Apigee OPDK to Apigee Hybrid
Migration on Amazon EKS for a UK Retail Bank
Client Overview
Our client is a UK-based retail bank that has been supporting customers since 1997 and now serves over 3 million account holders. Through a strategic partnership with a significant financial institution, it offers a broad range of banking products and services. Customers can manage their accounts online, via mobile, or over the phone, with dedicated service centres available seven days a week for additional support. The bank places a strong emphasis on delivering accessible, reliable services while maintaining regulatory compliance. Its people-focused culture empowers teams to grow, stay customer-driven, and make money management simpler every day.
Business Objective
Our client was looking to modernize its API management platform by migrating from Apigee OPDK to Apigee Hybrid on Amazon EKS. The primary intent was to get a scalable and future-ready platform that could meet their demands. This ensured the security of sensitive data within the bank’s own network, maintained compliance, and leveraged Google Cloud services for configuration, monitoring, and analytics. Beyond immediate stability, the bank also aimed to establish a platform capable of cost-effective scaling and more efficient day-to-day operations.
Industry
Finance
Platform
Apigee
Service
Apigee OPDK to Hybrid Migration
Challenges
Limited API Scalability
The existing OPDK setup lacked the agility required to support evolving API demands and modern integration requirements.
Zero-Downtime Requirement
As a banking institution, even minimal API disruption could impact customer-facing platforms and third-party systems, making uninterrupted service critical.
Security Compliance
The client required granular access controls and a secure environment aligned with stringent financial industry regulations.
Migration Risk
Migrating APIs, applications, and live traffic from OPDK to a hybrid environment posed operational and performance risks that needed careful management.
Explore our proven approach to modernizing API ecosystems with Apigee Hybrid and cloud-native infrastructure.
Check Out our Google Apigee ExpertiseSolutions
Discovery & Planning
To offer a better solution, we first gain complete visibility into our client’s existing OPDK set, including APIs, shared flows, authentication methods, and backend integrations. This analysis helped us to identify hidden dependencies and undocumented configurations that could otherwise cause migration issues. We collaborated with the Bank’s architects to capture non-functional requirements (NFRs), assess the current API catalog, and design a detailed migration plan.
Infrastructure Setup
Our client was looking for a modern solution that is quite familiar with the existing setup to avoid workflow disruption. We built Amazon EKS clusters for both non-production and production environments, ensuring they were multi-zone for high availability. Our solution included infrastructure such as VPCs, firewall rules, DNS configuration, and connectivity to the backend.
Security Hardening
Being a bank, compliance with regulatory and InfoSec standards was one of their primary concerns. We integrated single sign-on with Google Cloud, mapped user access to their internal IDP groups, and restricted permissions to Apigee resources only. Moreover, we introduced secure secret management using AWS Secrets Manager. Earlier attention to security concerns and challenges reduced the risk of delays in later phases and ensured the new platform was hardened before any real traffic was moved.
API Migration
The most complex challenge was migrating the API without breaking downstream systems. We migrated APIs, shared flows, KVMs, and environment configurations incrementally and updated certain assets as per requirements. To avoid service disruption, we used header-based and path-based routing at the application load balancer, enabling selective traffic redirection to the new Hybrid environment.
Testing And Monitoring
To ensure a successful migration, we supported their QA and performance team with load testing, penetration testing, and UAT to ensure that the platform could handle production-scale traffic. Testing was done in pre-production so we could solve the performance issue.
Observability Setup
To manage APIs effectively, our client needed real-time visibility into performance, errors, and traffic trends. Our Apigee set up monitoring dashboards, alerting rules, and error-handling playbooks tailored to their operations team. This solved the problem of operational blind spots, ensuring that once APIs moved to Hybrid, our client could proactively detect and respond to anomalies rather than relying on reactive troubleshooting.
Production Cutover
The final challenge was migrating live traffic without downtime. We set up the production EKS cluster, ran rollback tests, and piloted with a few low-risk API keys before gradually cutting over all traffic. This staged rollout allowed the bank to validate performance in live conditions while retaining a fallback option. Once confidence was established, we executed the complete cutover and provided two weeks of post-go-live support. This solved the risk in the final stage and ensured a smooth transition to business-as-usual operations.
Results
Zero-Downtime Migration
Successfully transitioned from OPDK to Apigee Hybrid on Amazon EKS without service disruption, ensuring uninterrupted API availability.
Hardened Security & Access Control
Implemented role-based access controls, SSO integration, and secure environment configurations aligned with enterprise-grade standards.
Advanced Observability & Monitoring
Deployed comprehensive dashboards, proactive monitoring rules, and structured alert mechanisms for improved API visibility.
Error Management Framework
Established clear error-handling playbooks and response processes to reduce incident resolution time and enhance operational stability.
Technology Stack
Related Case Studies
Get in touch
Tell us what you're looking for and we'll get you connected to the right people.