About the Bank
The customer is an international banking group, with around 86,000 employees and a 150-year history in some of the world’s most dynamic markets. Although they are based in London, the majority of their customers and employees are in Asia, Africa and the Middle East. The company is a leader in the personal, consumer, corporate, institutional and treasury segments.
Challenge: To Provide an Uninterrupted Customer Experience
The bank wanted to stay ahead of the competition. The only way to succeed in today’s digital world is to deliver services faster to customers, so they needed to modernize their IT infrastructure. As part of a business expansion, entering eight additional markets in Africa and providing virtual banking services in Hong Kong, they needed to roll out new retail banking services. The new services would enhance customer experience, improve efficiency, and build a “future proof” retail bank.
Deploying these new services created challenges that needed to be overcome quickly, or risk delaying the entry into the new markets.
Sluggish Deployments for Monolithic Applications
The bank was running monolithic applications on old Oracle servers, located in Hong Kong and the UK, that served Africa, the Middle East, and South Asia. Each upgrade forced a significant downtime across all regions that prevented customers from accessing their accounts. This was not true for the bank’s competitors, and it threatened to become a major source of customer churn.
Need for Secured Continuous Delivery Platform
As part of the bank’s digital transformation, they decided to move many services to a container-based infrastructure. They chose Kubernetes and Red Hat OpenShift as their container environment. To take advantage of the ability to update containers quickly, they also decided to move to a continuous delivery (CD) model, enabling updates without downtime. Their existing deployment tool was unsuitable for the new environment.
Of course, strict security of the platform and the CD process was an absolute requirement. Additionally, the bank required easy integration to support a broad range of development and CI tools and a high performance solution capable of scaling to the bank’s long term needs.
Lack of Continuous Delivery Expertise
The bank’s IT team, operating on multiple continents, was stretched thin with the migration to OpenShift and containers. Further, their background in software deployment simply did not include experience with continuous delivery. The bank needed a trusted partner who could provide a complete solution – software and services – to reduce the risk of delays or problems that could hobble the planned business expansion.
Solution: A Secured CD Platform to Deploy Containerized Applications
After a thorough evaluation, the bank chose OpsMx Enterprise for Spinnaker (OES) as their CD solution. They chose OES for its high security, ability to scale, and integration with other tools. They chose OpsMx because of their expertise with Spinnaker and continuous delivery and their deep expertise in delivering a secure environment.
Correcting Security Vulnerabilities
There are four main security requirements not available in the default OSS Spinnaker which are satisfied by OpsMx.
- Validated releases:
Spinnaker is updated frequently due to the active participation of the open source community. However, the bank required that each release be scanned for vulnerabilities and hardened before installation in the bank’s environment. OpsMx delivers this as part of the base system, so OpsMx customers know that the base platform has not been compromised.
- Air gapped environment:
The bank, like many security-conscious organizations, isolates key environments from the public internet to increase security. OES fully supports air gapped environments.
Another key requirement was the ability to encrypt all data communication between the Spinnaker services and between Spinnaker and integrated tools, offered by OES.
- Authorization and authentication:
OpsMx Enterprise for Spinnaker supports LDAP and Active Directory (AD), fully integrating with the bank’s standards for authorization and authentication.
Simplifying the Software Delivery Process
The bank quickly completed the secure implementation and deployed pipelines for services. The bank is now able to deploy updates on-demand rather than grouping them together in a “big-bang” release that forces application downtime. The new CD process enabled by OpsMx made the process of requesting downtime unnecessary. Deployments are made into OpenShift with the help of templates available for developers.
OpsMx Enterprise for Spinnaker now controls the overall software delivery pipeline. The application team at the bank uses Bitbucket to commit the new piece of code, then OES triggers Jenkins to initiate the build.
After a successful build, the package is pushed into an external repository – either Jfrog Artifactory or BitBucket. OES fetches these images and deploys them into the target environment. This provides an end-to-end continuous delivery system without the use of scripts.
Self Service Onboarding
Development teams, such as the team responsible for the Retail Banking applications, are able to create and manage their own pipelines using OES. This reduces demand on the central team and speeds the creation and enhancements of new services.
Results: Software Delivery Automated with Zero Downtime
Code to Production in Hours
Since the deployment of OES, the retail application development team has seen significant improvements in software delivery velocity. The process time has been reduced from weeks to a few hours. OES seamlessly integrated with their existing build and cloud environments, avoiding the cost and time on integrating new tools.
Automated Software Delivery for Global Operations
Using OES and with help from OpsMx, the bank was able to move towards a modern Continuous Delivery framework from a traditional waterfall deployment approach. The bank deployed total of 120 different pipelines to serve twenty two different countries. In addition, a standard template for each country was also set up that allowed the developers to quickly set up further pipelines with ease. These templates ensured that the initialization errors were reduced to nil.
If you are interested in reading about another customer with complex security requirements, read about Cisco’s CD modernization journey.
If you want to know more about the Spinnaker or request a demonstration, please book a meeting with us.
OpsMx is a leading provider of Continuous Delivery solutions that help enterprises safely deliver software at scale and without any human intervention. We help engineering teams take the risk and manual effort out of releasing innovations at the speed of modern business. For additional information, contact us.