K012: A Bank On Cloud – Part 1 : The Tech Side Of The Story
Thanks For Listening!
Welcome to Cloudkata Season 2. In this season I am discussing “DevOps Driven Modern Infrastructure”.
Over the years I have been helping organisations who had very high security, scalability and sustainability demands. This was done by
- Creating secure & scalable infrastructures for software development and delivery.
- Enabling in-house DevOps capabilities for sustainable application life cycle management.
Join me as I share some of these success stories of how DevOps Driven Modern Infrastructures have helped these organisations achieve their dreams of Digital transformation.
You may also view this episode on the Cloudkata® Youtube channel. Please do like, share, subscribe and share your valuable feedback about the podcast.
transcript
Background:
1. An Indonesia based banking company wanted to build a fully digital mobile banking application that would help them to become a strong tech-based bank embedded in Indonesia’s digital ecosystem.
2. They wanted Staxa LLP to design and develop a modern infrastructure that was highly performant, technically advanced, cost optimized and security compliant.
3. The goal was to build a fully automated secure, scalable and sustainable cloud native infrastructure for this tech-based life-centric finance and banking application.
Project Timeline:
Four to Six Months
Challenges:
1. It was Q4 2019 and major cloud providers were yet to launch in Indonesia.
2. Our only option was a newly launched cloud provider with limited managed services options.
3. It lacked some of the key components like private dns, api gateway, relational databases etc that were needed for our setup.
4. Indonesia's Financial Services regulations needed to have data localisation and residency within the country.
5. There was no managed service available to host the core banking system Mambu within Indonesia.
6. Support provided by the cloud provider at that time was limited to business support with an hourly SLA .
7. Since the provider was newly launched integration with most infrastructure development tools were still in beta phase causing us to become the test cases for their usability.
The Initiatives – Infrastructure Setup:
1. Modular Infrastructure As Code.
2. Deployment pipeline As Code.
3. Configuration management for self managed software.
4. Automated machine and container imaging.
5. Centralized secret management for application and infra credentials.
The Initiatives – Security & Compliance:
1. A centralized administration with role-based access-controlled Identity Provider.
2. Secure and seamless connectivity across all systems and services were ensured by a segregated Network with respect to incoming and outgoing traffic and Single Secure Entry point for traffic landing from the internet.
3. For seamless connectivity dedicated private Links were used for peer-to-peer connectivity and data transmission.
The Techstack:
1. Terraform for IaaC for environment orchestrator and deployer.
2. Gitlab-CI for infrastructure delivery pipeline.
3. Ansible as software and system configuration management
The Outcomes:
1. Highly available completely cloud-native banking infrastructure.
2. Environments on demand to dry run launch events such as DR drill, penetration test , performance test.
3. Performance based infrastructure scale out and scale down ensuring optimised FinOps and sustainable growth.
4. Observability and traceability for every event occurring in infrastructure.
The Result:
A Cloud-native Digital Banking Solution
Learn More:
Podcast: cloudkata.com
LinkedIn Newsletter: The 10-Factor Infrastructure
Modern Infrastructure Framework : 10factorinfra.com
Sign up to receive email updates
Enter your name and email address below and I'll send you periodic updates about the podcast.
Other episodes
K013: A Bank On Cloud – Part 2 : The People Side Of The Story
Distance by pandemic united by goal – How I enabled a completely remote in-house DevOps community from scratch for a bank, in the midst of a pandemic when the entire team was locked down across multiple cities and timezones.
K012: A Bank On Cloud – Part 1 : The Tech Side Of The Story
Designing & developing modern infrastructure for one of Indonesia’s first cloud-native Digital Banks. In this two part story, this episode covers the tech side of the project.