Technical Infrastructure
Context
This document outlines the current infrastructure requirements for assets360 in its most basic form. To prevent vendor-lock-in all assets360 components have to be capable of being deployed as docker containers.
The following list provides an overview over assets360 components and infrastructure dependencies currently in use:
Name | Type | Optional | Docker image |
PostgreSQL DB | Infrastructure | Required | Available |
Keycloak | Infrastructure | Required | Available |
Service Discovery | Infrastructure | Required | Available |
Gateway | Infrastructure | Required | Available |
Integration Layer | External Service | Optional | Available |
Customer Backend | Module | Optional | Tbd |
Assets Module | Module | Required | Available |
Tickets Module | Module | Optional | Tbd |
Telemetry Module | Module | Optional | Available |
Hosting and Infrastructure
The assets360 solution is containerized (Docker) and can be operated on various cloud platforms and, if necessary, also on-premise. We prefer to operate the solution on Microsoft Azure. We optionally offer setup, provisioning and support of a cloud infrastructure (AWS, Azure, Salesforce Heroku) for hosting the application. The infrastructure support includes monitoring of the system (network and server monitoring, operating system maintenance, disaster recovery and backup) and infrastructure management (optimization and scaling of the infrastructure, management of contractual issues). Furthermore, updates and security patches of the assets360 modules are applied.
The following infrastructure is needed for the assets360 platform (minimum requirements):
- Docker service or Kubernetes
- PostgreSQL (database)
- Keycloak (identity access management)
- Cloudinary (attachment service)
- SendGrid (email service)
- Logentries (logging service)
- New Relic (monitoring service)
Deployment and Update Process
- Deployment will be done via logicline bitbucket pipelines and dockerhub to any Cloud platform
- Deployment of self-written components (features, connectors, applications) can be included into the logicline deployment toolchain
assets360 is structured into several different standalone modules, each module has its own ALM (application lifecycle management). Changes are tested locally by the developer, automatically in unit tests as part of the CI/CD pipeline, and by a QA team in a dedicated testing environment. We have the option to further stress- or integration-test modules that require high availability or stability. After a module has passed the final QA check it can be updated in the production environment either automatically or after confirmation by the customer. As we use docker to run our application modules, the deployment process is not different when deploying on a public cloud, private cloud or on-premise.
We currently don't support selective updates (e.g. per customer, per region or time based). We aim for two major releases per year, minor releases and hotfixes/patches are done on demand.
Monitoring and Network Management
There is a cloud monitoring based on cost with multitude of options available to monitor resource consumption and the costs linked to it. We can provide reports of cost/consumption of resources with accuracy within the hour of consumption including automated exports. We have the option to configure alarms when costs rise over a set threshold. If the need to scale-up resources arises, we can configure a set of rules to make sure all applications run as expected, with a reasonable response time during times of heavy load as well as automatic down-scaling to not waste (or pre-occupy) unused hardware capacity during times of low load.
All of our applications are ready to make use of industry-standard monitoring solutions like prometheus which can be used to extract all hard- and software related KPIs from the service directly. This setup is then based on customer requirements like:
- Monitoring services (network and server monitoring)
- Network performance (Support to resolve network configuration issues)
- Maintenance of the operating system and software
- Disaster recovery and backup
- User support (email support)
On-Premise
On-premise deployments are supported. The asstes360 setup is docker-based and can run on any platform and server. An on-premise installation needs an own set of the add-ons like databases, email, logging, data lake, etc.
Supported Languages
Default languages are English and German. assets360 supports any language by importing the corresponding customer specific translation file.
Hosting of 3rd-Party Applications
We can host any 3rd party application on the same cloud platform as the assets360. All 3rd party systems can be integrated to be used within the assets360 platform independently of the hosting environment with the Integration Layer (IL) module.
GDPR Compliance
The GDPR relevant personal data stored within assets360 and the underlying cloud platform are processed and stored in a compliant manner. There was a dedicated risk assessment for the platform as well as regular updates on it. We have regularly audits on our processes, tools and products.
Security
Every API access and data exchange within assets360 requires an OAuth2 token. The permission can be set per interface separately and is managed via Keycloak. Data connection to external services like databases in an on-premise installation or cloud storage are TLS encrypted. In assets360 the identity management is extended with a permission API service.
logicline is currently implementing an ISMS, which can then in principle also be certified according to ISO27001. It should be noted that we are a system integrator for software and not a platform operator, which is why the scope will be limited to software development.