We continuously asked Stelligent to approach certain requirements in a unique way that made sense for our company and business model. They were incredibly resilient to that and were able to be flexible and adapt to the requirements we had that were different.
Patrick Cullen Principal Architect, The Washington Post

Arc Publishing is an award-winning, state-of-the-art digital platform and suite of tools that’s engineered to meet the needs of modern publishers. Built by engineers and designers at The Washington Post, Arc technology handles complex publishing and audience needs across video, web, apps, subscriptions, and ad monetization, providing a competitive advantage enhanced by a set of sophisticated machine learning and AI-powered tools. Arc has powered the digital transformation of clients both large and small across the globe. At its core, Arc is about speed and innovation: for readers, newsrooms, brands, advertisers, and developers.

Founded in 1877, The Washington Post is a nationally and an internationally renowned news publisher. Known for its commitment to political journalism and international coverage with 24 correspondents in 18 bureaus around the world, The Post’s mission is to serve as the first place readers turn for breaking news and investigative journalism. Teams across The Post, from its leadership to the newsroom to engineering, understand the company must evolve in the ways its readers demand to efficiently deliver stories that matter. A critical step for The Post has been its embrace of digital technologies to drive journalistic excellence and improve the overall experience of its readers.

“One of the interesting transformations at The Post has been the understanding that serving our readers requires an equal focus on excellence in journalism and excellence in technology,” says Patrick Cullen, principal architect at The Washington Post. “You really can’t have one without the other, and that belief has been a part of The Post's DNA for many years. We use technology as the vehicle to tell the stories we need to tell and to get world-class journalism out to readers in innovative ways.”

In practice, The Post differentiates itself as a technological innovator in the publishing industry by taking an autonomous approach to software development, allowing teams across the organization to build, experiment, and launch products with low central oversight, and by forging a strong partnership between its newsroom and technology teams. Looking to drive agility and innovation throughout the organization, The Post chose to build its internal Arc platform on Amazon Web Services (AWS) and transform its architecture from a monolithic Content Management System (CMS) design to a microservices-based design.

“One of the main motivations for moving to AWS was the agility we gained for the people trying to build custom software and then iterate on it very quickly. And the microservices approach we decided to take was a natural evolution from our focus on agility and innovation. That’s what worked well for our teams,” says Cullen. By moving to a microservices architecture on AWS, engineers at The Post were emboldened to iterate on products quickly to reduce lead time and tighten the feedback loop to continue improving products.

A focus on quick iteration and continuous innovation helped the company thrive in a challenging market.The Post's software engineering team realized the lessons learned in developing the Arc platform and the investment made by The Post to build the technology from scratch could bring numerous benefits to digital publishing companies around the world as a software as a service (SaaS) solution.

“Many publishing companies see value using technology in new ways to evolve, but they aren’t sure how to make that upfront investment and justify building a net-new technology solution from scratch,” explains Cullen. “The investment The Post put into Arc Publishing, internally and from a product perspective, is significant. And it can be difficult for other companies to make that same level of investment. One of our main motivations for launching Arc Publishing as a SaaS solution was to alleviate the cost barriers many publishers face. We strive to provide them the ability to use world-class technology to run their newsrooms and provide superior journalism without having to build the technology from scratch.”

Given the nature of its work, The Post has critical data security, privacy, and availability requirements and knows its Arc Publishing clientele share the same requirements and concern. The engineering team at The Post approached security, privacy, and availability as a fundamental part of the Arc Publishing architecture design in addition to the focus on innovation and agility.

As the Arc Publishing product portfolio grew and more customers on-boarded to the platform, the team looked at how they could maintain agility and innovation by runing on AWS while increasing the level of governance in the AWS environment.  

To address this challenge, The Post turned to AWS Partner Network (APN) Premier Consulting Partner and AWS DevOps Competency Partner Stelligent.

If the team at Stelligent could give customers across industries two words of advice, it’d be the following:

Automate everything.

“I believe what differentiates us is our deep understanding of both operations and software delivery,” explains Brian Jakovich, director, commercial sector sales at Stelligent. “The majority of our engineers have a deep background in both and really understand where developers and operations teams are coming from. Because of this expertise and our understanding of the full lifecycle on AWS, we have a unique ability to build continuous integration, continuous delivery, and DevSecOps pipelines custom to each client’s needs and requirements.”

The Stelligent team held an interactive lunch-and-learn session with The Post’s engineering team. Soon after that, Stelligent quickly got to work helping The Post re-design their architecture on AWS.

The Post’s engineering team found enormous benefit engaging an AWS DevOps Competency Partner like Stelligent. “We already had pretty deep AWS expertise on our team. But seeing the technical depth Stelligent possessed in our initial lunch-and-learn, we could tell their expertise in DevOps automation went far deeper than ours,” says Cullen. “It was obvious their team was doing some innovative work on AWS, such as open sourcing some of the technologies they’d built, such as Stelligent’s cfn_nag and Stelligent mu, to push the envelope concerning what you could do with automation. That got us excited about working with them."

The Stelligent team embedded with The Washington Post’s engineering team for a few months to help the team tackle day-to-day challenges and to build an architecture that would enable Arc Publishing to scale massively while maintaining governance across accounts. "We've given Stelligent tough problems to solve, and they've been able to solve all of them for us," says Cullen. "And some of the requests we made have required them to innovate in ways they hadn’t for other clients. We continuously asked them to approach certain requirements in a very unique way that made sense for our company and business model. They were incredibly resilient to that and were able to be flexible and adapt to the requirements we had that were different.”  

Arc Publishing delivers a similar end-user experience as traditional Content Management Systems (CMS), but the Arc platform architecture on AWS is built very differently from a traditional CMS architecture.

“In a CMS, you typically have many types of media objects, such as photos, videos, and stories, and various channels for delivering those objects to, such as web, mobile, and newsletters," says Cullen. “From a customer perspective, Arc acts very similar to a traditional CMS where everything is in one place for the customer to access. But the underlying technology is separate microservices. There are separate databases for the photo system versus the video system, for example, and that allows our engineering teams to use separate programming languages and database technologies to best address the problem that they’re solving.”

The Arc Publishing platform supports over 50 deployments per hour, across 100 unique microservices. In its infrastructure, Arc uses hundreds of Amazon Elastic Container Service (Amazon ECS) instances and many thousands of Docker containers. 

WaPo CMS architecture_2

The Arc Publishing architecture on AWS 

Stelligent collaborated on a re-design of the Arc infrastructure on AWS to enable the following capabilities:

Automatic creation of AWS accounts

“One of the early components that we needed was the ability to create new accounts quickly," says Cullen. "We wanted those accounts to be standardized and have the same best practices implemented, not just when they're created but over time. For instance, if we find there's a better account setting for us to use, we want a way to be able to propagate that change to all of the accounts. Stelligent built us a tool we call AWS Bootstrap, and it effectively automates the creation of AWS accounts using AWS APIs such as AWS Organizations. It also automates the creation of key infrastructure components in those accounts that make them useful for a team to start building their architecture.”

Infrastructure pipelines

“Once a team has an account up, they then need to begin building their infrastructure for a particular application. We wanted to take an infrastructure-as-code approach and have it version controlled, so we decided to use AWS CloudFormation, AWS CodePipeline, and AWS CodeBuild,” says Cullen. “Stelligent helped us build the initial pipelines so we could learn how to build in a very self-service way. We now have example templates that teams can start from and they can use to build out their particular architecture on AWS, and they can contribute new AWS CloudFormation components to templates addressing their unique needs.”

AWS compliance

"This is our security component, and we call it our security guardrails,” says Cullen. “Instead of blocking what teams can deploy to AWS, we have a fast detection mechanism. We use AWS Config Rules to automatically check key objects like security groups and IAM policies to report back to a central hub where we can aggregate the data and report on the health of various AWS accounts.”

AMI pipeline

“We’ve created a centralized AMI generation process for Arc Publishing,” explains Jeffrey Dugas, sr. DevOps engineer at Stelligent. “We have a security and compliance account creating all of the corporate AMIs for the Arc platform and publishing those within accounts to use. We’re trying to do these centrally and proactively and by taking a security-centric approach.”

By taking a microservices approach to developing Arc Publishing on AWS, The Washington Post has been able to keep its teams small and agile while enabling them to make decisions quickly. Stelligent has played a vital part in the evolution of the Arc platform on AWS.

"It helps to know that Stelligent is using the best tools available on AWS and how deeply they understand automation,” says Cullen. “Stelligent’s always showing us AWS tools we hadn’t thought about using. They push us to look at the full suite of tools to see if there’s one that meets our needs with the mantra: Don't build it if AWS has already built an equivalent service. That's been helpful on the project to keep the amount of software we need to maintain low by leveraging native AWS services.”

Having the capability to scale rapidly at a moment’s notice has been critical for The Post and its Arc clients. “The capability of being able to deploy rapidly is so critical,” explains Cullen. “In those moments when you need to iterate quickly on a system that capability is enormously beneficial. That’s what we get using AWS. From an operational point of view, the AWS services are rock solid. It’s remarkable to me AWS has such great operational excellence while at the same time continuously optimizing their products and innovating.”

“What’s most exciting for us is how excited Arc Publishing customers are about the product,” says Cullen. “The news media has been under a lot of financial pressure because of changes in technology. A lot of the end users of the Arc platform haven’t really had a partner like us that’s in the same industry and empathetic to the different challenges they face, and who has a vested interest in how the tools work in the space. Our mission is to continue to optimize the Arc Publishing platform and drive more value to our users.” 

2018stelligent logo_RGB

Stelligent, a professional services and consulting firm with deep expertise in DevOps automation services on AWS, enables security-conscious enterprises to focus on developing software users love by leveraging automation on AWS. Its goal is to work closely with customers to develop fundamentally secure infrastructure automation code, deployment pipelines, and feedback mechanisms for faster, more consistent software and infrastructure deployments. As an AWS Partner Network (APN) Premier Consulting Partner, AWS Public Sector Partner, and AWS DevOps and Financial Services Competency holder, Stelligent uses its expertise to help customers benefit from continuous AWS innovation.

For more information, contact Stelligent through its listing on the APN Partner Solution Finder or on their website.   

Learn more about DevOps and AWS