Companies today are being called upon to cultivate ever-more agile and flexible environments for their data. As part of these organizations’ digital transformation strategies, equally agile IT operations teams must be able to quickly launch new applications in their self-service portal through digital, easy-access channels. Such an approach would additionally decrease costs through automation and an enhanced, self-propelled customer experience. Any existing inefficient business processes should therefore be replaced with automated digital solutions designed to be web self-service enabled from the start. These solutions should also be scalable, always available, and cost-efficient.
Consistent quality of service is also key. The goal is to provide a consistent user experience, regardless of when the customer is using the application or how many customers are using it concurrently. The applications must therefore have the required and updated business data available in-time.
Data also often needs to be collected from various sources. It must then be transferred to the applications running in an OpenShift POD. The ability to provide this aggregate data to all relevant applications as soon as it is available, rather than waiting until a specific time of the day, is therefore also vital. Stonebranch Universal Automation Center (UAC) provides just such an event /real-time based data supply chain process, offering out-of-the-box dedicated support and functionality to transfer data from any source to one or multiple OpenShift PODs in parallel. The UAC architecture is shown in the figure below:
Figure 1: Universal Automation Center Architecture
The following is an example of how to securely transfer business data located on the cloud, on the mainframe, or in a hybrid or homegrown environment to (or from) an application running on OpenShift, on-demand. The solution also supports cluster scenarios, delivering data simultaneously to all PODs related to an application, or just to the one with the lightest current load.
The solution developed by Stonebranch also allows users to schedule their applications running on OpenShift in the same way as applications running in the cloud, on a (virtual) server, or on the mainframe, including all the benefits of an application deployed on the OpenShift orchestration platform. Applications on OpenShift can also easily be integrated into any current business process automation flow already consisting of both OpenShift and non-OpenShift applications, such as an SAP order-to-cash process.
The Case: AXA
World-leading insurance company AXA provides its agents and customers with various insurance-related self-service applications through their web portal. To ensure that these applications run stably, even with a high number of parallel requests, they are set up in a highly scalable OpenShift environment hosted on-premise and on public clouds.
These various applications are run in containers in an OpenShift POD. They require access to business data from multiple sources and types of environments. These applications must also provide data to connected systems, like SAP business warehouse, when queried by the end user.
Stonebranch’s solution therefore needed to perform the following required functions:
- Transfer files from the mainframe to all started OpenShift PODs related to an application
- Transfer files from an application in OpenShift to an application within the internal IT landscape, e.g. SAP business warehouse
- Transfer a file from any cloud storage to all OpenShift PODs related to an app (and vice versa)
- Trigger a file transfer from a 3rd party web app located in an OpenPaaS landscape
- Cloud-based, secure and high available solution
Figure 2: AXA Solution Architecture
In the figure above, data is transferred from the mainframe or cloud storage to all started instances of an application. Each instance of an application is represented by one POD. The figure shows two applications: MyXYZ-Business and MyXYZ-WEB. Each application is represented by one POD. Depending on the web portal load, the number of application instances is scaled up or down by starting or stopping additional PODs per application. In the example shown, two application instances (2 PODs) have been started already: one cluster for application one containing two active agents (= two started PODs) and one cluster for application two also containing two active agents (= two started PODs).
The Stonebranch Universal Agent can run on any OS platform, including IBM mainframe. In the case of OpenShift, a dedicated image containing the Stonebranch Universal Agent is provided through the Docker hub registry. All PODs contain a sidecar container with a Stonebranch Universal Agent. Once a POD is started, the sidecar container is also initiated, and the contained Universal Agent is automatically registered to a Universal Controller agent cluster specific to that application, providing various cluster functionalities like load-balancing or broadcast cluster. The agent cluster also automatically connects to Universal Automation Center message bus (OMS).
One Universal Controller agent cluster, containing the agents of all started instances of the application, is created for each OpenShift application. As soon as the Universal Agent registers at the Universal Controller message bus, it is available to send and receive files from any other Universal Agent installed on a server or mainframe within the IT landscape, or agent-less from any cloud storage. The application running in the POD can additionally be scheduled like any other application and included in any business process automation workflow.
Ultimately, Stonebranch provided a solution with the following functions:
- Secure transfer of business data from any IT environment to an application running on OpenShift, and vice versa
- Automatic real-time triggering of file transfers based on events or time
- File transfers triggered from any application calling a REST web-service
- Cluster management—secure distribution of data to all started PODs in a cluster
- Real-time monitoring and auditing of the entire file transfer process
- Central logging of all activities—audit-proof
- Lifecycle management—bundle and promote automatically moves tested configurations from DEV -> TEST -> PROD, supporting a C:D DevOps approach
- Cloud-ready, “web-based” solution—Universal Controller is available as SaaS in AWS
- High availability using an AWS database with 3 availability zones
- In case of crisis, switch to another geographic region is supported
- All communication data and communication channels are TLS1.2 secured
- SAML Authentication for all Web GUI users
- All PODs contain a sidecar container based on a Red Hat UBI image with a Universal Agent. The latest image is available via private Docker store to ensure continuous updates of the Universal Agent and related Red Hat UBI image
- Once a POD is started, a sidecar container start is also triggered, and the Universal Agent of the sidecar container automatically registers to a dedicated Universal Controller Agent Cluster, one for each OpenShift application
- Once the Universal Agent of the sidecar container is assigned to its Universal Controller Agent Cluster, all related PODs can send and receive files from any other Universal Agent installed on any kind of server.
- Ability to schedule the application running in the POD from Universal Controller like any other application, with option to be incorporated into a scheduling workflow
Stonebranch's software is fully scalable and agnostic, allowing it to orchestrate any company's supply chain, a key step on the road to dynamic IT automation. This use case description is a shortened version of the full OpenShift solution paper now available on our website.