Introduction

At Man Group we strive to be at the forefront of product design and innovation. Investment in technology and processes is vital to support our growth. While we regularly develop greenfield software solutions for new challenges, we equally invest in the continuous evolution of our core systems. Under this programme our core trading platform, ROSA, has efficiently served as the foundation of our investment management systems for many years.

As such a platform matures, development teams face an increasingly complicated decision. Using the established system and processes they can quickly deliver incremental business solutions with predictable effort – a strategy naturally favoured by business unit delivery managers. Yet it incurs less tangible long-term intensifying costs that must ultimately be dealt with. This includes technical challenges such as unplanned obsolescence from technology end-of-life or incompatibilities with newer systems and standards. It also includes social challenges, such as continuing to attract and retain the best talent in the industry who want to work on the cutting edge.

Alternatively, the teams could deliver a completely new system using the latest frameworks, design patterns and industry standards. While the freedom and flexibility this affords is attractive to developers, along with the opportunity to improve their skills, the short-term business impact is significant and could include:

  • New development tooling and upgrades to continuous delivery systems to build, test and package the new components;
  • New infrastructure or investment in cloud services for deployment environments;
  • Changes to runtime monitoring, alerting and support processes;
  • Custom bridging services to communicate with the existing system.

Based purely on these considerations and the quantifiable costs involved, the need to rapidly deliver features to support product innovation invariably favours building on the existing system.

A platform strategy of continuous investment and evolution can help mitigate these issues. Planning for technology obsolescence, developing solutions for integrating new technologies and regularly upgrading existing components with minimal impact on business delivery is arguably more challenging than developing a new architecture in isolation. It requires ongoing research, investigation and trials of emerging standards and demands consideration of impact, compatibility, training, tooling, and rollout. Platform services are in constant flux, some using the latest techniques and others waiting for their turn to be upgraded. If implemented successfully though, the gains are significant and ongoing. Investment in business logic is retained, developers are engaged and challenged, costs are more predictable, delivery more efficient. This is how we maintain ROSA.

Platform Diversity

As a core system, ROSA interacts with a wide range of components across business units, which each use the technology most suitable for their needs. Languages include .NET, Java, and Python, with deployments ranging from Windows Services to Linux Containers on Kubernetes. Conceptually this may be visualised as follows:

Source: Platform Engineering team at Man Group
Illustrative Example. For information only.

Different versions of the same technology may be running concurrently - a stable mature service running on the older .NET Framework 3.5 may be targeted for upgrade eventually but not necessarily before services that experience more frequent functional updates.

Such diversity introduces additional challenges, particularly when considering low-level enhancements that could require configuration and functional changes to the entire system to reap maximum benefit. Such enhancements could include:

  • Automated Service Discovery: Each service dynamically reports its address and liveness/readiness status to a central registration system, allowing other services to locate and invoke healthy instances at runtime. It facilitates automated load balancing/disaster recovery and advanced traffic routing scenarios, such as blue/green/canary deployments. It can also eliminate the need for hardware load balancer appliances and static configurations;
  • Distributed Telemetry: Detailed insights into a system topology, such as tracing call chains across services and systems, provides critical value when evolving a distributed system. It can help with impact planning for service restructuring or replacement, identifying key performance bottlenecks, and analysis of each release for potential performance degradation;
  • Secure Communications: Authenticating and securing calls between trusted services using mTLS with rotating certificates and unique encrypted identities facilitates enhanced access controls, more finely grained permissions and reduces attack surface area. This is an important capability when deploying into environments with a variety of security controls, be they a firewalled intranet or a globally distributed cloud.

Introduction of new application-level features should also consider the broadest possible compatibility. The Microsoft Orleans virtual actor framework is popular amongst .NET developers for creating highly concurrent and scalable services, yet the Python and Java teams would be unable to take advantage of it to contribute actors of their own. Providing a secret store or state store often requires custom APIs (‘Application Programming Interfaces’) or SDKs (‘Software Development Kits’) that may not be compatible with older frameworks or may introduce a level of vendor lock-in that could be difficult to unwind.

Introducing Dapr

Given all these considerations, the Dapr (‘Distributed Application Runtime’) platform provides an interesting value proposition. Its primary component is a compact executable written in Go that runs as a sidecar process deployed alongside an application communicating over HTTP or gRPC, making it compatible with “any language, any framework, anywhere”:

Dapr provides a range of building blocks that any application can use. By routing calls to other services through their respective Dapr sidecars, applications gain automated service discovery, distributed telemetry, and secure communications over mTLS with no other changes required to the application code. Dapr provides a consistent API and pluggable providers for secret stores and state stores, allowing them to be swapped out simply by changing a configuration setting. And Dapr provides an Orleans-based virtual actor framework compatible with many languages - including .NET, Python and Java. The list of features goes on!

With Dapr we can now provide a consistent suite of platform and application features to all services across the estate with minimal effort.

Source: Platform Engineering team at Man Group
Illustrative Example. For information only.

Developing Solutions with the Dapr Community

Early in its development most Dapr use cases relied on Kubernetes deployments and its DNS system for service discovery. We needed Dapr to operate standalone in any hosting scenario, which meant integrating it with an external service discovery system. Fortunately, Dapr is a fully open-source system hosted on GitHub (under review for adoption as a CNCF incubation project) and the maintainers openly welcome contributions. We therefore developed a name resolution component for Hashicorp Consul and contributed it back to the Dapr project, making automated service discovery for any service on any platform available to all Dapr adopters.

More challenging though was how to integrate Dapr into the .NET delivery process with minimal impact on developers or deployment mechanisms. As a sidecar process, Dapr must be distributed and configured alongside each application instance. The Dapr team provide basic command-line tooling to launch the sidecar and an application together, or configurations to inject it into a Kubernetes Pod. However, developers would expect to launch an application within Visual Studio with all dependent components seamlessly started and stopped as necessary. Hosting models such as Windows Services or IIS would ideally launch an application and Dapr would launch alongside it. In other words, the application should ideally own the Dapr sidecar and control its lifetime as if it were a DLL or any other dependent component.

To address this, we developed Dapr Sidekick for .NET – a lightweight library compatible with a wide range of .NET platforms that eliminates the need for the Dapr command-line by seamlessly managing the Dapr sidecar from within the application.

At runtime it configures, launches, and continually monitors Dapr and instantly attempts to restart it should it fail for any reason. Sidecar health is reflected in the application health checks, treating the sidecar as a core dependent component, and all log events are routed through the .NET hosting platform. In fact, so significantly can it simplify the use and adoption of Dapr in standalone hosting environments that we chose to open-source the project and contribute it back to the Dapr community. Using Sidekick, any .NET developer can now easily integrate Dapr into their process!

Conclusion

In summary, Dapr allows us to consistently add platform-wide features and new application capabilities to any service, on any framework, on any operating system or hosting model with minimal development effort. It facilitates adoption of cloud-native practices and service mesh features. The building block provider model allows different state/secret stores and other external components to be swapped out with almost zero impact on the application. By leveraging Dapr we can evolve and scale ROSA more effectively, ensuring business needs continue to be met long into the future.

The organisations and/or financial instruments mentioned are for reference purposes only. The content of this material should not be construed as a recommendation for their purchase or sale.

 

I am interested in other Tech Articles.

To receive e-mail alerts whenever new Tech Articles or Events are posted on this site, please subscribe below.

Subscribe

 

Find out more about Technology at Man Group

Important information

This information is communicated and/or distributed by the relevant Man entity identified below (collectively the “Company”) subject to the following conditions and restriction in their respective jurisdictions.

Opinions expressed are those of the author and may not be shared by all personnel of Man Group plc (‘Man’). These opinions are subject to change without notice, are for information purposes only and do not constitute an offer or invitation to make an investment in any financial instrument or in any product to which the Company and/or its affiliates provides investment advisory or any other financial services. Any organisations, financial instrument or products described in this material are mentioned for reference purposes only which should not be considered a recommendation for their purchase or sale. Neither the Company nor the authors shall be liable to any person for any action taken on the basis of the information provided. Some statements contained in this material concerning goals, strategies, outlook or other non-historical matters may be forward-looking statements and are based on current indicators and expectations. These forward-looking statements speak only as of the date on which they are made, and the Company undertakes no obligation to update or revise any forward-looking statements. These forward-looking statements are subject to risks and uncertainties that may cause actual results to differ materially from those contained in the statements. The Company and/or its affiliates may or may not have a position in any financial instrument mentioned and may or may not be actively trading in any such securities. This material is proprietary information of the Company and its affiliates and may not be reproduced or otherwise disseminated in whole or in part without prior written consent from the Company. The Company believes the content to be accurate. However accuracy is not warranted or guaranteed. The Company does not assume any liability in the case of incorrectly reported or incomplete information. Unless stated otherwise all information is provided by the Company. Past performance is not indicative of future results.

Unless stated otherwise this information is communicated by the relevant entity listed below.

Australia: To the extent this material is distributed in Australia it is communicated by Man Investments Australia Limited ABN 47 002 747 480 AFSL 240581, which is regulated by the Australian Securities & Investments Commission (ASIC). This information has been prepared without taking into account anyone’s objectives, financial situation or needs.

Austria/Germany/Liechtenstein: To the extent this material is distributed in Austria, Germany and/or Liechtenstein it is communicated by Man (Europe) AG, which is authorised and regulated by the Liechtenstein Financial Market Authority (FMA). Man (Europe) AG is registered in the Principality of Liechtenstein no. FL-0002.420.371-2. Man (Europe) AG is an associated participant in the investor compensation scheme, which is operated by the Deposit Guarantee and Investor Compensation Foundation PCC (FL-0002.039.614-1) and corresponds with EU law. Further information is available on the Foundation's website under www.eas-liechtenstein.li. This material is of a promotional nature.

European Economic Area: Unless indicated otherwise this material is communicated in the European Economic Area by Man Asset Management (Ireland) Limited (‘MAMIL’) which is registered in Ireland under company number 250493 and has its registered office at 70 Sir John Rogerson's Quay, Grand Canal Dock, Dublin 2, Ireland. MAMIL is authorised and regulated by the Central Bank of Ireland under number C22513.

Japan: To the extent this material is distributed in Japan it is communicated by Man Group Japan Limited, Financial Instruments Business Operator, Director of Kanto Local Finance Bureau (Financial instruments firms) No. 624 for the purpose of providing information on investment strategies, investment services, etc. provided by Man Group, and is not a disclosure document based on laws and regulations. This material can only be communicated only to professional investors (i.e. specific investors or institutional investors as defined under Financial Instruments Exchange Law) who may have sufficient knowledge and experience of related risks.

Hong Kong SAR: To the extent this material is distributed in Hong Kong SAR, this material is communicated by Man Investments (Hong Kong) Limited and has not been reviewed by the Securities and Futures Commission in Hong Kong. This material can only be communicated to intermediaries, and professional clients who are within one of the professional investor exemptions contained in the Securities and Futures Ordinance and must not be relied upon by any other person(s).

Switzerland: To the extent this material is distributed in Switzerland, this material is communicated by Man Investments AG, which is regulated by the Swiss Financial Market Authority FINMA.

United Kingdom: Unless indicated otherwise this material is communicated in the United Kingdom by Man Solutions Limited (‘MSL’) which is an investment company as defined in section 833 of the Companies Act 2006. MSL is registered in England and Wales under number 3385362 and has its registered office at Riverbank House, 2 Swan Lane, London, EC4R 3AD, United Kingdom. MSL is authorised and regulated by the UK Financial Conduct Authority (the ‘FCA’) under number 185637.

United States: To the extent this material is distributed in the United States, it is communicated and distributed by Man Investments, Inc. (‘Man Investments’). Man Investments is registered as a broker-dealer with the SEC and is a member of the Financial Industry Regulatory Authority (‘FINRA’). Man Investments is also a member of the Securities Investor Protection Corporation (‘SIPC’). Man Investments is a wholly owned subsidiary of Man Group plc. The registration and memberships described above in no way imply a certain level of skill or expertise or that the SEC, FINRA or the SIPC have endorsed Man Investments. Man Investments, 452 Fifth Avenue, 27th fl., New York, NY 10018.

This material is proprietary information and may not be reproduced or otherwise disseminated in whole or in part without prior written consent. Any data services and information available from public.

MKT002777

Please update your browser

Unfortunately we no longer support Internet Explorer 8, 7 and older for security reasons.

Please update your browser to a later version and try to access our site again.

Many thanks.