Better Integration, More Internal Use, and Increased Efficiency with Red Hat OpenShift – PT. Bank Commonwealth

Image module

About PT. Bank Commonwealth

PT. Bank Commonwealth (Commonwealth Bank) with more than 20 years of presence in Indonesia is a subsidiary of Bank Commonwealth of Australia (CBA), the largest service provider listed on the Australian Securities Exchange and is included the Morgan Stanley Capital Global Index. Commonwealth Bank today offers customers a variety of banking products in 25 cities across Indonesia such as savings, deposits, mortgage, various investment products and bancassurance, working capital credit for Small and Medium Enterprises (SME) and Safe Deposit Box (SDB), 24-hours Call Centre, as well as internet banking with special features that offer transaction flexibility.

In line with PTBC’s mission “to be the market leader in providing digital financial solutions for our Retail & SME target customers”, Commonwealth Bank has broken three records of Indonesian Record Museum (MURI) through Tyme Digital – the first end-to-end digital onboarding platform that allows customers to open bank account in less than 10 minutes –, KTA Tyme Digital – the first unsecured loan with its digital submission process and instant decision making –, and Commonwealth Bank’s Mobile Banking, as the first mobile banking application with investment features. Besides Tyme Digital, Commonwealth Bank also offers best in class customer experience through branch with digital capability that has been present in Kensington – Kelapa Gading, PIK, and WTC 6.

Develop Innovations and Improve PTBC Services

Commonwealth Bank is one of the banks in Indonesia which has a worldwide network. As a superior bank, banks need to increase their agility and flexibility to maintain their excellence. Migrating to the cloud has turned out to benefit Commonwealth Bank, by improving all its service processes.
Commonwealth Bank also wants to accelerate the development of new innovations by using DevOps.

CLOUD SERVER COMMONWEALTH BANK – OpenShift Container Platform Deployment

RedHat OpenShift Container Platform (OCP) will run on the Microsoft Azure Cloud Platform. OCP itself has the following main components:

  1. Master Nodes
    The Master Node is the main component to regulate the OCP lifecycle which consists of a data store to store the state of the OCP component, API controller, scheduler for pod positioning, replication controller to monitor pod status, and etcd. The main task of the master node is to manage the nodes in the Kubernetes cluster and arrange the placement of pods within the nodes.
  2. Infrastructure Nodes
    The infrastructure node will be used by the OpenShift registry and Router functions.The function of the router is to provide a path to access services within the OCP cluster. The router will provide a FQDN based hostname to be able to access applications inside the OCP cluster. each router will consist of route name, service selector, and service configuration.
    The OpenShift registry is used to store the docker image so that users can directly use the image to deploy applications. When a new image is generated and integrated into the internal registry, the registry will provide information to OpenShift about the new image so that it can be used by other users.
  3. Application Nodes
    Application nodes are used to run applications in the form of a Docker container. Types of applications that can be deployed include Java applications, PHP, Spring Boot, and others. Database implementations will be deployed outside of the OCP platform.
  4. Bastion Host
    Bastion node will be used to deploy / install the OCP platform on the cluster. OCP installation initiation using ansible is done through this server.
  5. Azure Disk & Storage
    Azure Disk will be used as a persistent volume of applications that need it and Azure Storage will be used by Infrastructure Nodes to manage and orchestrate the registry container.
  6. Azure Load Balancer
    Azure Load Balancer (LB) will be used as an access gate for Master Nodes, Infra Nodes, and Application nodes. Specifically, applications running on the OCP platform will be accessible through the Load Balancer component.
  7. Azure DNS
    Azure DNS will be used as the registrar naming access, doing translation from DNS names to public IPs from Load Balancer.

Bastion Host is a server to run OCP deployments. This server also acts as a workstation / jump host to administer the servers in the OCP cluster later. Whereas the LB Master and LB Router are made within the Azure resource group (availability sets), each of which functions to load-balancing the master and infra servers that contain a pod router.
The master node for each OCP cluster will consist of at least 3 master nodes to ensure that there are always sufficient number of master nodes to manage OCP clusters and that an odd number of master nodes is needed to meet the quorum requirements in the cluster master node. Infrastructure nodes are implemented at least 3 nodes for the needs of the Pod (container) Registry for image storage, routers for network layer service access, Grafana and Alert Manager for monitoring. 6 Application nodes in which each pod will have an application running.

The RedHat OCP Model of Use

  1. Platform-as-a-Service (PaaS) Model
    In this model, PTBC will be charged based on the number of containers that run within 1 (one) month. The container will be manufactured via ViBiCloud based on a request from PTBC. All containers made on this model will be charged a flat rate per month. The infrastructure will be managed by ViBiCloud as the provider and support of this service.
  2. Infrastructure-as-a-Service (IaaS) Model
    In this model, PTBC will be charged based on the current VMs to support this need. Cloud infrastructure will be managed by ViBiCloud.

Service Optimization and Innovation with DevOps

Commonwealth Bank is accelerating new solutions by developing DevOps. By combining development (Dev) and operations (Ops), DevOps can enhance collaboration and coordination between teams to deliver, and operate new solutions more quickly. With cloud the DevOps implementation becomes more efficient and faster.
However, to use the cloud, Commonwealth Bank must also comply with strict regulations from the financial services industry, as governed by the OJK (Indonesian Financial Services Authority). In this case ViBiCloud provides the most suitable solution using hybrid cloud.
By combining public cloud and private cloud, Commonwealth Bank is able to enhance flexibility and optimize premise infrastructure while still meeting regulatory compliance, and protecting security. ViBiCloud helps Commonwealth Bank migrate their datacenter to use cloud solutions. Now Commonwealth Bank has used container service on Red Hat OpenShift, which is used on Azure Cloud.
By utilizing service containers (OpenShift and Azure Kubernetes) to build their business applications and use a micro service architecture, companies can develop applications that are more flexible, efficient, and optimal.

The results of this transformation are enormous. In general, hybrid cloud solutions have enabled Commonwealth Bank to grow and remain in compliance with OJK regulations.