Infrastructure Requirements
Overview
Locally-hosted infrastructure
Kubernetes cluster
All TIM v5 components except the PostgreSQL database are deployed in a Kubernetes cluster. Azure Kubernetes services (AKS) is used as a managed Kubernetes service. The cluster contains one static node pool specified below. This node pool spans across three availability zones to ensure high availability and failover functionality:
| Node count | Single node CPU specification | Single node RAM specification | Azure node type |
|---|---|---|---|
| 5 | 4 vCPU | 16 GiB | Standard_D4s_v3 |
PostgreSQL database
To store all the data TIM uses, Tangent Works relies on the Azure Database for PostgreSQL flexible server managed service. This service provides automated continuous backups and high availability deployment - a second backup replica in a different availability zone is ready to take over when the main replica stops working correctly. The specification of the PostgreSQL server is the following:
| Compute tier | Node CPU specification | Node RAM specification | Storage | Azure node type |
|---|---|---|---|---|
| General Purpose | 2 vCPU | 8 GiB | 512 GiB | Standard_D2ds_v4 |
Infrastructure hosted by Tangent Works (accessible via the internet)
Tangent Works Identity Management
TIM v5 uses the Tangent Works Identity Management system to authenticate users and manage their access rights. The Identity Management system is a separate service that is publicly available at https://tim-platform-im.tangent.works (IP address 20.86.206.245). TIM v5 must be able to access this system in order to work properly.
Tangent Works Private container registry
Private registry of Docker images. Kubernetes must be able to access this registry in order to pull TIM v5 Docker images. The registry is publicly available at euwestacrtangentworks01.azurecr.io and Credentials are provided on demand by Tangent Works.
Infrastructure hosted by 3rd parties (accessible via the internet)
Docker Hub Public container registry
TIM v5 uses RabbitMQ Docker image from Docker Hub. Kubernetes must be able to access this registry in order to pull RabbitMQ Docker images. The registry is publicly available at *.docker.io or *.docker.com and access does not require any credentials.