OTP Bank migrated to Deckhouse Kubernetes Platform

2024: Migration to Deckhouse Kubernetes Platform

OTP Bank, with the support of Flant, has implemented a platform as a service (PaaS) approach based on the internal cloud in order to create the necessary clusters according to the same standard, reduce time to market of new products and save resources. The bank announced this on September 11, 2024.

The project was implemented on the basis of Deckhouse Kubernetes Platform (DKP) for the rapid deployment of Kubernetes clusters in the internal cloud. The use of a domestic container load management solution allowed the bank's development teams to create clusters in the most simplified mode through the self-service portal and significantly reduce administration costs. For Flant, this project was one of the first to install DKP in a closed loop, which influenced the further development of the platform, making it a priority product for corporate clients with high information security requirements in the financial sector.

At the start of the project, internal development teams preferred to use public clouds, since, unlike the inner loop in them, it was possible to gain access to additional services, for example, to quickly deploy Kubernetes clusters "by button." Cluster deployment was not standardized, with each team using their own approaches. In addition, many product teams had to spend additional time and resources supporting clusters instead of directing them directly to develop new products.

Deckhouse Kubernetes Platform has become our choice for several key reasons. First of all, it is a ready-made and proven solution for working with containers, which minimizes the time spent on refinement. The platform offers a wide range of functionality for the deployment and management of Kubernetes clusters - this fully meets the needs of our product teams. We also appreciated the possibility of constant interaction with the vendor during installation, and this is another advantage of working with domestic software. Flant engineers provided round-the-clock support, which contributed to the prompt resolution of emerging issues and the acceleration of the project. During all this time, my team has not registered a single critical appeal, which indicates a high degree of maturity and reliability of Deckhouse Kubernetes Platform, "said Sergey Simonenko, Director of the Information Technology Division of OTP Bank.

As a result, Deckhouse made it possible to simplify and unify the processes of creating and managing Kubernetes clusters in OTP Bank - both for developing and launching applications in production. Now the ready-made cluster with all the tools necessary for the DevOps command is automatically deployed. Deckhouse monitors and monitors the entire PaaS infrastructure in the private cloud in full compliance with information security requirements. At the same time, the cost of supporting Kubernetes has been significantly reduced - 50 + clusters, which are deployed in the bank, are administered by a minimal operation team.

The project with OTP Bank has become a certain challenge for us, since before that we did not have experience in building a full-fledged Managed Kubernetes service on our platform in a completely isolated private cloud environment, which was dictated by information security requirements. However, this served as a huge driver for product development, and made Deckhouse Kubernetes Platform a priority solution for corporate customers who seek to minimize vulnerability risks as much as possible and at the same time take full advantage of Kubernetes technology. Now Deckhouse Kubernetes Platform is actively used not only in the banking sector, where the requirements for information security are very high, but also in government agencies, the oil and gas industry, retail and other areas, - said Konstantin Aksyonov, director of the Deckhouse development department of Flant.

2022: Building PaaS, which provides numerous product teams with Kubernetes clusters of the same type as a service

Main tasks

• Build PaaS, which would provide numerous product teams with the same type of Kubernetes clusters as a service.
• Enable development teams to order clusters as they do. cloudy providers
• Implement the ability to deploy standardized clusters with pre-configured infrastructure.
• Get a standardized solution for Kubernetes clusters
• Save team resources on supporting containerization platforms.
• Reduce turnaround time

When choosing a partner, the bank's team analyzed the solutions on the market, both Russian and foreign. As a result, the Kubernetes platform Deckhouse (developed by Flant) was chosen as the basis for PaaS.

• The main advantages that determined the choice:
• Domestic distribution kit with support from the vendor;
• Ready-made boxed solution, mature against the background of domestic competitors;
• Adequate cost;
• A simple start with a solution that has a ready-made pre-configured cluster;
• Have all the functionality you need to use the platform in production.

It is worth noting that for all the time there was not a single treatment with criticality 1 (urgent), which indicates a high degree of maturity of the product, "added Viktor Sirenko, Head of the Cloud Services Development Department of OTP Bank.

Results

• simplification and unification of processes of creation and management of Kubernetes clusters for both development and launch of applications in production. A ready-made cluster with everything you need for a DevOps command unfolds in 40 minutes;
• Monitor and monitor all PaaS infrastructure. Support for 20 + clusters with a small PaaS team;
• lack of complaints and questions from the security service;
• a pre-configured process for collecting metrics and logs;
• Centralized certificate management
• Platform as a Service in a private cloud;
• an internal portal for the Platform Command Administrator.

More detailed information on this project can be found by watching the webinar