ING: Driving banking innovation with cloud native

Challenge

After undergoing an agile transformation, ING realized it needed a standardized platform to support the work their developers were doing. “Our DevOps teams got empowered to be autonomous,” says Infrastructure Architect Thijs Ebbers. “It has benefits; you get all kinds of ideas. But a lot of teams are going to devise the same wheel. Teams started tinkering with Docker, Docker Swarm, Kubernetes, Mesos. Well, it’s not really useful for a company to have one hundred wheels, instead of one good wheel.”

Solution

Using Kubernetes for container orchestration and Docker for containerization, the ING team began building an internal public cloud for its CI/CD pipeline and green-field applications. The bank-account management app Yolt in the U.K. (and soon France and Italy) market already is live hosted on a Kubernetes framework. ING is also developing blockchain-enabled applications that will live on the Kubernetes platform.

Impact

“Cloud native technologies are helping our speed, from getting an application to test to acceptance to production,” says Infrastructure Architect Onno Van der Voort. “If you walk around ING now, you see all these DevOps teams, doing stand-ups, demoing. They try to get new functionality out there really fast. We held a hackathon for one of our existing components and basically converted it to cloud native within 2.5 days, though of course the tail takes more time before code is fully production ready.”

Challenges:
Industry:
Location:
Cloud Type:
Product Type:
Published:
June 7, 2018

Projects used

By the numbers

The goal

“To free the engineer”

Converting components to cloud native

Takes 2.5 days

Blockchain-enabled applications developed on Kubernetes

ING has long embraced innovation in banking, launching the internet-based ING Direct* in 1997.

In that same spirit, the company underwent an agile transformation a few years ago. “Our DevOps teams got empowered to be autonomous,” says Infrastructure Architect Thijs Ebbers. “It has benefits; you get all kinds of ideas. But a lot of teams are going to devise the same wheel. Teams started tinkering with Docker, Docker Swarm, Kubernetes, Mesos. Well, it’s not really useful for a company to have one hundred wheels, instead of one good wheel.”

Looking to standardize the deployment process within the company’s strict security guidelines, the team looked at several solutions and found that in the past year, “Kubernetes won the container management framework wars,” says Ebbers. “We decided to standardize ING on a Kubernetes framework.” Everything is run on premise due to banking regulations, he adds, but “we will be building an internal public cloud. We are trying to get on par with what public clouds are doing. That’s one of the reasons we got Kubernetes.”

They also embraced Docker to address a major pain point in ING’s CI/CD pipeline. Before containerization, “Every development team had to order a VM, and it was quite a heavy delivery model for them,” says Infrastructure Architect Onno Van der Voort. “Another use case for containerization is when the application travels through the pipeline, they fire up Docker containers to do test work against the applications and after they’ve done the work, the containers get killed again.”

Because of industry regulations, applications are only allowed to go through the pipeline, where compliance is enforced, rather than be deployed directly into a container. “We have to run the complete platform of services we need, many routing from different places,” says Van der Voort. “We need this Kubernetes framework for deploying the containers, with all those components, monitoring, logging. It’s complex.” For that reason, ING has chosen to start on the OpenShift Origin Kubernetes distribution.

Already, “cloud native technologies are helping our speed, from getting an application to test to acceptance to production,” says Van der Voort. “If you walk around ING now, you see all these DevOps teams, doing stand-ups, demoing. They try to get new functionality out there really fast. We held a hackathon for one of our existing components and basically converted it to cloud native within 2.5 days, though of course the tail takes more time before code is fully production ready.”

“We have to run the complete platform of services we need, many routing from different places. We need this Kubernetes framework for deploying the containers, with all those components, monitoring, logging. It’s complex.”

— ONNO VAN DER VOORT, INFRASTRUCTURE ARCHITECT AT ING

The team, however, doesn’t see the bank’s back-end systems going onto the Kubernetes platform. “Our philosophy is it only makes sense to move things to cloud if they are cloud native,” says Van der Voort. “If you have traditional architecture, build traditional patterns, it doesn’t hold any value to go to the cloud.” Adds Cloud Platform Architect Alfonso Fernandez-Barandiaran: “ING has a strategy about where we will go, in order to improve our agility. So it’s not about how cool this technology is, it’s about finding the right technology and the right approach.”

The Kubernetes framework will be hosting some greenfield projects that are high priority for ING: applications the company is developing in response to PSD2, the European Commission directive requiring more innovative online and mobile payments that went into effect at the beginning of 2018. For example, a bank-account management app called Yolt, serving the U.K. market (and soon France and Italy), was built on a Kubernetes platform and has gone into production. ING is also developing blockchain-enabled applications that will live on the Kubernetes platform. “We’ve been contacted by a lot of development teams that have ideas with what they want to do with containers,” says Ebbers.

Even with the particular requirements that come in banking, ING has managed to take a lead in technology and innovation. “Every time we have constraints, we look for maybe a better way that we can use this technology.”

— ALFONSO FERNANDEZ-BARANDIARAN, CLOUD PLATFORM ARCHITECT AT ING

Even with the particular requirements that come in banking, ING has managed to take a lead in technology and innovation. “Every time we have constraints, we look for maybe a better way that we can use this technology,” says Fernandez-Barandiaran.

That has certainly been the driver for phase two of ING’s cloud native journey. After the team gained experience with production workloads on the platform running inside the company’s data center, a new initiative was started to utilize a managed Kubernetes service in the public cloud. “We saw value in making use of public cloud services,” says Chapterlead & Platform Engineer Sudesh Jethoe. “We’re moving quite a few of our workloads that are suitable for running there.”

The main driver is a business one, because moving to the public cloud “just makes us more effective,” Jethoe says. “But the goal is also to get the developers who are going to use the platform to see the benefits for themselves. We hope to achieve that by giving them some extra features with observability, to mitigate the risks for them. We want to free the engineer. That’s our mission.”

*ING Direct was acquired by Capital One in 2012 and is now called Capital One 360.