Internet Commercial Bank has undergone three major technological changes. Starting from the establishment of the site, the e-commerce bank is based on the cloud computing infrastructure, using the cloud platform architecture to support business development, and the delivery model using the release package model based on the classic virtual machine. With the growth of business volume, the architecture of the three centers in the two places can no longer meet the needs of business development. It is necessary to upgrade the architecture with better scalability. In addition, the attributes of banking financial services need to have higher requirements for disaster tolerance. Upgraded from the traditional cloud architecture to the remote multi-active cloud unit architecture. The continuous development of cloud native technology has brought us the capabilities of security, credibility, cost-saving and agile development. With the development of business, higher requirements for operation and maintenance efficiency, scalability, portability, and refined control are driven Infrastructure is evolving to a cloud-native architecture system. Internet commercial banks embrace emerging technology architectures and are gradually evolving to a cloud-native architecture
Financial-grade cloud-native distributed architecture brings value to business
The current cloud-native community continues to be hot, and the Cloud Native Computing Foundation (CNCF) repositioned cloud-native in 2018: Cloud-native technology is conducive to organizations in building and Run applications that can be flexibly expanded. Cloud-native representative technologies include containers, service grids, microservices, immutable infrastructure, and declarative APIs. These technologies can build loosely coupled systems that are fault-tolerant, easy to manage, and easy to observe. Combined with reliable automation, cloud native technology enables engineers to easily make frequent and predictable major changes to the system.
With the continuous iterative evolution of cloud-native technology, the capabilities of cloud-native products are constantly maturing and improving, and cloud-native architecture has gradually become the direction of selection for many Internet institutions and financial industry institutions. Container orchestration Kubernetes technology carries the goal of unified resource scheduling in the cloud-native era. Through unified resource scheduling, resource utilization can be effectively improved, and resource costs can be greatly saved. Through flexible resource delivery, cluster large-scale services, and technical risks and automated operation and maintenance Continue to build capabilities on Kubernetes to gradually become the next-generation cloud operating system infrastructure. The service grid technology is the core of the cloud native architecture. Compared with the SOA system, the service grid sinks the basic underlying capabilities such as RPC, message, and DB access, decouples the deployment of the business system, and brings a transparent communication infrastructure to the business system. , To reduce the business burden and accelerate the evolution of infrastructure. The cloud-native hybrid cloud elastic architecture provides a feasible solution for low-cost and rapid business expansion and contraction. The unified management and control of cross-cloud elastic resources realizes flexible resource scheduling, and the dynamic use of elastic cloud resources based on business volume further reduces resource costs .
Challenges and goals of cloud-native architecture upgrades for e-commerce banks
**1. Cloud native architecture upgrade challenge. **The first is the large-scale upgrade of the infrastructure. From the bottom-level resource scheduling to the upper-level PaaS and middleware, the cloud-native architecture must be adapted to meet the requirements of cloud-native access at the application layer; the second is the smooth architecture upgrade. The problem of evolution is that at the platform product level, the existing unitized architecture needs to be compatible with the new cloud native architecture to ensure a smooth transition of the architecture. At the R&D model level, it is necessary to transition from the traditional code package delivery model to the container image as the carrier. In the cloud-native delivery model, the entire process should change the user's operating habits as little as possible. Third is the challenge of the operation and maintenance system and safe production brought by the architecture upgrade. The introduction of new cloud-native products requires the construction of supporting basic operation and maintenance capabilities. The changes in the SaaS layer application operation and maintenance model also bring new challenges to the operation and maintenance personnel. Challenges. In addition, the introduction of the new architecture brings high availability, stability, and change control and other safety production challenges, and it is necessary to continuously build supporting technical risk capabilities.
**2. The goal of cloud native architecture upgrade. **1. complete the landing of cloud-native infrastructure products, and complete the smooth upgrade of the existing unitized architecture to the cloud-native architecture to provide the underlying capability support for the continuous evolution of the architecture. Secondly, through the use of new cloud-native technologies to improve R&D efficiency, resource efficiency, security reinforcement, and operation and maintenance capabilities, the ability to independently evolve after the sinking of infrastructure capabilities, reduce the cost of application development, and the service grid technology can achieve low-cost and safe business Reinforce, reduce business risks, unified resource scheduling and hybrid cloud elastic architecture to support elastic scaling of resources, improve resource utilization, reduce resource cost input, build a new operation and maintenance system to support cloud-native operation and maintenance models, and achieve sustainable delivery; once again, online banking Explore the upgrade path of cloud native architecture, accumulate a set of methods, practices and products for migrating from classic architecture to advanced architecture, and provide technical practice reference for the industry.
Exploration and Practice of Cloud Native Architecture of Internet Commercial Bank
**1. Hybrid cloud elastic architecture. **With the increasing popularity of cloud computing, both Internet companies and traditional IT companies tend not to be bound to a cloud. Hybrid cloud architecture has become a major IT system evolution trend. The e-commerce bank deploys applications based on a unified container service (compatible with Kubernetes), which can decouple the locked relationship between the application and the IAAS cloud base, and realize a mirrored multi-cloud deployment. In addition, based on the cloud unit architecture, the online business bank uses business link dynamic identification technology to create the ability to pop in and pop traffic between multiple clouds according to the business link level, which can conveniently and efficiently perform traffic between multiple clouds. Scheduling to solve the cost and efficiency problems of elastic expansion and contraction for sudden traffic and promotional activities in the Internet era.
**2. Immutable infrastructure. **Traditional variable infrastructure is based on physical machines or virtual servers for application deployment. Between different environments, the machine status of the application can be updated through dynamic configuration delivery or real-time access to external services. The entire infrastructure is always in a state of change. In the process, some O&M scenarios that need to be rolled back will be more complicated. The online business bank adopts a mirrored deployment model to package the infrastructure (including configuration) that the application depends on into an immutable mirror, which can be a unified mirror for multiple environments, which greatly reduces the deployment cost of multiple environments and automatically rotates and replaces , Automatic rollback and other operation and maintenance actions are more friendly, which improves the automation level of infrastructure operation and maintenance.
**3. Service grid. **Service grid is a very important infrastructure in the next-generation cloud native architecture of the online business bank. It sinks some of the network communication capabilities originally integrated through the SDK into the Sidecar, including basic RPC, message, and DB access capabilities , And on this basis, the capabilities of service discovery, fusing, current limiting, flow control, database sub-database and table sub-table, so as to bring a more transparent communication infrastructure to the business system, and the iterative evolution of the infrastructure is solved by the business system. Coupling, let business research and development focus on business logic, reduce the burden on business systems, improve the iterative efficiency of business systems and infrastructure, and achieve professional teams to do professional things. In addition, the introduction of Sidecar also provides greater possibilities for the multi-language development of business systems. The service grid technology can solve the interconnection and intercommunication problems between multi-language and multi-technology stacks, which is conducive to building a loosely coupled banking system architecture. .
**4. Safe and reliable. **In the process of exploring and practicing cloud-native architecture, the online business bank pays special attention to the security capabilities of the architecture, and continuously builds a secure and trusted architecture based on cloud-native. As an Internet-oriented digital bank, the Internet merchant bank needs a set of IT system architecture that takes into account high efficiency and high security. Based on the service grid, the Internet merchant bank realizes the secure access control of core application services, and forms the core system as a whole. The coverage of defense-in-depth capabilities can greatly improve security while ensuring the efficiency of business research and development.
**5. Off-line mixed department. **With the increase in the scale of clusters, the resource pools of online business clusters and offline clusters have gradually become larger. Due to the low peak period of the business, the use of independent resource pools online and offline will encounter resource utilization problems, a more obvious problem The phenomenon is that the resource allocation rate of the cluster is very high but the actual utilization rate is low. In order to solve the problem of resource utilization, the online and offline cluster deployment in the cloud native architecture construction process, unified resource scheduling, based on resource isolation and dynamic adjustment, online services and offline computing services of different attribute types Accurate combination, use efficient scheduling algorithms and intelligent capacity calculation models and other technical means to complete the rational use of resources, improve the level of efficient use of resources at peak shifts, and reduce IT costs.
Summary and future outlook
Cloud native technology brings a higher level of infrastructure abstraction, further separating the focus of research and development from the infrastructure and focusing on the realization of upper-level business logic. Through the exploration and practice of cloud-native architecture upgrades, the Internet business bank has gradually implemented cloud-native related technologies, providing advanced technical support for the future business development of Internet businesses, and laying the foundation for the continuous evolution of the architecture. The design of Internet-oriented digital banking IT systems is becoming more and more complex. Under the condition of rapid changes in business requirements, the number of microservices has also increased exponentially. It has become difficult for traditional operation and maintenance models to support such large-scale distributed service operation and maintenance. The cloud native architecture simplifies the business system infrastructure, is more conducive to building an automated operation and maintenance system, and reduces the difficulty of human intervention. In addition, with the complexity of banking business, the abstraction of financial core components is a major trend, and the centralization of the architecture has gradually become an important direction for the new generation of software system integration models. While emphasizing the reusability of business core components, how to ensure the efficiency of business system iteration is a problem that needs to be faced. On the basis of cloud native, some new technologies provide new ideas for improving R&D efficiency, such as serverless, etc. The implementation of cloud native architecture has expanded the capacity management, operation and maintenance management and control capabilities of bank infrastructure to automation and intelligence. Open up a broader space for development.