Making a Mammoth Run

Continuous Delivery in a bank

I am Laurent GrangeauI love to automate things and run apps at scale. You can find me at @laurentgrangeau

Hello!

Overview of softwares in bank industries1

Banking overview

Old codeThere is lots of legacy code. Generally, the code base is > 5 years old.

No agile processMostly waterfall process, ITIL compliant.

RegulationBanks can’t do what they want. There is a lot of regulation and audits.

Monolithic softwaresAs softwares were designed years ago, there is little microservices, and no 12factor principles.

Releases are manualGenerally, release is a manual process with service interruption.

Obsolete infrastructuresThere are still mainframe computers or specialized appliances like Sparc machines.

Fintechs arrival2

$12.7 billions funding

1.000+ companies

Leverage on cutting edge technologies

Fintech landscape

Appears in 2008

$921 millions cumulative investment

805 blockchain startups

$4.9 billions Bitcoin capitalisation

Blockchain ecosystem

Fintechs are taking market

shares…It’s time to

react !

BANKS

FINTECHS

Continuous Delivery program3

Be like the GAFABe faster, bring more business value,

reduce maintenance costs

Why ?

◉ Faster time to market=> Competitive advantage

◉ Better quality of product=> Higher customer satisfaction

◉ Processes optimized=> Reduced total cost of ownership

Change management

Agile coachesBring more business value, involve stakeholders.

ex. Scrum, Kanban, Backlog grooming, …

Software craftsmanship coachesBuild robust, testable and sustainable code.

ex. TDD, BDD, Clean code, …

DevOps coachesAutomate the delivery.

ex. IaC, Automated deployment, …

Agile pillar

◉ What is Agile ?◉ “Our highest priority is to satisfy the

customer through early and continuous delivery of valuable software”

◉ Why ?◉ Increase quality of delivery and reduce

time to market

Agile pillar

◉ Scrum/Kanban product backlog management

◉ Backlog grooming◉ Story mapping◉ Business analysts involved◉ Iterative development◉ Minimum viable product◉ …

Have rapid feedbackIterative development, deliver value to

customers, people collaboration, respond to change

Software craftsmanship pillar

◉ What is software craftsmanship ?◉ “Any fool can write code that a

computer can understand.Good programmers write code that human canunderstand” M.Fowler

◉ Why ?◉ To add value and respond to change

Software craftsmanship pillar

◉ Test Driven Development◉ Behavior Driven Development◉ Clean code / architecture◉ « Three amigos »◉ Continuous integration / testing◉ Testing and refactoring legacy code◉ …

Software craftsmanship pillar

◉ Collaboration culture◉ Coding dojos◉ Hackathon / Coding games◉ Meetup / Fair / Conference◉ Blog◉ Community projects◉ …

Have better code qualityCollaboration culture, reduce maintenance

costs, improve reusability

DevOps pillar

◉ What is DevOps ?◉ DevOps is a culture, movement or practice that

emphasizes the collaboration and communication of both software developers and other information-technology (IT) professionals while automating the process of software delivery and infrastructure changes.

◉ Why ?◉ To increase effectiveness, reduce TTM and

implements continuous improvement

DevOps pillar

◉ Dev / Ops collaboration◉ Infrastructure as Code◉ Automated deployment◉ Metrology◉ Release pipeline◉ Desired state◉ …

One team, everything automatedContinuous improvement, faster time-to-

market, faster resolution of problems, more stable environment

PlatformBacklog

groomingDevelopment

interfaceSource code management

Continuous integration Testing Libraries

repositoryDeployment automation

Metrology

Infrastructure as code

400+ applications transformed

Reduce TTM from months to 2 weeks

Reduce deploy time from months to minutes

What’s next ?4

New challenges

◉ Resiliency◉ Scalability◉ Infrastructure hybridation◉ Multi-tenancy◉ Opensource culture◉ Service discovery◉ Secret management

Cloud & PaaS program

Platform

Metrology

Backlog grooming

Development interface

Source code management

Continuous integration Testing Libraries

repositoryDeployment automation

Platform

RegistryDocker-swarm

The registratordiscovers newcontainers and feeds the registry

Platform

Docker-swarm

Service discovery

Registry

Service providerService consumer

1. Publish2. Find

3. Bind

Service discovery

Application K/V store

DEV STAGING PROD

K/V store K/V store

Update version

Password generation

On demandcredentials

No longer needharcodedcredentials

1. Request credentials

2. Connect

3. Scale

4. Connect

Addcredentials

Impersonification

I want totroubleshootproblems

Production

Works for SSH and DB !

1. Request credentials

2. Generate access

3. Login with generated credentials

Dev

PKI : certificates generation

Host Host Host

Generatingon demandcertificatesfor containerscommunication

Request certificates

Conclusion6

Continuous delivery is now complete part of the bank

Huge change on the manner of working

Nearly everything is automated

Any questions ?You can find me at◉ @laurentgrangeau◉ laurent.grangeau@gmail.com

Thanks!