alunablue - stock.adobe.com

Dropping commercial open source lowers PaaS costs at Fidelity

Investment company Fidelity has created an on-premise PaaS for its in-house developer teams using the open source Cloud Foundry platform

Fidelity International has made considerable savings by switching from a commercially supported distribution of Cloud Foundry to the free open source version.

The investment company saved more than £1m on its Cloud Foundry setup, which was being used to support around 40 applications. Usage has now exceeded 170 applications.

During a session at the Cloud Foundry Summit in Basel, which looked at how Fidelity moved from commercial software to open source, Rachael Wonnacott, platform-as-a-service (PaaS) engineer at Fidelity, said that given the swell in usage, extending the commercial Cloud Foundry licence would have been very expensive.

“We started four year ago. The appeal of Cloud Foundry is that developers only need to care about their application and data. But it was really difficult to understand adoption of the platform,” she said.

The greater the level of adoption among developers of the commercial Cloud Foundry platform, the higher the licence fees Fidelity International would incur, based on the number of applications running on the platform.

To mirror the service offered by the commercial Cloud Foundry distribution, Wonnacott said the internal IT team, comprising 10 staff, needed to support the open source Cloud Foundry PaaS with no degradation in service and without any additional risks.

“We were worried we would leave the benefits of using a large commercial vendor, but there are lots of open source communities, and by being a member of the community we can drive focus.”

Wonnacott said since there is no difference between the open source and the commercially supported version of Cloud Foundry, Fidelity International considered the risks were low. “We trusted the Cloud Foundry code,” she added. 

The only difference is that responsibility for patching the open source code is internal, but Wonnacott believes this gives Fidelity International a greater level of control. 

“I would argue that our approach to security is much more flexible with open source than with a commercial distribution. We can upgrade individual components and we do not have to wait for a supplier to release an update. We are able to take an executive decision on what code to upgrade,” she said.

Wonnacott said the team at Fidelity International was also able to gain a greater understand of the Cloud Foundry platform, since the in-house IT team could access all the open source testing developed by the community to verify Cloud Foundry works properly.

To support the open source Cloud Foundry code, Wonnacott said Fidelity International stipulated that software version control and peer review would be used on all code and configuration changes, and all these changes would be stored in the git open source code repository.

“With any system something might fail, and we need confidence we can recover,” she added.

Given that it operates in a regulated industry, Wonnacott said Fidelity International used Concourse, a continuous integration and deployment system, to fully automate deployment of the configurations required by the Cloud Foundry platform. This allows it to provide full auditability for the Financial Conduct Authority.

Read more about enterprise open source

Read more on Open source software