Page tree
Skip to end of metadata
Go to start of metadata

Introduction

AIP Console 2.x brings improvements and changes, mainly designed to improve the overall flexibility of deployment and application analysis. The main changes are in the architecture and deployment areas, as listed below.

  • AIP Console deployment:
    • the front-end AIP Console is now provided as a Linux based Docker container. This means cross-platform deployment and upgrade has been simplified (Docker is compatible with both Linux and Microsoft Windows)
    • the AIP Console authentication provider has been totally restructured and now uses the open-source OAuth2 compatible Keycloak system. Keycloak provides local authentication, and can also interact with other enterprise authentication systems such as LDAP and SAML. This change greatly simplifies the configuration of the authentication method you choose. Keycloak is also provided as a Linux based Docker container.
    • the method for storing settings, options and information about AIP Nodes has been changed from a flat-file H2 database to a PostgreSQL database (the AIP Node Database), also provided as a Linux based Docker container. This database can also be used to host AIP schemas to store analysis and snapshot data if necessary (additional standalone CAST Storage Services/PostgreSQL instances can also be used as in v 1.x and are recommended).
  • AIP Node instance deployment is very similar to v. 1.x: an installation of AIP Core and an AIP Node Service are required and must be installed on a compatible Microsoft Windows server. One significant improvement, however, is that AIP Node instances are now considered to be stateless (the applications are not attached to a specific AIP Node instance). All AIP Node instances register themselves in AIP Console and use common a configuration provided by AIP Console (stored in the PostgreSQL database provided as a Docker container - the AIP Node Database). Thus, all AIP Node instances connect to the same PostgreSQL database (the AIP Node Database) to fetch settings and options and all use the same locations for delivery, deploy and common data (these locations must now always be deployed as shared folders). AIP Node instances also share the connection settings to additional CAST Storage Services/PostgreSQL databases defined in AIP Console for analysis/snapshot requirements (these are no longer defined when the AIP Node service is installed as in v. 1.x). In other words, if multiple CAST Storage Services/PostgreSQL instance are defined in AIP Console, all AIP Node instances will be able to connect to and use all CAST Storage Services/PostgreSQL instances.
  • Application management is similar to v 1.x, however, as outlined above, Applications are no longer tied to one single AIP Node instance. All required storage locations such as deploy/delivery must now be configured as shared folders. AIP Console will also automatically operate in load-balancing mode where the least used AIP Node instance is selected from the pool of AIP Node instances to perform the next job (analysis/snapshot etc.) - note that by default where multiple AIP Node instances are available, AIP Console will choose the AIP Node instance running the most recent release of AIP Core. Therefore when creating a new Application, an AIP Node instance is no longer defined, however, it is now necessary to define a specific CAST Storage Service/PostgreSQL instance for your Application storage requirements at this time (the application remains "tied" to this storage instance).

Benefits of AIP Console 2.x

  • Central configuration and stateless AIP Node instances allows applications to be detached from an AIP Node instance. This makes it possible to add AIP Node instances on request, removes complex routing rules, and allows to load balance the analysis/snapshot processes gracefully.
  • All the front-end components are deployed as Linux based Docker containers to speed up and simplify deployment across both Linux and Microsoft Windows.
  • No synchronization between AIP Console and AIP Node instances required. AIP Node instances use the same PostgreSQL database (AIP Node Database) which contains persistence information about all the applications.
  • AIP Node and Architecture Studio instances share the common data folder deployed as a shared folder, therefore there is no need to upload/download the files between the services as is the case in v 1.x.
  • All the services have bidirectional access to each other through the Service Registry (deployed as a Linux based Docker container).
  • No need to manually add AIP Node instances or other services. AIP Node instances register themselves in the Service Registry and become automatically available.
  • Use of the OAuth2 compatible Keycloak system adds JWT token-based authentication instead of basic authentication provided in v1, removes the need to have custom tokens for AIP Node instances and properly secures all the services.

Current deployment limitations

  • No in place upgrade from AIP Console v. 1.x (same for AIP Node instances)
  • No import of Applications currently managed in CAST Management Studio (applications can be imported from AIP Console v 1.x)
  • No ability to interact with embedded CAST Dashboards (standalone CAST Dashboards can be used) > this limitation has been removed in v 2.0.0-beta2

Architecture

Docker containers provided by CAST

All Docker containers are Linux based.
ContainerDefault portDescription
aip-gateway8081

This is the entry point to AIP Console. It receives registered services from the Service Registry and forwards incoming requests to the required services. It also acts as a load balancer, so it can transparently handle multiple registered service instances, based on the chosen load balancing strategy.

aip-service-registry8088, 2281Used to register the various required services and monitor their health.
keycloak (OAuth2)8086The OAuth2 server (Keycloak- provides authentication services for AIP Console.
dashboards8087The embedded Health and Engineering Dashboards (available from 2.0.0-beta2).
postgres2285The AIP Node Database: used primarily to store information about the AIP Node instances. It can also be used to store Application analysis/snapshot data if required (but CAST recommends dedicated CAST Storage Service/PostgreSQL instances).

Deployment requirements

Hardware sizing

Component

Server typeArchitecture

CPU

RAM

MACHINE DISK

COMMON TO AIP NODES

OS

Notes

AIP Core + AIP Node Service (back end)

Physical/virtual64-bit

Minimum 1 CPU / 2 cores:

  • Intel Core i5, 2.6 GHz
  • Intel Xeon, 2.2 GHz

Recommended  1 CPU / 4 cores:

  • Intel Core i7, 2.8 GHz
  • Intel Xeon, 2.6 GHz

16GB min

100GB

Delivery folder and Deploy Folder

512GB (SSD recommended)

Windows

RAM

The batch files / Windows Service configurations provided for the AIP Node Service are configured by default with conservative RAM provisions. See Configuring RAM for AIP Console front-end and AIP Nodes for more information about changing these.

AIP Console (front-end), including:

  • AIP Node database (PostgreSQL)
  • Keycloak (OAuth 2 Server)
  • AIP Service Registry
  • AIP Gateway
  • Embedded Dashboards
Physical/virtual64-bit

16GB min

100 GB


Linux or Windows

These items are all provided as Linux based Docker images in the public Docker Hub.

CAST Storage Service / PostgreSQL

Physical/virtual64-bit

32GB min

512GB (SSD recommended)


Windows or Linux

CAST highly recommends the use of PostgreSQL on a Linux instance as this consistently gives the best performance.
CAST Extend local server (optional)Physical/virtual64-bit4GB min64GB
Windows

It is possible to re-use one of the existing servers dedicated another service, providing that this is a Windows server, however CAST does recommend a dedicated server where possible.

Disk space for shared folders

All AIP Nodes require read/write access to three shared folders:

FolderDescription
DeliveryA location for storing successive and compressed versions of an application's source code.
DeployA location used to store the most recent version of the application's source code for analysis in uncompressed format.
common-dataComponents that may need to be added to an analysis (for example).

These folders are used to store analysis related data and can be located on any Windows/Linux server within the local network. For example you could share folders on any of the servers running the components list above, or you could use a dedicated file server for this.

  • All folders must be writable by the Windows user installing the AIP Node Service.
  • All folders must be empty.
  • Optional: The shared folder must be mapped to all AIP Nodes (Microsoft Windows servers) with the same drive letter, for example R:

Software

AIP Console (front end) Docker containers

SoftwareRequiredNotes
Host Operating System(tick)

Microsoft Windows

  • Windows Server 2019 (64bit) and cumulative update of September 2020

Installations of Windows Server using only Server Core (i.e. without a GUI) are not supported.

Linux

  • Ubuntu Server (16.04 LTS / 18.04 LTS / 20.04 LTS)
  • CentOS (7 or 8)

Third-party software required
for install on Docker (Linux and Windows)



(tick)

Docker on Linux

  • Docker Engine ≥ 18.0
  • docker-compose ≥ 3.0
  • curl

Docker on Microsoft Windows

  • Docker Desktop for Windows - latest version recommended, or one that provides:
    • Docker Engine ≥ 19.03.5
    • docker-compose ≥ 3.0
    • Containers for Linux must be enabled
  • Resources for Docker:
Access to at least one CAST Storage Service /PostgreSQL(tick)

Docker on Microsoft Windows

  • Docker Desktop for Windows - latest version recommended, or one that provides:
    • Docker Engine ≥ 19.03.5
    • docker-compose ≥ 3.0
    • Containers for Linux must be enabled
  • Resources for Docker:
Ports(tick)

The following ports must be opened on the host server. These correspond to each Docker container required by AIP Console (front-end). This is so that remote AIP Node instance can access the required services:

  • 2281 (AIP Service Registry)
  • 2285 (AIP Node database (PostgreSQL))
  • 8081 (AIP Gateway)
  • 8086 (Keycloak OAuth 2 Server)
  • 8087 (embedded Dashboards - available from 2.0.0-beta2)
  • 8088 (AIP Service Registry)

These ports can be customized if required.

User permissions(tick)

To run the Docker install, Administrator privileges are required:

  • Microsoft Windows - local Administrator privileges
  • Linux - user in the sudoers list
Access to hub.docker.com(tick)All Docker containers are pulled direct from https://hub.docker.com/, therefore the host server must have access to this.

AIP Node instance (back-end)

SoftwareRequiredNotes
Host Operating System(tick)

All AIP Node instances must be use a Microsoft Windows host operating system since the presence of AIP Core is required. Supported versions of Microsoft Windows:

  • Windows Server 2019 (supported in AIP Console ≥ 1.10.0)
  • Windows Server 2016
  • Windows Server 2012 R2 Standard
  • Windows Server 2012 Standard
  • Windows Server 2008 R2 SP1 Standard
  • Windows 10
  • Windows 8.1
AIP Core(tick)

A standard installation (i.e. run from the AIP Core setup) of AIP Core ≥ 8.3.6 is required on the target node.

  • CAST recommends the most recent release of AIP Core to take full advantage of all available features.
  • The installation path for AIP Core is referred to as <CAST_AIP_install> in the rest of this document. By default, the path is C:\Program Files\CAST\<version>\ on each AIP Node instance.
Java (JRE/JDK)(tick)

A Java JRE or JDK is required to install and run the AIP Node Service. See Java (JRE/JDK) above for more information about requirements.

Write access to shared folders(tick)

Shared folders as described above in Disk space for shared folders must be accessible from each AIP Node instance.

Access to AIP Console front end(tick)

The AIP Node instance requires access via the following default ports to the server hosting AIP Console:

  • 2281
  • 2285
  • 8081
  • 8086
  • 8087 (from 2.0.0-beta2)
  • 8088
Access to CAST Storage Service/Postgres(tick)If you choose to use dedicated CAST Storage Service/PostgreSQL instance for your analysis/snapshot storage requirements, these instances must be available to ALL AIP Node instances over the internal network.
CAST Extend(tick)

In order to install any CAST AIP Extensions automatically, each AIP Node instance needs to connect to CAST's managed service known as "Extend" over the public internet. You will also need login credentials for Extend - i.e. you will need to register an account. Access to the following URL on port 443 via TCP is required:

Note that if (due to security concerns) your organization cannot interact over the public internet with CAST's managed services, you can alternatively use CAST Extend local server/Offline.
User permissions(tick)To run the setup and start/run the AIP Node package on the server, local Administrator privileges are required. In addition it is highly recommended that all AIP Nodes (Microsoft Windows servers) are installed and run with the same user account.

Requirements for end users accessing AIP Console

Browsers

The following browsers are supported when run on Linux, macOS or Microsoft Windows. We regularly test with a subset of the available versions, and aim to fix issues found with any of them.

Browser

Supported

Notes

Microsoft Edge(tick)Minimum supported release: 44 and above

Mozilla Firefox

(tick)Minimum supported release: 65 and above
Google Chrome(tick)Minimum supported release: most recent only
Safari(tick)Minimum supported release: 12 and above

Installation and configuration instructions

See the following:

  • No labels