Cloud computing has brought in a lot of agility for serving end customers: Shiv Kumar Bhasin, CTO, SBI
The State Bank of India is not only the largest bank in India, but its work for the Government requires it to undertake large scale and critical initiatives such as LPG Subsidy, and Jan Dhan Yojana. To ensure high availability of IT services, the bank undertook a massive technology transformation drive, which allows it to provision IT infrastructure quickly for initiatives such as mobile banking and mobile wallets.
In an extensive interaction with Express Computer’s Srikanth RP, Shiv Kumar Bhasin, Chief Technology Officer, State Bank of India, shares how his bank is getting ready for competing in the digital era using technology. The bank has been one of the most aggressive adopters of technology, and after virtualizing its servers, it is now looking at virtualizing the network, using technology from VMware. The bank has deployed the VMware vCloud Suite, a cloud management platform that helps enterprises in managing a heterogeneous, hybrid cloud. The bank has also deployed VMware NSX, a network virtualization platform that delivers the operational model of a virtual machine for the network. Similar to virtual machines for compute, virtual networks are programmatically provisioned and managed independent of underlying hardware.
Some edited excerpts from the interview:
Can you describe the state of IT infrastructure prior to your organization’s virtualization drive?
A large amount of our IT infrastructure was proprietary infrastructure, which created a number of challenges. One of the key challenges for us was the large procurement cycle for the hardware and which led to fulfilment of the hardware time, anywhere between 6 months to 9 months. This brought down the agility of any services or applications roll out to the business. As we had a proprietary infrastructure, we needed highly skilled staff which banks normally don’t have. Different platforms demanded different types of skill sets, which meant maintaining an army of experts or outsourcing it to a third-party services provider. As these were proprietary skill sets, it led to high cost of maintenance, which in turn used to increase the operational cost for the bank. On top of this, the legacy IT infrastructure used to occupy a lot of data center space as well. So, in summary, the operational costs were high, highly skilled staff were not available to maintain the proprietary infrastructure and agility to roll out the new services or fulfilment of the business requirements were very low.
How did you actually start about addressing this? Can you describe the initial stage of your virtualization journey?
One of the key concerns was the agility because whenever there was a new business launch, the first roadblock used to occur that we did not have the required hardware. The procurement cycle for buying the new hardware was long, which in turn affected the launch of the business service. To address this, we decided build our own internal private cloud. We believed that by building our own cloud, we will be able to bring in a lot of agility and it will bring down the go-live time for a huge number of business services and the applications. We have hence standardized our cloud platform on x86.
Today, thanks to the cloud, we have cut down 7-8 months of the procurement time. We are now able to provision infrastructure quickly with a faster time to market. Also, the cloud has helped us in addressing some of our business peak requirements. For example, we can now do performance testing during peak periods without impacting our production environment. Today, we are running live applications on the cloud. We have our Kiosk Banking running on the cloud which has 60,000 registered users and out of them 20,000 concurrent users log in daily. And we have our Digital Wallet and SBI Buddy deployed on the cloud which has got now more than 2.5 million registered users. Similarly the Wealth Business which we have launched recently is also running on the Private Cloud. All these developments we have done in the last 12 to 14 months. As one can see, the cloud has really brought in a lot of agility for serving the end customers.
How much time does it take to provision a new server?
We use our private cloud for auto provisioning, and we can spin up a virtual server within 2 to 3 minutes. Being a PSU, we were earlier using a lot of paper and approvals were taken on memos and then they were given to the data centre department, which then procured and built the servers. The life cycle of the memo used to be a couple of weeks. So now it has been brought down to a few minutes. The moment the request is raised, it goes to a workflow and the authorizer approves it, then within a couple of minutes post authorization, the server is ready. And we are working on the Platform-as-a-service this year in our Private Cloud. We have standardized Oracle on Linux. Hence, Oracle is made available to the users, to the developers, so that they don’t need to deploy Oracle themselves. It is a standard configuration where depending on the application, whether it is a customer facing application or staff facing application, whether based on the Internet or an Intranet application – we have standardized our configuration of the hardware. This makes the provisioning of the resources or IT resources to the development staff in a faster way.
What do you think has been the impact on productivity in terms of your own staff and the skill challenge that you mentioned?
Yes, actually the productivity has gone up tremendously. One is that since we have standardized the environment, that is x86 Platform and it is going to be virtualized using VMware technology and it is going to be, you know the Linux OS all across the organization. It has reduced our need for having multiple platform experts. This has helped us in optimizing our workforce across the organization. For example, earlier we had experts in silos. Each department was having their own Unix and Windows expert. But now we have consolidated the teams of the operating system administrators. Hence, it has helped us in optimizing our staff as we need to just focus on one set of resources and one set of skills, rather than hunting in the market for some 3 or 4 skilled set resources.
How has network virtualization helped your bank?
Yes, we are using the network virtualization for multiple purposes. One key reason is to use the network in the most optimistic manner, so that virtual LAN’s could be setup for the various applications and the available bandwidth could be most optimized, and utilized across the applications by sharing the same LAN network. We are getting our Digital Wallet certified for PCI DSS Compliance and that’s where we are finding the NSX implementation is coming handy to us because this is deployed on a shared cloud which is a massive Cloud and since it is the NSX technology ring-fencing the Wallet Application, so the PCI DSS compliance scope becomes this virtual boundary across this application. What I am trying to say, NSX is helping us to go for in a very large cloud. For example, SBI has more than 1,500 VM’s while my Wallet is consuming only say 25 VMs out of 1,500. So, we are able to certify our application on this small subset of this infrastructure as well.
What is the implication on security?
It helps us to do data segregation, although we have not yet deployed but we are looking at this use case where some of the countries have a requirement where the database should not be shared, the data during the travel time should not be shared. So, we can have a multi entity deployment of the applications where the data could be segregated on the network level as well. Similarly, for the test environment, we can set up various zones in the same physical hardware. We are able to segregate our various test environments using NSX, so that also helps us to do the data segregations in a secure manner.
Any view on DR? How would it impact the Disaster Recovery?
We require the hardware on that DR side on the same amount, but the best part is that by using VMware technology, you are billed only for the licenses which are in use at that time. And normally the DR is running all the applications which are carried out by using VMware, and it keeps the VMs in sync in DR location as well. We get charged only for the licenses which are used in production. So that brings huge savings and having the highly available DR, where not only the database but the complete VM is replicated at the DR. So it brings all your local file systems and all the file based interfaces. Everything is getting replicated on DR. So it really gives you the full DR rather than on configuring multiple separate isolated interfaces to achieve the full DR. The VMware DR capability brings the full compliance with the 100 percent DR to meet the regulatory requirements.
Can you share some specific numbers on the cost saving or anything what you have measured internally due to moving to the private cloud?
Roughly we see that we are using 1 physical CPU to 7 virtual CPUs. And normally the industry standard is 3 to 4, so we are leveraging cloud quite efficiently. Our efficiency in using the cloud is twice the industry standards. So that is one big advantage by using the private cloud. When we look at the overall utilization of the boxes or how much hardware we would have ordered, based on last year versus 2015, we would have roughly ordered 4 times the hardware, had we not done the cloud implementation to run the sheer amount of applications. This is what our analysis tells us.
Would you also like to mention, any other big complex applications which are running out of virtual machines apart from the ones you mentioned?
Yes, actually we have lot of our applications on the cloud. We are moving our cash management applications on the cloud and we have support applications which are used in branches, such as Online Account Opening. If you go to any branch of SBI, there will be an Internet Kiosk where you can apply online for the account opening and then you can take the print out and go to the teller because there is a physical paper requirement and signature on the paper as per regulations. This data travels through the core banking system automatically. On a daily basis, around 2 lakh applications are pumped in, and this application is deployed on cloud. So this is one of the very big applications that is run on the cloud. This is utilized by the end customer from the branch channel.
The SBI Buddy is run on virtual machines and SBI Wealth is also run on virtual machines. SBI Kiosk Banking which is used by 60,000 users and 20,000 login concurrently is run on virtual machines. There are actually some of the payment applications in the Cash Management, which process something like 24,000 transactions in 3 minutes. So these kinds of applications are also getting deployed on the private cloud.