Guidewire Cloud: Why Hybrid-Tenancy is the Right Choice (Part 2 of 2)

By: Anoop Gopalakrishnan (VP Engineering) and Jerome Guionnet (Chief Architect)

In Part 1 of this blog, we described the hybrid tenancy model of the Guidewire Cloud Platform (GWCP) and how it maximizes business value for Property & Casualty (P&C) insurers moving to the cloud. In Part 2, we provide further details about the hybrid tenancy architecture and how we are enabling cost efficiencies that further enhance the overall value proposition of Guidewire Cloud.

Introduction

In our last blog post, we described Guidewire’s rationale for taking a balanced approach to developing the Guidewire Cloud Platform (GWCP) architecture; one that preserves the InsuranceSuite core transactional system while externalizing select business functions as cloud services that can be shared by multiple customers. This allows customers to leverage their previous investments in InsuranceSuite, while also enabling greater speed, agility, and innovation only the cloud can deliver.

We also reviewed the key design principles that drove Guidewire’s cloud architectural transformation:

• API-First: Componentize the InsuranceSuite core and expose transactional policy, claims, and billing functions through RESTful, Cloud APIs.
• Externalized Services: Build multi-tenant cloud microservices for common business functions that can readily be decoupled, optimized, and shared outside the core.
• Cloud Platform: Develop a cloud platform specific to the P&C insurance domain, including application, digital, data, and analytics tooling and components.

Intersecting these technical design principles with the need to fulfill both existing and emerging customer requirements led Guidewire to implement the hybrid tenancy architecture that became the foundation of Guidewire Cloud.

Hybrid Tenancy Architecture

Guidewire’s cloud platform can best be described as a standardized cloud infrastructure and services layer built on top of Amazon Web Services (AWS) that is highly optimized for use with InsuranceSuite core applications. It leverages Kubernetes to deploy, manage, and scale containerized workloads comprised of single tenant InsuranceSuite instances and multitenant cloud-native services. Collectively, these form the hybrid tenancy model behind GWCP, which is shown in the diagram below:

Digging a bit deeper, the key components of the hybrid tenancy model include:

Customer Cluster: Includes tenant-specific instances of the InsuranceSuite core (IS Core) application, with isolation of process flows and datastores enabled through the assignment of restricted namespaces for each tenant. Cloud account management & communications are handled by Kubernetes control planes, with Kubernetes network policies used to define security controls, set resource limits, and maintain customer workload separation at the data, compute, and network-level.

Guidewire Cluster: This is a reserved platform cluster for cloud-native, multi-tenant microservices that either have been externalized from the InsuranceSuite core or represent net new functionality required for business success within the P&C insurance industry. It is likewise orchestrated and managed by Kubernetes, but in this case, each namespace manages a containerized microservice utilized by many customers. Each microservice is self-contained and independently executable in response to network API requests.

API Gateway: This acts as a single point of entry for all client API requests, including interactions between InsuranceSuite and cloud-native microservices, as well as requests from external, 3rd party systems. Implemented as an Ingress Controller in Kubernetes, it acts as a reverse proxy that routes requests from clients to services while also performing cross-cutting tasks such as token validation, SSL termination, and rate limiting.

All clusters deployed on GWCP operate on identical cloud infrastructure, with each tenant provided with a dedicated CI/CD pipeline and code repository that is central to the overarching goal of reducing the development-to-deployment cycle time.

Cluster Multi-Tenancy

While the InsuranceSuite core is deployed as single instances per tenant, the Customer Cluster itself is implemented as a multi-tenant cluster that supports the workloads of multiple customers. All tenants share the cluster’s available cloud resources, including CPU, memory, and storage. Logical tenant isolation is achieved by separating each tenant into their own namespaces into which lower-level Kubernetes resources (Nodes, Pods, Containers, etc.) are automatically allocated based on workload demand. This is shown in the diagram below:

Based on this configuration, enforcement of multi-tenant workload isolation is enabled by a number of cloud services, including:

• Identify & Access Management (IAM): To grant role-based permissions to Kubernetes resources inside the tenant’s assigned namespace within the Customer Cluster.
• Network Policies: To control the communication between Pods within the Customer Cluster, including which namespaces, labels, and IP address ranges a Pod can communicate with.
• Resource Quotas: To manage the number of resources used by the objects in a Customer Cluster namespace, ensuring no tenant uses more than its assigned share.

While Guidewire Cloud customers have the option of requesting a dedicated cluster to provide an even higher degree of isolation for their workloads, Guidewire believes cluster multi-tenancy delivers the best combination of security, performance, reliability, and resource efficiency at reduced operational cost.

Balancing Cost & Operating Efficiencies

The architecture of GWCP was defined to maximize the value delivered to cloud customers while also fulfilling Guidewire’s business objectives as the leading SaaS provider in the P&C insurance industry. Achieving this required Guidewire to strike a balance between the cost of delivering world-class cloud infrastructure and the operational overhead associated with running it on behalf of our customers.

Beyond standardizing on Kubernetes for orchestrating and automating the deployment of containerized applications and services, Guidewire has taken a number of steps to reduce costs while enhancing operability. These include:

1. Increasing the density of containers within a single virtual machine (VM), thereby reducing the number of compute instances per host and associated infrastructure cost.
2. Leveraging Kubernetes scaling and self-healing capabilities to eliminate the need for human intervention to scale up resources or restart failed, or non-responsive containers.
3. Identifying clear resource requests and limits to reduce waste and optimize sizing requirements based on actual utilization rates over time.
4. Taking full advantage of namespace-scoped policies to provide the right level of isolation and drive effective governance for better security and auditability.
5. Standardize the software development lifecycle to enable a Continuous Integration/Continuous Delivery (CI/CD) release process and maximize DevOps efficiencies.

Guidewire has also made significant investments to instrument GWCP to enhance monitoring and ensure continuous visibility into resource usage and the metrics needed to control cost without compromising security, reliability, and performance.

Cloud-Native Microservices

As described earlier, another key aspect of Guidewire’s hybrid tenancy architecture is the delivery of multi-tenant, cloud-native microservices, including:

• Common Cloud Services: Services that enable a wide variety of cloud administrative functions such as authentication, authorization, and configuration.
• Functional Business Services: P&C business functions that have been externalized by leveraging the InsuranceSuite Cloud APIs or delivered as new services that interact with the core.

The decision to externalize select business functions is primarily driven by customer and market requirements as well as the need to optimize performance of InsuranceSuite as a transactional system-of-record in the cloud. Decoupling these functions from the core allowed them to be transformed into cloud-native services with all the inherent fault resistance, availability and scalability advantages the cloud has to offer. And as self-contained, separately deployable artifacts these microservices can be developed independently and continuously updated with new capabilities while avoiding downtime.

With many more cloud-native services under development, the following diagram highlights some of the services delivered by Guidewire to date:

An Opinionated Platform for P&C

The platform underlying Guidewire Cloud was purpose-built to fulfill the essential business needs of the P&C industry and the largest insurance companies in the world. In this context, GWCP is considered an “opinionated” platform because the cloud infrastructure has been selected and optimized for use with the domain-specific applications and services it supports. With GWCP, everything needed to develop, provision, deploy, and run InsuranceSuite and related digital, data, and analytics applications is provided in a standardized, repeatable way. And it’s all based on a clear set of design principles and grounded in best practices learned from successfully delivering P&C solutions over the last two decades.

GWCP is also opinionated in the way it provides built-in capabilities and integration points that are most common within the P&C insurance domain. This further optimizes the development-to-deployment lifecycle by reducing complexity and making it easier for 3rd party developers to integrate with the platform. And because platform configuration and extensibility are enabled through standard development tools, the GWCP developer experience comes with a degree of consistency developers expect.

Finally, GWCP operates as a singular platform with all selected components, services, and tooling considered best-in-class and integrated with a focus on simplifying the overall cloud operational model. Ultimately, Guidewire Cloud provides the platform insurers need to bring new products to market more quickly, innovate more easily, and respond with greater agility to the challenges and opportunities ahead.

If you are interested in working on our Engineering teams building these cutting-edge cloud technologies that make Guidewire the cloud leader in P&C insurance, please apply at https://careers.guidewire.com.