SUSECON
Customer Center
Shop
Products chevron_right Icon
chevron_left Icon Back
Linux Linux
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server for SAP applications
SUSE Multi-Linux Support
SUSE Multi-Linux Manager
SUSE Linux Micro
Cloud Native Cloud Native
SUSE Rancher Prime
Virtualization (Harvester) Storage (Longhorn) Security (NeuVector) Observability Application Collection
SUSE Rancher for AWS
SUSE Rancher for SAP® applications
SUSE Cloud Observability
Edge Edge
SUSE Edge
SUSE Telco Cloud
AI AI
SUSE AI
All products
Solutions chevron_right Icon
chevron_left Icon Back
Foundational
Linux
Linux Run your business-critical apps on any environment
Cloud Native
Cloud Native Kubernetes management and cloud-native solutions
Edge
Edge Edge Computing Platform
AI
AI AI Suite platform and applications
Solutions
Run SAP Run & secure cloud and on-prem workloads
Digital Sovereignty Adapt to local requirements & reduce risk
Public Cloud Accelerate and innovate across your cloud environment
Observability Rapid, full-stack visibility in under 5 minutes
Security Secure your digital enterprise
Industries
Automotive
Telecom
Banking and Financial Systems
Healthcare
Manufacturing
Retail
Technology & Software
Federal
Pharma
Energy
Support chevron_right Icon
chevron_left Icon Back
Support
Product Support SUSE Customer Center
Premium Support Services Dedicated support services from a premium team
Sovereign Premium Support Trusted, adaptable, highly available, secure and compliant
Long Term Services Support Stay on your existing product version
Renew Your Support Subscription Partners with cloud providers
Services
Global Services
Consulting Services
Training & Certification
Premium Technical Advisory Services
Resources
SUSE Support User Guide
Patches & Updates
Product Documentation
Knowledgebase
Product Support Life Cycle
Package Hub Community packages for SUSE Linux Enterprise Server
Driver Search
Support Forums
Developer Services
Beta Program
Security
Partners chevron_right Icon
chevron_left Icon Back
Partners
Partner Program
Find a partner
Become a Partner
Login to the SUSE Partner Portal
Communities chevron_right Icon
chevron_left Icon Back
Communities
Blog
Forum
Open Source Projects
openSUSE.org
About chevron_right Icon
chevron_left Icon Back
About
About
Leadership
Careers
Newsroom
Success Stories
Investor Relations
Sustainability
SUSE Logo and Brand
Events
Voice of the Customer
Contact Us
Free Downloads
See more Success Stories
TCU Federal Court of Accounts logo
Industry Public Sector
Location Brazil
Download Full Story

Brazil’s Federal Court of Accounts uses AI and SUSE Rancher Prime to fight government fraud

Highlights

  • Enables migration of mission-critical applications to a modern, microservices-based architecture.
  • Accelerates innovation by shortening software release cycles by up to 99%, empowering teams to deliver new features in hours instead of days.
  • Boosts reliability and security of digital services, achieving 99.18% availability.
  • Delivers centralized monitoring and realtime analytics via seamless integration with Prometheus and Grafana.
  • Provides on-site technical expertise from SUSE to support a mission-critical government IT platform.
  • Frees internal teams to focus on developing new services instead of routine maintenance.

Products

Established in 1890 and employing around 2,400 people today, Brazil’s external oversight body, the Federal Court of Accounts (Tribunal de Contas da União, or TCU), oversees a federal budget of over one trillion U.S. dollars. TCU ensures public money benefits society by conducting regular audits, investigating irregularities and imposing penalties for wrongdoing.

At-a-Glance

By adopting a modern microservices approach managed with SUSE Rancher Prime, Brazil’s Federal Court of Accounts gained new digital capabilities to fight fraud within the Brazilian government. This new containerized infrastructure reduced release cycles by up to 99% and helped ensure over 99% service availability, accelerating the development of an AI-powered solution that assists with audits and investigations.

From monolith to microservices

TCU’s team of 150 IT professionals develops and maintains the digital services the organization’s employees depend on for critical activities like audits and investigations. Up until 2015, most digital services were developed using a monolithic architecture, characterized by the concentration of functionalities in a single application, with a low level of modularity and strong coupling between components.

Divino de Assis Junior, Federal Auditor of External Control assigned to the Application Infrastructure Service at TCU, says: “As time went by, the applications became harder to maintain. We had around 40 developers working on the same codebase, and making changes was a slow and risky process.”

With new deployments subject to a rigid schedule, TCU encountered difficulties in making new digital functionalities available to assist auditors with their work. Moreover, the applications’ monolithic architecture restricted their ability to evolve, hindering scalability, maintenance and the high availability of services.

Paulo Henrique Oliveira Sousa Leal, also Federal Auditor of External Control, and also assigned to the Application Infrastructure Service at TCU, comments: “There are times in the year when many users need access to the same digital services at the same time. However, the applications were not designed for elastic scalability, so performance issues were practically inevitable during periods of peak demand — precisely when we need them most.”

To solve these challenges, TCU decided to shift to a modern, microservices architecture. Built on Docker containers, the new approach promised to increase agility, improve scalability and accelerate the delivery of digital services.

“Our microservices architecture, orchestrated with SUSE Rancher Prime, empowers us to develop and launch new services much faster.”

Paulo Henrique Oliveira Sousa Leal Federal Auditor of External Control, Application Infrastructure Service Brazil's Federal Court of Accounts

Why SUSE Rancher Prime?

TCU needed a platform capable of orchestrating microservices at scale. In 2016, the organization held a bidding process and acquired the Rancher platform for container management.

“Our biggest concern was getting locked into a single container management vendor,” explains Paulo Henrique Leal. “That’s why we looked for an open source solution that adhered closely to vanilla Kubernetes. Rancher met our key requirements and came strongly recommended by a large, active user community.”

Following the implementation of the Rancher platform in the TCU’s computing environment, software services that comprise important systems of the Court, such as e-Folha, e-TCE, e-TCU, SAGAS and SIGA, were made available in container infrastructure managed by this platform.

As TCU started moving mission-critical services to the Rancher platform, having access to a specialized partner to support the development of the new microservices platform became crucial. Therefore, TCU has SUSE Rancher Prime subscriptions and on-site technical support for the container management platform.

“Being able to call on SUSE Support was a major advantage as our digital transformation ramped up,” confirms Paulo Henrique Leal. “With guidance from SUSE experts, we could ensure that our containerized infrastructure was configured securely and efficiently.”

Currently, TCU runs most of its critical applications using the SUSE Rancher Prime platform in its on-premises data center.

Divino Junior adds: “We use SUSE Rancher Prime to manage the majority of our critical digital services, including our development, preproduction and production environments.”

The impact of SUSE solutions

Breaks free from rigid development cycles

By embracing a microservices-based architecture, TCU broke away from its rigid development cycles and shifted to agile methodologies. Today, TCU runs more than 564 microservices across more than 2,000 containers. This shift has accelerated release cycles from days to hours, empowering teams to deliver new fixes and features faster than ever.

“Our microservices architecture, orchestrated with SUSE Rancher Prime, empowers us to develop and launch new services much faster,” confirms Leal.

One of its latest innovations is ChatTCU: a powerful generative AI app. Built on the e-TCU platform and OpenAI APIs, the solution is trained on TCU’s internal knowledge base, including legal jurisprudence and HR processes and policies. Leal comments, “Employees can ask questions about almost any topic and get answers in real time. It’s an invaluable asset for our teams.”

Accelerates and simplifies container management

With SUSE Rancher Prime, TCU benefits from fast and simple management for its containerized environment. Integrations with Grafana and Prometheus provide the IT team with instant access to key application health and performance metrics, enabling real-time analytics and monitoring.

“Compared to other container management platforms we evaluated, we found SUSE Rancher Prime far more user-friendly, particularly for tasks like adding and removing nodes from a cluster,” explains Leal.

Delivers truly elastic scalability

The new applications, which utilize a microservices architecture, are designed to offer elastic scalability. With SUSE Rancher Prime, organizations can quickly and easily create and delete pods, efficiently using IT resources as demand for digital services grows in real time.

Enables 99.18% availability

According to the official TCU Management Report for 2024, the organization recorded availability of 99.18% for services running on SUSE Rancher Prime.

“Another big benefit of moving to containers is that we have greater isolation between our applications,” reveals Junior. “Issues in one microservice are therefore less likely to impact the entire system, which contributes to higher uptime overall.”

Ensures always-on access to support

TCU sees SUSE Premium Support as a vital safety net to protect its mission-critical digital capabilities.

“We’ve only opened formal support tickets with SUSE on three occasions, which is a testament to the stability and reliability of SUSE Rancher Prime,” says Leal. “With SUSE Premium Support, we have a technical expert from SUSE with us on-site every day, which allows us to focus on innovation rather than low-level operational tasks.”

What’s next for TCU?

Looking ahead, TCU plans to build on its success with SUSE Rancher Prime. There is a project underway to migrate to the next iteration of the Rancher Kubernetes Engine (RKE2), ensuring it remains on a fully supported and modern version of Kubernetes.

With a focus on automation and with the support of SUSE Premium Support, TCU has developed an automated installation and configuration process for the RKE2 platform. This automation was implemented using Puppet code, allowing for standardized environment provisioning, reduced manual errors and increased operational efficiency in managing container infrastructure.