Test

Introduction

IBM Operational Decision Manager

IBM’s operational decision manager is a comprehensive decision automation solution that provides extensive capabilities that help you analyze, automate, and govern rules-based business decisions. IBM Operational Decision Manager can authorize a loan, decide on promotional offers, or detect a cross-sell opportunity with high precision and customization. It’s available for on-premises and public or private cloud environments.

Instead of coding your own business rules, use ODM to configure and codify your business rules in an understandable and accessible to everyone within your organization.

  • some of the benefits of IBM’s Operational Decision Manager are:
  • create and configure your business rules easily.
  • Modify your business rules anytime.
  • Edit your business rules using MS Word or MS Excel.
  • Test and validate your business rule configurations.
Amazon Web Services

AWS enables you to select the OS, programming language, database, and other services you desire. AWS Console allows to quickly and easily host existing application or newly developed ones. Then you will be paying only for the compute power, storage, and other resources you use, and you take advantage of a scalable, reliable, and secure global computing infrastructure. Your application can scale up or down, in or out, based on demand using AWS tools, Auto Scaling, and Elastic Load Balancing. AWS offers a secure infrastructure, including physical, operational, and software measures.

AWS Elastic Beanstalk

AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS.

You can upload your code, and Elastic Beanstalk automatically handles the deployment, from capacity provisioning, load balancing, auto-scaling to application health monitoring. At the same time, you retain full control over the AWS resources powering your application and can access the underlying resources at any time.

AWS RDA Aurora (Postgresql compatibility)

Amazon Aurora is a MySQL and PostgreSQL-compatible relational database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases.

Amazon Aurora is up to three times faster than standard PostgreSQL databases. It provides the security, availability, and reliability of commercial databases at 1/10th of the cost. Amazon Aurora is fully managed by Amazon Relational Database Service (RDS), which automates time-consuming administration tasks like hardware provisioning, database setup, patching, and backups.

CloudFormation

AWS CloudFormation provides a common language for you to model and provision AWS and third-party application resources in your cloud environment. AWS CloudFormation allows you to use programming languages or a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. This gives you a single source of truth for your AWS and third-party resources.

Infrastructure as Code

Infrastructure is described using a high-level configuration syntax. This allows a blueprint of your data-center to be versioned and treated as you would any other code. Additionally, infrastructure can be shared and re-used.

Requirements

In order to follow this guide you might need basic knowledge about AWS services, you might also want to be comfortable around working with JSON or YAML, you don’t need a code editor as we’re going to use CloudFormation template designer. and of course, you need to passionate about AWS Cloud technology  .

Launching the templates

in this tutorial you’ll find links to launch the discussed templates, in order to run the template in your AWS account follow these steps:

1. Click the link you find in this tutorial to launch the template

2. You’ll be redirected to the following page

3. Enter a stack name (e.g NetworkStack)

4. Scroll down and modify the parameters for your stack based on your requirements

5. Click the create stack button

Prerequisites

Before setting up the CloudFormation stacks, note the following prerequisites.

  1. You must have an AWS account and an AWS Identity and Access Management (IAM) user with sufficient permissions to interact with the AWS Management Console and services listed in the Architecture overview section. Your IAM permissions must also include access to create IAM roles and policies created by the AWS CloudFormation template.

  2. The VPC CloudFormation stack requires three Availability Zones for setting up the public and private subnets. Make sure to select an AWS Region that has at least three Availability Zones.

  3. Create an Amazon S3 bucket and upload the IBM ODM zip file. More details in the following section

Downloading the necessary files

before starting the tutorial, please upload the following files to your S3 bucket, the files you are going to download are ZIP files for the Decision Center and Decision Server. the ZIP files contain WAR files for the deployment and a directory named .ebextentions, that is necessary for the deployment process, you can use this directory to set up the Tomcat environment without Logging in to the EC2 instance and modify it there. the .ebextentions directory contains:

  • PostgreSQL-42.2.5.Jar
  • Tomcat-dbcp-8.0.0-RC1.Jar
  • Server.xml
  • Tomcat-users.xml: you can set up your user credentials here for connecting to Decision Server and Decision Center
  • Server-update.config: this is the file responsible for updating the Tomcat server configuration

server.update.config

container_commands:
replace-config:
command: cp .ebextensions/server.xml /usr/share/tomcat8/conf/server.xml
replace-users:
command: cp .ebextensions/tomcat-users.xml /usr/share/tomcat8/conf/tomcat-users.xml
add-driver:
command: cp .ebextensions/postgresql-42.2.5.jar /usr/share/tomcat8/lib/postgresql-42.2.5.jar
add-factory:
command: cp .ebextensions/tomcat-dbcp-8.0.0-RC1.jar /usr/share/tomcat8/lib/tomcat-dbcp-8.0.0-RC1.jar
The Architecture
Cross-stack reference

To export resources from one AWS CloudFormation stack to another, we need to create a cross-stack reference.

how to use it? Basically, to create a cross-stack reference, we need to use the Export output field to flag the value of a resource output for export. Then, use the Fn::ImportValue intrinsic function to import the value from another stack template.

The architecture

ODMNetworkingStack

This Stack contains a single VPC, in it, we find three subnets, one public for access from the internet to the beanstalk application tier, and two subnets for the Aurora Database tier. a routing table and an internet gateway are necessary for access to the application tier from the internet. The HTTP security group allows the port 80 from the internet and the RDS security group allows access to/from port 5432 (Aurora PostgreSQL port) from the public subnet.

The Network stack template

Resources:

 MainVPC: Type: 'AWS::EC2::VPC' Properties: CidrBlock: 10.0.0.0/16 EnableDnsHostnames: true BNSubnet: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref MainVPC AvailabilityZone: !Ref AZ CidrBlock: 10.0.2.0/24 HTTPSG: Type: 'AWS::EC2::SecurityGroup' Properties: VpcId: !Ref MainVPC GroupDescription: http security group GroupName: HTTPSG SecurityGroupEgress: CidrIp: 0.0.0.0/0 ToPort: '443' FromPort: '443' IpProtocol: tcp SecurityGroupIngress: CidrIp: 0.0.0.0/0 ToPort: '443' FromPort: '443' IpProtocol: tcp RDSSG: Type: 'AWS::EC2::SecurityGroup' Properties: VpcId: !Ref MainVPC GroupDescription: rds security group GroupName: RDSSG RouteTableAssociationPublic: Type: 'AWS::EC2::SubnetRouteTableAssociation' Properties: SubnetId: !Ref BNSubnet RouteTableId: !Ref RouteTable EC2SGE45EHG: Type: 'AWS::EC2::SecurityGroupEgress' Properties: GroupId: !Ref RDSSG DestinationSecurityGroupId: !Ref HTTPSG FromPort: '5432' ToPort: '5432' IpProtocol: tcp EC2SGIIXXK: Type: 'AWS::EC2::SecurityGroupIngress' Properties: GroupId: !Ref RDSSG SourceSecurityGroupId: !Ref HTTPSG FromPort: '5432' ToPort: '5432' IpProtocol: tcp Description: http to rds RouteTable: Type: 'AWS::EC2::RouteTable' Properties: VpcId: !Ref MainVPC Route: Type: 'AWS::EC2::Route' Properties: RouteTableId: !Ref RouteTable DestinationCidrBlock: 0.0.0.0/0 GatewayId: !Ref IG IG: Type: 'AWS::EC2::InternetGateway' Properties: {} Metadata: 'AWS::CloudFormation::Designer': id: fbb7916e-d64d-4d62-8556-1b840c8337a9 EC2VPCGANZP: Type: 'AWS::EC2::VPCGatewayAttachment' Properties: VpcId: !Ref MainVPC InternetGatewayId: !Ref IG RDSSubnet1: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref MainVPC AvailabilityZone: !Ref AZSB1 CidrBlock: 10.0.3.0/24 RDSSubnet2: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref MainVPC AvailabilityZone: !Ref AZSB2 CidrBlock: 10.0.4.0/24

outputs:

the template outputs the following variable for cross-stack references on the database tier and application tier.

Outputs: VPCID: Value: !Ref MainVPC Export: Name: !Sub '${AWS::StackName}-VPCID' BNSubnet: Value: !Ref BNSubnet Export: Name: !Sub '${AWS::StackName}-BNSNID' RDSSubnet1: Value: !Ref RDSSubnet1 Export: Name: !Sub '${AWS::StackName}-RDSSN1ID' RDSSubnet2: Value: !Ref RDSSubnet2 Export: Name: !Sub '${AWS::StackName}-RDSSN2ID' HTTPSG: Value: !Ref HTTPSG Export: Name: !Sub '${AWS::StackName}-HTTPSGID' RDSSG: Value: !Ref RDSSG Export: Name: !Sub '${AWS::StackName}-RDSSGID'

Parameters:

you need to provide the following parameters when launching the stack

Parameters: AZ: Type: String Default: us-west-2a AllowedValues: - us-west-2a - us-west-2b Description: Enter availability zone for the us-west-2 region AZSB1: Type: String Default: us-west-2a AllowedValues: - us-west-2a - us-west-2b Description: Enter availability zone for the us-west-2 region subnet RDS 1 AZSB2: Type: String Default: us-west-2a AllowedValues: - us-west-2a - us-west-2b Description: Enter availability zone for the us-west-2 region subnet RDS 2

Launching the template:

in order to launch the previous template, you can use the following link. keep in mind to change the parameters to your need.

launch_template

ODMDatabaseStack

This Stack contains a single Database security group, in it, we find two Aurora PostgreSQL clusters and two subnets. we’re using cross-stack reference to get the VPC id and the subnets from the previous stack [NetworkStack]. There two instances once for the Decision center and the other for the Decision server.

DatabaseStack template

resources:

Resources:
RDSDBSGOIKH:
Type: 'AWS::RDS::DBSubnetGroup'
Properties:
DBSubnetGroupDescription: group decription
DBSubnetGroupName: group name
SubnetIds:
- !ImportValue
'Fn::Sub': '${ParentNetworkStack}-RDSSN1ID'
- !ImportValue
'Fn::Sub': '${ParentNetworkStack}-RDSSN2ID'
RDSDBC2SKXA:
Type: 'AWS::RDS::DBCluster'
Properties:
DBSubnetGroupName: !Ref RDSDBSGOIKH
AvailabilityZones: !Ref AZs
DBClusterIdentifier: DCClusterId
DatabaseName: !Ref DCDbName
DeletionProtection: false
EnableHttpEndpoint: true
Engine: aurora-postgresql
EngineVersion: '10.7'
DBClusterParameterGroupName: default.aurora-postgresql10
MasterUserPassword: !Ref DCpassword
MasterUsername: !Ref DCusername
Port: '5432'
VpcSecurityGroupIds:
- !ImportValue
'Fn::Sub': '${ParentNetworkStack}-RDSSGID'
DependsOn:
- RDSDBSGOIKH
RDSDBI4RB78:
Type: 'AWS::RDS::DBInstance'
Properties:
DBSubnetGroupName: !Ref RDSDBSGOIKH
AvailabilityZone: !Ref Az
DBClusterIdentifier: !Ref RDSDBC2SKXA
DBInstanceClass: db.t3.medium
Engine: aurora-postgresql
EngineVersion: '10.7'
PubliclyAccessible: true
DependsOn:
- RDSDBC2SKXA
RDSDBC1EF1C:
Type: 'AWS::RDS::DBCluster'
Properties:
DBSubnetGroupName: !Ref RDSDBSGOIKH
AvailabilityZones: !Ref AZs
DBClusterIdentifier: DSClusterId
DatabaseName: !Ref DSDbName
DeletionProtection: false
EnableHttpEndpoint: true
Engine: aurora-postgresql
EngineVersion: '10.7'
DBClusterParameterGroupName: default.aurora-postgresql10
MasterUserPassword: !Ref DSpassword
MasterUsername: !Ref DSusername
Port: '5432'
VpcSecurityGroupIds:
- !ImportValue
'Fn::Sub': '${ParentNetworkStack}-RDSSGID'
DependsOn:
- RDSDBSGOIKH
RDSDBI3V0Y8:
Type: 'AWS::RDS::DBInstance'
Properties:
DBSubnetGroupName: !Ref RDSDBSGOIKH
AvailabilityZone: !Ref Az
DBInstanceClass: db.t3.medium
Engine: aurora-postgresql
EngineVersion: '10.7'
PubliclyAccessible: true
DBClusterIdentifier: !Ref RDSDBC1EF1C
DependsOn:
- RDSDBC1EF1C

Outputs:

Outputs:
DCClusterEndpoint:
Description: DC Aurora Cluster/Writer Endpoint
Value: !GetAtt
- RDSDBC2SKXA
- Endpoint.Address
Export:
Name: !Sub '${AWS::StackName}-DCEndpoint'
DSClusterEndpoint:
Description: DS Aurora Cluster/Writer Endpoint
Value: !GetAtt
- RDSDBC1EF1C
- Endpoint.Address
Export:
Name: !Sub '${AWS::StackName}-DSEndpoint'
DCDBUsername:
Description: ' DC Database master username'
Value: !Ref DCusername
Export:
Name: !Sub '${AWS::StackName}-DCDBUsername'
DSDBUsername:
Description: ' DS Database master username'
Value: !Ref DSusername
Export:
Name: !Sub '${AWS::StackName}-DSDBUsername'
DSDBPassword:
Description: ' DS Database master password'
Value: !Ref DSpassword
Export:
Name: !Sub '${AWS::StackName}-DSDBPassword'
DCDBPassword:
Description: ' DC Database master password'
Value: !Ref DCpassword
Export:
Name: !Sub '${AWS::StackName}-DCDBPassword'

the exported values will be uses in the application tier as we’ll see later.

Parameters:

Parameters:
ParentNetworkStack:
Type: String
Default: ODMNetworkStack # use the stack name you defined in the previous steps
DSDbName:
Type: String
Default: DecisionServerDBName
DCDbName:
Type: String
Default: DecisionCenterDBName
DSpassword:
Type: String
Default: NotASecret
DCpassword:
Type: String
Default: NotASecret
DSusername:
Type: String
Default: UsernameForDS
DCusername:
Type: String
Default: UsernameForDC
AZs:
Type: CommaDelimitedList
Az:
Type: String
Default: us-west-2b
AllowedValues:
- us-west-2a
- us-west-2b # add more AZs if you wish to

Launching the template:

in order to launch the previous template, you can use the following link. keep in mind to change the parameters to your need.

launch_template

ODMApplicationStack

This Stack contains a single Elastic Beanstalk application, we have also two EB environment one for the Decision Center and the second one for the Decision Server. we have one configuration filer that contains configuration options for both the environment. We have two application versions, each one refers to an S3 object containing the Decision Center and Decision Server as zip files for the deployment. You can find out more about the contents of the Zip files in this “Downloading the necessary files” section.

ApplicationStack template

Resources:

Resources:
EBA3725X:
Type: 'AWS::ElasticBeanstalk::Application'
Properties:
ApplicationName: !Ref applicationName
Description: IBM ODM in AWS
ResourceLifecycleConfig:
ServiceRole: 'arn:aws:iam::653258475801:role/aws-elasticbeanstalk-service-role'
EBAV407MV:
Type: 'AWS::ElasticBeanstalk::ApplicationVersion'
Properties:
ApplicationName: !Ref EBA3725X
Description: IBM ODM DC Version
SourceBundle:
S3Bucket: !Ref DCS3Bucket
S3Key: !Ref DCS3Key
EBAV3VMZ:
Type: 'AWS::ElasticBeanstalk::ApplicationVersion'
Properties:
ApplicationName: !Ref EBA3725X
Description: IBM ODM DS Version
SourceBundle:
S3Bucket: !Ref DSS3Bucket
S3Key: !Ref DSS3Key
EBCT59REW:
Type: 'AWS::ElasticBeanstalk::ConfigurationTemplate'
Properties:
ApplicationName: !Ref EBA3725X
Description: configuration tempalte
SolutionStackName: 64bit Amazon Linux 2018.03 v3.3.2 running Tomcat 8.5 Java 8
OptionSettings:
- Namespace: 'aws:ec2:vpc'
OptionName: VPCId
Value: !ImportValue
'Fn::Sub': '${NetworkStack}-VPCID'
- Namespace: 'aws:ec2:vpc'
OptionName: AssociatePublicIpAddress
Value: true
- Namespace: 'aws:ec2:vpc'
OptionName: Subnets
Value: !ImportValue
'Fn::Sub': '${NetworkStack}-BNSNID'
- Namespace: 'aws:autoscaling:asg'
OptionName: MinSize
Value: '1'
- Namespace: 'aws:autoscaling:asg'
OptionName: MaxSize
Value: '1'
- Namespace: 'aws:autoscaling:launchconfiguration'
OptionName: ImageId
Value: !Ref ImageID
- Namespace: 'aws:autoscaling:launchconfiguration'
OptionName: InstanceType
Value: !Ref instanceType
- Namespace: 'aws:autoscaling:launchconfiguration'
OptionName: SecurityGroups
Value: !ImportValue
'Fn::Sub': '${NetworkStack}-HTTPSGID'
DependsOn:
- EBAV407MV
- EBAV3VMZ
EBE4D3XJ:
Type: 'AWS::ElasticBeanstalk::Environment'
Properties:
ApplicationName: !Ref EBA3725X
EnvironmentName: DecisionCenterEnv
Description: decision center env
TemplateName: !Ref EBCT59REW
OptionSettings:
- Namespace: 'aws:elasticbeanstalk:application:environment'
OptionName: endpoint
Value: !ImportValue
'Fn::Sub': '${DatabaseStack}-DCEndpoint'
- Namespace: 'aws:elasticbeanstalk:application:environment'
OptionName: username
Value: !ImportValue
'Fn::Sub': '${DatabaseStack}-DCDBUsername'
- Namespace: 'aws:elasticbeanstalk:application:environment'
OptionName: password
Value: !ImportValue
'Fn::Sub': '${DatabaseStack}-DCDBPassword'
- Namespace: 'aws:elasticbeanstalk:application:environment'
OptionName: dbName
Value: dcdb
VersionLabel: !Ref EBAV407MV
DependsOn:
- EBCT59REW
EBE27PNZ:
Type: 'AWS::ElasticBeanstalk::Environment'
Properties:
ApplicationName: !Ref EBA3725X
EnvironmentName: DecisionServerEnv
Description: decision server env
TemplateName: !Ref EBCT59REW
OptionSettings:
- Namespace: 'aws:elasticbeanstalk:application:environment'
OptionName: endpoint
Value: !ImportValue
'Fn::Sub': '${DatabaseStack}-DSEndpoint'
- Namespace: 'aws:elasticbeanstalk:application:environment'
OptionName: username
Value: !ImportValue
'Fn::Sub': '${DatabaseStack}-DSDBUsername'
- Namespace: 'aws:elasticbeanstalk:application:environment'
OptionName: password
Value: !ImportValue
'Fn::Sub': '${DatabaseStack}-DSDBPassword'
- Namespace: 'aws:elasticbeanstalk:application:environment'
OptionName: dbName
Value: dsdb
VersionLabel: !Ref EBAV3VMZ
DependsOn:
- EBCT59REW

Outputs:

Outputs: DCURL: Description: URL of the AWS Elastic Beanstalk Decision Center Environment Value: !Join - '' - - 'http://' - !GetAtt - EBE4D3XJ - EndpointURL DSURL: Description: URL of the AWS Elastic Beanstalk Decision Server Environment Value: !Join - '' - - 'http://' - !GetAtt - EBE27PNZ - EndpointURL

Parameters:

Parameters:
applicationName:
Type: String
Default: ODMInAWS
DCS3Bucket:
Type: String
Default: your_bucket_here_conaining_DC
DCS3Key:
Type: String
Default: ODM_DC_location.zip
DSS3Bucket:
Type: String
Default: your_bucket_here_conaining_DS
DSS3Key:
Type: String
Default: ODM_DS_location.zip
NetworkStack:
Type: String
Default: ODMNetworkStack # change this with the name you picked for the network stack
DatabaseStack:
Type: String
Default: ODMDatabaseStack # # change this with the name you picked for the database stack
ImageID:
Type: String
Default: ami-id_here # we recommande using Linux AMI as other AMI might casue issues in the future
instanceType:
Type: String
Default: instance_type # your instance type here

Launching the template:

in order to launch the previous template, you can use the following link. keep in mind to change the parameters to your need.

launch_template

Next Steps

Establishing AWS best practices

for the network Stack:

  • Sets up three Availability Zones for high availability and disaster recovery.
  • Provisions one public subnet and one private subnet for each Availability Zone.
  • Creates and associates network ACLs with default rules to the private and public subnets.
  • Creates and associates independent routing tables for each of the private subnets, which you can configure as necessary to control the flow of traffic within and outside the Amazon VPC.
  • Creates a NAT gateway in each of the three public subnets for high availability.

For the database stack:

  • Creates a Multi-AZ Aurora DB cluster with a primary instance and an Aurora replica in two separate Availability Zones for a production or pre-production type of environment.
  • Places the Aurora DB cluster in the private subnets according to AWS security best practice.
  • Sets up an EC2 security group and associates it with the Aurora DB cluster.
  • Generates a random master user password by using AWS Secrets Manager and associates this password with the Aurora DB cluster.
Summary

In this tutorial, I showed you how to deploy an IBM Operational Decision Manager. Both the Decision Center and Decision Server using Elastic Beanstalk and AWS Aurora PostgreSQL database. I hope you find the sample CloudFormation templates helpful and encourage you to modify them to support your business’ needs.

A cloud in mind ?
Contact us !

How can we help ?