Banco BV modernizes its banking apps with GKE and Anthos

Editor’s note: In today's guest post we hear from Banco BV about their application modernization journey with Anthos and Google Kubernetes Engine (GKE). Banco BV migrated its banking apps from the OpenShift platform in the data center to GKE in Google Cloud, and uses Anthos Service Mesh and Config Sync to manage its GKE clusters across its production, development and test teams. Moving to Google Cloud enabled Banco BV to scale its digital banking platform, achieving remarkable reliability and scalability improvements for its customer-facing applications.

As one of Brazil’s largest private banks, Banco BV provides innovative solutions to meet customer needs in every market segment it operates. Banco BV constantly seeks transformations and solutions to further effectively drive technological innovation.

Our story with Google Cloud began in 2020, when we started to build a cloud foundation  that would prepare our teams for a successful cloud journey. Since it is important to get the most out of our cloud investment, we implemented a FinOps model based on Google Cloud solutions. The cloud FinOps concept involves an operational framework and a culture change based on technology, finance, and business. Its goals include fostering financial accountability and accelerating business-value generation. 

As a further part of Banco BV’s digital transformation journey to Google Cloud, we were motivated to move our banking applications from a self-managed platform to a fully managed service to save on operational costs. More importantly we needed to improve scalability in our container platform, more efficiency with CI/CD pipelines, and better visibility in our application monitoring.

We started by migrating our banking applications to GKE from a self-managed OpenShift solution in a data center. The migration process took about three months. We enabled Anthos Service Mesh (ASM), which enabled us to migrate gradually and in waves (see Figure 1).

Initially, there was only one Kubernetes cluster per environment. Due to the growth of these environments, and the interests from different business units, we designed a new architecture with separate clusters for each business unit for better isolation and access control. However, distributing these applications to our new clusters was a challenge. To overcome it, we created an option in our self-service portal where our developers can choose which cluster to deploy to. If an application needs to migrate from one cluster to another, the configurations like the workload identity in the target cluster are automatically applied.

GKE offers us an automated and scalable container platform. Our developers can request cloud resources via the self-service portal. Cloud resource creation is fully automated via Terraform, and is compliant with our company's policies (security, FinOps, etc.). We’ve also established an efficient CI/CD pipeline, as GKE provides us with a rich set of integrated tools to accelerate developer productivity. Anthos helps us manage GKE clusters efficiently, and we leverage Anthos Config Sync for cluster configurations like namespace creation, following a GitOps methodology to ensure that operations are scalable, auditable and version-controlled. We also use Anthos Service Mesh extensively in our microservices-based system architecture. The service mesh not only facilitates secure communications between services but also improves application performance, availability and visibility. 

In the first year since we migrated to Google Cloud, we’ve recorded a whopping 75 times more transactions for banking services such as our instant money transfer service for the Brazilian market. According to Ivan Gancev, our Cloud Engineer Manager, “The new architecture scales well to meet demands while ensuring reliability and compliance requirements are met. We are extremely pleased with our GKE and Anthos adoption. We get to deliver value to the hands of customers faster while keeping the system reliable and scalable.”

Consumers today demand 24x7 digital experiences. We continue to look for new ways to improve how we operate our infrastructure. We adopted the new “managed control plane” feature with Anthos Service Mesh in mid-late 2022, which has been a game changer for us. We get to focus more on our business priorities, and rely upon the Google SRE team to take care of the service mesh updates and upgrades. In addition, we are looking into Anthos Policy Controller, which will give us the centralized security and compliance management. We especially like the out-of-the-box policy bundles that can help us apply best practices, meet industry standards, and solve regulatory problems across our GKE clusters.

By adopting GKE and using Anthos for multicluster management, we can run our applications on a state-of-the-art container management platform that is efficient, scalable, and reliable. This allows us to provide our customers with a great banking experience that makes them happy.

Visit Google Cloud’s website to learn how GKE and Anthos can benefit your organization, and follow this step-by-step tutorial to get started today.