Your submission was sent successfully! Close

Canonical Kubernetes for Financial Services

Kris Sharma

on 17 January 2022

To serve today’s on-demand customer, financial institutions must become agile digital enterprises focused on delivering innovative products, services, and customer experiences. 

Adopting a container-first approach represents an unrivalled opportunity for financial institutions to increase system efficiency and resource utilisation, improve security, introduce automation, and accelerate innovation. 

Containers offer a logical packaging tool in which applications can be decoupled from the underlying infrastructure on which they run. This allows container-based applications to be installed easily and consistently, regardless of whether the target environment is a private or public cloud. With containerisation, development teams move fast, deploy software efficiently, and operate at an unprecedented scale.

Despite the advantages, containers can be hard to manage and to track individually, and across multiple cloud platforms. Container orchestration solves this issue by automating the management and tracking of containers. Kubernetes has established itself as the leading open source platform for managing containerised workloads and services.

Canonical Kubernetes

Canonical Kubernetes is an umbrella term for all of Canonical’s Kubernetes products and services. Canonical has two CNCF-certified Kubernetes distributions, MicroK8s and Charmed Kubernetes

Charmed Kubernetes (K8s) is an enterprise-scale, composable Kubernetes for multi-cloud deployments. Charmed K8s leverages the model-driven operations approach, which offers straightforward cluster lifecycle management and compatibility with cloud services as well as legacy application architectures.

MicroK8s is a low-ops, minimal production Kubernetes. It provides the functionality of core Kubernetes components, in a small footprint, scalable from a single node to a high-availability production cluster.

Key considerations for enterprise Kubernetes in Financial Services

The Kubernetes ecosystem is vast and complex. There are numerous different versions of Kubernetes to choose from, and it can be difficult to understand the best-suited version for an organisation’s specific requirements. Here are some of the key considerations that financial institutions need to consider for their enterprise Kubernetes.

CNCF conformant

CNCF certification is a conformance program that ensures each vendor’s Kubernetes distribution supports the required APIs and provides timely updates. Choosing a CNCF certified Kubernetes installation allows financial institutions to guarantee the adaptability, predictability and interoperability of the product. Canonical Kubernetes is CNCF certified.

Lifecycle operations

When beginning a Kubernetes journey, it’s easy for IT teams at financial institutions to get caught up in development and deployment while Day 2 operations become an afterthought. Many solutions around Kubernetes address the early phases of the Kubernetes lifecycle – Day 0 and Day 1 operations, but enterprise Kubernetes challenges on topics like scalability, high availability, update management, security and observability begin at Day 2.

 When it comes to Day 2 operations, Canonical Kubernetes leverages operators to deliver full lifecycle automation. Canonical Kubernetes operators can be composed together to deliver highly complex applications and services. Canonical Kubernetes is deployed using Juju, and it has been designed with operators in mind, making long-term challenges like maintenance and upgrades easier to solve.

Container runtime and registries

Container runtimes are responsible for creating, starting, and managing containers at a low-level on the underlying nodes of a Kubernetes cluster. They are thus a core component of any Kubernetes deployment, and must be installed on every node in a cluster. When evaluating Kubernetes distributions with respect to container runtimes, the differentiating factor is the breadth of runtime options that each distribution supports, and the use-cases that these runtimes enable. 

The primary runtime options are Containerd, Kata Containers, and CRI-O. Containerd is a high-level container runtime that can manage the complete container lifecycle, delivering simplicity, robustness, and portability. Containerd can be seen as the industry-standard container runtime, and it is the default in upstream Kubernetes. Canonical Kubernetes supports containerd.

Kata Containers puts the emphasis on security, providing deeper isolation between containers by placing them inside lightweight VMs. Canonical Kubernetes also supports Kata Containers.

The container registry is another fundamental building block of a successful Kubernetes strategy. The registry is where container images are stored, and these images are critical to application development and scalability. Container registries come in various flavours, and Canonical Kubernetes support private registries, public cloud registries and DockerHub.

Monitoring and operations management

The ability to monitor the status of a Kubernetes deployment from a single, centralised location is invaluable. With effective monitoring solutions, a financial institution’s enterprise IT teams can easily track resource utilisation, application performance, and bottlenecks, enabling them to proactively manage and optimise their Kubernetes clusters.
Canonical Kubernetes ships with a standardised set of open source log aggregation and systems monitoring dashboards. As Charmed Kubernetes is upstream Kubernetes, enterprises can use any of the tools and techniques to examine cluster logs as described in the Kubernetes documentation.

Bare metal deployment and automation

Not all financial services application workloads are suited to virtualisation, and financial institutions will sometimes need to deploy Kubernetes directly on bare metal servers. Canonical Kubernetes comes with bare metal provisioning capabilities.
With Canonical Kubernetes, enterprises can leverage Metal-as-a-Service (MAAS) to fully automate discovery, commissioning, deployment, and configuration of bare metal machines with zero-touch, cloud-style provisioning. Once the machine has been provisioned, Juju integration lets users deploy Canonical Kubernetes just as easily as they would in a public or private cloud.

Multi-cloud deployments

Financial institutions rarely rely on a single cloud platform. Rather, enterprises will typically pursue a multi-cloud strategy where applications are hosted on different public or private clouds (or bare metal) depending on their requirements. As such, the ease with which Kubernetes can be deployed and ported across different platforms should be a key consideration for financial institutions when choosing a distribution. 
Canonical Kubernetes utilises Juju to help businesses navigate the complexity of multi-cloud provisioning, installation, and configuration. Juju Charmed Operators (“charms”) facilitate the deployment and management of Kubernetes across different cloud providers and instances by utilising the concept of model-driven operations.

Managed Kubernetes offering

Kubernetes brings unprecedented levels of automation and a ubiquitous platform for enterprise workloads. However, Kubernetes is a highly complex technology, and not all businesses have the expertise or time to maintain it in-house. A fully-managed Kubernetes cluster eliminates this issue by enabling users to consume Kubernetes as a service. The vendor takes care of operating the cluster while users focus on delivering their core business value. 

With Canonical Kubernetes, financial institutions can opt for fully-managed clusters on bare metal, OpenStack, or any public cloud. Financial institutions can focus on their applications while Canonical will build and operate the cluster, with in-house experts available 24/7 to stand-up and scale the deployment. What’s more, users can choose to fully take over operational control at any time, and even redeploy or replicate the deployment using the exact same tools.

Talk to our team of Kubernetes experts to discuss your enterprise Kubernetes requirements.

Get in touch

Further reading

Kubernetes platform comparison: Red Hat OpenShift, SUSE Rancher and Canonical Kubernetes

Kubernetes and cloud native operations report

Reference architectures: 

Charmed Kubernetes reference architecture by Dell EMC and Canonical

Charmed Kubernetes reference architecture by Lenovo and Canonical

Photo by Cameron Venti on Unsplash

kubernetes logo

What is Kubernetes?

Kubernetes, or K8s for short, is an open source platform pioneered by Google, which started as a simple container orchestration tool but has grown into a platform for deploying, monitoring and managing apps and services across clouds.

Learn more about Kubernetes ›

Newsletter signup

Select topics you're
interested in

In submitting this form, I confirm that I have read and agree to Canonical's Privacy Notice and Privacy Policy.

Related posts

AI/ML in retail: how the shopping experience has changed

AI/ML is reinventing the reality of many industries, including retail. From brick-and-mortar stores to online marketplaces, retail companies are all...

Empowering developers in financial services with desktop as a service

The pandemic has accelerated the trend toward remote working environments but it also pushed governance and security issues to the top of the priority list...

How can the financial services sector tackle cloud concentration risk?

The use of cloud computing by financial institutions has significantly increased in the last few years, a trend that was further accelerated by the COVID-19...