As a part of CdCon summit 2021, a fireside chat moderated by Balaji Siva, VP of product at OpsMx with Grace Akinsola, the program manager, and Abdul Basit Kabir, the DevOps Engineer from InterSwitch.
We would like to share their experience in achieving continuous delivery and success story with Spinnaker. So in this blog, we shall shed some light on Spinnaker’s journey, use cases, best practices, lessons learned from Spinnaker usage, and how it helped our customer Interswitch transform their software delivery.
Watch the whole video here:
Here are some of the key takeaways from the discussion:
- The rationale for choosing Spinnaker
- Current status of their Spinnaker journey
- Software delivery use-case
- The benefits of using Spinnaker
- Best Practices for using Spinnaker
Interswitch is a leading digital payment and commerce player in Africa. They are instrumental in transforming Africa’s payment landscape by rapidly developing the financial ecosystem. They are active across the payments value chain and offer a full suite of omnichannel payment solutions.
RATIONALE FOR CHOOSING SPINNAKER:
Interswitch migrated from traditional software delivery practices to microservices and containerized applications. Initially, they wrote scripts using Jenkins and SSH plugins to automate a few deployments. But, as they gradually increased their pace of innovation, they realized their non-standardized deployment process took time.
They had many software builds to be deployed each day into multiple environments such as dev, staging, and production. Due to security reasons, they had their Kubernetes clusters in cloud and on-prem, which made them constantly maintain deployment scripts. Besides that, they had to comply with regulations in the finance domain, which was impossible with incumbent technologies.
Interswitch explored a few CD solutions to streamline its software delivery process. There were a few closed-source solutions, but Interswitch went with open source Spinnaker because it is extensible and flexible.
As they matured as an organization, there was an increasing complexity of software systems. The use of microservices was also introduced because there was a need to keep up with the pace of innovations. It is the reason why they needed a platform that can manage complex deployments.
Besides that, they were doing multiple deployments in a day in different environments such as UAT, staging, and production and using many Kubernetes clusters. Since they are in the finance industry, addressing compliance and policy risk is very critical. There were auditory concerns to be taken care of. So they needed a tool that could streamline the entire process and eliminate excessive dependence on tribal knowledge. Though they were using Jenkins, it could not bridge the gaps mentioned earlier, and hence they chose Spinnaker because it was open source and extensible with lots of scope for further upgrades.
Current status of Spinnaker Journey
Interswitch is using Spinnaker to automate its end-to-end software delivery pipeline by integrating with various DevOps tools such as Jenkins, BitBucket, Sonarqube, and JFrog. Their DevOps engineers and developers are using Spinnaker to deploy Kubernetes applications microservice and also monoliths.
Nearly 100 developers, 10 DevOps engineers, and a few managers use Spinnaker to orchestrate the deployment and delivery process.
They have implemented automated canary analysis into their delivery pipelines powered by Spinnaker. It helps them in the early detection of anomalies and fixing them before downtime occurs for production systems.
Spinnaker helps them address the regulatory and compliance concerns, as they are of paramount importance in the financial sector. Custom stages were added to the pipeline so that defined policies could be enforced during the pipeline execution.
A few examples of policies Interswitch used in their delivery pipelines are Kubernetes manifest must be valid YAML, production config files must not contain UAT parameters, Dockerfiles must be hardened and only use a compliant base image, Only QA can approve automated tests, all security scans below 80% must be manually approved, Blackout Window Period, Terraform plans by developers must not have delete action in any resource other than a VM, etc.
With Spinnaker, they have a uniform way of deploying to various Kubernetes clusters across different regions. Now every deployment goes through a certain UAT and staging environment before getting into the production environment.
Moreover, Spinnaker provides a standardized way to deploy into Kubernetes clusters, which was earlier done through scripts like Kube-ctl commands. For avoiding risks in production systems, Spinnaker is used to perform canary analysis and take automated actions such as rollback or roll-forward.
The best part was the end-to-end SDLC stages were serialized and were all executed before the next stage, or an environment was up. Spinnaker also streamlined the change management process with its well-structured, well-documented, and well-managed approach. Before Spinnaker, the change management process was difficult as stakeholders would take days to log into the ticketing system and depend on deployment-related data to approve a ticket.
But with Spinnaker, approval stages could be made a part of the delivery pipeline, i.e., to progress the pipeline. Instead of manually activating it, the Spinnaker pipeline would automatically get promoted on approvals from the right manager. For example, only upon the approval of QA, a pipeline can release a build into production, or only fully approved change tickets can be deployed.
Benefits of using Spinnaker:
Grace Akinsola of Interswitch recounted how their goal of reducing deployment timelines was made possible by Spinnaker. As everything is streamlined under one umbrella, there was a 70% reduction in the lead time to move code to production. Secondly, they have realized their change management process takes less time for approvals.
Interswitch also benefited from the ability of Spinnaker to pinpoint deployment failures in the process of software delivery with end-to-end visibility and could easily know about the progress of software delivery at all times, from dev to UAT to production.
- Streamlined deployments into microservices, monoliths
- Code to production time has been reduced by 70%
- Fully automated change management process. Time has shrunk from days to hours.
- Reduced time to resolve issues and rapid diagnosis of issues with end-to-end visibility
Best Practices for using Spinnaker:
Interswitch endorsed Spinnaker because it is extensible and can be molded to fit all the best practices and requirements in an organization.
They recommend considering OpsMx as a vendor to unlock all the value Spinnaker offers for automating software deployment and delivery. “With OpsMx, we have gone way ahead of what we could do with Spinnaker” Abdul Basit Kabir, DevOps Engineer, Interswitch.