Brief results of the collaboration:
- The customer was able to containerize and deploy its business-critical app—handling 1 million transactions daily—to production on Tanzu Kubernetes Grid Integrated Edition (TKGI), while reducing release cycles.
- The organization improved platform security, enabled backups/disaster recovery, configured monitoring and alerting, automated upgrades, as well as ensured high availability and scalability—necessary to serve 280+ member institutions.
- Thanks to a thought-out roadmap with prioritized improvements, the subdivision set an example and laid the groundwork for large-scale TKGI adoption by the whole bank consortium—serving 6,500+ financial institutions.
The company is a subdivision of a US bank consortium, lending funds to financial institutions. With $47.7 billion in assets, the branch serves 280+ member organizations, including commercial banks, insurance companies, credit unions, etc.
As part of an ongoing cloud-native journey, the customer decided to containerize its services with TKGI to cut release cycles and automate operations. The company planned to start with a business-critical app, aiming to later move forward with a full-scale adoption by a member network and then by the whole consortium, serving 6,500+ financial institutions. As the app handled around 1 million transactions daily, the subdivision sought high availability and scalability. However, the in-house team lacked experienced in fine-tuning TKGI, which hampered app deployment to production.
So, the company turned to VMware for assistance. The vendor recommended Altoros, its trusted partner and a certified VMware Tanzu solutions provider, to push the app to production, as well as deliver consultancy and training around TKGI enablement.
Under the project, the team at Altoros had to address the following issues:
- As the institution operates in a highly regulated industry, security and compliance with financial standards are of top priority.
- To facilitate the adoption of the platform at scale, it was crucial to create a disaster recovery strategy, monitor system performance, ensure timely backups, and automate upgrades.
Week 1. Engineers at Altoros evaluated the existing architecture, prioritized a backlog of tasks, and outlined a roadmap for improvements in the near-term (0–3 months), short-term (3–6 months), and long-term (6+ months) perspectives.
To deploy the app in production, the developers assisted the in-house team in resolving critical issues around microservices: sped up the launch time, employed a circuit-breaker approach in the shared database architecture, etc. The team at Altoros also recommended to improve logs with detailed error messages, include failover fallback scenarios in the test plan, use site reliability engineering principles, etc.
Week 2. To enforce security and compliance, the engineers set up vulnerability scanning and integrity checks, as well as encryption at rest to mitigate data breaches. In addition, developers at Altoros configured CredHu to store and manage passwords, secure shell keys, IP addresses, etc.
Week 3. Then, the team implemented the BOSH Backup and Restore framework and helped the in-house division to create a disaster recovery strategy. For the long term, the experts recommended to utilize chaos engineering at the platform/app layers and exercise fault injection for resiliency.
To improve monitoring, the engineers at Altoros configured Wavefront to gather relevant logs/metrics, activated severity-based incident alerting, as well as customized dashboards to track services state and resource utilization.
Week 4. With Concourse, the developers then built continuous integration/delivery pipelines to automate upgrades and streamline code promotion to production. The recommendations included scaling by two nodes before an upgrade to ensure resource sufficiency, executing cluster audit checks, etc.
assets in control
Partnering with Altoros, the customer was able to containerize and deploy its business-critical app to production on TKGI, handling about 1 million transactions of 280+ financial organizations daily. The company improved platform security, enabled backups/disaster recovery, configured monitoring and alerting, automated upgrades, as well as ensured high availability and scalability. Thanks to a thought-out roadmap with prioritized improvements, the customer set an example and laid the foundation for a large-scale TKGI adoption by the whole bank consortium—serving 6,500+ financial institutions.
Tanzu Kubernetes Grid Integrated Edition
Frameworks and tools
vSphere, Spring Boot, BOSH Backup and Restore, Wavefront, CredHub, Concourse