Middle Tier overview¶
Overview¶
The middle tier used by IFS Cloud, is deployed in a Kubernetes cluster as docker containers. The architecture is multi single tenant which allows one or many IFS Cloud installations to be deployed in the same Kubenetes cluster using a shared ingress proxy that routes the traffic to the correct namespace. In some cases you might have one kubernetes cluster per IFS Clous installation.
Docker Containers¶
A Container is a small encapsulated kernel similar to a Virtual machine, but it shares its resources with the host machine. A container can have a fully working operating system using less than 5Mb of memory and have a small application running inside it. This application will typically interact externally over http. The container can have other external interaction such as DB connections as well. A container can have both Linux and Windows kernels, but not running on the same host machine. All IFS cloud containers are therefore consistently based on Linux only, which in turn implies that the Kubernetes cluster is always deployed on Linux machines. The containerization can be made using different containerization SW but IFS Cloud containers are based on Docker.
Kubernetes¶
Kubernetes will be installed and configured by installer tools and processes provided by IFS as a part of the required infrastructure to deploy IFS Cloud. The Kubernetes cluster will reside in the middle tier server which is a Linux server. No Linux knowledge is required as you never directly operate in this server. All operations such as install/configuration/maintenance/monitoring etc. will be done using a collection of script that comes with the Remote solution. The remote solution consist of the middle tier server and a management server, the management server is a Windows server from where the middle tier server is managed.
Instances¶
The architecture allows one or many IFS Cloud installations to be deployed in the same Kubernetes cluster using a shared ingress proxy that routes the traffic to the correct namespace.
Scaling and High Availability¶
To scale up a k8s cluster more node machines can be added to the cluster and more containers (# of replicas) can be started to distribute the load. All namespaces span over all nodes. High availability is built in by design in k8s. If k8s is instructed to start >2 replicas of each containers the container can start on different nodes. This allows HA on only parts of IFS Cloud. The container can also be sized to have different amount of CPU/Memory resources limits/quotas - this is done through the installer.
Container | Description |
---|---|
amm | Application Monitoring Metrics - This container fetches and expose system metrics that are not exported from individual containers. Many of the metrics are same as in Solution Manager - Monitoring Console. |
application-svc | This is a collection of small applications like - apidoc - demand server proxy - gisint - svcsch |
busmod | Service to query data from analysis service tabular models to be used in the business modeler visualizations. |
client | Cloud Web client - render Cloud Web client with page and lobby layouts from metadata |
client-services | Cloud Web client services - serves up metadata for Cloud Web and lobby pages. |
client-notification-services | Cloud Web client notification services - serves up notifications for Cloud Web clients. |
connect | IFS connect - messaged broker integrates to external system using files/ftp/mail/soap/json |
doc | The end user documentation |
iam | Identity Access Management - Authenticates users using a local dictionary or an external dictionary e.g. Azure AD. |
native-server | Data synchronization for mobile apps. |
native-executor | Handles offline transactions for the mobile apps. |
native-notification | Handles Azure Push Notifications for mobile apps. |
odata | IFS OData Provider. This is the OData Endpoint for the server logic and additionally provides the projection API's for native mobile clients. |
proxy | Is the entry point of for all containers - it hosts the Landing Pages and make sure all request to the system has been properly authenticated otherwise to forwards the request to the IAM container. It will only accept calls from the k8s ingress controller and with host headers set to "system url" or "secondary system url". |
rem | IFS Remote Assistant Container. Used for the Remote Assistant Functionality. |
signing-service | IFS Signing Service for Digital Signaures. |
reporting | Handles generation of the output of Operational Report Layouts. |
reporting-br | IFS BR execution server for IFS Business Reporter Layouts. |
reporting-cr | Used for providing Quick Reports functionality for Crystal Report Layouts. |
reporting-ren | Used for generating the final output of Report Designer Layouts. |
rmpanel | Used for IFS CRM/SRM Panel functionality. |
rmsync | Used for IFS CRM/SRM Outlook Calendar Sync functionality. |
scim | IFS Cross Identity Management Container. Used for user federation with external user directories |
ifs-db-init | This container deploys configuration to the DB, and runs only during installation. |
ifsmaintenix-appserver | Maintenix Application Container - IFS Aviation Maintenance management application component |
ifsmaintenix-reportserver | Maintenix Report Container - Component to generate Maintenix reports |
ifs-virus-scanner | IFS Virus Scanner Container - This provides the endpoint for rest of the containers to scan files |
graph | GraphService Container - Provides functionality to communicate with graph datasources and other graph related operations |