Security/authentication approach

The AIP Console authentication provider has been totally restructured and now uses the open-source OAuth2 compatible Keycloak system. Keycloak provides local authentication, and can also interact with other enterprise authentication systems such as LDAP and SAML. This change greatly simplifies the configuration of the authentication method you choose.

As a result of this change:

AIP Node instances

All registered AIP Nodes are shown in the Nodes tab in Administration Center as in v. 1.x:

Initial start-up wizard

The initial start-up wizard has been modified - see Complete start-up wizard - v. 2.x. The following steps have all been removed:

CAST Storage Service/PostgreSQL instance management

The management of CAST Storage Service/PostgreSQL instances that will be used for your analysis schema storage and for your Measurement schema has changed in AIP Console v.2. See Administration Center - Settings - CSS and Measurement settings.

Analysis/snapshot schema storage

CAST Storage Service/PostgreSQL instances for analysis/snapshot schemas are now configured directly in AIP Console in the Administration Center under the Global Configurations option, instead of when installing a new AIP Node:

By default, one database connection will already be predefined. This is a connection to the PostgreSQL AIP Node database provided as a Docker container and is used to store options and settings common to all AIP Node instances. It is possible to use this database for your analysis/snapshot schema storage needs, however this is not recommended and you should instead define additional CAST Storage Service/PostgreSQL instances.

Any CAST Storage Service/PostgreSQL instance defined in AIP Console will be available to any AIP Node instance. The specific CAST Storage Service/PostgreSQL instance that will be used for a given application is determined when the Application is created in AIP Console:

You can find more details about this in Configure your CAST Storage Service or PostgreSQL instances - v. 2.x and Administration Center - Settings - CSS and Measurement settings.

Measurement schema

The Measurement schema is required for consolidating snapshot data from all AIP Nodes for display in the CAST Health Dashboard. The initial start-up wizard no longer prompts you to define your Measurement schema and CAST Storage Service/PostgreSQL host - instead AIP Console is preconfigured to use the built-in AIP Node Database, therefore if you do not wish to use this host, ensure you configure an alternative host in the Administration Center under the Global Configurations option:

You can find more details about this in Configure your CAST Storage Service or PostgreSQL instances - v. 2.x and Administration Center - Settings - CSS and Measurement settings.

Embedded CAST Dashboards (Health and Engineering)

2.0.0-beta2 provides a new Docker container dedicated to the Health and Engineering Dashboards:

No configuration is required other than assigning the correct roles to users/groups to allow them to access the application data they need - this is explained in Configure authentication and roles using Keycloak - v. 2.x. Access to the Dashboards is exactly as in v. 1.x:

Technical notes about embedded Dashboards

Initial start-up with no applications

When AIP Console starts up and no applications have been created you will see error messages in the dashboard container log. You will also notice an error if you try to access the Dashboards  (either Health or Engineering Dashboard). This is expected as AIP Console will not create the database that Dashboard will use until an application has been analyzed and a snapshot generated.

Once you have run an analysis and created a snapshot for an application these error messages will disappear.

Roles

You can assign the same access roles to your users/groups as are provided in standalone CAST Dashboards - see User roles. These roles are defined directly in Keycloak and are provided out of the box and are explained in Step 2 in Configure authentication and roles using Keycloak - v. 2.x:

Click to enlarge

Synchronization of applications

Application data should be automatically synchronized between AIP Console and the embedded Dashboards, during the Application analysis/snapshot; namely during the "Create Snapshot" and "Publish to Health Dashboards" job steps. This synchronization process will reload application data from the CAST Storage Service(s) / PostgreSQL instance(s) to retrieve the latest information regarding analyses.

Should data not be synchronized correctly you can manually perform a synchronize action in the Administration Center under System Settings:


If you have upgraded from 2.0.0-beta1, you should run a manual Synchronize action to ensure that the applications that existed previously are now made available in the 2.0.0-beta2 Dashboards.

Importing Applications from AIP Console V1

  • This feature must NOT be considered as a full migration of an Application from v. 1.x to v. 2.x - any specific configuration applied to the Application in AIP Console v. 1.x will not be transferred to v. 2.x (for example a specific Reference Finder configuration applied in AIP Console 1.x). 
  • It is NOT possible to import existing Applications currently managed in CAST Management Studio.

If you would like to import any existing "test" applications that are currently managed with AIP Console v. 1.x into v. 2.x, then you can use the Import Applications feature available in the Administration Center:

Prerequisites

http://localhost:8088/config/aip-node-app/default

Process

Click Import Applications and choose the host CAST Storage Service/PostgreSQL instance on which the schemas for your Application are stored - AIP Console will then scan the selected host and display a list of Applications that are not already managed in AIP Console v. 2.x:

Select the Application(s) you want to import, then click the Import button:

During the import, AIP Console will check that the selected Application's delivery folder can be located in the shared Delivery folder location. If this Delivery folder is located, a successful import will be indicated by the following message (the Application will also appear in the list of available applications in the Administration Center and in the AIP Console - Application Management screen:

 The following message indicates that AIP Console cannot find the Application's Delivery folder (in the shared Delivery folder location) and the import has failed:

Application and schema upgrade using AIP Console

The Application and schema upgrade process in AIP Console v. 2.x functions in exactly the same way as in AIP Console v 1.x (see Application and schema upgrade using AIP Console) with some small differences:

UI changes

Technical changes

Since AIP Nodes instances are now stateless, the upgrade paths available for selection depend entirely on the releases of AIP Core that your AIP Node instances are running:

Global Dynamic Links Rules files are no longer replicated to AIP Node instances

Default Dynamic Link Rules files (*.dlm.xml) available in Administration Center - Settings - Default Dynamic Links Rules are no longer replicated to AIP Node instances as Application level rules. All *.dlm.xml files configured under the Global Configurations option will automatically be applied to all Applications.

It is still possible to define Default Dynamic Link Rules files (*.dlm.xml) at Application level (see Application - Config - Dynamic Links Rules) as in AIP Console v.1.x.

Move Architecture Studio from AIP Console to AIP Node instance

Architecture Studio features have been moved from AIP Console to the AIP Node instance. This change is nearly entirely invisible to end-users (except that Architecture Studio now uses the same upload folder for portfolio and application model files), however, the majority of the back-end operations have been simplified as there are no longer any upload/download of files between AIP Console and AIP Node, and no request wrapping, etc.

No AIP Node instances available

When no AIP Node instances are available (i.e they are down for maintenance, or network issues prevent them from reaching AIP Console), no functionality is available in AIP Console and a flashing warning message is displayed: