Rabobank is transitioning into an event-driven bank, leveraging a Business Event Bus to facilitate the real-time exchange of business events. The infrastructure is supported by a collaboration with Axual and utilizes Apache Kafka for messaging across multiple data centers. Key objectives include high availability, security, data governance, and empowering teams through self-service capabilities in managing data streams.

1. Rabobank Journey Towards
Becoming an Event-driven Bank
Confluent Webcast
17 October 2018

2. About Rabobank

3. Some digital highlights

4. In 2015 we started redesigning Rabo Alerts
Alerting Solution
Identify relevant
users
Filter, translate Distribute
Distribute
user/channel specific
message
Other
subscribers
Distribute
user/channel specific
message
Distribute
user/channel specific
message
User alert
preferences
Contracts
Compliance &
Business rules
User channel
preferences
Public
interface?
Public
interface?
Subscription Service
Complex Event
Processing
Business Event Bus

5. A marketplace where applications exchange Business Events at the moment they occur.
A Business Event is a something that happens or takes place to which organizational entities might want to react.
Objective: BEB provides all the tools,
mechanisms and processes to support
organization-wide event sourcing.
Collaboration between Rabobank
and Axual for design, build & run.
What is Business Event Bus?
BusinessEventBus
Marketing Sales Payments Accounting
Savings Loans Mortgages
Customer
Service
CRM
Cards
Investments
IT

6. High Confidentiality, Medium Integrity, High Availability
“Sharing events” caught on quickly
Payments Stock Orders Website
RelevanceMortgages
Personal
Finance
Management
Rabo Alerts
Business Event Bus

7. What makes an ideal streaming platform?
Characteristics
• Always available
• Low maintenance
• Self-Service
• Easy to use
• Standardized
…while respecting
enterprise requirements
• Integration with Corporate
Directory
• Data Security
• Data Governance

8. Architectural Concerns
High Availability Security Data Governance Self-Service

9. High Availability
Client Application
Axual Client Library
DC or CloudDC or Cloud
Multi-directional
message / offset
replication
Apache Kafka
Confluent Platform
Apache Kafka
Confluent Platform
Runs in multiple data centers
• Each DC runs an autonomous Kafka cluster
• Messages are replicated within a cluster
• Clusters withstand node failures
One logical platform
• Axual extended Kafka across data centers
• Messages are replicated symmetrically using a
push-out mechanism
• Upon DC failure, apps are routed to another DC
Apps’ perspective
• Applications do not know about Kafka clusters
• Apps query the Configuration Provider to find out
where Kafka is and where they should
produce/consume
• They repeat the same query every 10 minutes
• In case of disaster or DC failure, apps are
directed to switch to another cluster to continue
• Also supports scheduled maintenance windows
Business Event Bus
APIAPI
Config Provider
API

10. Security Enforcement
Producer 1 Producer 2 Producer 3
Data Stream
Data Stream
Data Stream
Data Stream
Data Stream
Data Stream
Data Stream
Data Stream
Data Stream
Consumer 1 Consumer 2 Consumer 3 Consumer n
Business Event Bus
Security Mechanisms
• All connections are secured by two-way SSL
• TLS v1.1 and v1.2 are supported, TLS v1.0 is
deprecated and turned off by default
• Certificates are used to authenticate and perform
stream authorization
• It is impossible for an application to gain access to a
stream that it has no rights for
• Mechanisms implemented transparently in Axual
Client Library
Application Catalog
• Central repository registering all known apps
• Every app must declare its SSL certificates
• Certificates must be signed by a trusted Certificate
Authority
Stream Access Rights Management
• Streams are secured through Access Control Lists
• Applications are assigned rights to either produce,
consume or both
• Streams are physically separated from each other,
stored in separate files

11. Data Governance
Objectives
• Maintain control over your streaming
landscape
• Promote reuse of existing data streams
• Allow stream and schema versions to co-
exist
Stream Governance
• Central repository with stream definitions
• Administers stream properties like
ownership, retention time and message
formats
• Deployable to different environments
Schema Governance
• Central repository where schemas are
registered and maintained
• Contains all versions of schema and allows
for comprehensible schema evolution
• Confluent Schema Registry enforces schema
as data contracts at runtime

12. Self-Service
Power to the Teams
• There is a general shift in enterprises towards
DevOps and autonomous teams
• Teams must be empowered to take control over
their applications in every way
• Through Self-Service we want to allow everyone
to create, modify and deploy streams, easily and
securely
Axual UI
• Simple and uniform interface for functional
maintenance
• Allows configuration of Environments,
Applications and Streams
• Strict ownership rules allow regulation of
responsibilities
• Easy deployment of configured data streams
Axual API
• The UI uses a REST API to modify catalog
information
• The API can also be called from CI/CD workflows

13. Platform capabilities
• Publish/Subscribe Messaging
• High Performance
• High Availability
• Multi-tenant & Multi-environment
• Data Governance
• Self-Service
• Data Lineage
• Security
• Integration options & Protocol support
Development capabilities
• Client libraries
• Test tooling
• CI / CD integration
Operations
• On-premise and in Clouds
• Configurable and Automated Deployments
• Monitoring, Alerting & Logging
Logical Architecture
DC or CloudDC or Cloud
API
Multi-directional
message / offset
replication
Data Governance Data Lineage Security
Development Tools
Self Service
High AvailabilityMulti-tenancy
Apache Kafka
Confluent Platform
Apache Kafka
Confluent Platform
API
Business Event Bus

14. Event-driven banking examples
Customer
birthday
Transform a youth account to a
student account when turning 18
BusinessEventBus
Personal alert generation SMS
Fraud detection
Booking on a
payment
account
Customer
logging in
Relevance engine Action
Email
Push

15. Today, events are key assets
Many types of events are now shared, eg:
 Transactions
 Customer Authorizations
 Web analytics
 Customer birthdays
 Mortgage status
 Address book updates

16. Some statistics
≈65
Managed streams
50+Consumer/producer
applications
14kMessages/sec
continuously (avg)
135
Avro schemas
40Environments
supported
40+Teams supported
4Data centers
(On-prem & in Cloud)
≈ 500M
Messages/day

17. Not all things went well

18. • Walking the path learned us more than talking about it
• DevOps is mandatory for the central team to be effective
• Team consists of only 4 people
• Find out in practice what works and what doesn’t
• Improve developer journeys
• Reduce amount of work per data stream
• Automate all the things
• Team focus and passion is crucial
Lessons learned

19. • Use Cases:
• Scale up use with microservices
• API and events collaboration
• More real-time business
• Business Event Bus:
• Scale platform to Cloud
• Multi-Cloud
• Productized as Axual Platform
to other organizations
Future steps
On-premise DC2
Apache Kafka
Confluent Platform
API
On-premise DC1
Apache Kafka
Confluent Platform
API
Azure Region 1
Apache Kafka
Confluent Platform
API
AWS
Apache Kafka
Confluent Platform
API
Google Cloud
Apache Kafka
Confluent Platform
API
Azure Region 2
Apache Kafka
Confluent Platform
API
API