current position:Home>Financial IT architecture - Analysis of cloud native architecture of digital bank

Financial IT architecture - Analysis of cloud native architecture of digital bank

2022-05-15 07:20:42Young and promising 2025

I've spent almost... On and off recently 2 To 3 I finished reading the book published by electronic industry press in a week's time 《 Financial grade IT framework : Decryption of cloud native architecture of Digital Banking 》 This book , The author is the technical editorial board of e-commerce bank .

This book is in line with the current trend of distributed architecture transformation in the banking industry , The content is the leading technology tested by practice, and introduces the e-commerce bank IT Technical architecture evolution route , It covers distributed 、 unitized 、 Elastic hybrid cloud 、 Cloud native multiple infrastructure domains , At the same time, the technical risks are introduced 、 Safe and trustworthy 、 Business architecture and other technical practical experience .

For this book, I actually searched for cloud native related books very early , But at first glance, the title is finance IT The of architecture has not attracted much attention , Later, I was lucky to read the book after being donated by Huazhang , After reading, I have a feeling that I hate to meet you late .

I'm not familiar with e-commerce banks , I began to wonder why e-commerce banks were able to write the book , After a search on the Internet, I learned that e-commerce bank is the first commercial bank in China whose core system is based on cloud computing architecture initiated and established by ant group as a major shareholder . It was approved by the CBRC as one of China's first 5 One of the private Banks , On 2015 year 6 month 25 Officially opened on . Therefore, the business volume of e-commerce banking services for small and micro enterprises is also large , At the same time, because ant group is the major shareholder , So in the whole IT Ali is adopted in the construction of infrastructure and technical architecture , Ant financial has a lot of open source technology components and architecture . In other words, the technicians of e-commerce bank are the former technical experts of Alibaba .

Therefore, it is not surprising that the technical editorial board of e-commerce bank can write the book .

But why the whole editorial board, not a single author , This part covers a wide range of contents , from IT Infrastructure , To cloud native , To be safe and reliable , Wait at the middle stage . Each individual chapter has enough depth , It's hard for one person to master so many subdivided technical fields .

And basically the content of each part comes from IT Summary of front-line practice of architecture construction , The sharing of many experience points also comes from a lot of practice , This is not the point that ordinary technical books can summarize .

According to the content introduction of the book, we can also see the same content description .

This paper introduces the history of e-commerce bank since its establishment IT Technical architecture evolution route , It covers distributed 、 unitized 、 Elastic hybrid cloud 、 Cloud native multiple infrastructure domains , At the same time, the technical risks are introduced 、 Safe and trustworthy 、 Business architecture and other technical practical experience , We hope to share with readers the financial level of e-commerce banks IT A unique exploration in technology , Talk to you about the financial level in the digital age IT The development direction of Architecture .

The author of this book is the core architect of e-commerce bank , Deeply participated in the whole process of relevant technical schemes from preliminary design to later production , The content is clear and authoritative . This book focuses on the technical practice of e-commerce banks , The content described represents the leading technical direction , Relevant technologies have been tempered by the real production environment , It includes the unique practical experience of the technical team of e-commerce bank , The core technology described in the book won the award of... Issued by the people's Bank of China “ Bank Science and Technology Development Award ” The second prize .

This book is not just for the financial industry IT Reading for employees , It is also applicable to large enterprises that need to build a group IT Infrastructure and cloud native architecture . Many financial industries are in the process of distribution , High availability , Elastic expansion , The accumulation of architecture and practical experience in security is fully applicable to the digital and cloud native architecture transformation of large enterprises .

Here are some key points of this book , Some of this book PPT The pictures come from the public technology sharing of Jiang Yimin, one of the authors of this book .

The evolution process of the Three-Generation architecture of e-commerce bank

From this picture , E-commerce bank has mainly experienced the evolution of three-generation architecture .

The first stage is mainly based on cloud platform + Built on a distributed architecture . The whole deployment mode is the dual active mode in the same city . here we are 2017-2018 The second stage of the year , On the basis of double living in the same city, we need to build a remote data center , I hope this remote data center can carry business traffic in the daily process , Can provide external services with Hangzhou data center at the same time . While meeting the requirements of remote disaster recovery, consider improving the whole system IT Asset utilization of infrastructure , Therefore, we have created a modular and flexible architecture , It is a deployment structure of three places and five centers . from 2019 year , E-commerce banks began to pay attention to the cloud native architecture , Including the introduction of some products , Design and build relevant capacity . In the process , We have also built a hybrid cloud elastic Architecture , It has the ability to schedule resources between two clouds .

Briefly summarize the whole evolution route, and the key technical points are :

Data split vertically , Data horizontal split , Distributed architecture construction , Cloud computing platform construction , Modular multi active architecture , Flexible architecture , Elastic architecture construction , Hybrid cloud architecture construction , Native Cloud Architecture .

Cellular architecture


An important concept is mentioned in this book , namely Cellular architecture .

Each unit is one from the traffic layer , Application layer to data layer integrity , autonomous , Independent ecosystems , It can provide most services for users , Data access shall be completed in a separate unit as far as possible . Therefore, a unit can be deployed to any region , At the same time, the unit and the unit can back up each other .

When you see this, you may contact distributed and micro Services .

Because when I talk about micro services, I often emphasize that the focus is the separation of monomer to micro Services , Every microservice is implemented from the data layer , Logic layer to application layer , From demand , Design , Develop build , Compile and deploy independent autonomy . But these are all talking about modularization at the software level .

The goal of modular architecture is Implement software level + Common unitization at the hardware level . It's a bit similar to the concept of all-in-one machine that was popular many years ago . The integration of software and hardware makes it more convenient for each unit to cross region , Multi data center migration capability , It also further enhances IT High availability and redundancy at the infrastructure level .

From elastic computing to cloud native

In tradition PaaS Elastic computing and dynamic resource scheduling are also discussed in the platform , But tradition PaaS It's hard to be completely flexible , automation , Fully auto scalable elastic architecture capability .

On the one hand, flexibility is automation , On the one hand, it is necessary to realize both scalability and contractibility .

Since the birth of e-commerce bank ,IT The system is built on the private cloud ,IaaS Based on Alibaba cloud's proprietary cloud base ,PaaS Financial cloud construction based on ant group , Naturally, it has distributed computing power . And have financial level security , Highly reliable , High availability .

Cloud native technology includes micro Services , Containerization , Immutable infrastructure , declarative API, Service grid, etc . Cloud native architecture is a set of architecture principles and design patterns based on cloud native technology , The key point is to separate some non functional code in business processing logic , So that cloud facilities can take over a large number of non functional features in the application ( Such as elasticity 、 toughness 、 Security 、 Observability 、 Gray scale, etc ).

You can see from the picture above that , Any code logic in traditional architecture includes business code , Non functional code and third-party dependencies . And in the cloud native architecture , The hope is to separate business and Technology , Business function developers only develop business function codes , Platform developers are responsible for the realization of various non functional requirements and observability .

A lot of non functional features , Including elasticity 、 Capacity 、 Safety observability 、 Grayscale, etc. will gradually sink to the infrastructure of the bottom layer , Especially high availability 、 Disaster resilience 、 Capacity guarantee 、 Safety features , There are also some features that can be operated and maintained , Gradually let the infrastructure take over . In this case, it can be seen that , Some changes that will happen in our deployment . See from the bottom right corner of the figure , The container will be further split , Split into a process , Side car (sidecar) A process .

After reading this book, another biggest feeling for me is .

In tradition IT Architecture transformation , Micro service , And the development of cloud native technology . In order to achieve flexibility and flexible expansion , Implement distributed , To achieve decentralization ,ServiceMesh Service grid application is imperative .

Especially through containers, clouds and Kurbernetes The scheduling and arrangement of container resources are realized , After immutable infrastructure , It is a dynamic side car agent , take Sidecar And business containers are packaged into one POD It is possible to manage . This has also greatly promoted Mesh The development of grid technology .

After thorough meshing, you will see , In addition to the north-south traffic, it also needs the upper load balancing equipment to solve it , Other problems can be solved through side car agent and decentralization , Security of interface services and traffic , journal , Various governance capabilities such as current limiting and fusing .

E-commerce banks also experienced rich banking in the early stage , This is heavier , It contains all the dependencies required for application publishing and deployment , Not limited to some key RPC、 news 、 Database etc. SDK. The smallest deployment unit is also a container , Further division in the primary cloud .

Containers are divided into APP The container of , Follow Sidecar The container of . According to current practice , Mainly including Service Mesh Inside MOSN The container of , also DBMesh The container of . These two containers solve RPC、 news , There are also forwarding at the database and cache levels .

One of the biggest benefits of this model , Namely MOSN Follow DBMesh It can evolve independently , That is, you don't need to cooperate with the upper business container , Complete some upgrades and releases by yourself .

stay Mesh In the standardized Architecture , The actual Internet speed bank is divided into two different Sidecar, One is to solve the problem of east-west traffic and service governance MOSN, The other is DBMesh agent .

DBMesh Agency is a very important idea .

Simply put, it is distributed in the database , Or after the database is split horizontally and vertically , The traditional logical idea of architecture is to add one on each unit DaaS Unified data access layer . however DaaS The deployment of the layer itself is centralized , That is, all the traffic of the underlying database must go through DaaS Layer of APP The server , that DaaS The layer itself becomes a centralized node .

Therefore, the best solution should be DaaS The ability of the layer to act as a separate container Mesh To all POD In the group .

Flow isolation and flow allocation

The core value of cloud native architecture is to realize fine isolation of traffic .

Thoroughly in the whole architecture Mesh After transformation , You can see in the Sidecar The side car agency can handle the routing of traffic well , Flow isolation and fine control capability .

Based on new cloud native capabilities , In the process of traffic forwarding , Can flow through MOSN Mark when the side car agent , Let it route to some specified containers , You can do under different business requests , It will be routed to different container clusters , The interaction between businesses is further reduced .

The most typical is the hot account problem encountered in production , It can easily lead to the transaction jitter of the whole bank . If we can identify the hot spots caused by different businesses , Can achieve effective isolation , The occurrence of hot spots will not affect other business scenarios that do not generate hot spots .

Under the new cloud native architecture , be based on mosn It can create more fine-grained traffic allocation , From the data center level to a single application level . You can find some insensitive application services to cut the flow first , Avoid affecting key business content .

In the absence of Mesh Before melting , If only through load balancing devices or gateways, such fine traffic isolation is often difficult to achieve , This is also Mesh Another key capability brought about by Urbanization .

From full link voltage measurement to chaotic engineering

For the complexity of cloud native architecture , It is an inevitable trend to introduce chaos into engineering .

2018 year , Chaos Engineering (Chaos Engineering) Become CNCF A new field of Technology .

For the chaotic engineering part CNCF The foundation included it in the observability section . stay 2020 year 8 The observability technology survey was completed in June , Members of the end-user community were asked about their assessment of 、 What observable solutions were tested and subsequently adopted . Yes 283 Sort and review data points , Determine final location .

Some key points of chaos Engineering .

One is that chaos engineering is not just done in the test environment , But directly simulate in the production environment . In other words, the test environment is difficult to fully simulate the production environment , Then it is necessary to conduct node fault simulation in the production environment , Also confirm the whole IT The stability of the architecture in the production environment .

The second is the real integration of business concurrency performance test and reliability test . In traditional testing, the two are often separated , It's hard to fully simulate... In a test environment .

The third is the uncertainty of fault simulation itself , The first is the uncertainty and randomness caused by the fault itself , The second is the uncertainty of the combination of various fault scenarios .

The complexity of distributed architecture under the cloud , It is an inevitable trend to introduce chaos into engineering , Just like when I talked about cloud native and micro services earlier , introduce ServiceMesh Microservice governance is also an inevitable trend .

At present, chaos engineering is a booming technical field , And it's getting more and more attention . It is also a set of practical measures proposed to deal with the complexity of distributed architecture , Rigorous engineering practice principles , Methods and tools . Chaos engineering is based on the idea of anti fragility , Simulating a fault is just a means , The core goal is still to improve the stability and observability of the system , Identify risks early , And optimize and solve .

Any production business system , Should not be a problem after a failure , It should be active discovery , Risk driven mechanism of active defense . This is the great value and role of chaos engineering in the cloud native architecture .

This book gives a brief introduction to the full link voltage measurement and its methods and actual combat , However, from full link voltage measurement to chaotic engineering methodology , It is an inevitable change to deal with the complexity of cloud native architecture .

For cloud native architecture , In fact, in the original article, I also talked about several key technical points, and the ability is worthy of in-depth study , It mainly includes the following contents .

  • Chaos engineering and observability
  • ServiceMesh And decentralized service governance
  • Highly flexible and automated elastic extension Architecture
  • Distributed middleware and distributed transactions
  • Integrated R & D, operation and maintenance platform and DevOps
  • AIOps
  • Traffic management
  • Secure and trusted architecture

The above content will be the development of cloud native architecture and technology , And gradually become mature .

Of course, this book also has some shortcomings , Because it is in multiple technical teams , Many people's works , I feel that the logical relationship between the contents described in each chapter is not rigorous , At the same time, the same content will be described in different chapters . This is a common problem when many people work together .

But there is still a difference between the next book and simple patchwork , One flaw cannot obscure the splendor of the jade , The overall framework content is still complete , Many practical contents and experience sharing are worthy of careful study and reference . Recommend the book again . In particular, large and medium-sized enterprises are facing digital transformation , Cloud native IT Technical directors and architects read .

Finally, dry goods , An enterprise class developed a few years ago saas The system is all open source , Interested partners can study .

weiit-saas Is a Java Open source project , Belong to weiit The team develops its own products , Intended to be packaged through technology , Let the enterprise do not need code development , Help enterprises generate small programs with one click 、 official account , Let the enterprise have the independent brand self operated Mall . Product competitors 《 I like it 》、《 Micro Alliance 》.

copyright notice
author[Young and promising 2025],Please bring the original link to reprint, thank you.

Random recommended