Deployment infrastructure overview

Two broad deployment types for Planning Space are supported, either the Hosted by Quorum managed service, or based on customer infrastructure.

Hosted by Quorum

Hosted by Quorum is the recommended mode of deployment. Planning Space is provided as a fully-managed 'software as a service' (SaaS), which is accredited for secuirty with SOC 1 (type 2) and SOC 2 (type 2).

For a detailed introduction, see the Planning Space Cloud Guide.

Customer infrastructure deployment

Different deployment modes are possible. It could be entirely 'on-premises' in the traditional sense of using a private data center. Alternatively, some or all parts of the infrastructure can be deployed in private cloud, or public cloud (IaaS, infrastructure as a service).

Deployment-diagram-OnPremises

This guide provides a detailed explanation of preparing, installing, and maintaining a customer infrastructure deployment, and 'data center' infrastructure is mostly assumed. If you are considering using cloud infrastructure, please note only IaaS can be used for Planning Space, SQL Server and network share. It is strongly recommended, due to latency considerations, that all Planning Space and adjacent services infrastructure should be in the same location (e.g., on-premises data center, or a public cloud 'region'). A hybrid arrangement should only be considered for managed application deployment of the Planning Space client (using, for example, Citrix, Microsoft RDS, or Azure Windows Virtual Desktop).

Core components of a deployment

  • IPS Server: maintains database connections; performs user authentication and licensing; performs computationally-intensive processing for Planning Space applications; maintains API endpoints. IPS Server can be a single server machine or a cluster; clustering is recommended to ensure the availability of Planning Space to users, scaling of server capacity, etc.
  • Microsoft SQL Server: used to store all Planning Space data in one 'IPS Common' database and a 'tenant' database for each Planning Space tenant.
  • Planning Space application client: downloaded and installed to Windows client machines from a Planning Space tenant web site that is hosted by the IPS Server. The client uses ClickOnce technology so that it does not require administrator permissions, and is auto-updating. The client can also be installed via MSI onto managed application servers (Citrix for example).

The diagram below shows the core component architecture.

Deployment-diagram-PlanningSpace-infrastructure

IT requirements

  1. Separate IPS Server and SQL Server instances (see Hardware and software requirements).
  2. Service accounts:
    1. Domain service account: used to run the IPS Service (see IPS Service Account).
    2. SQL Server authentication service account: used for connection to the databases in the SQL Server (see IPS common database creation and IPS DBUPGRADE).
  3. Cluster shared temp folder: a network share used for temporarily storage of working files (see Cluster shared Temp folder).
  4. Firewalls: ports required open for inter-connection between servers and services (see Firewall configurations).
  5. Latency:
    1. Below 1 ms between all infrastructure.
    2. Below 150 ms between Planning Space application client and the IPS Server, load balancer (for IPS Server cluster); also applies to a Hosted by Quorum managed service.
  6. Secure HTTP certificate to bind to IPS Server web services; a trusted certificate (backed by a standard Certificate Authority) or a self-signed certificate may be used. IPS Server is initially installed in HTTP mode, and Quorum recommends the immediate configuration change to HTTPS mode. See Security architecture; Setting up HTTPS (secure HTTP) for IPS Server.
  7. [Optional] SAML Identity Provider for integration with Windows Active Directory authentication (see User authentication and Identity Providers). SSO (Single Sign On) is supported.