Shulou(Shulou.com)06/03 Report--

Shangyun, the inevitable trend of the Development of Insurance Industry

In recent years, with the vigorous development of financial science and technology, the insurance industry as an important component of the financial field, cloud computing, big data and other key technologies are profoundly changing the ecology of the insurance industry, how to use new technologies to promote efficiency and promote enterprise innovation and development. become the core competitiveness of insurance enterprises in the future.

At present, many domestic insurance companies have applied cloud computing to the innovation and construction of information systems. Not only traditional insurance companies actively carry out private cloud construction, but also emerging Internet insurance companies have full-business industry cloud.

The outline of the 13th five-year Plan for the Development of China's Insurance Industry issued by the China Banking and Insurance Regulatory Commission (formerly CIRC) also clearly points out the need to "promote the innovative application of cloud computing and big data in the insurance industry, and speed up data collection, integration and application analysis".

Cloud computing is an important technical means for the information development and reform of the insurance industry. The comprehensive introduction of the insurance industry can effectively solve the pain points in the process of system transformation, speed up the construction of a new generation of IT system for insurance institutions, promote the improvement of the financial industry's own business and service level, and achieve innovative development. In the future, more insurance companies will explore cloud computing and realize cloud computing.

In order to actively follow the 13th five-year Plan put forward by the Bancassurance Administration, combined with the current situation of IT information construction, user needs and its overall standard requirements, China Life data Center plans to promote cloud construction in a steady and orderly manner, and selected Kyushu Cloud as a partner to jointly build an OpenStack-based production cloud.

Steady and orderly landing life data center production cloud

The cloud platform of China Life data Center is designed with OpenStack, the international mainstream IaaS technology as the core, and optimizes based on its computing resource management, storage management, network management, image management, authentication management, metrology management and other modules, combined with distributed storage Ceph, to build a future-oriented, easy to scale-out, highly available, flexible computing storage cloud resource pool that is not locked by vendors.

This implementation is based on the community version of OpenStack and integrates third-party SDN network devices and storage devices to build an OpenStack private cloud platform. This platform consists of three Region,Region One (traditional network area), Region two (Huawei SDN area) and Region Three (Huasan SDN area).

This project mainly provides virtual machine management, storage management and network management for OpenStack cloud platform. In order to avoid a single point of failure of the control node, three physical nodes are used as HA to provide high availability of the control area. The OpenStack control area deploys the components required by the OpenStack control side, and each component provides the capability of HA.

Through the following logical relationship between the components, the control node deploys the required services such as API, mirror service, database service, message service and so on. Use HAProxy, Galera and other cluster technologies to build control nodes with high availability, as shown in the following figure, to form a high availability solution at the application layer.

The OpenStack compute area consists of X86 and blades and uses KVM to provide virtualization capabilities. OVS provides vswitch for virtual machines, thus providing support for flexible networking. Libvirtd acts as the virtualization management API layer and as the access layer of the OpenStack nova-compute control kvm. Nova-compute manages the computing resources of cluster nodes, neutron-ovs-agent manages the network of cluster nodes, and Zabbix-agent provides monitoring data collection.

Through the construction of this project, China Life data Center has successfully built an OpenStack private cloud platform. The main technical highlights involved in the program are:

Distributed architecture of computing and storage: adopting a distributed architecture of computing and storage to achieve a distributed cloud computing resource pool similar to that of Google data center and linearly scalable

Software-defined computing: based on the optimized open source virtualization platform, add advanced functions such as hot migration and high availability, integrate automated physical node deployment and application deployment automation, and realize the software definition of computing resources. It can realize the integration of multiple virtualization platforms and avoid vendor locking.

Software-defined network: through the integration of OpenStack Neutron, OVS and heterogeneous network hardware devices, the control plane and forwarding plane are separated, and a software-defined network environment is established.

Software-defined storage: unify heterogeneous storage through OpenStack, deploy distributed storage and commercial storage at the bottom and expose interfaces, realize flexible scheduling and on-demand allocation of storage, and build redundant backup environment through distributed storage to realize software-defined storage environment.

Security group feature: the cloud platform provides a security group feature for CVMs, which uses the security group feature to manage CVM permissions to prevent unauthorized access to tenant hosts. Security Group protects the security of the CVM by filtering the Linux Bridge port with IPtables. The security group implements four layers of protection functions, which can be used for different protocols such as UDP, TCP, ICMP, different ports such as 80, 22, 3306, 3389, etc., and different source IP ranges.

Monitoring function: in terms of monitoring, it is based on a unified and centralized management system, unified data processing and display, and unified alarm platform. Unified data processing and presentation, eliminate the situation of separate monitoring tools and system administrators switching frequently between interfaces, get rid of the current situation of data and events of the old monitoring tools, and unify in the new monitoring platform, and show through a unified display interface. Unified alarm platform, all alarms into the monitoring management monitoring platform, and unified alarms through text messages, e-mails and desktop clients.

Cloud Security is the key to Cloud in Life data Center

As far as the insurance industry is concerned, Shangyun security and compliance is very critical. Under the influence of the Internet transformation, most innovative businesses in the insurance industry directly connect to the Internet or work across security domains, facing various security problems such as illegal access, network * *, * *, virus transmission, worm * *, web application protection, zombie * *, DDoS*** and so on, and the possible security vulnerabilities of the underlying and above system software will affect the security of the whole platform system. After exploiting vulnerabilities to the platform, users can destroy all kinds of resources within the platform, resulting in unavailability of the system, or data loss or data leakage. Cloud security is the principle condition for cloud computing to exert its production capacity.

Therefore, it is very necessary to build a three-dimensional and comprehensive cloud security system for the insurance industry, and the China Life data Center is no exception. Cloud platform builds network security by orchestrating and calling existing internal / external cloud data center network security devices, firewalls and IPS, and customizes different security mechanisms for various application scenarios in the form of orchestration through traffic guidance.

With the application of three copies, erasure code storage scheme and distributed architecture, China Life data center can realize the ability of remote cycle snapshot, data rollback and multi-cloud synchronization in addition to the actual protection mechanism of local application, so as to ensure data security. to achieve 10 9s of data security. At the same time, cloud applications are flexible and scalable to achieve automatic operation and maintenance and automatic migration capabilities, together with highly available architecture and load balancing cluster, to create RTO=0 application security.

Secure and reliable private cloud is the systematic security of network + application + data. To ensure business continuity and high availability protection, Kyushu Cloud provides China Life data center with second-level continuous data protection, multi-copy data storage, high availability of system architecture, automatic scaling and load balancing cluster. ensure the high availability of cloud software systems and cloud deployment. Based on distributed storage technology, it ensures the preservation of multiple copies of business data storage, and provides data disaster recovery across cabinets according to business scenarios to provide 99.9999999% data reliability. At the same time, the back-end hosts can be automatically isolated according to monitoring policies and failure detection.

There is no doubt that cloud technology is creating a large number of new business opportunities for insurance companies, but with the emergence of many new security risks, with professional technology and security protection means, Kyushu Cloud is committed to providing a more secure way to the cloud for China Life data center.

Cloud platform promotes business innovation

The application of cloud computing will continue to go deep into the insurance industry, which will have a greater and greater impact on many aspects of the insurance industry. It is the need and inevitable trend of insurance development to make cloud computing more powerful in the insurance industry, enhance the ability of industry management, enhance the ability of scientific and technological innovation, and enhance the ability of the industry to serve the social economy. Through "cloud" innovation, China Life data Center will have broader opportunities to display its talents, and will achieve the following remarkable results:

Increasingly play the role of cloud platform: through platform as a service and business process as a service, China Life data center can realize new channel development, new equipment application, new business partner cooperation, and so on. The vigorous use of the cloud platform will greatly improve the rapid response ability, agility and initiative of the China Life data center, and enable insurance companies to overcome innovation barriers and overcome challenges such as new technology application development, terms and conditions, business deployment, and so on.

Enhance the technical strength and infrastructure of cloud services: the China Life data Center will continue to enhance the technical strength and infrastructure of cloud services, fully collect and make full use of real-time data, and build a new series of products and services on this basis. Integrate different aspects of business processes, improve product pricing and risk management and other internal capabilities, in-depth integration of banks, securities, automotive enterprises, hospitals and other external partners.

Form the industrialization of data service: the data obtained by China Life data center through cloud computing data platform is increasing rapidly, and its various business departments need to fulfill and coordinate the responsibility of data generation and transmission to improve the efficiency of data management. And it needs to fully understand the situation of data supply and demand, accurately judge the value of data, create a data supply chain, and form the industrialization of data services.

Improve business agility: cloud technology provides analytics as a service to China Life data center to help it re-examine its core business, redivide core and non-core business, and will help simplify its core business architecture and improve business agility.

Better avoid new security risks: while cloud technology creates a large number of new business opportunities for insurance companies, there will also be many new security risks, especially in mobile transactions. China Life data center pays more attention to the control of devices, applications and operating systems, and better avoid security risks.

About Kyushu Cloud 99 Cloud: founded in 2012, Kyushu Cloud is an early professional company engaged in OpenStack and related open source services in China. Since its establishment six years ago, adhering to the concept of "open source enabling change", the company has constantly consolidated its own strength, and has realized the expansion and accumulation of business from core cloud to marginal cloud and then to vertical industry applications. it has successively provided high-quality cloud computing services to enterprise customers in government, finance, operators, energy, manufacturing, commerce, transportation, logistics, education, health care and other major industries. At present, it has many heavyweight customers, such as State Grid, × ×, China UnionPay, China Mobile, China Telecom, China Unicom, China Resources Satellite, eBay, International dry Port Group, China Life Insurance, Wanda Information, Dongfeng Motor, Nokia and so on.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.