continuous delivery en banque
TRANSCRIPT
Making a Mammoth Run
Continuous Delivery in a bank
I am Laurent GrangeauI love to automate things and run apps at scale. You can find me at @laurentgrangeau
Hello!
Overview of softwares in bank industries1
Banking overview
Old codeThere is lots of legacy code. Generally, the code base is > 5 years old.
No agile processMostly waterfall process, ITIL compliant.
RegulationBanks can’t do what they want. There is a lot of regulation and audits.
Monolithic softwaresAs softwares were designed years ago, there is little microservices, and no 12factor principles.
Releases are manualGenerally, release is a manual process with service interruption.
Obsolete infrastructuresThere are still mainframe computers or specialized appliances like Sparc machines.
Fintechs arrival2
$12.7 billions funding
1.000+ companies
Leverage on cutting edge technologies
Fintech landscape
Appears in 2008
$921 millions cumulative investment
805 blockchain startups
$4.9 billions Bitcoin capitalisation
Blockchain ecosystem
Fintechs are taking market
shares…It’s time to
react !
BANKS
FINTECHS
Continuous Delivery program3
Be like the GAFABe faster, bring more business value,
reduce maintenance costs
Why ?
◉ Faster time to market=> Competitive advantage
◉ Better quality of product=> Higher customer satisfaction
◉ Processes optimized=> Reduced total cost of ownership
Change management
Agile coachesBring more business value, involve stakeholders.
ex. Scrum, Kanban, Backlog grooming, …
Software craftsmanship coachesBuild robust, testable and sustainable code.
ex. TDD, BDD, Clean code, …
DevOps coachesAutomate the delivery.
ex. IaC, Automated deployment, …
Agile pillar
◉ What is Agile ?◉ “Our highest priority is to satisfy the
customer through early and continuous delivery of valuable software”
◉ Why ?◉ Increase quality of delivery and reduce
time to market
Agile pillar
◉ Scrum/Kanban product backlog management
◉ Backlog grooming◉ Story mapping◉ Business analysts involved◉ Iterative development◉ Minimum viable product◉ …
Have rapid feedbackIterative development, deliver value to
customers, people collaboration, respond to change
Software craftsmanship pillar
◉ What is software craftsmanship ?◉ “Any fool can write code that a
computer can understand.Good programmers write code that human canunderstand” M.Fowler
◉ Why ?◉ To add value and respond to change
Software craftsmanship pillar
◉ Test Driven Development◉ Behavior Driven Development◉ Clean code / architecture◉ « Three amigos »◉ Continuous integration / testing◉ Testing and refactoring legacy code◉ …
Software craftsmanship pillar
◉ Collaboration culture◉ Coding dojos◉ Hackathon / Coding games◉ Meetup / Fair / Conference◉ Blog◉ Community projects◉ …
Have better code qualityCollaboration culture, reduce maintenance
costs, improve reusability
DevOps pillar
◉ What is DevOps ?◉ DevOps is a culture, movement or practice that
emphasizes the collaboration and communication of both software developers and other information-technology (IT) professionals while automating the process of software delivery and infrastructure changes.
◉ Why ?◉ To increase effectiveness, reduce TTM and
implements continuous improvement
DevOps pillar
◉ Dev / Ops collaboration◉ Infrastructure as Code◉ Automated deployment◉ Metrology◉ Release pipeline◉ Desired state◉ …
One team, everything automatedContinuous improvement, faster time-to-
market, faster resolution of problems, more stable environment
PlatformBacklog
groomingDevelopment
interfaceSource code management
Continuous integration Testing Libraries
repositoryDeployment automation
Metrology
Infrastructure as code
400+ applications transformed
Reduce TTM from months to 2 weeks
Reduce deploy time from months to minutes
What’s next ?4
New challenges
◉ Resiliency◉ Scalability◉ Infrastructure hybridation◉ Multi-tenancy◉ Opensource culture◉ Service discovery◉ Secret management
Cloud & PaaS program
Platform
Metrology
Backlog grooming
Development interface
Source code management
Continuous integration Testing Libraries
repositoryDeployment automation
Platform
RegistryDocker-swarm
The registratordiscovers newcontainers and feeds the registry
Platform
Docker-swarm
Service discovery
Registry
Service providerService consumer
1. Publish2. Find
3. Bind
Service discovery
Application K/V store
DEV STAGING PROD
K/V store K/V store
Update version
Password generation
On demandcredentials
No longer needharcodedcredentials
1. Request credentials
2. Connect
3. Scale
4. Connect
Addcredentials
Impersonification
I want totroubleshootproblems
Production
Works for SSH and DB !
1. Request credentials
2. Generate access
3. Login with generated credentials
Dev
PKI : certificates generation
Host Host Host
Generatingon demandcertificatesfor containerscommunication
Request certificates
Conclusion6
Continuous delivery is now complete part of the bank
Huge change on the manner of working
Nearly everything is automated
Any questions ?You can find me at◉ @laurentgrangeau◉ [email protected]
Thanks!