Why Capital One completely redesigned its Chef stack on AWS
Source – computerworlduk.com
US bank Capital One is on its third iteration of the Chef automation platform, allowing the US bank’s software development pipelines to be more resilient.
The bank, which is a big exponent of devops, runs Chef Automate at true enterprise scale, with more than 15,000 nodes for dev, QA, and production environments, all hosted on AWS.
Speaking to a packed room at Chef Conf in Chicago this week, John Casanova, master software engineer at Capital One explained that when he joined four years ago, “my first task was to get Chef out of three data centres and on to AWS. We did that in 2015 and that architecture had limitations, so we redesigned it over a year and finished that last year and released this year.”
Naturally, Capital One is highly regulated, so compliance is key to any software development done within the organisation.
For example, the bank runs a process it calls rehydration as part of its OS patches and security updates.
The bank uses a tool called Cloud Custodian “that will shut you down if you are out of compliance, so there is a bit of pressure,” Casanova said. “Rehydration is a big factor in how we approach building our stacks as we have to relaunch them every two months.”