As the acquisition of VMware by Broadcom raises numerous questions among IT leaders, BNP Paribas’ shift towards containers – seen as the de facto standard for new developments and the target of its application migrations – illustrates the era change taking place in IT operations.

“Our goal is to leverage as many applications as possible in containers. Our objective by 2025 is to have 60% of the application portfolio running in the cloud, with a portion in containerized environments,” explains Christophe Boulangé, Director of Cloud and Digital Solutions at BNP Paribas, within the group’s IT department. Established in 2018, this department continues to streamline the technological approach across various entities of the group, “centralizing the relationship with one or more well-identified partners for each need, aiming to consolidate digital strategies across different entities,” as specified by Christophe Boulangé. In other words, avoiding the dispersion of different departments in a sprawling group using multiple technologies.

In this context, the bank’s cloud strategy has been defined, operating in 64 countries, focusing on a dedicated instance of IBM’s cloud (along with replicas in the United States and Brazil). “We wanted to benefit from the value of public cloud – such as frequent technological updates – in a secure banking environment, including access to container architectures. Since 2018, we had a good understanding of the speed of evolution of this technology,” adds Christophe Boulangé.

IaaS and Managed VMware: Just a Step

While BNP Paribas’ primary choice is to invest in Kubernetes architectures and PaaS approaches, not all applications are necessarily eligible, at least initially. “Some workloads remain on IaaS approaches or managed VMware layers. But we consider these developments as intermediate steps,” says the Director of Cloud and Digital Solutions. The goal is to streamline production on Kubernetes, leveraging options offered by IBM around this technology. Already, 40% of BNP Paribas’ applications operate in a cloud environment, and within that, one in two is based on a container architecture, according to the figures provided by Christophe Boulangé.

These levels assume the migration of numerous applications to the Kubernetes world. “This transition to the cloud is primarily a migration effort: 80% of the applications currently running come from our legacy, with new applications being developed directly in the target,” confirms the cloud director. When this transition involves containerization, a transformation of the application architecture becomes almost systematically unavoidable. Monolithic applications need to be broken down into a succession of microservices. “Migration without transformation leads to limited benefits,” observes Christophe Boulangé. To support teams in adapting their applications to the world of containers, a training effort has been undertaken, and methodologies like DDD (Domain-driven Design) have been introduced, facilitating a rethink of application segmentation.

Cloud: A New Form of Resilience

The shift to containerization also changes operations because it transforms team practices. “Predominantly, we made the choice to delegate operations to the cloud provider, reducing the training needs for our operators. Nevertheless, they must understand how these environments operate,” says the executive. This includes different resilience management, as applications in the cloud run not on two data centers, a standard in large enterprises’ IT productions, but on three, forming what providers call a region. “Load balancing between these three data centers introduces a new way to approach the subject and results in a new form of resilience,” notes Christophe Boulangé.

But, in a regulated environment like banking, this scheme is not suitable for 100% of applications, with some requiring availability exceeding 99.99%. “Deployment in a single region is sufficient for 80% of applications. So, we started with this scope, the easiest to migrate, to bring simplicity and flexibility to a maximum of applications. We are now in the process of generalizing migrations to other applications. To achieve more advanced resilience levels, they are deployed on a double cluster of three data centers each,” explains the BNP Paribas cloud director. This precaution allows managing risks associated with technological updates in the cloud.

Container as a Carrier of Efficiency Gains

According to Christophe Boulangé, this migration effort already has its “flagship”: the New Payment Engine instant payment application, completely rewritten in containers in the cloud. “Some mainframe applications have already been migrated to our cloud architectures. We are also in the process of transforming initial mainframe applications to bring them into container architectures,” notes our interlocutor. In retail banking or consumer credit, migration efforts focus on rewriting modules from traditional ERP systems. While these transformation efforts undoubtedly represent an investment, BNP Paribas expects to reap benefits in the long run. “Even though there are no fixed rules on this topic, the shift to containers generates numerous positive side effects. Container architectures allow decoupling component updates, reducing testing needs, and bringing more flexibility,” assures the executive, citing the case of a unit within the bank that migrated 120 of its 300 applications to container architectures and observed a double-digit percentage decrease in production costs from one year to another.

Because, for BNP Paribas’ cloud director, virtualization – going hand in hand with monolithic applications – results in resource overconsumption, even though its essential purpose is to improve the utilization rate of hardware capacities. “The shift to containers, where FinOps principles can be applied, allows us to realize this quickly,” he says, having observed up to approximately 20% decrease in vCPU consumption during the transition from VMs. Even if regulations or organizational choices, which in some cases see BNP Paribas reserving a cluster for a given entity, may limit these theoretical gains. “But it’s a transitional phase, time to scale up usage,” assures the executive. While the bank is only about halfway through its transformation program from 2022 to 2025 – with several tens of thousands of containers in production on the in-house cloud – Christophe Boulangé is already considering the next step, “going a step further with serverless. An approach that allows reducing the cluster cost to zero when the application is not in use.”

The acquisition of VMware? An anticipated topic, asserts BNP Paribas. 

For many IT productions, Broadcom’s acquisition of VMware signals a push towards migrating from virtual machines (VMs) to containers. Christophe Boulangé indicates that BNP Paribas had foreseen the situation, stating, “VMware being a de facto standard with no competitors as advanced and widely adopted.” To evolve its VMware legacy into the cloud, the bank presents three options: transformation towards containers, transitioning to a managed VMware offering, or opting for cloud-native VMs based on open-source technologies. “An option resulting in no licensing costs, with the benefits of application resilience provided by the cloud model itself,” emphasizes BNP Paribas’ Director of Cloud.

However, the bank does not contemplate abandoning VMware technologies, with a private cloud that will remain based on this technology. “We will retain these types of environments and the associated expertise,” says Christophe Boulangé. “We will strive to sustain investments made in recent decades around this technology. Furthermore, Broadcom’s recent announcements do not justify a fundamental change in our strategy. But neither do they warrant a resurgence of investments in a technology now viewed as a standard of the past.”