EZ Cloud runs its AI-powered A/P platform in a Kubernetes cluster on OCI

Authored by Kellsey Ruppel, principal product marketing director at Oracle.

An image of EZ Cloud’s accounts payable platform dashboard.
Figure 1: Figure 1: EZ Cloud provides a modern and secure accounts payable (AP) automation platform that brings AP communications, invoice data, and real-time analytics to one easy-to-use portal.

 

EZ Cloud is an automation software provider that aims to help customers use technology to increase efficiency, improve cash flow, and streamline invoice processing in the accounts payable process. Its platform uses artificial intelligence (AI) and machine learning (ML) to automate the accounts payable workflow, including invoice capture, authorization, and payment.

Goals for cloud migration

As part of its strategic efforts to continually improve its service, EZ Cloud wanted to adopt new technology to help reduce the time its IT team spent debugging and troubleshooting integration problems, and to improve its system integration processes overall.

Why EZ Cloud chose Oracle

EZ Cloud chose Oracle Integration to support its platform improvement initiatives based on the close working relationship between the two companies. EZ Cloud’s team is made up of Oracle Certified ECM consultants, who are experienced in developing and implementing Oracle Fusion middleware.

“With intuitive drag-and-drop components, we almost implemented our project with a no-code approach,” said Andrew Blackman, CEO at EZ Cloud. “This approach brought down our implementation effort up to 70% or more as compared to building an SI application from the ground up.”

Suite of Oracle products used

OCI includes all the services needed to migrate, build, and run IT in the cloud, from existing enterprise workloads to new cloud native applications and data platforms. EZ Cloud used the following OCI services and technologies:

• OCI Kubernetes Engine (OKE): OKE is a fully managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud. You specify the compute resources that your applications require, and OKE provisions them on OCI in an existing tenancy. OKE uses Kubernetes to automate the deployment, scaling, and management of containerized applications across clusters of hosts.
• Autonomous Data Warehouse: Oracle Autonomous Data Warehouse is a selfdriving, selfsecuring, selfrepairing database service optimized for data warehousing workloads. You don’t need to configure or manage any hardware or install any software. OCI handles creating the database and backing up, patching, upgrading, and tuning the database.
• OCI Identity and Access Management (IAM): OCI IAM provides an innovative, fully integrated service that delivers all the core identity and access management capabilities through a multitenant cloud platform.
• Region: An OCI region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them, across countries or even continents.
• Policy: An OCI IAM policy specifies who can access which resources and how. Access is granted at the group and compartment level, which means that you can write a policy that gives a group a specific type of access within a specific compartment, or to the tenancy.
• Monitoring: OCI Monitoring actively and passively monitors your cloud resources using metrics to monitor resources and alarms to notify you when these metrics meet alarm-specified triggers.
• Availability domain: Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain is unlikely to affect the other availability domains in the region.
• Fault domain: A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain has three fault domains with independent power and hardware. When you distribute resources across multiple fault domains, your applications can tolerate physical server failure, system maintenance, and power failures inside a fault domain.
• Virtual cloud network (VCN) and subnets: A VCN is a customizable, software-defined network that you set up in an OCI region. Like traditional data center networks, VCNs give you complete control over your network environment. A VCN can have multiple nonoverlapping CIDR blocks that you can change after you create the VCN. You can segment a VCN into subnets, which you can scope to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.
• Security list: For each subnet, you can create security rules that specify the source, destination, and type of traffic that must be allowed in and out of the subnet.
• Route table: Virtual route tables contain rules to route traffic from subnets to destinations outside a VCN, typically through gateways.
• Internet gateway: The internet gateway allows traffic between the public subnets in a VCN and the public internet.
• Service gateway: The service gateway provides access from a VCN to other services, such as OCI Object Storage. The traffic from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet.
• Dynamic routing gateway (DRG): The DRG is a virtual router that provides a path for private network traffic between VCNs in the same region, between a VCN and a network outside the region, such as a VCN in another OCI region, an on-premises network, or a network in another cloud provider.
• Local peering gateway (LPG): An LPG enables you to peer one VCN with another VCN in the same region. Peering means that the VCNs communicate using private IP addresses, without the traffic traversing the internet or routing through your on-premises network.
• Load balancer: The OCI Load Balancing service provides automated traffic distribution from a single entry point to multiple servers in the back end.
• OCI Compute: The OCI Compute service enables you to provision and manage Compute hosts in the cloud. You can launch Compute instances with shapes that meet your resource requirements for CPU, memory, network bandwidth, and storage. After creating a Compute instance, you can access it securely, restart it, attach and detach volumes, and terminate it when you no longer need it.
• Bastion host: A bastion host is a Compute instance that serves as a secure, controlled entry point to the topology from outside the cloud. The bastion host is provisioned typically in a demilitarized zone (DMZ). It enables you to protect sensitive resources by placing them in private networks that can't be accessed directly from outside the cloud. The topology has a single, known entry point that you can monitor and audit regularly. So, you can avoid exposing the more sensitive components of the topology without compromising access to them.
• Integration: Oracle Integration is a fully managed service that allows you to integrate your applications, automate processes, gain insight into your business processes, and create visual applications.
• Object Storage: OCI Object Storage provides quick access to large amounts of structured and unstructured data of any content type, including database backups, analytic data, and rich content such as images and videos. You can safely and securely store and then retrieve data directly from the internet or from within the cloud platform. You can seamlessly scale storage without experiencing any degradation in performance or service reliability. Use standard storage for “hot” storage that you need to access quickly, immediately, and frequently. Use archive storage for “cold” storage that you retain for long periods of time and seldom or rarely access.
• Registry: OCI Registry is an Oracle-managed registry that enables you to simplify your development-to-production workflow. Registry makes it easy for you to store, share, and manage development artifacts, like Docker images. The highly available and scalable architecture of OCI ensures that you can deploy and manage your applications reliably.
• Events: OCI services emit events, which are structured messages that describe the changes in resources. Events are emitted for create, read, update, or delete (CRUD) operations, resource lifecycle state changes, and system events that affect cloud resources.
• Functions: Oracle Functions is a fully managed, multitenant, highly scalable, on-demand, Functions-as-a-Service (FaaS) platform. It’s powered by the Fn Project open source engine. Functions enable you to deploy your code and either call it directly or trigger it in response to events. Oracle Functions uses Docker containers hosted in OCI Registry.
• Content Management: Oracle Content Management is a cloud-based content hub to drive omnichannel content management and accelerate experience delivery. It offers powerful collaboration and workflow management capabilities to streamline the creation and delivery of content and to improve customer and employee engagement.
• Document Analysis: OCI Document Understanding is an AI service for performing deep learning-based document analysis at scale. With prebuilt models available out of the box, developers can easily build intelligent document processing into their applications without ML expertise.

EZ Cloud’s solution

EZ Cloud's AI-powered accounts payable (AP) platform easily integrates into Oracle enterprise resource planning (ERP) applications, helping companies capture, authorize, and pay invoices up to 80% faster than on-premises AP applications. Although the EZ Cloud platform is already integrated into Oracle ERP Cloud and Oracle E-Business Suite (EBS) applications, the company is currently developing integrations into Oracle NetSuite, Oracle JD Edwards EnterpriseOne, and Oracle PeopleSoft.

Today, companies use the EZ Cloud web and mobile applications in the following ways:

• Capture invoices: Suppliers for EZ Cloud’s customers can upload, submit, and access invoices through the EZ Cloud web and mobile applications. By using a supplier portal, EZ Cloud users can also capture invoices through emails, uploads, or scans. With EZ Cloud’s platform, users prevent duplicate invoices, get multilanguage and multicurrency support, and have automated purchase order (PO) matching.
• Authorize users: Users can assign single or multiple approvers for invoice processing, set approval thresholds, approve invoices, create priority payment approvals, use audit trail features, and view progress using an integrated dashboard.
• Collect payments: Because EZ Cloud is a systems-agnostic platform, the company gives all its customers the full breadth of features, regardless of what ERP system they’re using, without any overhead or payment delays.

Migration path

After a supplier emails an invoice to the EZ Cloud system, Amazon Web Services (AWS) Simple Email Service (SES) invokes a function in AWS Lambda. This function also calls the AWS Textract service to extract the invoice data from an AWS S3 bucket and then sends it to OCI Object Storage. Invoices captured by the EZ Cloud platform are then permanently stored in an Oracle Content Management repository.

Using Oracle Integration, EZ Cloud links the invoice images that are stored in Oracle Content Management to the customer’s ERP system. After the invoice image has been received and validated, a link appears within the backend ERP system, allowing users to select the approved invoice image. Users can also view the data that’s been extracted from the image. The front end web application is containerized and orchestrated by using OKE.

Initially, the EZ Cloud platform ran in 10 different virtual machines (VMs), supporting 10 simultaneous users. Today, the company runs its platform using an Oracle Autonomous Database. This serverless environment now supports 50 simultaneous users, can easily scale out on demand, and do it all for a fraction of the cost of running on VMs.

EZ Cloud uses the following OCI features to enable ongoing growth:

• Cloud native development with OCI Managed Services, such as OKE, Oracle Autonomous Database, OCI Registry, Oracle Content Management, OCI Document Understanding, Oracle Functions and Events, and Oracle Integration
• Scaling and performance with autoscaling and high availability of the OCI Managed Services
• Native integration with Oracle ERP and SaaS applications

An image of EZ Cloud’s reference architecture diagram.
Figure 2: Reference architecture for EZ Cloud’s deployment.

Results

With its built-in dashboards, routing rules, compliance policies, and on-demand reporting capabilities, companies can use the EZ Cloud platform to reduce delayed payments, satisfy regulatory requirements, and eliminate fraudulent transactions. The company realized several benefits with Oracle Integration. Overall, it expedited EZ Cloud’s go-to-market strategy with rapid, remote deployment capabilities. Additionally, a prebuilt adapter accelerated EZ Cloud’s system integration processes with multichannel applications, and implementation efforts were brought down by 70% compared to building integration applications from the ground up.

Meanwhile, Oracle Integration’s detailed log captures minimized the time needed to debug and troubleshoot integration issues by up to 50%.  Security protocols also ensured that sensitive customer data was safeguarded in transit between EZ Cloud applications and a customer’s ERP system.

Next steps

While most services and resources that EZ Cloud consumes currently run on OCI, a few services run on AWS. Over the next few months, EZ Cloud plans to transition all its workloads to OCI. Among the changes EZ Cloud plans to make to its architecture include moving its email capture service from AWS to Oracle Content Management and switching from AWS Textract to OCI Document Understanding for extracting invoice data.

For more information on EZ Cloud and Oracle Cloud Infrastructure, see the following resources:

• EZ Cloud transitions to serverless for accounts payable automation
• Explore other technical case studies from OCI
• Try Oracle Cloud for yourself