Migrating a Swiss Digital Bank from OpenShift to AWS EKS

case study

About the End Customer

Our end customer is a Swiss digital bank for anti-money laundering built for crypto transactions. They are in the market to transform the way people do banking and incorporate digital assets into regulated institutions. They aim to give people control and freedom when managing their own finances while using protocols that enable the secure functioning of a decentralized digital database.

What They Needed Help With

As a fintech solution, their main concern was regulations, governance, and frequent audits. They needed a team of experts to migrate their solution from Openshift to Kubernetes. So they were on the hunt for a DevOps team to support their migration while improving their existing pipelines.

The digital asset bank wanted to build an easily scalable, more responsive platform to quickly transfer data to the customer and provide an exceptional experience to end users.

A Secure Cloud Infrastructure: Implementing Terraform, Kubernetes, and Calico

As we continued to work together, we became an integral part of their product and SRE teams. We automated the provisioning of AWS infrastructure resources using Terraform, and utilized Kubernetes for workload orchestration. We also used Calico to enhance security, and provide isolation. Overall, our efforts played a key role in helping our end customer achieve their desired outcomes.

image

Terraform: Maximizing Efficiency and Streamlining Infrastructure Management

We implemented Infrastructure as Code (IaC) and DevOps practices to automate the provisioning and management of the infrastructure and deployments, improving productivity, increasing quality, and decreasing delivery time. The entire execution of the project followed an IaC approach using Terraform, and Atlantis for automating Terraform via pull requests.

We provisioned and maintained AWS resources and improved existing Gitlab pipeline templates based on their needs. Running on AWS EKS as a multitenant solution, we've set up dynamic resource provisioning based on available tenants (B2B clients). Creating a multitenant architecture makes the product available for many customers, white-labeling it, and selling it as a company-branded service.

Kubernetes: Facilitating Agility, Modernization, and Efficiency

Container orchestration technologies provide the foundation for managing microservices and architecture at scale. Kubernetes is the best open-source container orchestration platform for Fintech companies to facilitate developer agility, modernization, and operational efficiency.

Containers allow Fintechs such as our end customer to develop an executable bundle of software that is abstracted away from (not connected to or dependent on) the host operating system so that it can execute uniformly and reliably across any platform or cloud.

Calico: Our Approach to Kubernetes Networking and Security

To build workload isolation in multi-tenant environment we turned to Tigera’s Calico for microsegmentation. Calico is an open-source networking and security solution for containers, virtual machines, and baremetal host-based workloads.

Its comprehensive networking and security policy architecture made it simple to restrict communication and control the traffic flow between workloads inside the cluster and to the external parties outside the cluster. Its security policy engine applied the same policy model at the host networking and service mesh layers, safeguarding client’s infrastructure from compromised workloads and client’s workloads from compromised infrastructure.

This allowed client to build and manage container clusters with Kubernetes while securing their containerized workloads with Calico.

How DevOps Helps Fintech Organizations Like Our Client

50%
quicker deployments
973x
more frequent deployments
30%
reduced cost if you migrate to the cloud
45%
reduced failure rate of new releases
52%
quicker infrastructure recovery
6,570x
faster lead time from commit to deploy
49%
faster time to market

Why Us?

Our team's expertise in Kubernetes enablement made us the perfect choice to help our end customer build a secure, scalable, and reliable platform.

As a Kubernetes Certified Service Provider and Tigera partner, we have the knowledge and advanced expertise in consulting and providing professional services for organizations embarking on their Kubernetes journey.

Although it is increasingly easy to spin-up a Kubernetes cluster, it can be challenging to implement Kubernetes in a way that aligns with your company's needs. Many applications may not be ready for containerization, making it difficult to take the first steps towards a cloud native environment. We help guide you through the process, providing the necessary services, software, and support to run a production-grade Kubernetes infrastructure in a secure, reliable, scalable, and efficient manner.

What They Have to Say About Us

logo

"Working with Appstellar with their well-equipped, structured, and readily-available team was a great experience! They are motivated and always ready to help - during our collaboration, they were readily available to support us with any kind of information requirement, anytime. They were flexible when accommodating short-term requests from our side, offering communication convenience at all points. Aside from their professionalism and commitment to the project, it is a fun team to work with, delivering a wholesome experience that contributed to an impactful partnership."

Valentin Brandt
Senior Business Development Manager, SELISE

In the ever-changing Fintech industry, selecting the correct container technology and container orchestration platform can be challenging. You need a trusted technology partner to take advantage of opportunities to increase revenue and customer expectations. Appstellar's expertise in leveraging cloud technology and DevOps solutions help Fintechs to achieve agility, scalability, and delivery of large-scale apps at speed. Check our Kubernetes Enablement page for more information.

Tell us about your project

We're excited to learn how we can collaborate! So, tell us a little about your needs at the moment. No need to be thorough now as we'll soon get back to you with a few available timeslots for a call with our CTO and/or Head of Growth.

Looking forward to get to know you better!