Introduction

The banking sector demands infrastructure that is robust, scalable, and above all, secure. At Banco Bradesco, we faced the challenge of orchestrating thousands of containers efficiently and securely while ensuring high availability and regulatory compliance. Our solution was to implement Azure Red Hat OpenShift (ARO).

This article explores our journey with ARO, the benefits it brought to the banking environment, and how GitOps was crucial for the success of large-scale orchestration.

The Challenge in Banking: Scale, Security, and Compliance

In a traditional banking environment, managing a large number of microservices applications deployed in containers presented significant challenges:

  1. Scalability: Scaling applications to handle demand spikes was complex and slow.
  2. Security: Ensuring every container and its communication were secure, isolated, and compliant with regulations like PCI-DSS and SOC 2.
  3. Consistency: Maintaining consistency between environments to avoid “configuration drift.”

The Solution: Azure Red Hat OpenShift (ARO)

We chose Azure Red Hat OpenShift (ARO) because it is a fully managed Kubernetes platform combining OpenShift’s power with Azure’s scalability and services.

Key Benefits of ARO:

  1. Managed and Enterprise-Grade Kubernetes: ARO offers an enterprise-level OpenShift cluster, allowing our teams to focus on applications.
  2. Integrated Security: Native integration with Azure AD for RBAC, container isolation via Pod Security Standards, and integrated image scanning.
  3. Scalability and Resilience: Ability to automatically scale cluster nodes and pods to meet banking sector demands.

The Crucial Role of GitOps for Large-Scale Orchestration

To manage ARO cluster configurations and application lifecycles consistently and auditably, we adopted GitOps with ArgoCD.

How GitOps Accelerated Our Operation:

  1. “Git as the Single Source of Truth”: All desired cluster states were defined in Git repositories.
  2. Declarative Automation: ArgoCD continuously monitored ARO cluster states and automatically applied any deviations.
  3. Auditability and Rollbacks: Full and auditable history of changes. Simple and fast rollbacks to previous versions.

Conclusion

Implementing Azure Red Hat OpenShift (ARO) combined with GitOps and ArgoCD practices transformed how we orchestrate containerized applications in the banking sector. We achieved the necessary scale, ensured security and regulatory compliance, and significantly accelerated the software development lifecycle.

Gustavo de Oliveira Ferreira is a Cloud Architect and DevSecOps specialist with experience implementing enterprise-grade container platforms in mission-critical sectors.