The team explains how they set up systemic agility and scalability in a zero-trust clustered infrastructure that enables faster innovation and value creation.
The fourth episode of our HUBTALK series features Thomas Cheronneau (Site Reliability Engineer, LUXHUB), Leo Salvador (DevOps Engineer, LUXHUB), Sébastien Fischer (DevOps Engineer, LUXHUB) and Vincent Bouckaert (Cybersecurity & SecDevOps Engineer, LUXHUB). Lately, they have all been deeply contributing to setting up systemic agility and scalability in a zero-trust clustered infrastructure that now enables faster innovation and value creation through standardized and fast deployments.
Increasing efficiency as a must for aligning fast with regulation and competition
Coping with financial regulations standards (security, quality, compliance) is tough, especially for small entities or startups. To do so, LUXHUB recently reshaped its internal infrastructure and software delivery process, making the most of the Infrastructure-as-a-Service principle, clustering capabilities (Kubernetes) and zero-trust concept. As explained by Thomas Cheronneau, “Kubernetes accelerates the continuous integration and delivery processes, and allows enforcing security by design. Therefore, when it comes to testing innovative ideas and/or features, it makes our products safely fast to bootstrap or instantiate. Quality control and securitization is ensured by the common deployment process we designed and validated with our compliance and security advisors”.
This migration was built leveraging GitOps principles – using Flux alongside Kustomize and Helm –, meaning that “everything from third-party software to LUXHUB configurations is in version control software. The operations team can just pick up the version of bundled software-infrastructure they want, and they are then automatically made available.” The experts highlight again: “it just makes the update almost direct; the full infrastructure itself is versioned, which clearly streamlines operations and guarantees security standards, in accordance with the financial services industry.”
DevSecOps: security by design, controlled in every process
“Security requires constant vigilance. It is not something one works on periodically. Therefore, it needs to be included in every single step of the software delivery process: from software design to infrastructure setup. And more importantly, it must be constantly tested,” explains Vincent Bouckaert.
“Startups or young companies like LUXHUB must leverage the automation of security controls and implementation of modern concepts like zero-trust to achieve this within reasonable costs. The Kubernetes initiative is a perfect fit to develop such an approach,” he adds.
Choosing reliable providers
Kubernetes, the orchestrator of containerized applications, is very well known by Cloud enthusiasts. It allows various scaling strategies which are very appreciated by fast-growing fintechs.
Kubernetes offers are mostly available in public clouds. However, as a PFS (Professional of the Financial Sector), LUXHUB has to meet the strict standards dictated by local regulator CSSF. EBRC’s “KaaS” (Kubernetes-as-a-Service) offer ticked all the boxes to guarantee fast PFS compliance for LUXHUB, as well as the focus of its internal staff on the process design and deployment implementation.
Another step towards industrialization
“The industrialization of processes is a must have for any startup/company willing to scale up. This is especially true when they evolve in highly regulated ecosystems,” underlines Pierre-Olivier Bernes, IT Project Manager.
This Kubernetes initiative focused on the software delivery process of the company and its efficiency: it addressed the need for fast and qualitative software deployments in a repeatable way. “With that in place and the knowledge we built and spread internally, we feel confident in our capabilities of delivering even more – and better – services to our customers,” he concludes.
From cost saving to shorter time-to-market as well as improved quality, many benefits can be listed following this successful migration project. In fact, the internal team of experts at LUXHUB was able to deliver a secure, expandible, and flexible environment. This new infrastructure clearly facilitates the development of new services and products for the benefit of the customers; it will, for sure, help shape the future of finance. In an extremely competitive financial landscape, LUXHUB is now more than ever well-equipped to provide the industry with innovative, secure and easy-to-integrate Open Banking-powered services.