Deployable architecture for Maximo Application Suite
The IBM Maximo Application Suite deployable architecture provides a simple automated way to get started with Maximo Application Suite on IBM Cloud. Maximo Application Suite is a set of applications for asset monitoring, management, predictive maintenance, and reliability planning. It is a single, integrated cloud-based platform that uses Artificial Intelligence (AI), Internet of Things (IoT), and analytics to optimize performance, extend asset lifecycles, and reduce operational downtime and costs.
Architecture diagram
Design concepts
Requirements
The following table outlines the requirements that are addressed in this architecture."
| Aspect | Requirements |
|---|---|
| Application Platform | The solution should be fully managed from end to end. |
| Compute | Provide properly isolated compute resources with adequate compute capacity for the applications. |
| Storage | Provide storage that meets the application and database performance requirements. |
| Networking | Deploy workloads in isolated environment and enforce information flow policies. Provide secure, encrypted connectivity to the cloud's private network for management purposes. Distribute incoming application requests across available compute resources. Support failover of application to alternate site in the event of planned or unplanned outages. Provide public and private DNS resolution to support use of hostnames instead of IP addresses. |
| Security | Ensure all operator actions are executed securely through a bastion host. Protect the boundaries of the application against denial-of-service and application-layer attacks. Encrypt all application data in transit and at rest to protect from unauthorized disclosure. Encrypt all backup data to protect from unauthorized disclosure. Encrypt all security data (operational and audit logs) to protect from unauthorized disclosure. Encrypt all data using customer managed keys to meet regulatory compliance requirements for additional security and customer control. Protect secrets through their entire lifecycle and secure them using access control measures. |
| Resiliency | Support application availability targets and business continuity policies. Ensure availability of the application in the event of planned and unplanned outages. Provide highly available compute, storage, network, and other cloud services to handle application load and performance requirements. Backup application data to enable recovery in the event of unplanned outages. Provide highly available storage for security data (logs) and backup data. Automate recovery tasks to minimize down time |
| Service Management | Monitor system and application health metrics and logs to detect issues that might impact the availability of the application. Generate alerts/notifications about issues that might impact the availability of applications to trigger appropriate responses to minimize down time. Monitor audit logs to track changes and detect potential security problems. Provide a mechanism to identify and send notifications about issues found in audit logs. |
Components
The following table outlines the products or services used in the architecture for each aspect.
| Aspects | Architecture components | How the component is used |
|---|---|---|
| Compute | Containers | Web, App, and database servers |
| Storage | Primary Storage | Database servers storage |
| Networking | Enterprise connectivity | Maximo Application Suite uses networking setup by Red Hat OpenShift Container Platform for its internal communications. |
| Cloud native connectivity | Secure connection to Cloud Services | |
| Security | IAM | IBM Cloud Identity & Access Management |
| Service Management | Automated deployment | Automated deployment of standard client-managed Maximo Application Suite instance with its dependencies. |