a feature-rich monitoring and observability service. In addition, AWS Systems Manager, a secure end-to-end management solution for hybrid cloud environments, can be used to provide management capabilities. These tools make it simple to operate and automate routine activities and get to the root cause of a problem when something goes wrong. With these services, you use the same tools to understand your on-premises estate as you do to manage AWS. This creates a single-pane-of-glass experience so you can see the status of your enterprise from every direction.

In combination with the best practices above, using AWS management and governance tools can act as an accelerator to in-store experimentation and simplify routine maintenance. Keeping in-store hosts up to date with security updates, frequently deploying software to them, and being able to confidently maintain service levels can be a challenge using the traditional approach. An array of costly enterprise management tooling is traditionally used to achieve these outcomes but is often inflexible and prohibitive to rapid experimentation and iteration. Using AWS management and governance tools that provide a common set of capabilities between the cloud and the edge, you can experience some of the benefits of the cloud locally in store.

The objective of this last best practice is to cut down the sprawl of tool sets that have accumulated over time and to reduce the number of touch points human operators need to be involved in. Automation concepts that you build for AWS can be used in stores to reduce repetition and increase deployment velocity. Getting this step right is important to facilitating the rapid iteration cycles and experimentation that powers innovation in your business.

Implementing best practices

Now that we’ve set down four foundational best practices for you to consider in the future state of grocery store technology, you can turn to higher-level initiatives like optimizing your service delivery and creating innovative experiences for customers, all while increasing your experimentation frequency and delivery velocity.

Architecture diagram showing grocery stores with hybrid compute connecting back to AWS cloud

In four steps, we’ve outlined how:

  1. You can make sure that your compute activities happen where they’re needed using edge computing.
  2. Everything you do will be dependent upon your network, so make sure that it can efficiently and securely get your data where it needs to be.
  3. Data is growing quickly, so it’s important to use the scale of the cloud to store your data in a cost-effective way to remove the need to purchase additional storage hardware while also benefiting from the variety of data and analytics use cases afforded to you by having your data in the cloud.
  4. Everything in your enterprise can be managed uniformly regardless of where the resources are.

Implementing these practices needs to be done with an overarching strategy in mind; otherwise, you may inadvertently add complexity to your systems without fully realizing the benefits. The strategy you formulate needs to consider your needs, the existing legacy, the budget, and your skills. It should also focus on supporting business outcomes.

So how do you get started with hybrid architecture? Start with the needs of your customers and colleagues, and work backward to develop a vision and a plan. Assemble a cross-functional team to start planning your new foundational capabilities, and begin experimenting with the local and edge compute services that help you to be a part of this hybrid world.

Ben Moses

Ben Moses

Ben Moses is a Senior Solutions Architect at AWS working with Enterprise Retail customers in the UK. He has 20 years of experience helping organizations achieve their outcomes with technology. These days, you’ll often find him advocating for event-driven architectures and helping customers to adopt a serverless-first mindset.