Data editing and management system (Kubernetes)

The data editing and management system pattern is deployed to Kubernetes primarily using the ArcGIS Enterprise on Kubernetes software.

ArcGIS Enterprise on Kubernetes uses microservices and containerization to provide a cloud native architecture, running either on your organization’s Kubernetes platform or in your cloud provider’s Kubernetes service. It uses containers to split GIS processes into microservices, each of which performs a discrete, focused function. Each microservice runs in a container that packages everything necessary to run an application. One or more containers is housed in a pod that includes storage resources, a network identity, and a set of rules for how the container is to be run. The Kubernetes cluster orchestrates and manages the ArcGIS Enterprise on Kubernetes containers.

ArcGIS Enterprise on Kubernetes is for organizations that have invested in Kubernetes to orchestrate and manage their containerized applications.

Related resources:

• Kubernetes Overview (Kubernetes site)
• ArcGIS Enterprise on Kubernetes Resources
• ArcGIS Enterprise on Kubernetes System Requirements

Base architecture

The following is a typical base architecture for a data editing and management system deployed on Kubernetes.

This diagram should not be taken as is and used as the design for your system. There are many important factors and design choices that should be considered when designing your system. Review the using system patterns topic for more information. Additionally, the diagram depicted below delivers only the base capabilities of the system; additional system components may be required when delivering extended capabilities.

Key components of this architecture include:

• A foundational deployment of ArcGIS Enterprise on Kubernetes containers to the Kubernetes cluster. This includes four categories of pods that represent various system functions. For more information, see the ArcGIS Enterprise on Kubernetes documentation.
• Editable data in an enterprise geodatabase, which is stored in and adds functionality to relation database management systems (DBMS). The enterprise geodatabase supports advanced data models, as well as advanced data editing and management capabilities, such as support for a long transaction model. Note that the DBMS is hosted and managed separately from ArcGIS Enterprise on Kubernetes, and as such is depicted outside the scope of the Kubernetes cluster.
• The relational store can be used for persisting ArcGIS-managed data that can be edited through hosted feature layers. The base deployment also provides hosted vector tile layers and hosted (map) tile layers.
• The object store provides ArcGIS-managed storage for uploaded and saved content, hosted tile and image layer caches, and geoprocessing output. As of ArcGIS Enterprise 11.2 the object store can be configured to use cloud-native storage from several supported service providers.
• A load balancer is required to direct traffic across each worker node. For more information, see the ArcGIS Enterprise on Kubernetes system network requirements.
• ArcGIS Online, Esri’s SaaS infrastructure, which typically provides basemaps (for example, an imagery basemap), reference data (such as places), as well as other location services (including geocoding and search) for this system. Alternatively, it is possible for the organization to host and manage their own location services instead of using Esri’s SaaS system. See the location services system pattern for more information.
• There are several applications commonly used in this pattern. Learn more about applications used in data editing and management systems.

Key interactions in this architecture include:

1. Client applications communicate with enterprise data services as well as location services over HTTPS, typically via stateless REST APIs. This pattern makes heavy use of Feature Services for editing specifically, though several other service types are typically be used as well.
2. ArcGIS Enterprise GIS services may persist TCP connections to the database management system (DBMS) hosting the enterprise geodatabase. Database client software/drivers are included in ArcGIS Enterprise on Kubernetes for all supported database management systems.
3. References to location services hosted and managed by ArcGIS Online (such as basemaps) are typically registered and made available for use within ArcGIS Enterprise. Some services are referenced automatically when installing ArcGIS Enterprise, though additional sharing of content and services between these two systems can be performed manually or automatically. See configuring ArcGIS Online utility services and distributed collaboration.

Additional information on interactions between ArcGIS Enterprise components can be found in the ArcGIS Enterprise on Kubernetes product documentation.

Capabilities

The capabilities of the data editing and management system on Kubernetes are described below. See the capability overview and comparison of capability support across deployment patterns for more information.

Capabilities used in a data editing and management system, but typically provided by other systems, such as basemaps, geocoding, and other location services provided by a location services system are not listed below. Learn more about related system patterns.

Base capabilities

Base capabilities represent the most common capabilities delivered by data editing and management systems and that are enabled by the base architecture presented above.

• Mapping and visualization enable you to visualize and map your data before, during, and after editing.
• Data editing in the Kubernetes deployment pattern is provided by the service-based data access and editing features of ArcGIS Enterprise. This includes editing of geometry and attributes.
• Data import and export in bulk is supported through the import and export tools that work directly against feature services or an enterprise geodatabase.
• Data interoperability and transformation capabilities support data movement among hundreds of systems and apps using the visual programming interface provided by ArcGIS Data Interoperability, which includes reading and writing to hosted feature services in ArcGIS Online.
• Edit tracking and auditing enables automatic recording of information about any data inserts or updates using editor tracking in ArcGIS Enterprise.
• Short transaction management enables lock-free, short transaction editing using feature services hosted in ArcGIS Enterprise and using data stored in the relational store or an enterprise geodatabase.
• Long transaction management allows for multiple states of your data to be edited and managed concurrently using the branch versioning feature of enterprise geodatabases. Branch versioning also supports conflict detection and reconciliation, empowering multiple individuals and teams to work collaboratively on shared datasets.
• Spatial and attribute rules enhance the editing experience and improves geospatial data integrity using attribute rules in an enterprise geodatabase.
• Data distribution and replication allow for copying or synchronizing data between two or more enterprise geodatabases or GIS systems. ArcGIS Enterprise provides multiple approaches to distributing data, including replication, feature synchronization, and distributed collaboration.
• Data archiving and history enable the capture, management, and analysis of data changes made over time using geodatabase archiving.

Extended capabilities

Extended capabilities are typically added to meet specific needs or support industry specific data models and solutions, and may require additional software components or architectural considerations.

• Indoor GIS combines source CAD, BIM, and reality capture data into a single geospatial data editing and management system using ArcGIS Indoors. ArcGIS Indoors enables organizations to build an indoor GIS, putting the power of indoor mapping, wayfinding, and space management software into everyone’s hands.

The following capabilities are not supported using Kubernetes as the exclusive deployment pattern. Support for these extended capabilities is possible by deploying ArcGIS Enterprise, specifically ArcGIS Server, on Windows or Linux and federating those ArcGIS Server sites with your Kubernetes-based deployment of ArcGIS Enterprise. See the Windows/Linux deployment pattern capabilities, as well as federating a server site documentation for more information.

• Workflow management and automation
• Utility networks
• Parcel management
• Roads and highways
• Pipeline referencing
• Defense mapping

• Production mapping

• Other industry solutions allow for rapid deployment of industry-specific apps and configurations of ArcGIS Enterprise using ArcGIS Solutions. Note, not all industry solutions are available for ArcGIS Enterprise.
• Support for web-tier Authentication, such as Integrated Windows Authentication (IWA) and Public Key Infrastructure (PKI) is supported with the addition of the Web Adaptor component of ArcGIS Enterprise on Kubernetes.

Considerations

The considerations below apply the pillars of the ArcGIS Well-Architected Framework to the data editing and management system pattern on Kubernetes. The information presented here is not meant to be exhaustive, but rather highlights key considerations for designing and/or implementing this specific combination of system and deployment pattern. Learn more about the architecture pillars of the ArcGIS Well-Architected Framework.

Reliability

Reliability ensures your system provides the level of service required by the business, as well as your customers and stakeholders. For more information, see the reliability pillar overview.

• Data integrity and recoverability is paramount
• SLAs requiring high levels of availability are common
  • Architecture profiles are predefined deployment profiles that correlate to varying levels of redundancy across pods and provide flexibility across several known variables such as requirements for hardware, redundancy, and organizational use.
  • Consider the Enhanced availability architecture profile when increased and expanded redundancy across critical pods is required.
• System-level backup and restore is also supported.

Security

Security protects your systems and information. For more information, see the security pillar overview.

• Authentication and authorization are almost always required, apart from a crowd sourcing style collection scenario (though these are more commonly deployed using SaaS or PaaS).
• Access control is possible, and frequently implemented, at all system tiers.
• Auditing is very common, and is typically implemented using editor tracking.

Learn more about ArcGIS Enterprise security best practices and implementation guidance.

Performance & scalability

Performance and scalability aim to optimize the overall experience users have with the system, as well as ensure the system scales to meet evolving workload demands. For more information, see the performance and scalability pillar overview.

• SLAs requiring high performance are common
  • Database performance is typically a major factor in overall system performance
  • Data model complexity may also impact system performance
  • High performing, low latency networks are typically required
• Editing performance is key, as even marginal performance degradation may negatively impact the user experience and overall workforce productivity.
• ArcGIS Enterprise on Kubernetes deployments can be scaled horizontally by adjusting the number of pods as well as vertically by adjusting the memory and CPU. Scaling is typically directed and/or reactive, as in most cases the userbase is well known and the demands on the system evolve predictably.

Automation

Automation aims to reduce effort spent on manual deployment and operational tasks, leading to increased operational efficiency as well as reduction in human introduced system anomalies. For more information, see the automation pillar overview.

• Workflow automation is common, especially with large groups of editors working in concert to edit and maintain shared or related datasets. See ArcGIS Workflow Manager for more information on this extended capability.
• Data management typically involves moderate-to-heavy use of automation, often leveraging Python scripting to perform repeatable tasks or reporting on the enterprise geodatabase. See the ArcGIS API for Python for more details.
• System administration automation is handled in large part by Kubernetes.
• ArcGIS Enterprise on Kubernetes includes support for Helm-based deployment and configuration.

Integration

Integration connects this system with other systems for delivering enterprise services and amplifying organizational productivity. For more information, see the integration pillar overview.

• Integration with other information systems such as Enterprise Asset Management (EAM), Customer Relationship Management (CRM), and Computer-Assisted Mass Appraisal (CAMA) systems is common.
• Data exchange and alignment between systems is very typical
  • Use of ArcGIS APIs and SDKs is quite common
  • 3rd party integration tools and applications are also available

Observability

Observability provides visibility into the system, enabling operations staff and other technical roles to keep the system running in a healthy, steady state. For more information see the observability pillar overview

• Successful operation of data editing and management systems typically benefits from a good understanding of how data is being edited and by whom. This may include, but is not limited to, who is editing what, the nature of those edits, the nature of edit transactions, use of batch editing capabilities, as well as the overall volume and cadence of edits. Management and monitoring of feature services is especially important, including use of edit tracking and auditing. Monitoring at the enterprise geodatabase level is also critical, especially when moderate-to-large teams of editors are involved. Learn more about creating and maintaining enterprise geodatabases.
• Feature service webhooks can also be employed for observability purposes.
• ArcGIS Enterprise on Kubernetes can be observed in a variety of ways including system logs and health monitoring through ArcGIS Enterprise Manager. Monitoring of system availability, performance, and usage is most critical to this system pattern. In addition to monitoring the ArcGIS Enterprise software, it is important to monitor all supporting components and infrastructure such the Kubernetes environment, databases and other data stores, as well as compute, network, security, and other infrastructure. Learn more about monitoring system health and reliability.
• Some extended capabilities of this system pattern, such as workflow management and automation with ArcGIS Workflow Manager, have additional observability support. Please review the corresponding product documentation for more information.
• Use of web analytics may also be helpful for editing using custom web-based applications.
• Additional observation of user logins and account changes may be possible through the configured identity provider when using SAML and/or OpenID Connect logins.

Other

Additional considerations for designing and implementing a data editing and management system on Kubernetes include:

• Successful operation requires strong understanding of GIS, IT, and database concepts as well as technology. This includes knowledge and skills specific to the selected database management system (DBMS), as well as Kubernetes.
• For organizations that have the resources and staff to deploy and maintain enterprise software on Kubernetes, the ArcGIS Enterprise on Kubernetes deployment option separates IT administration and maintenance from GIS administration.
• Data governance and alignment with IT policies and roles, such as data steward and database administrator, should strongly be considered when implementing this system pattern.

Related resources:

• ArcGIS Trust Center
• Esri’s secure development lifecycle
• Esri’s commitment to accessibility