Global bank migration to AWS (on-premises API platform)
Challenges
- Complexity of the platforms and systems.
- Thousands of APIs to migrate or assess for impact.
- Hundreds of customised API policies to reduce and simplify in the new Target Model.
- Setting up the AWS infrastructure and automation to allow the creation of Gateways to manage access to the back-end.
- Complexity in the IaC and infrastructure automation using Jenkins, Terraform and Helm chart.
- Security and sensitivity in accessing mainframe based APIs and applications.
- Time, money, stakeholder management.
Industry: Finance Global Bank
Very competitive market which usually means the mandating of cloud native deployments and automatic scalability.
Solution
- Target Model greatly different than legacy model, based on Kubernetes and Containers to allow scalability and elasticity.
- AWS EKS and other components chosen and all services and pipelines were patterned and standardised.
- Automation in the migration of policies and code adopted and standardised.
- In the target model ‘standard’ plugins or policies used if possible, with some exceptions based on security risks and use cases.
- Patterns using Jenkins pipelines, Terraform and Helm built and deployed as templates and standards.
- Agile processes and small teams were setup to address specific parts of the overall migration. Approximately 10 teams were needed to cover the entire landscape and complexity.
- Teams ‘joined up’ using Scrum of Scrums, planning sessions, demonstration of work done and coordinated cross-team delivery planning mapped to agile processes.
- Delivery was mapped to Architecture with engineering and security mapped to Architecture as well.
Benefits
- Migration process was systemic and followed a detailed roadmap.
- Agile was used with an emphasis on learning and adaptability.
- Requirements and scope changes were built into the Agile process as hands-on uncovered various issues, dependencies.
- Cross platform or cross team cooperation naturally developed.
- The target model was a standard set of patterns and automation.
- Security was built into all designs up front.
- The process was auditable and though at times slow, was thorough.
- Pre-production and Production environments were the same making a prod-deployment a non-event.
- Monitoring and Telemetry or Observability were built into the designs very early.
- Mapping of development and Operations or SRE was performed during the entire life cycle.