FAQs

Manage FAQs

  • What are the benefits of moving to OpenShift?

    Some of the benefits are:

    • Portability between cloud/on-prem environments
    • Faster deployment compared to the traditional deployment model
    • More robust, resilient, high availability, and elasticity through containerization and container orchestration
    • Consistency per the operator model, repeatable deployment
    • Capabilities for automating and streamlining the development process

  • Do the operators need special configuration?

    Operators do not need any special configuration - their actions are driven by the CR (Custom Resource). Operators are the backbone of the automation in OpenShift/Kubernetes. The operator's configuration is provided by the administrator via the MAS/Manage admin UI. Behind the scenes, this UI updates the CR (which can also be manually changed). The operators run as pods in the OCP cluster.

  • What is the purpose of the ingress controller?

    Ingress controller is OpenShift/Kubernetes way of exposing the service endpoint and load balancing to your applications.

  • Can you elaborate on the IBM container registry (icr.io)?

    All IBM products’ images are stored there. The images are accessible if you purchased the product thus obtain an entitlement key. The entitlement key is to be provided when installing MAS, and the MAS and other application operators use this entitlement key to pull the images from icr.io.

  • Are there options for organizations that are on windows or only options to provision new RHEL envs/move to cloud?

    Windows is not supported. The provided link is for setting up a development environment: https://www.ibm.com/docs/en/maximo-manage/continuous-delivery?topic=administering-local-maximo-manage-development-environments. You have the option to run it on bare metal or in VSphere. Additionally, for more information, refer to: https://docs.openshift.com/container-platform/4.7/installing/index.html#supported-platforms-for-openshift-clusters_ocp-installation-overview

  • Are there any limitations to moving to OpenShift?

    • Potentially more hardware is needed for smaller installations.
    • Short term learning curve (like any new technology).

  • Are there specific requirements for a multi-tenancy environment?

    Multi-Tenant Manage is not yet supported in MAS.

  • Does OpenShift allow dynamic scaling?

    Yes, but MAS does not fully support it yet.

  • Is the hypervisor something IBM provides or is that open source?

    There are different hypervisor products. IBM does not provide any hypervisor.

  • What environment changes require application outages for users?

    Any change that requires the pods to go down. This is similar to today with when you need to restart the JVM. For example, applying a new custom archive with your customization.

  • What databases are supported?.

    All three databases (DB2,Oracle and SQL server) are supported for Manage.

  • What Industry Solution/Add-ons are supported?

    All Industry Solutions/Add-ons are supported. Scheduler, Calibration, and Linear are now all included in base Manage. Life Sciences is covered via Calibration.

  • What languages are supported?

    All 23 languages are supported.

  • Are Oracle and SAP integrations supported?

    Yes, Oracle and SAP integrations are supported.

  • What are the supported authentication methods in MAS?

    The following authentication methods are supported:

    • Local IDP (username/password registered in Mongo DB)
    • LDAP
    • SAML

    Authentication Methods: https://www.ibm.com/docs/en/mas-cd/continuous-delivery?topic=configuring-authentication-methods

  • What authentication is needed for inbound HTTP/SOAP/REST-based integration to Manage?

    API Key authentication is required for inbound HTTP/SOAP-based integration to Manage. The API Key can be generated from the Manage administration app. The HTTP request header must include the API Key. For REST-based integration, you can use OIDC as well as an API key for authentication.

  • What is the replacement of SI bus?

    Liberty JMS server, as well as Kafka community edition or any other supported JMS provider, are supported. Liberty JMS is available as a bundle from MAS config UI for any MAS Manage deployment.

  • Is RMI supported?

    RMI is no longer supported. We recommend customers to leverage Maximo REST APIs instead of RMI.

    RMI to Rest API: https://ibm.box.com/s/5956jxr78i1bpihsvtrzub4wfb19p8o0

  • Is BIRT reporting supported?

    Yes, BIRT is supported. Your reports will be moved automatically with the database upgrade.

  • How does one restart the Manage server (other than deleting pods or restarting pods)?

    You can start and stop Manage server using the new tools-api.

    Start/stop and more administration APIs: https://www.ibm.com/docs/en/maximo-manage/continuous-delivery?topic=reference-apis-administrative-utilities

  • Can we achieve the multiple JVMs functionality (in Maximo v7.x) for different Maximo Manage entities (UI, Cron, Reporting, MIF) and segregate the functionality accordingly?

    The Manage application can be deployed with different server bundles (workloads) for processing and isolation needs. The table below shows the different server bundles types:

    Bundle Server Type Description
    all This bundle type contains all the code.
    ui This bundle type contains UI and supporting code.
    It is the interface for accessing Manage application.
    mea This bundle exposes the enterprise web services API.
    report This bundle contains the code that is needed to enable
    BIRT Report Only Server (BROS). Used to separate out
    the work load that is related for execution of reports that
    are submitted from the Manage UI.
    cron This bundle contains the code that is needed to run
    Manage cron tasks.
    standalonejms This bundle is for Liberty Server JMS messaging, used by
    Manage Integration Framework as the default JMS provider.

  • How to deploy a custom Java class?

    The custom Java classes need to be packaged as a customization archive. A customization archive is a zip file and its structure is the same as the Maximo/SMP folder structure. It can include Java classes, XML, and database scripts. You need to follow the product.xml standard for customization. A customization archive is specified as part of the Manage CR spec (via the Manage deployment UI) so that the build process can include it. It can be accessed through the HTTP(s) or FTP(s) endpoint. Multiple customization archives are supported.

  • How do we access the System.Out logs for Maximo?

    Manage server logs are written to the standard output. You can view the logs from the OpenShift console.

    • Go to your OpenShift console, navigate to the Workload/Pods menu, Select your Manage project.
    • Check your Liberty server pods. Select the server pod to view log.

    You can also use toolsapi to upload and retrieve logs using S3 storage.

  • How can we run integrity checker?

    You can also use toolsapi to run integrity checker.

  • How can we integrate Cognos with MAS?

    Cognos entitlement is included with MAS 8.10.

  • How is LDAP configured in MAS?

    MAS uses WebSphere Liberty to synchronize with LDAP. Liberty provides a SCIM API for MAS to consume the data from LDAP repositories into the MAS user registry. MAS pushes users/groups to Manage from MAS repository using user sync process.

    LDAP configuration: https://www.ibm.com/docs/en/mas-cd/continuous-delivery?topic=identity-ldap-user-registry-synchronization

  • How is the SMTP server configured?

    SMTP server is configured in MAS using the MAS Admin UI.

    SMTP configuration: https://www.ibm.com/docs/en/mas-cd/continuous-delivery?topic=configuring-smtp-server

  • How can certificates be applied?

    Cerificates can be applied via the MAS Admin UI.

    Certificate configuration: https://www.ibm.com/docs/en/mas-cd/continuous-delivery?topic=migrating-using-certificates

  • What is the upgrade process?

    Upgrade Process: https://www.ibm.com/docs/en/mas-cd/continuous-delivery?topic=upgrading-from-maximo-asset-management-maximo-manage

  • Are the Maximo users moved to MAS after upgrade?

    Yes, the Maximo users will have an entry created in MAS from the existing Maximo (7.6.1.2+) system during the upgrade execution.

    Migrated Users: https://www.ibm.com/docs/en/mas-cd/continuous-delivery?topic=migrating-managing-users-post-upgrade

  • What are the EAM to Manage gaps?

    The following features/functionality are not supported yet, but are in the roadmap:

    Functional gaps - E-Signature password should match with login password (LDAP/Local user) - Configuration of login page and common header - User Self registration - Guest User - Allow LDAP synch mapping configuration - Ability to add unsupported language - Barcode font support - Archiving guidance - Configurable Email template for user management - Force user logout or similar - Ability to run custom metadata classes report

    Authentication - OpenID support in addition to SAML - Support multiple LDAPs - Local user security controls parity

    Platform - Z Linux support - Power support

    Anywhere Migration - Calibration - Inventory - Transfer, Picking/Staging

Bug Fixes

  • How do I apply bug fixes?

    • Patches are periodically released with APAR fixes. It can be applied using the MAS Admin UI manually or automatically if you have subscribed.

    • LA(one-off) fixes can be applied using the customization archive process.

  • What is the rollback process when a patch fails at the app layer or the db layer

    The rollback process include:

    • Roll back the configuration, which is the Manage Workspace CR and its associated secrets in the OpenShift Manage namespace. The old image can be regenerated by the operator, or the old build can be specified to have the deployment revert back toa previous state.

    • Restore the database. (Same as 7.6)

    A new back-up and restore instruction document will be delivered in Manage 8.4.

Upgrading from IBM Maximo Enterprise Asset Management to IBM Maximo Manage: https://www.ibm.com/docs/en/maximo-manage/continuous-delivery?topic=manage-integration#concept_ecy_3dv_5tb

Maximo Application Suite: https://www.ibm.com/docs/en/mas-cd/continuous-delivery?topic=configuring

Terminology

Term Description Used For
Admission Webhook Admission webhooks are HTTP callbacks that receive admission requests
and do something with them.		 We are using them to control the product matrix as part of the
deployment process(eg cannot install both HSE and Oil & Gas).
Ansible Ansible is an open-source software provisioning, configuration management,
and application-deployment tool enabling infrastructure as code.
Used for deploying pods
ConfigMap Config maps hold configuration data for pods to consume. This is
similar to a property file.		 Internally generated from CR
CR
(Custom Resource)		 A resource implemented through the Kubernetes Custom Resource
Definition API. A resource is an endpoint in the Kubernetes API that stores
a collection of API objects of a certain kind; for example, the built-in pod's
resource contains a collection of Pod objects. A custom resource is distinct
from the built-in Kubernetes resources, such as the pod and service
resources. Every CR is part of an API group.		 Manage CRs:
* ManageApp
* ManageWorkspace
* ManageBuild
* ManageDeployment
* ManageAppStatus
* ManageServerBundles

* BuildDataInterpreter (for ACM)
CRD
(Custom Resource Definition)		 Create a custom resource definition to define a new custom resource. CRD
is to CR as XSD is to XML.
Manage CRs:
* ManageApp
* ManageWorkspace
* ManageBuild
* ManageDeployment
* ManageAppStatus

* ManageServerBundles

* BuildDataInterpreter (for ACM)
EFK (Elastic search, FluentD,
Kibana)		 The EFK stack is a modified version of the ELK stack and is comprised of:
* Elasticsearch: An object store where all logs are stored.
* Fluentd: Gathers logs from nodes and feeds them to Elasticsearch.
* Kibana: A web UI for Elasticsearch.

Once deployed in a cluster, the stack aggregates logs from all nodes and
projects into Elasticsearch, and provides a Kibana UI to view any logs.

Cluster administrators can view all logs, but application developers can
only view logs for projects they have permission to view. The stack
components communicate securely.		 Used for Log Analysis
Entitled Registry Where IBM stores the images for download and use in MAS This is where we keep binaries that will be used to build an image.
Image An image is a binary that includes all of the requirements for running a
single container, as well as metadata describing its needs and capabilities.		 This is what is deployed as Manage, Monitor, Assist, etc.
Kafka Apache Kafka is a framework implementation of a software bus using
stream-processing.		 It is a pre-req for Monitor. For Manage, it is an option that
can be used as a JMS queue alternative.
Kubernetes aka K8s Kubernetes is a portable, extensible, open-source platform for managing
containerized workloads and services.		 Maintains the "cluster"
MAS
(Maximo Application Suite)		 The main entry point for working with the Maximo applications
(Manage, Assist, etc)
Manage Formerly Maximo EAM
MongoDB A NoSQL database - a document database, which means it stores data in
JSON-like documents.		 MAS user and license metric information is stored here
Namespace/Project Kubernetes provides a partitioning of the resources it manages into
non-overlapping
sets called namespaces		 In MAS, there is a namespace for Manage, a namespace for Assist, etc.
In the future, there can be multiple instances of an application(eg Manage)
per namespace.
OCP
(OpenShift Container Platform)		 An on-premises platform as a service built around Docker containers
orchestrated and managed by Kubernetes		 Manages the MAS cluster
OIDC
(Open ID Connect)		 A simple identity layer on top of the OAuth 2.0 protocol Used for authentication between MAS and Manage
OIDP
(Open ID Provider)		 An identity provider, or OpenID provider (OP) is a service that specializes
in registering OpenID URLs or XRIs.		 Used for authentication between MAS and Manage
Operator Operators are software extensions to Kubernetes that make use of custom
resources to manage applications and their components.		 Processing within MAS
Persistent Volume A PersistentVolume (PV) is similar to drive mapping. This API object
captures the details of the implementation of the storage, be that NFS,
iSCSI, or a cloud-provider-specific storage system.		 In Manage we use PV to map with attached docs or other places where similar access
is needed.
Pods Pods are the smallest, most basic deployable objects in Kubernetes. A
pod represents a single instance of a running process in your cluster.
Pods contain one or more containers, such as Docker containers. When
a pod runs multiple containers, the containers are managed as a single
entity and share the Pod's resources.		 Deploying a Maximo "server"
RHEL
(RedHat Enterprise Linux)		 Red Hat Enterprise Linux (RHEL) is a Linux-based operating system
from Red Hat designed for businesses. RHEL can work on desktops,
on servers, in hypervisors or in the cloud. Red Hat and its community-
supported counterpart, Fedora,is among the most widely used Linux
distributions in the world.
RHCOS
(RedHat Core Operating System)		 The version of RHEL that comes as part of OCP If you are installing on
bare metal, then this is the operating system being used
Route An OpenShift route is a way to expose a service by giving it an externally-
reachable hostname like www.example.com. A defined route and the
endpoints identified by its service can be consumed by a router to provide
named connectivity that allows external clients to reach your applications.		 Replacement of IHS in EAM. The route plus the service is used for external access.
SCIM
(System for Cross-domain Identity
Management)		 A set of standardized HTTP endpoints for searching, updating, and deleting
user records using JSON formatted data. It also includes standards and
guidelines to define how user data should be formatted and sent from an
Identity provider to an application (and vice-versa)		 Internally used for
LDAP processing between MAS and Manage via WAS Liberty
Scratch Image A non-runnable image that is used to build the final image. Each Industry Solution, Add-On and Customization package is a scratch image that is
combined with the base Manage image to create the finally deployed image in MAS
Service Bindings A way to create a Kubernetes-wide specification for communicating
service secrets to applications in an automated way.
Service Bundle/workload Part of the CR/CRD definition in regards to the various Manage server types Denotes type and number of Manage pods - UI, Cron, MEA, Report, All, etc
SLS
(Suite License Server)		 This is the server that process AppPoints AppPoints
UBI
(Universal Base Image)		 A vehicle for building and delivering certified containers and operators Used as a base for creating the Manage image(s).
Manage uses the RedHat UBI and Liberty UBI.
Watches An operator subscription to the create/change/delete event of certain OCP
resources. These are specifid in watches.yaml and used internally only.		 Allows for processing new selections of deployment (for example, add a language)
Workspace An aggregation of namespaces used to create a MAS sub-instance. In 8.5
and earlier there is always only one workspace. In the future, within MAS
one could define different workspaces.		 Similar to Namespace, but this is for MAS as a whole. Each workspace could have
a different configuration. This would be useful for sharing a MAS instance between
dev and QA environments.
YAML
(YAML Aint Markup Language)		 YAML is a human-readable data-serialization language. It is commonly
used for configuration files and in applications where data is being
stored or transmitted.		 Used to define CRDs/CRs