Flant transferred the infrastructure of Unified TsUPIS to Deckhouse Kubernetes Platform

2024: Scaling Deckhouse Kubernetes Platform

UNIFIED TSUPIS, together with Flant, transferred to Deckhouse Kubernetes Platform an infrastructure that processes 2.4 million transactions per day for 15 million users throughout Russia. The implementation of the project made it possible to create a fault-tolerant geodistributed architecture and provide a high level of SLA up to 99.99%. This was announced by "Flant" on February 26, 2024.

The scaling of the payment service of the UNIFIED CUPIS led to a complication of the architecture: the number of manual operations increased, the degree of control of production sites decreased, and entropy increased. In this regard, it was decided to deploy the modern orchestrator Kubernetes on all industrial sites for more than 160 services. At the time of choosing a vendor solution, the experience of implementing Kubernetes in the industry had not yet been accumulated, so the choice was made in favor of the promising Russian product Deckhouse Kubernetes Platform (DKP).

It was not just about the technical audit of current solutions, but about assessing their effectiveness in the context of service security and general fault tolerance of the architecture. We needed the support of a competent and strong team ready to ensure that answers to our questions were provided. We also needed contact with engineers who already had experience in implementing Kubernetes. In addition, we were looking for like-minded people, people who love their work, who use this technology, understand the client's problems and want to solve them. So we found the company "Flant," - said Alexander von Rosen, member of the Management Board, Technical Director of the UNIFIED TsUPIS.

As a result, all SINGLE CUPIS microservices were transferred to an infrastructure managed by Deckhouse Kubernetes Platform. In order to provide a fault-tolerant geodistributed architecture, four separate clusters are combined into a single Istio-based service mesh. Ten more clusters are deployed for infrastructure needs. In addition, the use of mutual authentication tools has strengthened the security of applications.

Due to the choice of a ready-made solution and deep expertise, Flant managed to significantly reduce the time and amount of resources that were required to implement the container orchestration platform. Deckhouse Kubernetes Platform allowed the UNIFIED CUPIS team to concentrate on developing and solving business problems, rather than immersing itself in the complexity of the Kubernetes device and the technologies around it.

{{quote 'Container infrastructure is at the heart of the vast majority of critical fintech systems. And we see that more and more organizations are moving to practical import substitution. UNIFIED TSUPIS was the first in the industry to introduce the Russian Kubernetes platform Deckhouse and has already been convinced of the reliability, safety and performance of highly loaded IT systems in the container environment, and millions of service users were able to appreciate the speed and convenience of digital services, - said Konstantin Aksyonov, Director of the Deckhouse Development Department of Flant. }}

2020: Infrastructure upgrades

Tasks

• Conduct a technical audit of the IT infrastructure.
• Develop and upgrade existing infrastructure with increased system reliability requirements (SLA 99.99).

Decision

• Deployed Kubernetes under control Deckhouse
• Combined four clusters into a single Istio-based Service Mesh
• Advised in detail how to certify Deckhouse-managed clusters to PCI DSS standards

Results

• Geodistributed fault-tolerant infrastructure organized
• Application security enhanced by dual-line authentication