Professional Documents
Culture Documents
3DEXPERIENCE Architecture - What's New in R2022x
3DEXPERIENCE Architecture - What's New in R2022x
3DEXPERIENCE Architecture - What's New in R2022x
: 3DS_Document_2021
Gerald LUCZYK
© Dassault Systè mes | Confidential Information | 5/11/2022 | ref.: 3DS_Document_2022
Yvonnick LEBRETON
WW Value Engagement Cloud Senior Infrastructure Architect
Antoine GIROUD
WW Value Engagement Senior Infrastructure Architect
2
TABLE OF CONTENTS
Architecture
© Dassault Systè mes | Confidential Information | 5/11/2022 | ref.: 3DS_Document_2021
Prerequisites
Installation
Technical Administration
3
DISCLAIMER RULES
• Please note that if you see this small element on the bottom of a slide, it
© Dassault Systè mes | Confidential Information | 5/11/2022 | ref.: 3DS_Document_2021
• “By holding this PowerPoint you agree to respect the rules stated
• in our next slide”
Disclaimer
applicable
4
3DS CAUTION: TERMS-OF-USE
• This document is based on various Dassault Systè mes content for the 3DEXPERIENCE platform R2022x at FD01 level.
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
• In some cases this document may contain forward looking statements based on current expectations and assumptions that
involve risks and uncertainties.
5
THIRD-PARTY COPYRIGHT NOTICES
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
https://media.3ds.com/support/progdir/622x/legal/legal_notices/spenot.htm#lgl-c-thirdPartyCopy-3DEXPERIENCER2022x
6
© Dassault Systè mes | Confidential Information | | ref.: 3DS_Document_2021
7
ARCHITECTURE
R2022x GA
cloud with 3DPassport. Engage in discussion with peers. platform as well as apps. Manage Georeferenced objects
User Group:
Collaborate with users and Enterprise & Control Centers
groups of users Manage members, role-based access and usage analytics.
Service (UI) & Functionality for Cloud Configure app behavior to suit your individual needs
Functionality for On-Premises
8
3DEXPERIENCE PLATFORM DEPLOYMENT CAPABILITIES
Core Mandatory Services
Presentation
| ref.: 3DS_Document_2021
Active/Passive (Fail-over):
In the event of a Failure of an
application server the session is
dispatched on another application
server. Active/Active
Logic and Access Active/Passive Active/Active
Load balancing:
© Dassault Systè mes | Confidential Information |
3DSpaceIndex
FileConverter
9
R2021x FD07
MANAGED DSLS
Multi GEO Deployment
• The Managed DSLS Eligibility tool has been enhanced with new options:
CMD> ManagedDSLSEligibility.exe -h
11
MANAGED DSLS
DSLicSrv.txt file Syntax Overview
• The managed DSLS License Key Order delivery provides: • The DSLicSrv.txt file can contain contains:
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
12
R2022x GA
3DGLOBE
HTTP
• 3DGlobe’s “City solution” is still an
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
• Installation enhancement
3DNotification
- Installation assistant has been
optimized with fewer questions
- No longer requires root user account to
install 3DSpace
3DGlobe Database
STORAGE
13
R2021x FD06/FD07
• For Multi-tenant users, the top bar displays the user’s tenant ID under their user name:
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
3DOrchestrate Grid
• Executes and manages generic processes defined in • Run compute intensive simulation models from Native App
process composer XML format & Power’By roles*, high performance execution and post
Processing
• Supports Cloud and local execution through private station
(Target service for hybrid compute strategy) • Public Cloud only
• Supports Powerful CPU VMs running Windows on Cloud, • Supports Powerful CPU and GPU VMs
single host only • Message Passing Interface (MPI) enabled
• Simulation inputs and results are persisted in 3DSpace
• Multi-host
• Simulation results are persisted in Grid
• High performance distributed shared file system
• Enables high performance post processing without moving
data
15
R2022x GA
16
© Dassault Systè mes | Confidential Information | | ref.: 3DS_Document_2021
17
PREREQUISITES
3DEXPERIENCE R2022x Strategic Platform Prerequisites On Premises
Native OS Client Browser Client
LINUX-64bit MacOS
Stack Windows - 64-bit
On Premise only On premises only
Operating Windows 10 64-bit (Validated Platform), Optional : Microsoft Office 2016 and Microsoft Office 2016 SLES12, 15
MacOS 10.14
Systems perpetual license connected to Office 365 service (Compatible Platform) RHEL 7.1, 8.1
AdoptOpenJDK JDK11 or IBM Semeru Runtime open edition for Java 11 or
Java
Oracle JDK 11
Native Apps Mandatory perquisite: Internet Explorer 11 N/A N/A
Safari 14
Browser FireFox ESR 78, Google Chrome, Microsoft Edge Chromium Firefox ESR 78
Firefox ESR 78
Processor x86 (Intel, AMD) (with AVX extension on CPU) x86 (Intel)
Server
LINUX - 64bit Windows Server- 64bit
3D 3D 3D 3D 3D 3D 3D License 3D 3D 3D 3D 3D License
Stack Space Dashboard Swym Comment Passport Search
3DGlobe
Notification Control Space Dashboard Swym
3D Comment
Passport Search
3D Notification
Control
Reverse Proxy Apache HTTP Server 2.4.x with x>29 Apache HTTP Server 2.4.x with x>29
Apache HTTP Server 2.4.x Apache HTTP Server 2.4.x
Load Balancer
HAProxy 1.8.13 and compatible HW LB compatible HW LB
AdoptOpenJDK JDK11 or IBM Semeru Runtime open Node AdoptOpenJDK JDK11 or IBM Semeru Runtime open
Apps Server NodeJS
edition for Java 11 or Oracle JDK 11 JS edition for Java 11 or Oracle JDK 11
Oracle DB12cR2,18c, 19c N/A Oracle DB 12cR2,18c, 19c N/A
Oracle Exadata (x3-2 to x7) Oracle Exadata
Database (including RAC) (including RAC)
SQL Server 2017, 2019 SQL Server 2017, 2019 always on
Operating RHEL 7.x x>=5, 8.1, 8.x x>5 / Oracle Linux RedHat 7.x x>4, 8.x x>2
Windows Server 2016 & 2019 64-bit
Systems SLES 12 >= SP2, SLES 15 >= SP1
Virtualization VMware ESXi 6.x, MS Hyper-V (included in Windows Server 2016 or 2019), KVM, XEN
Processor x86 (Intel, AMD) (with AVX extension for 3DIndexing server on Windows Server only)
Hardware Server
Important changes - See Program Directory as reference for Software and Hardware specifications
R2022x
PREREQUISITES HIGHLIGHT
• Operating System
- Support of Red Hat Enterprise Linux 8 64-bit
- Oracle Linux with Red hat kernel versions 7.x with x > 4 and 8.x with x > 2
• Application server
- AdoptOpenJDK OpenJ9 is now distributed by IBM and rebranded IBM Semeru Runtime Edition for Java 11.0.x x>=12
- 3DOrchestrate server distribution still requires AdoptOpenJDK 8 or Oracle JDK 8
• Database
- High Availability: Support SQL Server Always on
• DSLS
- Support Microsoft Windows Server 2019 Hyper-V
• Client Workstation
Check AVX extension with the Cloud
- AVX “Advanced Vector Extensions” required (R2021x FD05) Eligibility Checker tool for example
19
R2022x GA
The distribution is directly downloadable from IBM web site AdoptOpenJDK web site redirects to IBM one
20
ADOPTOPENJDK / SEMERU TRANSITION
• On August 3rd 2021 the AdoptOpenJDK distribution site has been moved to the IBM Semeru site
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
• Older AdoptOpenJDK versions installed on Windows will be automatically uninstalled by the Semeru
installer
• R2020x / R2021x installation issues may occur for some 3DEXPERIENCE platform installers that are
not able to properly detect the Semeru distribution. Refer to QA00000070946
• “WSFC” Windows Server Failover Clustering has always been supported with the 3DEXPERIENCE platform
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
• Requires shared storage • Always-On Availability Groups keep replicas of the Database
• From a Storage point of view there is 1 database, but N cluster • There is always 1 primary replica which has read-write access
nodes that can operate the instance. and N (up to 9 in MSSQL 2019) secondary replicas that (can)
• One cluster node at a time runs the instance. If a cluster node have read-only access.
fails another node takes over. • Synchronous or Asynchronous commit mode
Example Servers:
| ref.: 3DS_Document_2021
24
© Dassault Systè mes | Confidential Information | | ref.: 3DS_Document_2021
25
INSTALLATION
3DMESSAGING ON PREMISE STATUS
• 3DSpace Installer dialog box now asks for the 3DMessaging URL
• Do not install 3DMessaging On Premise
• Do not provide a 3DMessaging URL at 3DSpace installation
26
R2022x GA
• In the GUI based installers there is now a single question to deploy the embedded JDK & TomEE+
• The embedded option is unchecked by default
• Embedded distributions are for testing or demonstration only
27
3DEXPERIENCE LAUNCHER CERTIFICATE
• 3DEXPERIENCE Launcher version 21.16.778 and prior contain an external certificate with
expiration date 28-Nov-2021
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
• Impact of the expired certificate: any Web <=> Win scenario calling the launcher will fail, which
will cause interaction between Web/Win to fail
• 2 options to update:
- Deploy R2022x. The NativeApp R2022x will install the new 3DEXPERIENCE Launcher
version 21.33.5000 with an updated certificate with a new expiration date of August 13th
2022.
- Update just the 3DEXPERIENCE Launcher to version 21.33.5000 version:
https://www.3ds.com/support/documentation/resource-library/single/3ds-launcher/
• Official reference QA00000065062
Network
share drive
30
R2021x FD06
• Each Native App installer now provides the --fill-cache option which populates the cache with the content of the
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
media
• Command syntax:
setup.exe --fill-cache ‘Path/to/cache’ Displays a progress bar
startTUI.exe --fill-cache ‘Path/to/cache’ Perform the operation silently
• The overall process is the following:
- The administrator downloads media from the “Configure App Installation” web page. Media can be GA, HF or a PP and it
can be full or delta.
- Admin uses the new --fill-cache option on the installer to populate the cache
- If the media is already in the cache, performing the --fill-cache install this will overwrite it
• No actual installation is performed when using --fill-cache
31
R2022x
multiple profiles
• The feature allows configuration of an environment list that can be
used to launch Native Apps from the 3DCompass 1
32
© Dassault Systè mes | Confidential Information | | ref.: 3DS_Document_2021
33
TECHNICAL
ADMINISTRATION
R2021x FD03
Former behavior:
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
• If a physical file delete operation is performed by an end user or batch process, the deletion is done immediately. This
mechanism can occasionally generate concurrency access conflicts
• For example, FCS synchronization can raise a file not found error because an end user deleted it while the sync was
processing
R2022x capability
• It is now possible to delay the physical delete of the file on FCS based on the FCS Ticket expiration timeout value (10
minutes by default)
• The feature is enabled by default
• It can be disabled via a property on the FCS server: ematrix.fcs.disable_delay_delete=false inside the
<MyFCS>/managed/properties/framework.properties file (does not exist by default)
• When enabled and an FCS is shutdown, delete instructions held in memory will not be executed.
You will need to implement the maintenance best practice of regularly executing the fcsorphanfiledelete to clean
these files
35
R2021x FD05
Physical file delete use case from FCS log point of view:
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
2021-01-11 16:32:25.330 | [http-nio-8888-exec-1] | DEBUG | FCS | FCS Decrypt Ticket/Receipt String =…… Delete request received by FCS
2021-01-11 16:32:25.415 | [http-nio-8888-exec-1] | DEBUG | FCS | <ticket>
…
<action>delete</action> FCS ticket delete operation for 1 file
…
<hashName>e1/52/e152c-zwwcdy2-l5rbwrririwycmmfhmpqyoownegmt.yrg</hashName>
....
</ticket>
2021-01-11 16:33:01.008 | [DeletePool-1] | DEBUG | FCS | DeleteLoop with 1 element(s)
2021-01-11 16:34:01.012 | [DeletePool-1] | DEBUG | FCS | DeleteLoop with 1 element(s)
A thread is started and looks every
minute at the queued delete requests
…
2021-01-11 16:44:01.065 | [DeletePool-1] | INFO | FCS | action: file delete, user: creator,
location: s1, hashname: e1/52/e152c-zwwcdy2-l5rbwrririwycmmfhmpqyoownegmt.yrg File delete (ticket validity 10 minutes)
2021-01-11 16:34:01.012 | [DeletePool-1] | DEBUG | FCS | DeleteLoop with 0 element(s)
No more pending delete operation
…
36
R2021x FD05
Capability:
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
• Asynchronously trigger file synchronization from a remote site to the central site.
• The feature relies on the system property fcssettings synctocentral on|off (default value = off)
• When enabled:
- FCS synchronization is launched to the central site for every FCS check-in operation. This occurs in a background thread after
the DB commit.
- The max number of (concurrent synchronization + physical delete operation) is 10 per 3DSpace instance
Note:
• For MQL check-in the synchronization is not asynchronous. This avoids issues when trying to exit the MQL client while having a
thread running in the background performing a DB operation
PROS / CONS:
• PROS: files are synchronized automatically on-the-fly, no need to wait for the FCS batch synchronization
• CONS: Network and FCS server resources are consumed during replication. The replication can overlap with end -user activity
which needs to be considered during normal business hours.
37
R2021x FD07
Capability:
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
39
R2022x
Octreedepth When 3DSpace Index indexes an item of 6 6 Depth use case from 1 to 8
data, it is successively divided into individual
voxels. The depth setting allows you to
specify the number of divisions computed.
Octreeprecision The absolute precision limit is a safeguard 0 deactivated 10mm
used to prevent the generation of voxels,
whose size is so small that they lead to
unacceptable high memory consumption and
degraded 3D searching performance.
Watch Precision use case from 5mm to 0mm
• This can lead to less precise octrees making volume search less accurate
• Industries dealing with “small” part objects may see missing results during
volume search because of this change
• Before Go-Live, ensure there is no volume search or build-time
performance regression
40
R2022x FD01
DB
• All the attributes are crawled and pushed to the consolidation server regardless of the
what is in the config.xml file, New TAG
filter
• The “config.xml” is parsed by the consolidation server when it pushes the data to the
MQL
index
Capability Benefits
CONSOLIDATION
• The intent is to reduce the number of attributes that are crawled thus improving SERVER
performance Config.xml
filtering
• Config.xml syntax: INDEX
<CRAWLER excludeattributes="attribute_1,…,
attribute_n"/>
3DSpace Index
• If the config.xml has a FIELD that refers to an attribute AND the same attribute is
excluded via the excludeattributes tag, the FIELD will be crawled/indexed.
41
INSTALLATION & ADMINISTRATION
TAKE AWAYS
© Dassault Systè mes | Confidential Information | 5/11/2022 | ref.: 3DS_Document_2021
42
© Dassault Systè mes | Confidential Information | | ref.: 3DS_Document_2021
43
ENTERPRISE MODELING
“P&O” MANAGEMENT
R2022x GA
• 3DS Cloud: No end-to-end batch method was available to mass create or manage user accounts, collaborative spaces,
credentials and organizations.
• On Premise: VPLMPosImport/Export is available but it has some limitations:
- Un-assigning licenses
- Active/Inactive user account
- Site assignment
R2022x introduces NEW web services capabilities: new
44
R2022x GA
• The feature is NOT available on 3DS Public Cloud due to the fact that 3DPassport Control Center access is required.
POST <My3DPassport>/api/private/user/update The API updates the user account data. The none passed data, and already
existing, are not modified.
POST <My3DPassport>/api/private/user/v2/get The API retrieve a user account from a username or an email.
45
R2022x GA
• To use the 3DPassport user account web services, 2 secret keys must be provided as headers:
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
• Both keys must be created by an administrator via 3DPassport Control Center Security menu
new
5
2
• The API first parses the CSV file keep only the valid lines while purging blank lines, double entries for the
same user and lines starting with “#”, before launching the import
• The API is asynchronous, to query the import status, invoke the “check request state” API using the import
request identifier as query parameter
48
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021 R2022x GA
roles Roles trigrams along with their prerequisite roles when needed and custom roles/third party apps identifiers separated by a comma.
© Dassault Systè mes | Confidential Information |
force Force synchronization of all mandatory parameters (id, uid, firstname, lastname, active, state, email, role, status) false
Values such as “force”, "true", "yes", "1" allow to force synchronization
Any other value "false", "no", "noforce" and "0" has no impact
49 location ID of the location (Cloud DFS or OnPremise FCS site) null - default
R2022x FD01
• You can now use a 3DSpace web service to manage collaborative spaces:
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
• Each collaborative space can reference objects such as, persons, user groups, roles & organizations
• Referenced object must already exist when using PUT or PATCH to avoid a failure when the web service is called
50
R2022x GA
• Multiple web services capabilities to manage user accounts, collaborative spaces & user groups:
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
• At the moment, no web services are available to author organizations & credentials to fully
51
handle what VPLMPosImport/Export can do
© Dassault Systè mes | Confidential Information | | ref.: 3DS_Document_2021
52
SECURITY & GDPR
R2022x
Context
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
• 3DEXPERIENCE Launcher allows users to launch executables on the local machine from the web browser
• This can be a vector for malicious code exploits
• The Launcher includes an executable deny list that is hardcoded, to change the list requires a 3DEXPERIENCE Launcher
update
Enhancement:
• To allow more flexibility in controlling the executables that can be launched a ”trusted directories” solution has been
implemented:
• Trusted directories: bin_trusted command_trusted clr_trusted
• The DSLauncher installation automatically:
- Populates the trusted directories
- Adds to code\bin_trusted and code\command_trusted to the environment file
53
R2022x
• To introduce an additional Native App, the executable had to be deployed to code\bin, code\command or code\clr
• The executable must now be copied into code \bin_trusted, code\command_trusted or code\clr_trusted
directories instead.
54
R2022x
SECURED COMMUNICATION TO DB
• For JDBC and ODBC services you include the encrypt=true option during the installation
• SQL Server Server Name: Host[\Instance][:Port]:
localhost\SQLSERVER;encrypt=true;sslProtocol=TLSv1.2
• On 3DS Cloud R2022xGA a new bottom banner appears to ask for user acceptance of the cookies
• The user acceptance is shared across 3DEXPERIENCE Platform services (if it is accepted on 3DPassport, other services
will not prompt the user again). Cookie acceptance is valid for 6 months.
Cookies
banner
56
R2022x GA
• Customers have been requesting additional traceability of actions to check, detect and alert when necessary
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
• Starting with R2021x FD01, the Audit Logs UI details 3 categories of events:
- Members & Roles
- Legal
- Configuration
• Several 3DEXPERIENCE Platform services implemented an “Audit log” to track key events. A common format is adopted:
© Dassault Systè mes | Confidential Information | 23/07/2021 | ref.: 3DS_Document_2021
58
R2022x GA
59
R2022x GA
{"timestamp_hr":"2021-11-02T14:01:52.316899692Z",
"ev ent":"AUTHD_REQUEST_END",
"tenant":"",
"sso_id":"ab2fe1e4e3c387f74a53dbe3dea3d0c358cc465516fb76c0cd5e06c2698eba9f",
"client_ip":"10.205.46.145",
"user_name":"admin_platform",
"data":{"i_response_size":369,"i_status_code":200,"request_id":"238fc41a-fb16-407d-8f27-6fdcc1fc40a3"}}
• On Premise:
- The audit logs can be centralized by a log collector and processed to send alerts in case of suspicious activity. The alert must be specified
- Pay attention to log retention and purge schedule
60
3DEXPERIENCE ON PUBLIC CLOUD
Preliminary : Current certifications
SaaS
ISO 27001:2017 (Information Security Management)
ISO 9001:2015 Certificate Scope:
Design, development, delivery, ISO 27701:2019 (Security techniques — Extension to
deployment, cloud operations, and
© Dassault Systè mes | Confidential Information |
+ ISO 27017:2015 (information security controls applicable to the provision and use of
cloud services)
+ ISO 27018:2019 (objectives, controls and guidelines for implementing measures to
protect Personally Identifiable Information (PII) in accordance with the privacy principles in
ISO/IEC 29100 for the public cloud computing environment)
61
+ ISO 27701:2019 (Security techniques — Extension to ISO/IEC 27001)
ENTERPRISE MODELING & SECURITY
TAKE AWAYS
© Dassault Systè mes | Confidential Information | 5/11/2022 | ref.: 3DS_Document_2021
62
© Dassault Systè mes | Confidential Information | 5/11/2022 | ref.: 3DS_Document_2021
Q&A SESSION
Type your question into
the questions panel and
click send or raise your
hand
63
© Dassault Systè mes | Confidential Information | 5/11/2022 | ref.: 3DS_Document_2021
64
Fill in the survey to
provide your feedback
SHARE YOUR IDEAS
© Dassault Systè mes | Confidential Information | | ref.: 3DS_Document_2021
65