Middle Tier overview¶
Overview¶
The middle tier used by IFS Cloud, is deployed in a Kubernetes cluster as docker containers. The architecture is multi single tenant which allows one or many IFS Cloud installations to be deployed in the same Kubernetes cluster using a shared ingress proxy that routes the traffic to the correct namespace. In some cases you might have one Kubernetes cluster per IFS Cloud installation.
Docker Containers¶
A Container is a small encapsulated kernel similar to a Virtual machine, but it shares its resources with the host machine. A container can have a fully working operating system using less than 5Mb of memory and have a small application running inside it. This application will typically interact externally over http. The container can have other external interaction such as DB connections as well. A container can have both Linux and Windows kernels, but not running on the same host machine. All IFS cloud containers are therefore consistently based on Linux only, which in turn implies that the Kubernetes cluster is always deployed on Linux machines. The containerization can be made using different containerization SW but IFS Cloud containers are based on Docker.
Instances¶
The architecture allows one or many IFS Cloud installations to be deployed in the same Kubernetes cluster using a shared ingress proxy that routes the traffic to the correct namespace.
Scaling and High Availability¶
To scale up a k8s cluster more node machines can be added to the cluster and more containers (# of replicas) can be started to distribute the load. All namespaces span over all nodes. High availability is built in by design in k8s. If k8s is instructed to start >2 replicas of each containers the container can start on different nodes. This allows HA on only parts of IFS Cloud. The container can also be sized to have different amount of CPU/Memory resources limits/quotas - this is done through the installer.
| Container | Description |
|---|---|
| amm | Application Monitoring Metrics - This container fetches and expose system metrics that are not exported from individual containers. Many of the metrics are same as in Solution Manager - Monitoring Console. |
| application-svc | This is a collection of small applications like - apidoc - demand server proxy - gisint - svcsch |
| busmod | Service to query data from analysis service tabular models to be used in the business modeler visualizations. |
| client | Cloud Web client - render Cloud Web client with page and lobby layouts from metadata |
| client-services | Cloud Web client services - serves up metadata for Cloud Web and lobby pages. |
| client-notification-services | Cloud Web client notification services - serves up notifications for Cloud Web clients. |
| connect | IFS connect - messaged broker integrates to external system using files/ftp/mail/soap/json |
| doc | The end user documentation |
| iam | Identity Access Management - Authenticates users using a local dictionary or an external dictionary e.g. Azure AD. |
| ifs-am-scheduler | This service is used to schedule the reload intervals of the parquet files |
| ifsapp-am-datapump | This is a service that extracts data from Information Sources in Oracle DB and creates a parquet file loaded in the Data Lake |
| ifsapp-docman-esign | Electronic Signatures / Esign for IFS Document Management (Docman). NOT supported in Remote Deployment! |
| native-server | Data synchronization for mobile apps. |
| native-executor | Handles offline transactions for the mobile apps. |
| native-notification | Handles Azure Push Notifications for mobile apps. |
| odata | IFS OData Provider. This is the OData Endpoint for the server logic and additionally provides the projection API's for native mobile clients. |
| proxy | Is the entry point of for all containers - it hosts the Landing Pages and make sure all request to the system has been properly authenticated otherwise to forwards the request to the IAM container. It will only accept calls from the k8s ingress controller and with host headers set to "system url" or "secondary system url". |
| rem | IFS Remote Assistant Container. Used for the Remote Assistant Functionality. |
| signing-service | IFS Signing Service for Digital Signatures. |
| reporting | Handles generation of the output of Operational Report Layouts. |
| reporting-br | IFS BR execution server for IFS Business Reporter Layouts. |
| reporting-cr | Used for providing Quick Reports functionality for Crystal Report Layouts. |
| reporting-ren | Used for generating the final output of Report Designer Layouts. |
| reporting-webdesigner | Used to design the Report Studio - Designer Layouts. |
| reporting-webdesignerren | Used to design & preview the layouts in Report Studio - Designer. |
| reporting-webtransformer | Used for generating JSON data needed to generate the report with a Report Studio - Designer Layouts. |
| reporting-webruntimeren | Used for generating the final output of Report Studio - Designer Layouts at runtime. |
| rmpanel | Used for IFS CRM/SRM Panel functionality. |
| rmsync | Used for IFS CRM/SRM Outlook Calendar Sync functionality. |
| scim | IFS Cross Identity Management Container. Used for user federation with external user directories |
| ifs-db-init | This container deploys configuration to the DB, and runs only during installation. |
| ifsmaintenix-appserver | Maintenix Application Container - IFS Aviation Maintenance management application component |
| ifsmaintenix-reportserver | Maintenix Report Container - Component to generate Maintenix reports |
| ifs-virus-scanner | IFS Virus Scanner Container - This provides the endpoint for rest of the containers to scan files |
| graph | GraphService Container - Provides functionality to communicate with graph datasources and other graph related operations |
| chat | Provides AI powered chat capabilities to ifs.ai copilot |