© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. How to Build a Digital Bank Using AWS How Monzoprocesses payments and operates a bank in the cloud Chris Evans Platform Team Lead Suhail Patel Platform Engineer

No content

No content

No content

No content

Platfrom Team Lead @evnsio Senior Platform Engineer @suhailpatel We’re part of the Platform Team at Monzo Bank in the UK

Use your card at a store or online One of our DCs gets a process message Messages get passed through AWS Direct Connect VPC AWS Cloud Auto Scaling group K8s Worker Instances Auto Scaling group Cassandra Cluster Auto Scaling group Messages go through dozens of microservices running on Kubernetes Services use Cassandra for persistent data storage Services leverage etcd for distributed locking and coordination NSQ is used for unordered queuing and event publishing Prometheus is used for monitoring and alerting etcd Cluster Auto Scaling group Prometheus Cluster Auto Scaling group NSQ Cluster Kafka is used in microservices for ordered queuing

Gateways to payment networks Storing the bank’s data in Cassandra Distributed locks with etcd Asynchronous Processing with NSQ/Kafka Our microservice platform on Kubernetes Metrics and alerting with Prometheus

No content

No content

Encrypted Messages are transferred via AWS Direct Connect Pods running in Kubernetes on EC2 receive messages and process them Mastercard Monzo VPC AWS Cloud Auto Scaling group K8s Worker Instance K8s Worker Instance K8s Worker Instance

Response is sent back to our servers to relay back to Mastercard Messages are processed through a myriad of microservices before the response is sent back Mastercard Monzo VPC AWS Cloud Auto Scaling group K8s Worker Instance K8s Worker Instance K8s Worker Instance

Gateways to payment networks Storing the bank’s data in Cassandra Distributed locks with etcd Asynchronous Processing with NSQ/Kafka Our microservice platform on Kubernetes Metrics and alerting with Prometheus

VPC AWS Cloud K8s Worker Auto Scaling group K8s Worker Instance K8s Worker Instance K8s Worker Instance K8s Worker Instance K8s Worker Instance K8s Worker Instance K8s Worker Instance K8s Worker Instance K8s Worker Instance K8s Worker Instance

No content

No content

Kubernetes Cluster Engineers trigger a deployment using a local tool called Shipper Deployment Service validates code, does static analysis and builds a container image Rolling deployments are invoked and completed via Kubernetes

No content

Service Communication Kubernetes Worker on EC2 service.transaction service.account Kubernetes Worker on EC2 service.account

service.account service.account Service Discovery service.transaction Kubernetes Worker on EC2 service.balance service.pot Kubernetes Worker on EC2 envoy config provider Kubernetes Master on EC2 K8s API Server Kubernetes Worker on EC2 service.account

Service Communication service.transaction Kubernetes Worker on EC2 service.account service.account Kubernetes Worker on EC2 service.account service.balance service.pot Service Discovery and Routing Retries / Timeouts / Circuit Breaking Observability

Gateways to payment networks Storing the bank’s data in Cassandra Distributed locks with etcd Asynchronous Processing with NSQ/Kafka Our microservice platform on Kubernetes Metrics and alerting with Prometheus

Storing Data service.transaction Kubernetes Worker txn_00000123456

Storing Data Cassandra Ring service.transaction Kubernetes Worker txn_00000123456 Replication factor: 3 Quorum: Local

Storing Data service.transaction Kubernetes Worker txn_00000123456 Replication factor: 3 Quorum: Local

Storing Data service.transaction Kubernetes Worker txn_00000123456 Replication factor: 3 Quorum: One

Storing Data service.transaction Kubernetes Worker txn_00000123456 Replication factor: 3 Quorum: Local

Gateways to payment networks Storing the bank’s data in Cassandra Distributed locks with etcd Asynchronous Processing with NSQ/Kafka Our microservice platform on Kubernetes Metrics and alerting with Prometheus

Many things can occur asynchronously rather than a direct blocking RPC. Message queues like NSQ and Kafka provide asynchronous flows with at least once message delivery semantics. Asynchronous Messaging service.transaction Kubernetes Worker service.balance service.pot Kubernetes Worker kafka NSQ Auto-scaling Group NSQ service.transaction Kubernetes Worker service.txn-enrichment

No content

Gateways to payment networks Storing the bank’s data in Cassandra Distributed locks with etcd Asynchronous Processing with NSQ/Kafka Our microservice platform on Kubernetes Metrics and alerting with Prometheus

Distributed Locking service.transaction txn_00000123456

Distributed Locking

Gateways to payment networks Storing the bank’s data in Cassandra Distributed locks with etcd Asynchronous Processing with NSQ/Kafka Our microservice platform on Kubernetes Metrics and alerting with Prometheus

Prometheus and Thanos Prometheus is a flexible time-series data store and query engine. Thanos allows us to treat many Prometheus servers as one single one, with infinite retention. • RPC Request/Response cycles • CPU / Memory / Network use • Asynchronous processing • C* and Distributed Locking • Cloudwatch Data • Social Media

A Global View of Monzo service.account Kubernetes Worker on EC2 Prometheus Services service.account Kubernetes Worker on EC2 Prometheus Infra service.account Kubernetes Worker on EC2 Prometheus Cassandra Kubernetes Worker on EC2 Thanos Query Thanos Store

No content

Use your card at a store or online One of our DCs gets a process message Messages get passed through AWS Direct Connect VPC AWS Cloud Auto Scaling group Auto Scaling group Cassandra Cluster Auto Scaling group Messages go through dozens of microservices to process the message etcd Cluster Auto Scaling group Prometheus Cluster Auto Scaling group NSQ Cluster Over a VPN tunnel terminating in our K8s cluster K8s Worker Instances Data will be written to Cassandra to record what’s happened Cassandra will replicate the data to multiple nodes Some services will use distributed locks for exclusive processing

VPC AWS Cloud Auto Scaling group Auto Scaling group Cassandra Cluster Auto Scaling group We approve the transaction etcd Cluster Auto Scaling group Prometheus Cluster Auto Scaling group NSQ Cluster K8s Worker Instances We publish an event about the transaction We return the approval message

VPC AWS Cloud Auto Scaling group Auto Scaling group Cassandra Cluster Auto Scaling group etcd Cluster Auto Scaling group Prometheus Cluster Auto Scaling group NSQ Cluster K8s Worker Instances The event is consumed A push notification is sent

No content

No content

VPC AWS Cloud – eu-west-1 Auto Scaling group K8s Worker Instances Auto Scaling group Cassandra Cluster Auto Scaling group etcd Cluster Auto Scaling group K8s Worker Instances Auto Scaling group Cassandra Cluster Auto Scaling group etcd Cluster VPC AWS Cloud – us-east-2 or us-west-1 (TBD) Auto Scaling group K8s Worker Instances Auto Scaling group Cassandra Cluster Auto Scaling group etcd Cluster Auto Scaling group K8s Worker Instances Auto Scaling group Cassandra Cluster Auto Scaling group etcd Cluster

Thank you! © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Thank you! © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Christopher Evans - @evnsio Suhail Patel - @suhailpatel