Modernisation and Management of a new API Container Platform
2018 – 2021

About BPAY

BPAY Group (‘BPAY’) is a leading Australian company that delivers payment services to over 150 Australian financial institutions and 11 million consumers. Technology is at the heart of BPAY’s service offerings and customer experiences and is a key enabler in its business strategy and roadmap.

BPAY Group is an innovator in the field of payments and beyond into AI and Machine Learning. To stay ahead of the game, CMD Solutions Australia worked with BPAY Group to build an API container and innovative platform.

Overview

  • BPAY operates in a highly regulated environment and is required to have PCI compliance across its API operations and the underpinning modern container platform. This compliance uplifts internal capabilities for faster, safer, and more cost-efficient application releases.
  • BPAY required rapid speed to market, and for the API and container platform to be built within a four-month window.
  • Service availability and reliability is essential to operational excellence. BPAY required a 24/7 managed service and support model that could enable a seamless transition to the platform during go-live deployment, and provide continual support to the platform to ensure the ongoing resilience and availability of its services.
  • As part of its cloud and business strategy, BPAY also saw the need to build a modern developer experience with innovative technology to attract the best talent. This needed to be done while uplifting employee skillsets and modernising processes across the existing internal engineering teams and relevant business groups.

BPAY collaborated with CMD Solutions, AU/NZ AWS Consulting Partner of the year 2020/21, to build an API container and innovation platform. The platform would help to achieve the desired outcomes of modernising its technology capabilities to drive greater agility, connectivity and efficiencies in the market, while meeting security and compliance requirements.

The challenge

The following challenges were identified and addressed:

  • Portability – Build a future proof solution with the flexibility to host the platform and configuration.
  • Cost – Have the capability to scale up and down in a regular manner and better manage costs accordingly.
  • Efficiencies – Through technology enablement and automation, adopt new efficient processes in key areas such as deployment, security and compliance.
  • Building a cloud brand – Adopt the latest and most advanced tooling to attract the best developers and engineers.
  • Seamless communication between clusters – As PCI compliance requires multiple clusters, smooth communication between applications running across clusters is essential.
  • Resilience – Availability and flexibility around application updates, termination, etc.
  • Seamless transition to new platform(s) – Easy transition to the new platform and next-gen managed service solution to continuously maximise reliability and availability.

The solution

BPAY worked collaboratively with CMD Solutions to assess business drivers and address challenges. From a technology standpoint, a modern container-based platform was built with embedded scalability, security, and automation.

Features included: 

  • Multiple environments to follow a deployment lifecycle
  • Zero downtime feature releases to provide a true always-on service to its customers
  • Security ingrained into the platform to facilitate PCI compliance
  • Infrastructure deployed and managed as code
  • Infrastructure deployment orchestration and automation via Terragrunt and Gitlab CI/CD pipelines
  • Operational visibility to both infrastructure and application components
  • Built-in autoscaling in workloads to dynamically respond to end-user demand.

Services deployed

  • AWS platform as code
  • Kubernetes
  • Terraform
  • Terragrunt
  • Gitlab CI/CD

From a people and process perspective, CMD Solutions utilised the following initiatives and approach to delivery:

  • Dual upskill delivery model – Incorporating BPAY employees and engineering teams into the journey to gain familiarity with the new platform
  • LearnCMD and Specialised Training programs – By participating in CMD Solutions’ LearnCMD AWS bootcamp, employees at BPAY experienced rapid upskilling tailored to its technology, process and business demands.

From a reliability and management perspective:

  • CMD Solutions’ Next Generation Managed Service complemented the build phase. The container solution leveraged automation tooling and Infrastructure as Code to provide a low risk, reliable and repeatable deployment mechanism. 
  • Leveraging technologies such as cluster-autoscaler, over-provisioner and autoscaling groups, CMD Solutions ensured the platform is highly available and scalable to meet and exceed business and customer demands.
  • Unforeseen events are identified through CMD’s bespoke monitoring and alerting framework. Incidents are remediated quickly through CMD Solutions’ 24 X 7 Site Reliability team. 
  • Adherence to BPAY’s stringent PCI compliance standards were met through an automated AMI baking and CIS hardening process. CMD Solutions bespoke ‘SecureCMD‘ tooling provides automated continuous compliance and ensures any non-compliance is remediated as soon as the issue is detected. This tooling leverages AWS native managed service tooling including but not limited to AWS Config and CIS rule checks.

The Result

Through the build and adoption of a modern container and API platform, BPAY has successfully uplifted its technology capabilities to open up new business opportunities and greater operational efficiencies. The following results have been achieved:

  • Complete automation of accounts, clusters and application rollouts
    • Enhanced developer experience
    • Increased reliability 
    • Best practice automated security and governance
    • Stronger efficiencies, faster time to market and greater customer experience
  • Safeguards put in place to ensure security control guardrails work with developers, not against them
  • Improved developer experience through CICD pipelines, and pipelines as code
  • Cost savings and efficiency gains – pay for capacity used, allowing fast scale ups/downs depending on traffic demand
  • Zero downtime releases – application roll out reduced to a few minutes
  • Uplift in employee skill sets and ways of working

At the end of the project, BPAY transitioned to a managed service contract while it uplifted its internal capability and confidence in supporting the innovation platform. BPAY developers can now innovate with confidence. The company is deploying products and services cost-effectively and at speed, with flexibility to support multiple cloud providers.