The new architecture of Port Community Systems
Port Community Systems (PCS), the technological platforms that manage requests and the exchange of electronic documentation for port services in an intelligent, automated and centralised way, are undergoing a technological leap. They are now more flexible, distributed and secure. How do these improvements impact the services provided to customers?
The rise of maritime traffic, the need to increase cybersecurity, resilience or improve the speed of processes and adopt flexible systems to meet present and future challenges are some of the reasons for this PCS overhaul.
From Application Servers to Container Technology
"Other PCSs that were in a situation like ours, with an architecture that is about ten years old, are moving to a new technology that allows for greater flexibility and scalability," explains Javier Gallardo, director of PORTIC, the Port of Barcelona's PCS.
Prior to this renovation, PORTIC's architecture dated back to 2013. "At that time, the platform was based on the application server concept; all applications were in one place," Gallardo recalls.
Application servers provided common services for applications: virtual machine, database connections and processes. They were grouped in clusters to provide high availability and load balancing. However, in practice they ended up being overloaded with applications, which made them very heavy in initialisation time and ended up masking the problems of a single application in the whole cluster.
The leap to a container-based architecture allows all these applications to have independent development cycles and execution processes. This way, each application can be replicated in more than one container to achieve greater processing capacity, availability and independence.
PORTIC has decomposed its PCS into more than 50 applications running in more than 200 containers. Each container is monitored and managed in a system based on Kubernetes: Open Shift.
The containerisation process also allows for greater flexibility in development processes because it allows an application to be developed and deployed in one container without affecting other containerised applications. Previously, in some situations it was necessary to stop the entire application server to change applications or common libraries.
The break-up of the application server into "containers" has had three key parts:
- Incorporation of a mechanism for the treatment of incoming messages with the implementation of Active MQ queues, which has allowed the distribution of messages in process routes defined in camel.
- A new communication interface, Api Rest, was provided to all applications to expose their services and thus share functionalities with the rest of the applications.
- In order to make the mechanism of web service calls transparent, the concept of reverse proxy was implemented. This is a mechanism that allows the definition of simple communication rules that facilitate the flow of information between different distributed applications. These rules are usually centralised in a web server.
This process has involved almost three years of work by the PORTIC technical team.
Containerised architecture allows all applications to have independent development cycles and execution processes.
Other improvements included:
Increased security against cyber-attacks
Gallardo explains that the set-up of the new infrastructure includes a series of cybersecurity services that include 24/7 monitoring of potential threats. "We must have an additional layer of protection to stay ahead of attacks. This is the function of the Security Operation of Control, which not only monitors threats but its typology in order to take better action," he explains.
In addition, penetration tests will be conducted on a regular basis to further protect the PCS from potential attacks.
A second Data Center
The renovation also includes a second data centre so in case the first one experiences a setback, this second centre can provide the same service in just one or two hours.
"Both are connected via a high-performance internet line that allows data to be copied synchronously to avoid data loss. This second data centre is located directly in the cloud," he says.
Inclusion of new technologies
"PCSs handle a lot of data. The new infrastructure will allow us to gradually introduce new services based on new technology such as predictability when executing logistics and transport operations. Technologies such as artificial vision for document processes or machine learning are interesting," says Gallardo.
What are the other PCS doing?
Gallardo explains that the journey experienced by PORTIC can be similar to that of other technological platforms in many other ports. "Right now, many are considering a decision that, on the one hand, involves two challenges. One is the cloud. The second is the containerisation of applications, i.e. an architecture based on microservices, which offers independent services," he says.
From a technical point of view, the PORTIC director explains that this is a transitional step towards this new architecture; the containerisation of applications, their move to the cloud and new challenges that will be introduced. "We have considered a leap towards the definitive cloud in a more conservative way. First we have done the containerisation and located the second data centre in the cloud," he explains.
Gallardo, who was recently appointed president of the International Port Community Systems Association (IPSCA), explains that the organisation is debating issues such as the application of Maritime Single Windows, the implications of the new regulation on the digitisation of transport documents, services and technologies such as machine learning and blockchain.
With this upgrade, PORTIC's director says that the platform has been placed at the forefront of PCS from a technological point of view.
For the user and customer, this upgrade will result in a better quality of service and response time. "On the other hand, it will allow us to introduce more services in a faster, more continuous, flexible and scalable way," Gallardo says.
"It will allow us to make these changes in a much more transparent way for the user. In addition, when an application is at its limit, the system automatically launches an instance and we can therefore better allocate resources to those applications that need it most," he continues.
PCSs are fundamental in the exchange of information between the different actors of the port community in a digital and secure way. This new PCS 'revolution' ensures that they are prepared for increasingly complex challenges.