Ortec Finance creates cloud-native platform for risk and return management
Ortec Finance has built a ‘batteries included’ cloud-native platform on Azure Red Hat OpenShift, together with HCS Company!
Ortec Finance created a cloud-native platform with HCS Company, and how they did that caught the attention of Microsoft.
Client: Ortec Finance
Sector: Financial Services / FinTech
Services: Resourcing, Consulting, and Help-as-a-Service
Financial leaders face a changing investment risk landscape due to geopolitical turmoil, regulatory reforms, market instability, and climate risk factors. Ortec Finance helps its clients balance risk-and-return trade-offs and improve investment decision-making. Clients include institutional investors, such as pension funds and insurance companies, and private wealth advisers around the world.
Ortec Finance offers these solutions as software as a service (SaaS) and as APIs that allow customers to meet their specific needs themselves. This delivery model has resulted in enviable customer satisfaction and retention rates over the years, but the forward-looking company is always looking for ways to take advantage of evolving technologies and improve its products. Together with HCS Company, Ortec Finance reorganized in 2019 and took a fresh look at its technology strategy.
Milan Seijbel, Chief Technology Officer (CTO) at Ortec Finance: “We asked ourselves, how can we further optimize the way we serve our customers? That led us in the direction of cloud-native platforms. We configured these to our needs, and it soon became clear that we could benefit tremendously from this.”
For a company that models and maps uncertainties, the move to a cloud-native platform made for careful consideration. “Building and maintaining a cloud-native platform is not our core business,” explains Ortec Finance technologist Joris Cramwinckel. “On the other hand, fully outsourcing cloud-native operations is not in line with our desire to be independent.”
For Ortec Finance, independence means staying flexible and using vendor-neutral, open-source technologies wherever possible. “We didn’t want a vendor lock-in”, says Seijbel. “We are looking for what best suits our needs and keep options open for the future.”
The company found a middle ground in a cloud-native approach based on Azure Red Hat OpenShift platform as a service (PaaS) and managed services. PaaS means that Ortec Finance manages the applications and services it develops, and Microsoft manages everything else. It is a big shift technically and culturally for a company that is used to supporting the entire hardware and software stack itself.
“Azure Red Hat OpenShift is a very mature, tried and tested enterprise-level Kubernetes toolkit. It’s a ‘batteries-included’ platform.”
Joris Cramwinckel: Technologist
Ortec Finance
Ortec Finance works in partnership with HCS Company, an IT company in the Netherlands that specializes in hybrid platforms. “They told us we needed a ‘batteries-included’ cloud-native platform,” Cramwinckel recalls. “For us, that meant the platform had to run on a fully managed infrastructure.”
The teams from Ortec Finance and HCS Company began building the ORCA platform with the popular Kubernetes orchestration engine for cloud-native, container-based workloads. After joint market research, Ortec Finance chose Red Hat OpenShift, an enterprise-ready Kubernetes container platform built for an open hybrid cloud strategy.
Thanks to OpenShift’s open-source philosophy, the hybrid platform met Ortec Finance’s need to remain as vendor-neutral as possible. “Our customers want that too,” Cramwinckel points out. OpenShift runs on every cloud platform and even on-premises. But the team quickly learned that ‘vanilla Kubernetes’, in the words of Cramwinckel, ‘is not our style’. The company wanted the convenience of self-service PaaS for its solution engineers and customers, along with support for familiar builder patterns and standards. With this in mind, Ortec Finance and HCS Company developed a questionnaire to evaluate cloud vendors, comparing security and privacy capabilities, costs, and other features.
Seijbel says that Microsoft met the bar. “They satisfied all our questions regarding the GPDR, pricing, results, and quality. It was the best way to start with a hybrid platform.”
In a pilot project, Ortec Finance used its Navigator product to test managed OpenShift environments. Navigator is a monitoring, reporting, and analysis tool used by pension fund managers to determine whether an investment strategy is on track. Navigator, built in Kotlin using the Java Virtual Machine (JVM) web stack, now uses Spring Boot middleware for the back-end and Nginx containers for the front-end. Before the cloud-native transformation of Navigator, the application was deployed on Oracle WebLogic with an Oracle database, an application stack representative of other Ortec Finance products.
The pilot project consisted of a team of Ortec Finance engineers, together with advisers from HCS Company and the Microsoft FastTrack programme. The team’s vision evolved during the testing of components, even comparing the performance of Navigator containers that were deployed on both Azure Kubernetes Service (AKS) and Azure Red Hat OpenShift. “It’s all about what fits best,” Cramwinckel underlines. “For anyone operating on our scale, I firmly believe that managed Kubernetes is the solution.”
Azure Red Hat OpenShift proved to be the best fit for Navigator and the “batteries-included” platform that Ortec Finance wanted. As a fully managed service, it abstracts much of the complexity associated with running containers on Kubernetes and provides a path to cloud-native services. “The fact that it’s built on open source components helped us avoid vendor lock-in,” says Seijbel. “It also is a complete platform in terms of the services that are included. Other options were only halfway there.”
Azure Red Hat OpenShift is jointly developed, managed and supported by Microsoft and Red Hat. “In Azure, the infrastructure integrates very well with the middleware, the OpenShift or Kubernetes cluster,” Cramwinckel observes. “OpenShift can grow elastically. This happens automatically on the Azure infrastructure, and that wasn’t the case with some of the other self-managed OpenShift environments; not even when they ran in a cloud infrastructure.”
In partnership with HCS Company, Ortec Finance built the cloud-native ORCA platform for web applications in Azure Red Hat OpenShift. Developers can choose from managed databases and other Azure and open-source technologies for their applications.
In partnership with HCS Company, Ortec Finance built the cloud-native ORCA platform for web applications in Azure Red Hat OpenShift. Developers can choose from managed databases and other Azure and open-source technologies for their applications
“Managed” instead of DIY
The ORCA platform architecture follows Ortec Finance’s philosophy of using managed services instead of do-it-yourself development. The design ensures that there is room to grow. As Cramwinckel points out: “The services added to the platform will follow the principle of ‘managed rather than do-it-yourself’, meaning that several of these services, such as databases, are managed cloud solutions.”
It’s all about choices for the solution engineers and customers who use the ORCA platform. It provides them with a way to efficiently deploy applications, oversee access and authorization, and manage applications across multiple Kubernetes clusters. A CI/CD (Continuous Integration and Continuous Deployment) pipeline supports high-quality, repeatable DevOps practices and combines Azure services with familiar open-source tools.
For example, teams use Azure Artifacts, a managed service of Azure DevOps Services, to create, host, and share build packages. Argo CD, a Kubernetes GitOps tool, pulls updated code from Git repositories and works with the open-source Tekton framework to automate all parts of the development life cycle.
When engineers create a new, ready-to-run installation copy containing an application or service, they push changes to Azure Container Registry. As a fully managed service, this offers fast, scalable retrieval of container workloads and it connects Azure services and environments, including Azure Red Hat OpenShift. Behind the managed OpenShift clusters, Kubernetes provides the option to automatically scale clusters as demand requires.
“Now we can cater to our developers with a much broader portfolio of tools they can use,” Cramwinckel says. "Because from an ops perspective, it is much easier to support technology in a cloud-native environment than in a traditional environment.”
That portfolio extends to the open-source tooling included in the ORCA platform. For example, solution engineers have access to tools they already know, such as Prometheus for performance metrics and Grafana for visualizations.
Across the entire platform, security is top of mind. ORCA is designed to expose as small an attack surface as possible. Azure Red Hat OpenShift provides integration with trusted Azure services, such as Azure Active Directory for role-based access control (RBAC) and Azure Key Vault to manage secrets and keys.
The platform’s flexible use of Azure Managed Services and open source is part of Ortec Finance’s security policy. Cramwinckel: “We are now equipped to handle the dynamics of the changing world. New technologies are appearing. If vulnerabilities emerge, we can move past them and change our stack.”
“Cloud-native is not just about technology. Change is about people.”
Joris Cramwinckel: Technologist
Ortec Finance
In designing the ORCA platform, Ortec Finance and HCS Company wanted to respond to the needs and preferences of solution engineers. That flexibility extends to the choice of managed databases. For example, a product team familiar with relational Oracle databases moved its product to ORCA and chose Azure Database for PostgreSQL for the data layer. Another team with decades of experience using Microsoft SQL Server moved its application to ORCA and chose Azure SQL Managed Instance. The service provides an always up-to-date SQL instance with pay-per-use billing that suits the workload, in which calculations are typically done only at the beginning of the month.
“We are also in the process of onboarding a .NET stack,” mentions Cramwinckel.
He says that Azure makes it easy for engineers, regardless of which stack they use. “They can just click their point-in-time backup policies, see where the data is at rest and where the data is in transit. There are a lot of controls that are very accessible to engineers.” They can also use the Azure Cost Management and Billing feature in Azure Portal to keep track of cloud expenses. That’s a big advantage, he adds. “Azure makes you feel in control.”
Not only do engineers gain more control, but ORCA also helps foster knowledge sharing in an open community - something Ortec Finance regards as one of the platform’s superpowers.
“Cloud-native is not just about technology”, Cramwinckel stresses. “Change is also, and above all, about people.” One piece of advice he gives is to follow the InnerSource best practices for open-source development. Ortec Finance ultimately set up a separate team to run and maintain the platform and to explain the available services to engineers. This best practice enables the engineering teams to get the most out of ORCA and Azure in a responsible way.
Seijbel is glad that Ortec Finance took the time to find the best components for the ORCA platform. “Fortunately, we didn’t jump on everything called ‘cloud’ from the beginning. We stepped in a bit later so we could also build on what was already proven.”
With a range of cloud vendors, services, and tools to choose from, the proven track record of HCS Company and Azure stood out. “We now leverage the managed container platform Azure Red Hat OpenShift to support the company's technology goals: enable growth, assure quality, and deliver fast,” he mentions.
Meanwhile, Ortec Finance continues to expand the ORCA platform. For example, teams are using Azure Machine Learning to refine the highly complex econometric models that underlie many of the company’s financial solutions.
Ortec Finance is sharing its Azure experience with others in the industry as well. Including through introductions from HCS Company. “We talk to other companies that run Red Hat OpenShift and they are keen to know what our thoughts on Azure Red Hat OpenShift are. They are very interested in following the same route,” says Seijbel. “We have faith in the managed Azure Red Hat OpenShift solution.”
"We leverage the managed container platform Azure Red Hat OpenShift to fuel our technology goals: enable growth, assure quality and fast delivery."
Milan Seijbel, CTO
Ortec Finance