Macquarie's banking and financial services (BFS) division has lifted the lid on a key part of its journey to the cloud, with the completion of a two-year project to move its SAP-based core banking system to AWS.
In February 2020, BFS announced in a briefing it had a target to migrate 100 percent of its IT infrastructure to the cloud by the end of 2022.
The bank-wide cloud migration was the impetus behind an 18 percent growth in BFS’s spend in the 2021-2022 financial year.
Its core banking system is a major part of the migration, and in a blog post published Monday, engineers Mercy Velasco and Leigh Thompson describe the project that accomplished the huge migration.
In Macquarie Group’s context, such a project has far-reaching implications.
The solution had to meet vendor support requirements (in this case, SAP, AWS, Red Hat and Oracle), adhere to Macquarie’s own policies and processes, and meet financial regulatory requirements, they wrote.
BFS wrote a tool that automatically generated “software-defined templates representing a definition of the infrastructure and application deployment”, Velasco and Thompson wrote.
“These templates are interpreted by a continuous delivery (CD) pipeline, enriched if required, and transformed into AWS CloudFormation.
“It uses immutable deployments taking advantage of cloud capacity on-demand, so rather than modify an existing deployment in place it re-deploys a full set of resources that support an application stack, and discards the previous resources including infrastructure components if no longer required.”
Velasco and Thompson wrote that the architecture created for BFS combines infrastructure-as-code and architectural patterns.
This means BFS has “the ability to create new AWS infrastructure stacks for a complete SAP system with one click, usually in under an hour.”
The database is deployed using a “blue/green” model, the authors explained, allowing “code change maintenance to be performed in a “rolling fashion”.
Before code is deployed, a standby instance is created, so that if there’s an issue, “the instance can safely be rolled back to previous with the primary database remaining online and intact”.
Other key aspects of the rollout included upgrades to the underlying Oracle databases; implementing SAP bundle patching for Oracle databases; and rolling out Oracle DataGuard in Maximum Available mode, to get “the highest level of data protection that is possible without compromising availability of the primary database”.
Since the core banking system is needed 24x7, achieving cutover with minimal downtime was paramount.
That was achieved with surprising simplicity: once the AWS-hosted system was built, the BFS engineers performed “a DNS change that redirected an alias from on-premise to AWS environments”, and as a result, “none of the upstream systems required changes on the day and we had an easy rollback if necessary.”
Lessons learned
In conclusion, Velasco and Thompson wrote, the key lessons were that “new technologies such as new operating system SOEs and various feature changes into our environment … added additional complexity and time to the project” and should be resourced and commenced earlier in the project.
As well, “we completed the AWS Well-Architected Framework SAP Lens with our aligned AWS architects and this also provided us with valuable input into our processes and design.”
Macquarie said the project was achieved almost 100 percent remotely.