0 / 0
Watson Query architecture and workload isolation

Watson Query architecture and workload isolation

Watson Query provides an architecture that isolates customer data and compute from other customers or other resources groups. It uses separate Kubernetes namespaces for each resource group you provision the service into, with separate worker nodes for each of these namespaces. Each provisioned system also has separate encrypted block storage and separate object storage buckets.

Architecture

Review the Watson Query architecture and learn about different isolation levels so that you can choose the solution that meets the requirements of the workloads that you want to run in the cloud.

A diagram that outlines the architecture of Watson Query.

Watson Query workload isolation

Enterprise Watson Query formations are provisioned on Kubernetes clusters. Each formation is created in a customer-specific namespace that is also specific to the resource group that the formation is provisioned in. The pods that provide the Watson Query processing are isolated, running on worker nodes that are dedicated to the formation.

Each formation also includes a set of block storage devices that is encrypted with a Key Protect managed encryption key. You can also opt to use your own Key Protect managed keys.

Backups are stored in a customer-specific encrypted object storage bucket for at least 14 days.

Generative AI search and answer
These answers are generated by a large language model in watsonx.ai based on content from the product documentation. Learn more