Minsheng Bank partners with F5 to create an industry-leading, unified containerized architecture

China’s first national joint-stock commercial bank, China Minsheng Banking Corporation Limited, has experienced rapid growth since its establishment in 1996. To keep up with the acceleration of digital transformation in the financial industry, the Bank adopted containerized environments to increase efficiency and speed up deployments. With F5, the Bank was able to unify its legacy application services with its modern, digital transformation-driven containerized apps, leading to improvements across its functions, performance, management and scalability.

The Challenge

Founded in 1996, China Minsheng Banking Corporation Limited (China Minsheng Bank) is China’s first national joint-stock commercial bank initiated and founded mainly by non-state-owned enterprises. As of June 2020, the Bank had 42 branches in 41 cities across China, and 2,427 banking outlets.

As digital transformation in the financial industry accelerates, banks across China are actively adopting technological innovations to improve performance. To remain competitive, China Minsheng Bank turned to containerization for developing and deploying applications in a portable, software-defined environment. By doing so, the Bank enjoyed portability, scalability and increased efficiency while reducing infrastructure cost.

The containerized environments became the main platform for the Bank’s operations. The Bank also deployed NodePort to direct external traffic into its cluster, and Ingress as an entry point into said cluster. Despite optimizing its containerized environments for intra-city disaster recovery and uninterrupted services, the containerized environments were unable to keep up with the increased number of services available to its customers. China Minsheng Bank realized that its static, legacy application services were not unified with its modern, digital transformation-driven containerized apps, leading to deployment inefficiency, operations management and maintenance issues, and potential security risks.

Since its app services were not unified with its containerized apps, the Bank was also unable to perform monitoring across all its components due to the multiple failure points at its operations and maintenance level, making it unconducive for network traffic analysis. In addition, unlike its traditional infrastructure that was managed by its network department in a unified manner, the Bank’s containerized environment needed to be coordinated across multiple departments, including network, cloud and applications. This resulted in higher communication costs and increased difficulty in configuration management. 

Rather than attempting to retrofit security and performance app services to suit a new set of needs, parameters, and standards, China Minsheng Bank required a solution that is as dynamic as its containerized applications which is able to transform its infrastructure while helping IT reduce costs and improve efficiency to focus on more valuable work.

The Solution

To close the gap between its static, legacy application services with its modern, digital transformation-driven containerized applications, China Minsheng Bank decided to build a new architecture to support its containerized environments. Taking into consideration various factors such as product adaptation, solution development and vendor strength, the Bank opted to deploy F5 cloud-native solutions to unify its environments.

At its base, the Bank leveraged F5 BIG-IP Application Services platform to ensure seamless deployment, management and reliable delivery of applications, with static and dynamic load balancing to eliminate single points of failure. To provide users with seamless, uninterrupted service in the unlikely event of a device failure, the bank utilized BIG-IP high availability (HA) features to synchronize its systems, ensuring that one system actively processes traffic while the other remains in standby mode until needed.

With a constant stream of customers accessing its services and applications, China Minsheng Bank needed to move faster than its legacy hardware allowed. Deploying F5 BIG-IP Virtual Editions (VEs) as the second layer, the Bank was able to accelerate its transition to the cloud and software-defined architectures, and deliver the application services necessary—including advanced traffic management, application security, application acceleration, DNS, network firewalling and secure access management—that run on F5 purpose-built hardware in a more agile and flexible form factor. At the same time, service configurations and policies from existing F5 appliances can be reused and replicated on VEs, simplifying the Bank’s cloud migrations.

In addition, F5 Container Ingress Services (CIS) makes it easy to deliver advanced application services to the Bank’s container deployments, enabling front-door Ingress control HTTP routing, load balancing, application delivery performance and robust security services. Monitoring the orchestration API server, F5 CIS is able to modify the BIG-IP system configuration based on changes made to containerized applications. The Bank is also able to scale app services automatically using the BIG-IP advanced application performance and security services for Ingress control.

Through a performance comparison test, the Relative Price Strength (RPS) Index of China Minsheng Bank’s new architecture outperformed the original architecture by four times, while the Total Productive Maintenance (TPS) indicator showed that the new architecture’s processing capacity of the containerized applications is twice of the old one.

The Benefits

Partnering with F5, China Minsheng Bank built the industry’s first load-balanced, unified containerization architecture, which allows it to scale apps to meet container workloads and protect container data by enabling security services. The new architecture solved the operations and maintenance issues, and achieved significant improvements across its function, performance, management, operations and scalability.

Dynamic application services for containers

Leveraging F5 BIG-IP platform and F5 CIS, China Minsheng Bank now has a unified and comprehensive container management and orchestration system control. The solutions provide flexible and simplified deployments, enabling frictionless deployment and self-service traffic management. The Bank is able to quickly and easily spin up, spin down, or migrate application delivery services across the data center and public cloud, using instant deployment options as needed.

Centralized management and streamlined processes

F5 helped simplify and centralize the Bank’s core app services management functions to the network team, freeing up the cloud and apps team to focus on transforming the business. The centralized management provides the teams with a more efficient, convenient and unified platform, effectively removes friction between teams and extends the benefits of robust security, performance and availability services to more applications. In addition, with increased visibility of application health and performance, the applications and operations teams can get insightful analytics into traffic loads, server performance, application performance, and security issues. The introduction of new services and applications also saw a quicker introduction, with launch time shortened by more than 30 percent.

Unrivaled scalability and availability

The new architecture, along with its F5 CIS containers, F5 BIG-IP VEs and standby cluster deployment, provide optimal and efficient processing to significantly increase performance and reduce latency. The solutions can also be scaled horizontally, depending on the Bank’s priorities, to improve its application performance while adapting to harsh production environments.