With more than 8.3 trillion dollars in assets under its administration and 3.3 trillion in total discretionary assets, Fidelity Investments is one of the world’s largest asset managers. The firm offers a wide range of investment products and investment services that span retail, workplace, institutional and intermediary markets. Their long-term investment in the latest technology has the goal of simplifying and digitizing support for more than 500 applications that support their customers.
Kubernetes was chosen by Fidelity for cloud application delivery. They teamed up with AWS and Weaveworks to implement secure and compliant Kubernetes platforms.
“The challenge is not in the technology itself, or the tools... The challenge is mainly building the structure inside the teams. We’re building many centers of excellences across all of our business units and all of our teams. To build a structure across 10,000 developers plus is a major challenge.” -- Amr Abdelhalem, Fidelity Investments
Note: This case study was compiled from joint talks given at Kubecon by Alexis Richardson, CEO Weaveworks and Rajarajan Pudupatti, Cloud Platform Architect at Fidelity Investments: Fidelity’s Move to “Finance Grade” Kubernetes with GitOps
Fidelity wanted to take advantage of the main benefits of Kubernetes, and increase velocity, reliability and scalability by moving their applications across multiple clouds. But they needed to make the move securely and keep within the company’s extensive regulatory guidelines. In addition to this, platforms needed to accommodate several different development teams, some with specific business requirements like machine learning.
Safeguarding Kubernetes in a highly regulated environment
Like all financial services organizations, every application Fidelity creates must meet a unique mix of regulatory, security and governance requirements. The team at Fidelity wanted the scalability and reliability that comes with adopting Kubernetes, and also sought to leverage the ecosystem of available cloud native open source projects in order to remain innovative and improve their time to market. However they needed to implement cloud native technologies within their highly regulated environment using their existing control and audit guidelines.
Managing unique business units
Booting a Kubernetes cluster is dead simple these days, but managing secure and reliable complete cluster platforms including all of the required add-ons across environments and on multiple clouds can be a challenge. In addition Fidelity needed to implement specialized machine learning stacks and other specific cluster stacks to meet their innovative business requirements.
Reliable and reproducible cluster configuration
Configuring and replicating cluster platforms across environments can be time consuming and error prone. Some teams may also need specific types of platforms that require a different toolchain and that also need to be reproduced by different teams across multiple backends. If these platforms are manually configured each time, it can slow down the team. In the worst case scenario, you can end up with a set of snowflake clusters that are impossible to update, secure and otherwise maintain.