CosmoTech

• Cosmo Tech SDK: A software development kit used to generate simulation engines, which are often packaged as Docker images. Includes the Cosmo Tech Studio and csmcli.
• Cosmo Tech Studio: A desktop application used to build models locally, allowing users to create conceptual models, edit simulator files, and configure solutions before deploying them to the cloud.
  • Conceptual Model Editor: A tool within the Studio used to declare entities, attributes, and relationships to create and edit conceptual models.
  • Simulator Editor: A tool within the Studio used to create and edit the simulator model XML file, indicating which conceptual model to include in the simulation software.
  • Solution Builder: A component within the Studio used to configure and build the simulation software executable.
  • Instantiated Model Editor: A tool within the Studio used to create and edit instantiated model files that represent a real-life system and are used to launch simulations.
  • Simulation Manager: A tool within the Studio used to create, configure, and run simulations locally.
• csmcli: A command-line interface used to build simulators and release projects as Docker images to the cloud platform Container Registry service.
• CoMETS is a low code, modular Python library that democratizes advanced simulation utilization to non-experts and acts as a bridge between simulation and the machine learning ecosystem. It helps experimenting with numerical models and simulators. It offers tools to run, analyze and optimize your models and can be used with both Python models as well as Cosmo Tech simulators.

• Business Web Application: A web-based graphical user interface that allows business users to interact with solutions, create scenarios, adjust inputs, launch simulations, and view results.
• Dataset Manager: A view within the web application that allows users to manage datasets, including creation, updates, and validation via ETL scripts.
• Scenario Manager: A component of the web application that allows users to create, share, and launch scenarios.
• Dashboards: A view within the web application that gathers detailed simulation results in the form of embedded Power BI reports.

• Platform API: A REST API that exposes endpoints to control the platform, managing organizations, workspaces, scenarios, datasets, and simulation runs.
• Container Registry: A service for hosting and managing simulation engines packaged as Docker images, which can be instantiated by the orchestration service.
• Twin Data Layer: The entry point for external data sources (like Azure Storage, flat files or enterprise applications) that interacts with initialized models and serves as an internal twin cache to reduce data load latency.
• Run Orchestrator (csm-orc): An orchestration service that manages the execution of run templates and simulation workflows.
• Result Data Service: A service that stores simulation results and custom data in a database to improve accessibility and reduce cloud-provider dependency.
• Synthetic Data Generation Services: Services used to process live data as well as store simulation output in the data layer for analysis.
• Cosmo Tech Acceleration Library (CoAL): A Python library that facilitates sending output data from a simulation engine to a data warehouse like Azure Data Explorer.

• Monitoring Service: A service based on Grafana and Prometheus that provides dashboards for API monitoring, resource usage, and logs.
• Licensing Dashboard: A Grafana-based dashboard system for monitoring license usage, such as the number of distinct users and scenario runs (licensing metrics may vary).
• User Management: Services that enforce resource permissions using access-control lists (ACL) at API resource level.

The Cosmo Tech cloud platform is primarily deployed on Microsoft Azure using a combination of managed services. The deployment process is structured into layers (Core, Organization, Workspace) and requires specific technical prerequisites regarding infrastructure, security, and tooling.

Deployment Methods

The platform can be deployed through several methods depending on the environment and customization needs:

• Azure Marketplace (Managed Application): This is the primary method for deploying the “Core Platform” services. It creates a managed application in your Azure subscription that is maintained by Cosmo Tech or a Cloud Solution Provider.
• Terraform: Alternatively, Terraform can be used for deploying Core Platform services.

Prerequisites for Deployment

Successfully deploying the platform requires meeting specific technical, security, and tooling requirements.

Azure Subscription and Permissions

• Subscription: A valid Azure subscription is required.
• Permissions: The deployer must have credentials to manage resources including AKS, ACR, ADX, Storage, Keyvault, and EventHub.
• Resource Groups: Two distinct resource groups are required to isolate resources: one for the core platform (common resources) and one for the platform tenant.

Networking

• Virtual Networks (VNet): Two distinct VNets are required—one for common resources and one for the tenant. These must be peered to allow communication.
• IP Constraints: The VNet must allow outbound connectivity and avoid specific IP ranges (e.g., 169.254.0.0/16). It is recommended to use a NetMaskLength of /26 minimum.
• Public IP/Domain: If external access via a domain name is required, a Static Public IP (Standard SKU) and a corresponding DNS “A record” must be created.

Identity and Security (Azure AD App Registrations)

Multiple Azure AD App Registrations must be created in the customer tenant to manage authentication and permissions.

• Cosmo Tech Platform: The main registration defining available roles (e.g., Platform Admin, Organization User).
• Swagger: For discovering and testing the Platform API.
• Network: Used for custom Virtual Network configurations.
• Babylon: Used for the CLI tool managing solutions.
• Business Web App (Optional): Required if deploying the web application for end-users.
• Permissions: These apps require specific API permissions, such as Microsoft Graph > User.Read.

Power BI (Optional)

If the solution utilizes Power BI for reporting, specific licensing and configurations are needed:

• Licensing: A Power BI Pro or Premium Per User (PPU) license is required for creating/editing reports.
• Embedding Modes:
  • SSO: Requires users to have Power BI credentials.
  • Service Principal: Allows users to view reports without a Power BI account but requires a technical account/Service Principal.

DevOps Tools

The following tools are necessary for deployment and maintenance tasks:

• Azure CLI: For interacting with Azure resources.
• Terraform: For infrastructure deployment.
• Helm: For Kubernetes package management.
• Kubectl & K9s: For interacting with the Kubernetes cluster.
• Docker: For building and pushing simulation images.
• Babylon: A locally installed command-line interface (CLI) tool used by Cosmo Tech DevOps engineers to interact with platform systems and automate the deployment of solutions and Azure resources.

• Azure Kubernetes Service (AKS): A managed container orchestration service that hosts the Cosmo Tech API, platform services, and simulation runs.
• Azure Data Explorer (ADX): A data analytics service used to store and analyze large volumes of simulation results and input parameters.
• Azure Event Hubs: A big data streaming platform used to ingest simulation probe data and publish events.
• Azure Container Registry (ACR): A registry service used to store Docker images for simulation engines and solutions.
• Azure Storage: A service providing blob containers to store static data, workspace files, and datasets.
• Azure Digital Twins (ADT): A service used to host instantiated models (Digital Twins), which is optional in newer platform versions.
• Power BI: A business analytics service used to create and embed interactive reports and dashboards within the Cosmo Tech web application.
• Okta/Azure Entra ID: An Identity Provider and Authorization Server used to manage user authentication and authorization.
• Redis: A database service used by the API for caching and storing operational data (Twin Cache).
• PostgreSQL: A relational database management system used as a storage option for the Result Data Service.
• RabbitMQ: A messaging broker available as an alternative to Azure Event Hubs for specific platform tenant deployments.