One of the UK's fastest-growing fintech companies, GoCardless, has recently completed a migration to Google Cloud infrastructure, reducing its costs by 25 percent and starting a shift towards a more modern, containerised cloud operating model.
Founded in 2011 by current CEO Hiroki Takeuchi alongside the now-CEO of challenger bank Monzo and Matt Robinson, the CEO at proptech company Nested, GoCardless processes nearly £8 billion in direct debit payments a year for around 40,000 businesses. It recently raised $75 million in funding to power a global expansion.
"We process hundreds of thousands of transactions every day," Norberto Lopes, senior manager for infrastructure and systems engineering at GoCardless said as part of a blog post on the migration. "With our previous hosted data centre, setting up new servers was time consuming and tedious, as well as being error prone, as we had to check the controls, storage, and encryption. It would take around four hours to set up a new machine after putting in a ticket and specifying all the parameters."
The fintech company chose Google over its main cloud infrastructure rivals of Amazon Web Services (AWS) and Microsoft Azure for two reasons.
"One was our comfort level working with Google," Neil Turner, VP of engineering at GoCardless told Computerworld UK. "They understood us from an engineering point of view and were fast to answer any questions we had and were really engaged.
"The other reason was we liked the identity-aware proxy on the platform and other capabilities like BigQuery and the machine learning tools, so taking advantage of all of those and making it easy for us to adopt those was another factor."
The company was previously running on IBM SoftLayer infrastructure, and spent a year investigating the right public cloud platform to shift to in order to boost its flexibility, resilience and reduce operational overhead.
The company opted for an all-in migration to Google Cloud Platform in September 2018, before steadily migrating all of its systems to the infrastructure over the next few months, starting with internal systems, then its staging environment and finally production systems. The team allowed for an hour window for downtime during the final traffic switchover but reported that systems were only down for eight minutes.
GoCardless opted to migrate its applications to the Google Kubernetes Engine (GKE) specifically, which is the vendor's fully managed platform for running containerised applications.
"We run our apps on GKE and host our database on Google Compute Engine," Lopes wrote. "Using GKE with Container Registry has removed a lot of the operational burden and our development cycle from idea to deployment is also faster, as anyone can set up an app with a simple configuration, without the involvement of the Site Reliability Engineering Team.
"We also built an internal data processing pipeline using Cloud Pub/Sub, Cloud Storage, Cloud Dataflow, and BigQuery. We put our pipeline together without wasting time on building. With Cloud Dataflow, we don't need to worry about the volume of data we're processing, and there isn't a capacity limit so our engineers can focus on their work, not on provisioning machines."
The organisation is also looking to go serverless where possible, Turner said: "As we look to re-architect we want to leverage different things and some parts of the system could go serverless, but it's not appropriate for everything."
That headline infrastructure cost saving of 25 percent comes through two means for the organisation: more effective and flexible scaling of infrastructure and lower operational overhead.
Turner also explained the opportunity cost attached to not migrating to the cloud: "There are things that we can do with Google that we can't do on-premise, like machine learning workloads would be too large to support on our own, so there's a cost saving physically and an opportunity cost attached as well."
For example, when it comes to reducing fraud in its core payments system, GoCardless can now start to enrich its models with more machine learning techniques. Turner also talked about leveraging machine learning to improve the company's ability to reduce the number of charge backs in its system by optimising its models to find the right time to take a second payment attempt.
As well as being cost effective, GoCardless has a more robust set of systems than before, where a failure would take two weeks to resolve as the engineering team would need to replicate the production cluster in order to locate a fault.
"On GCP, when we had a similar failure, it took us just 17 minutes to replicate the cluster, saving two weeks of data recovery work for an entire team. Whereas provisioning a server used to take four hours, it now takes a couple of minutes," Lopes wrote.
Security was also a key factor in GoCardless's choice of GCP as a cloud provider. Engineers at GoCardless now use the Google Cloud Identity Aware Proxy, which enables them to access key systems without the use of a VPN.
"They are onboarded automatically via G Suite, and are protected by two-step authentication. We also use Cloud Key Management Service for our cryptographic keys, which enables us to rotate keys automatically if we need to," Lopes explained.