Delivering Open Source LMS on AWS
De La Salle University
De La Salle University is an internationally recognized Catholic university in the Philippines, established by the Brothers of the Christian Schools in 1911. The university delivers on its mission by providing secure, reliable, and economical learning technology tools to 36 academic departments, 11 research centers, and an enrollment of approximately 18,000 undergraduate and graduate students. De La Salle relies on the open source Sakai learning management system (LMS) to engage with students and deliver course content and assessments.
LMSs are often a core technology component of colleges and universities, providing a variety of teaching and course administrative capabilities including syllabus, instructor communications, discussion forums, assignments/submissions, learning content delivery, assessments, gradebook, and integrations with other campus systems to launch external learning resources.
Managing and operating an institution’s LMS can be a challenging task. Concurrent usage can be high and widely variable across the academic calendar. Capacity planning presents a challenge, and in statically deployed environments it requires building for peak capacity with underutilized resources (and cost inefficiencies). Unexpected usage spikes may render the LMS unusable, impacting the ability of students to complete assignments, collaborate, and for instructors to communicate and monitor student progress. Additionally, with the LMS delivering assessments and capturing grades, security of the infrastructure and application are essential to ensuring the integrity of key academic information.
Unicon designed the De La Salle Sakai LMS deployment to leverage the availability and reliability features of AWS. Sakai is deployed on EC2 instances across multiple availability zones, with auto-scaling to ensure reliable and responsive experiences for students and instructors. The backend database is deployed on the RDS service in a multi-AZ configuration to ensure that the LMS data has enhanced availability and durability as well. CloudWatch metrics are used both to drive the auto-scaling as well as to provide operational insights and monitor the overall service delivery. Latency is reduced by deploying the full solution into the Singapore AWS region.
As noted above, LMSs typically experience wide variations in usage and resource consumption. Statically deployed LMS infrastructure results in cost inefficiencies with under-utilized compute resources sitting idle as much as one third of the calendar year. Peak usage can be very high at the start of the semester, and during both mid-term and final exams when large amounts of web and application compute resources are required. By leveraging auto-scaling and Reserved Instances for baseline capacity, Unicon was able to construct a cost optimized LMS infrastructure for De La Salle.
Unicon designed an operating environment for De La Salle’s Sakai LMS that takes full advantage of the security features available in AWS. AWS Identity and Access Management (IAM) is used to establish roles and policies to provide secure access to data, application, and administrative functions while ensuring protection of credentials. By using IAM Roles and IAM Policies for AWS resources, Unicon is able to ensure that only defined and approved resources can access secure areas of the AWS account. A defined set of AWS administrators are assigned permissions to develop these roles and policies, limiting the users that can grant access. EC2 instance profiles are used to control access and secure S3 locations, ensuring these areas are not accessed by unauthorized users.
AWS CloudWatch provides security monitoring. By combining IAM with AWS CloudTrail, a history of AWS API calls and related events are recorded. CloudTrail provides a record of every AWS action taken in the account. For example, the CloudTrail log contains records of who started instances, who changed IAM policies, and who accessed S3. This information helps Unicon manage change and ensure adherence to policy as well as provide operational insight and information that is critical in resolving incidents. Cloud-Trail makes it easier to comply with internal policies and regulatory standards.
Meeting the Challenges: Unicon Services for AWS
With experience in many of the AWS services including EC2, RDS, S3, CloudFormation, ECS, and AutoScaling (and others), Unicon is able to help clients achieve high levels of reliability and scalability with cost-optimized infrastructure for their education workloads. With deep expertise in technology development and delivery for education, Unicon helps a wide variety of clients accomplish their educational mission through curriculum and content delivery solutions, enterprise portals, learning technology, IAM, and advanced learning analytics.
Unicon is an Advanced Consulting Partner in the AWS Partner Network (APN). This allows Unicon to leverage AWS to its fullest potential given Unicon’s deep expertise in deploying and operating applications on AWS as well as application development. Unicon has operated large-scale learning applications serving global users for over seven years. Additionally, Unicon has staff certified in many current AWS certifications, including AWS Certified Professional level Solutions Architects and DevOps Engineers.
- The availability features of AWS, such as multi-AZ deployments for web, app, and database on RDS along with CloudWatch monitoring and alerting support, consistently exceed Unicon’s 99.9% SLA availability
- Autoscale allows the Reserved Instances to be augmented at times of higher load, allowing the infrastructure to remain right-sized with respect to cost
- The AWS security model, best practices, and supporting features and services, including external audit and support for stringent security standards, provides a strong security foundation for De La Salle’s Sakai LMS
- De La Salle faculty and administrators can focus on delivering great learning experiences knowing the physical and operational security foundations are strong