Cloud & Platform
Engineering
Azure and ARO expertise tailored to IBM MAS deployments. Private cluster design, ingress configuration, CI/CD pipelines, and Infrastructure as Code for enterprise asset management platforms.
MAS on OpenShift: platform-specific expertise
IBM MAS is designed to run on Red Hat OpenShift. In Azure environments, this typically means Azure Red Hat OpenShift (ARO) — a managed OpenShift service that shifts cluster lifecycle management to Microsoft and Red Hat while maintaining full Kubernetes API compatibility.
Successfully deploying and operating MAS on ARO requires more than OpenShift familiarity. MAS has specific resource requirements, specific network dependencies, and specific storage expectations. Getting these wrong results in failed deployments, performance issues, or maintenance complications that accumulate over time.
Platform engineering scope
ARO Cluster Design
Private Azure Red Hat OpenShift cluster architecture for enterprise MAS deployments. Network isolation, node sizing for MAS workload profiles, storage class configuration, and integration with Azure networking (VNet peering, private endpoints, DNS resolution).
- Private cluster with custom DNS and VNet integration
- Worker node sizing based on MAS component resource requirements
- Storage class configuration (Azure Files, Azure Disk) for MAS persistent volumes
- Egress control and outbound network policies
Ingress & TLS
Ingress controller configuration for MAS on OpenShift. TLS certificate lifecycle management — issuance, renewal, and distribution to MAS routes. Custom domain configuration with DNS validation.
- OpenShift Route and Ingress configuration for MAS components
- TLS certificate management via cert-manager or manual certificate injection
- Custom domain setup with Azure DNS
- Certificate rotation without service interruption
CI/CD Pipeline Design
Azure DevOps pipelines for repeatable MAS deployments and upgrades. Multi-environment pipeline with environment-specific variable groups, approval gates, and automated health check stages.
- Multi-stage pipeline: DEV → TST → ACC → PRD
- Environment-specific variable groups and Key Vault integration
- Automated pre-flight and post-deployment health checks
- Manual approval gates before production promotion
- Pipeline run history as deployment audit trail
Infrastructure as Code
Declarative infrastructure definition for Azure resources supporting MAS deployments. Bicep and Terraform for reproducible environment provisioning. GitOps practices for configuration management.
- Azure Bicep modules for ARO, networking, and Key Vault resources
- Terraform for multi-environment configuration management
- GitOps workflow for OpenShift configuration (Argo CD / Flux)
- State management and drift detection
Security & Compliance
Security configuration for MAS deployments in regulated environments. Azure Key Vault integration for secret and certificate management, network policy enforcement, and audit logging configuration.
- Azure Key Vault for MAS encryption keys, certificates, and secrets
- Network policies for pod-to-pod communication control
- Azure Monitor and OpenShift logging integration
- Role-based access control for cluster and Azure resources
Technology stack
Een complex Maximo- of MAS-vraagstuk?
Of het nu gaat om een platformupgrade, een defecte integratie of automatiseringsexpertise — laten we bespreken wat Magiq Minds kan leveren.