Barclays banks on DevOps to support 'all-in' move to AWS public cloud

Barclays Bank reveals details of its plans to go all-in on the AWS public cloud through adopting the principles of DevOps

This article can also be found in the Premium Editorial Download: Computer Weekly: Tackling the digital identity problem

Barclays Bank has revealed it is two years into a digital transformation project that will see it shut datacentres and go all-in on the Amazon Web Services (AWS) public cloud.

Speaking at the DevOps Enterprise Summit in London, Nick Funnell, development practice lead in Barclays’ chief technology officer application hosting division, said the project is part of a wider push by the banking giant to increase its ability to respond to the ever-changing financial services landscape.

“The financial industry is changing all the time. In the last 10 years particularly, margins have been squeezed, profits are reducing, regulations are tightening and it’s getting harder and harder to do things, because you have to do more with less and less,” he told attendees.

Particularly when so much of the technology provision at Barclays is run out of 18 on-premise datacentres, whose resources are not always available to its developers as and when they need them.

“Developers wait for weeks, if not months, to get their space on the critical infrastructure, and when you’re talking about building applications and bringing them very quickly to market, you just can’t do that – it’s very hard,” he said.

“Our expertise is in finance and finance technology – not in datacentres – and yet we have a lot of infrastructure, and we essentially support all of our technology ourselves.”

To cut down on the time it takes its developers to access the compute resources they require, Funnell said it is the operations teams’ ambition to “get out of the way” through the creation of a “foundational software, cloud service” developers can access directly by themselves, run in AWS.

Read more about DevOps in financial services

“Our challenge is going all-in on public cloud – [namely] Amazon Web Services,” he said. “We are not building a broker layer – we’re giving our developers full access to Amazon. And that’s really tough to build.”

But the benefits of the move mean the effort will be worth it in the long-run. “With cloud technology, you can scale from zero and get to market very quickly; and get an idea to market in weeks, if not days. To take advantage of that, you have to be fast, you have to be nimble and you have to be reactive.”

The notion of an organisation, operating in the highly regulated world of financial services and giving developers unfettered access to the public cloud may sound surprising, but Funnell said the organisation has taken steps to ensure data security.

“We’re still checking things in the background to keep our developers and the bank safe,” he said.  

“Rather than having security guards on the door, we have them scattered throughout, because if we’ve done our job correctly, our developers won’t be aware of what we’re doing."

Getting ready to go all-in

The move to AWS began in spring 2016, in Barclays’ Global Technology Infrastructure Services (GTIS) division, which employs around 3,000 people and is responsible for supporting all of the technology infrastructure the company runs on, from laptops to datacentres.

To get the process started, the organisation brought together 35 people working within GTIS from a range of traditional infrastructure backgrounds, spanning database, networks, storage and virtualisation, recalled Funnel.

“They were thrown together and essentially told ‘AWS – get it done and get it live as soon as you can’, which was an interesting challenge, [because] we didn’t know how to do this – it really was work it out as you go,” he said.

The team was also geographically dispersed, with some members of the team based in London, Cheshire, Lithuania and Singapore, which also brought some additional challenges of its own.

“We were scattered over four locations, with very different cultures even [between the team members] working in the same country. We came from different areas of the bank, all with very different mindsets,” he said.

“The first challenge we had came from struggling with being pointed in the same direction, so we had to find a way to bring us together and bring the work under control.”

To bring the teams closer together, webcams were installed across all four sites, which Funnell said really helped break down barriers between these disparate teams. “You could see into each others’ offices and that was really powerful,” he said. “Colocate [your teams] if you can, because colocating is the best thing you can do, but this is the next best thing and worked very well.”

A multi-disciplined approach 

Along the way, the organisation has also moved to adopt an appreciation for the having small, multi-discipline teams, comprised of developers, operations staff, testers and security personnel all working on a single outcome, said Funnell.

“By bringing people closer together, we’re getting much more positive outcomes,” he said.

This initially began by breaking down the silos between its developers and tester community members by encouraging the latter group to get more involved with the design phase of the work, resulting in end products that were easier to test and more stable.

In April 2017, this work paved the way for security consultants to be embedded into these teams, and – latterly – operations too.

“What we tend to do in the traditional [waterfall software development] model is bring security in too late,” he said.

“We hand them this thing, a black box and some documentation (if they’re lucky), and they look at it and say ‘OK’, but they can’t possibly understand all the detail because they don’t have time.

“By bringing them into the teams, we’ve moved from a default, ‘No, I’m not comfortable’ to a ‘Yes, I don’t see why not?’”

Being ready to use the public cloud

After two years of working out how best to move to AWS, Funnell said the organisation is now just hitting its stride, and nearing a point where it can start using the public cloud in anger.

“We’ve got the processes in place, we’ve got the technology in place, we’ve got the pipeline, we’ve got the test and automation and the teams,” he said. “What will be interesting now, as we approach regulatory sign-off, is to see the bank starting to adopt these things.

“We’ve only really just enabled the basics at the moment,” said Funnell. “Amazon has 100 services, and we can’t enable all of them.

“So we’ll enable the basics, and we’ll start to iterate and see what people actually want, and start to react to that based on what people are doing and their usage.”

Read more on DevOps

Data Center
Data Management