Bluemix a data Center architecture for cloud-enabled

Codename:bluemix is a beta-grade product that will continue to improve as we continue to make functions more complete and more accessible. We will do our best to keep this article up to date, but it is not always in full progress. Thank you for your understanding.

The consumer banking industry is changing the direction of its business model from a product-centric island to a customer-centric strategy. The banking system must be a highly resilient platform to take advantage of the ability of consumers to access their accounts and execute transactions through a variety of channels, including mobile devices. Financial institutions are struggling to maintain and improve resilience in their old data center environments, providing support for new revenue generation services, especially those evolving to take advantage of cloud computing, mobile technology, and Enterprise APIs. With these technologies in place, banks can discover the inefficiencies and limitations of their old environment and begin to think carefully about the use of new technologies through modernization.

This article introduces a case study of a private cloud-enabled solution for the consumer banking service industry in general. Our architectural approach is built on the following mature technologies: identifying resilience issues, building resilient targets, and using cost-controlled patterns to transform traditional IT environments into resilient cloud-based systems. This approach also applies to industries other than financial services.

Design always online architecture requirements
The financial institutions we contact want their digital channel services to remain available (always online). We perform functional analysis of applications and platforms consisting of channel access services and business services that support critical customer service functions (login, view account balances, view recent transactions, payments, and purchase services). Figure 1 is a general overview of the system and related system components in the bank's existing digital services domain. We observe that applications are developed, deployed, and managed in a vertical model (an island), while storage and network components are resources shared across the enterprise.

Figure 1. Mobile and Online Banking systems

The customer-facing application groupings we consider include:

A WEB server farm running Online Banking services
Application Server running Mobile service
Enterprise Information Service
Old security with single sign-on
Enterprise Integration Services
This interdependent, interoperable application also relies on other services from the banking IT environment and from external Third-party service providers.

Important application architecture features for existing systems include:

It is built in a layered way and a loosely coupled approach.
It uses open standards that follow component architecture patterns (Java™enterprise Edition and related technologies).
It uses industry-standard communication mechanisms and protocols (HTTP, JDBC [Java database Connectivity,java DB connections], SOAP [Simple Object access Kyoto, easy objects accessing protocol], and so on).
It follows industry best practices in standards-based frameworks, and implements an SOA (service-oriented architecture) approach through Enterprise Integration Services for integration and routing between primary subsystems.
Figure 2 is the overall IT architecture of the existing banking solution.

Figure 2. Support the IT environment for current mobile and online banking systems

This traditional architecture model contains network and storage service tiers shared with fragmented heterogeneous server farms, as well as platform components. The bank is just beginning to define a common monitoring and management system for the system environment. Combined with the bank's latest, streamlined maintenance practices, the environment has a high risk of failure because the components of the system are interdependent: the elasticity (or lack) of any one component affects all neighboring components that depend on it. The high elasticity system can be obtained only by using the holistic view and method. Fortunately, if you adopt a loosely coupled, standards-based framework solution, you can take advantage of the cloud computing model that operates on the virtual infrastructure platform.

A method of always online service based on cloud architecture
The basic principles of cloud architecture include standardization, virtualization, and automation. These principles are critical to a highly resilient system when properly utilized and integrated with each other. The virtualization of infrastructure components, such as servers, storage, and networks, and the sharing of platform components such as databases, application servers, and integrated buses-combined with cloud services management (such as provisioning, monitoring, and automation) are the basis for supporting highly resilient systems.

Standardization, virtualization, and automation are central to a bank's vision of delivering consistently online digital services to customers through one or more of the following characteristics:

Highly available end-to-end system, all components are designed to contain failover mechanisms that are triggered when a failure occurs
Achieve high data/information integrity through resilient system components that ensure customer transactions are completed
No planned or unplanned downtime for maintenance of any system or application component
IBM's cloud-enabled data Center (CEDC) approach enables resilience through multi-tier architectural constructs:

Infrastructure as a service (IaaS)
Platform as service (PaaS)
Software as a service (SaaS)
Business process as a service (BPaaS)
Figure 3 is the CEDC Schema model diagram.

Figure 3. CEDC Reference Model and important components for enhanced elasticity

In the model shown in Figure 3, the IaaS and PaaS layers, as well as the resilient building blocks, are the main support for a highly resilient solution. Infrastructure virtualization and IaaS support higher capacity utilization and higher availability. The resilient governance building blocks help define policies and procedures for implementing, managing, tracking, and monitoring cloud applications for greater flexibility.

The Common cloud Management Platform (CCMP) Operational Support Services (OSS) and Business Support Services (BSS) tiers help automate. Standardization of infrastructure and platform elements with BSS enables high availability by maximizing platform resource utilization and reducing deployment errors. CCMP with OSS is an important part of automation activities. Automation (combined with integrated monitoring and virtualization infrastructure) facilitates dynamic tuning and scaling of computing resources. Virtualized computing, storage, and networking technology building blocks of dynamically scalable, flexible collections that are enough to eliminate islands. Automation through OSS and BSS will help transform the traditional IT environment of the bank into a robust and resilient, always online environment.

Based on this CEDC reference model, we have developed a solution that is always online for the bank. Figure 4 depicts the cloud architecture of the solution.

Figure 4. Cloud-based, always-online system architecture for mobile and online banking solutions

Important architectural aspects of the infrastructure layer

The solution is essentially supported by an IBM SoftLayer IaaS layer that contains computing, storage, and networking components that are shared among a number of major application groups-particularly static support systems for external users, routing capabilities for online services, and mobile banking applications. The important nature of the financial services business requirements, the solution architecture is based on a bare metal product in a highly secure environment with a single tenant model, as specified by SoftLayer. Here are some of the silent aspects of the integrated computing, storage, and network IaaS in our solution architecture, which are designed to make the vision of always online a reality.

Calculation
For computing, we choose to use the SoftLayer bare-metal option to provide a highly available, consistently online solution that meets the organization's need for a private environment. With bare-metal solutions, customers are able to use compute servers and networks and storage extensively to configure these resources for local and global resiliency. As a bare-metal alternative, we consider using a virtual server product from SoftLayer to maximize operating expenses (OPEX) through multi-tenant computing. However, some regulatory requirements that affect the participating business functions have led us to perform an architectural tradeoff analysis that excludes the virtual server option.

Storage
Because implementing an always online solution containing local storage requires redundant local storage in a globally dispersed bare-metal configuration, the storage configuration we create is a storage area network (SAN). SAN architecture provides more efficient management and flexibility across multiple bare-metal instances because it is designed to support RAID 5 or higher configurations, so it is easy to synchronize data.

We consider synchronizing data updates for data-sensitive applications (financial transactions), and asynchronous updates for solutions or backup solutions that are less sensitive to data, such as static customer support information. In this context, SAN storage is recommended instead of local storage for higher integrity and performance. This storage virtualization supports on-demand resilient bandwidth to support the automatic scaling of an application, scaling to respond to higher requirements, and narrowing when requirements are lowered. This solution addresses the needs of organizations that require highly available, always online, private environments to continuously reduce capital and operating expenses.

Network and network security
The SoftLayer network architecture (with high-speed connectivity and load balancing within the data center) provides redundancy and flexibility for users with stringent recovery-time objectives (RTO) and recovery-point objectives (RPO). SoftLayer provides the core functionality of resources for distributed business applications across different regions but integrated data centers, addressing high availability requirements with up to 99.999% uptime. For some user access systems that require high-performance business, the SoftLayer POPs (point of presence, network points) networking features provide direct or shorter connections to achieve lower latency.

To help protect the bank's business-critical applications, SoftLayer has implemented edge security through carrier-level firewalls and virtual firewalls. The network characteristics of this architecture can maintain a secure environment. For system management and cloud environment access through the WEB console, our architecture includes encrypted VPN connections, as well as role-based security with identity and access management.

Monitoring and management
The initial monitoring and management aspect of the system has been enhanced through the BSS support function and the resilient building block. These components, as well as the IaaS API layer, ensure that the system is resilient, allowing for higher recovery capabilities.

The IaaS layer is supported by the SoftLayer API, which has about 2,000 APIs to monitor and manage the resiliency of the system. This API architecture is the basis for the automatic scaling that banks need to integrate with their internal monitoring systems. The management of an always-online infrastructure provides programmatic support at many levels through the SoftLayer API management model, which provides a programmable interface. There is no human-regulated application running management that simplifies server management and reduces the cost of IT operations for the infrastructure that is always online.

Puresystems
In addition to the SoftLayer IaaS, IBM puresystems® is also a key component of an architecture that is always online. A key feature of the solution stack is enterprise Integration Services, which support not only the banking customer system domain, but also other areas of the enterprise. The disadvantage of migrating this particular business intelligence module to the outside is more than beneficial. This is mainly due to the need to integrate internally deployed systems with many other back-end applications, and to gather when security is highly focused. The fast, efficient way to build highly available, in-house, private cloud systems that are always online infrastructures is an important consideration for incorporating puresystems into our architecture. Puresystems integrates computing, storage, network, and management software into preconfigured platforms that have been optimized for specific workloads and environment requirements.

Another reason to include Puresystems is that it can be configured with a PaaS component that is required by the Enterprise Integration Services platform in this solution. The architecture with Puresystems includes a sophisticated network redundancy model that addresses the need for interconnection and global load balancing to maintain resilience through functionally independent, disparate redundant resources. Flexible security Configuration provides support for identity, access, encryption, monitoring, and auditing to meet compliance requirements. Puresystems's SmartCloud Orchestration Management feature helps users create mirrors, provisioning environments, and deploy them on a private cloud, and it provides a foundation for cross gathering.

Platform Layer

We recommend that banks adopt a phased approach to implementing layered and structured CEDC models:

Phase 1: Use a ccmp/bss/oss layer to implement IaaS and some of the elements that are enabled for automation.
Phase 2: Integrate platform components with data and integration platform elements.
In phase 2nd, the solution architecture is also supported by a PaaS layer that incorporates some of the core platform components. In the platform layer:

The data tier is integrated with a data platform that contains infosphere® and db2® database software with Infosphere Streams. The Infosphere multi-tenant feature provides the basis for sharing data platforms for multiple applications, Infosphere Streams features address high transaction volume analysis requirements.
A core integration platform (based on websphere® software) supports the separation of integrated services into applications.

Concluding
The need for a system that is always online is not unique to the banking sector. Any enterprise that is tied to the services provided through multiple channels (and businesses that want to maintain higher customer satisfaction) can leverage cloud computing and CEDC models to achieve highly resilient and highly available systems. Implementing a phased approach to the CEDC model (first implementing IaaS and then consolidating the platform by enabling PaaS) is an ideal way to achieve a system that is always online.