The customer is a global leader in Financial Technology for Banking, Insurance, and other Financial Services.
Intellect Design builds and runs Banking, Treasury, and Risk Management software for financial institutions worldwide. This suite of business applications relies on Platform applications and Big Data applications for logistic and analytics services.
The customer had decided to containerize the applications and adopt relevant tools to manage those. They decided to run the applications on Kubernetes. They were looking for the right partner who could consult, implement, and train them on Kubernetes and other cloud-native technologies and practices.
- The client operated in various regions and wanted to leverage a multi-cloud strategy for disaster recovery and high availability.
- The client wanted to migrate all the applications to Kubernetes, but only some were containerized. Even the containerized ones were not in the right way, and anti-patterns were discovered during implementation.
- The client ran big data applications for data analytics; hence using a scalable storage backend for stateful containerized services like MongoDB, Spark, etc. was important.
- Node as well application-level auto-scaling was a critical need to achieve high availability from a business perspective.
- The most critical requirement was to secure the applications and infrastructure they run on
Kubernetes Based Continuous Delivery
We set up the Multi-Cloud Kubernetes using KOPs on AWS and Azure, and Helm for managing all the applications.
- We have implemented continuous delivery based on Kubernetes, Helm, and Jenkins.
- Used Kubernetes Sealed Secrets to secure URLs, keys, and passwords stored in Git repositories
- Kubernetes RBAC is used to provide role-based access to resources.
- Simplified configuration management using Kubernetes ConfigMaps.
- POC of Container Storage solution like Portworx for scaling stateful applications
- Horizontal Pod Autoscaler (HPA) used for scaling the applications pods as per defined criteria
- Integrated Twistlock for securing container images and runtime
- We containerized and migrated applications like Kong (API Management), Keycloak (IAM), and business applications to Kubernetes.
- Kubernetes monitoring using Prometheus stack.
- The vault was used for auto certificate generation and storing sensitive data.
- EFK (ElasticSearch Fluentd Kibana) stack used for logging
- Helm chart hooks for one-time configuration of applications
- Dockerhub webhooks to trigger auto-deployment
- EBS volumes backed stateful sets.
- We have Implemented ingress controller-based routing and load balancing.