GitHubContribute in GitHub: Edit online

Architecture

High Level Cloud Architecture

Maximo Application Suite (MAS) is a feature rich suite of applications delivered using key IBM, Red Hat and AWS technologies. The MAS as a Service (MAS SaaS) delivers this functionality on the Amazon Web Services (AWS) platform.

MAS SaaS provides enterprise-grade security, availability, networking and performance.

High level view of MAS SaaS
Figure 1. High level view of MAS SaaS

MAS SaaS capabilities

MAS SaaS provides a range of applications, add-ons and solutions, surfaced through a combination of (i) included and (ii) optional/paid-for patterns to deliver the availability, security and connectivity patterns you need.

MAS SaaS capabilities
Figure 2. MAS SaaS capabilities

Deployment and Sovereignty

MAS SaaS is deployed in AWS with a global presence across the Americas, Europe, Middle East, Asia Pacific and Australia.

By default, each MAS instance is deployed in a single region to assure default data sovereignty. IBM MAS SaaS spans availability zones and includes data backups to protect against disasters. Further options are provided to tolerate a wider range of potential disasters, including cross-region disaster protection with a standby deployment to deliver lower RPOs and RTOs.

MAS SaaS deployment and sovereignty
Figure 3. MAS SaaS deployment and sovereignty

Production and non-production instances

Depending on your MAS SaaS edition, you can purchase non-production instances to run alongside your production MAS SaaS instance. This enables you to define your own DevOps pipeline, and can provide an important mechanism through which you can validate the impact of MAS SaaS updates and upgrades on your configurations before the updates and upgrades reach your production environment. MAS SaaS includes capabilities to backflow data between environments to facilitate testing in such a pipeline.

MAS SaaS production and non-production instances
Figure 4. MAS SaaS production and non-production instances in a DevOps pipeline

Architecture Highlights

  • All applications are provisioned in dedicated namespaces on shared clusters. Optionally, you can purchase dedicated clusters for your subscription.
  • IT Administration for the environment is solely managed by IBM's MAS SaaS SRE operations team
  • Clients can access their environment via browsers and mobile devices, with further connectivity options for enterprise systems and connected assets.
  • TLS security is mandated.
  • Clients are provided application administrator access.
  • All servers are Red Hat Linux O/S.
  • Maximo SQL databases are primarily IBM DB2. MS SQL support is supported under specific migration scenarios for existing EAM clients.

Monitoring

Monitoring tasks performed

IBM SRE carries out the following types of monitoring to evaluate the health status of MAS SaaS instances, with proactive alerts and notifications for timely identification and response to critical issues.

System and infrastructure monitoring

  • Use of Instana and OpenShift storage metrics through Prometheus. Monitors the entire Kubernetes ecosystem from nodes and pods to containers and applications. This ensures that the infrastructure supporting our application is stable and operating optimally.

Application monitoring

  • Instana APM and custom metrics exposed through Prometheus help monitor and analyze the performance and behavior of our applications in real time. Logs are monitored in real time to troubleshoot issues and obtain insights into application behavior.

Synthetic monitoring

  • Performs availability checks on customer site URLs for each individual MAS application.

These monitoring tasks enable IBM SRE to proactively identify issues, perform efficient troubleshooting, and continuously optimize our infrastructure to ensure the smooth operation of MAS SaaS.

Integration

MAS SaaS supports integration to / from external systems. There are different options available to provide secure integration connections, including TLS, VPN, and Cloud Object Storage integration. Authenticated HTTPS (TLS) is the standard encryption method and is supported for REST and XML based interfaces using HTTP Post and Web Service endpoints. Cloud Object Storage is available for integrations that require file based transfers.

Integration options include, but are not limited to:

  • Support for synchronous and asynchronous exchange of data with applications within the suite.
  • Use of common protocols and formats such as Web Services, HTTP, JMS, REST, OSLC, XML, JSON, XML, MQTT, SQL, .csv files and DB tables
  • Support for customizing integration processing using Processing Rules and Scripting

For file based integrations, an AWS S3 Cloud Object Storage location will be allocated for each order. API Keys are generated for the client to use to move files in and out of the location.

One Site-to-Site VPN is included in the order. To initiate the creation of this VPN, customers must submit a support case.