NATS request-reply with multitenancy - nats.io

I am using NATS request-reply fine but I am planning to add multitenancy with accounts. Do I need extra configuration for the replyTo inbox? For example
Tenant A:
listens on rpc.method. This subject is exported as a service to Tenant B.
Tenant B:
initiates a req-reply to rpc.method specifying a replyChannel. Usually this looks like _INBOX.xxxxx.
So, when a subscriber that lives in Tenant A wants to send the response back, will the requestor in Tenant B receive it, given that _INBOX.xxxxx is not exported to Tenant B

Yes, the Allow Responses feature works with multitenancy. NATS will dynamically present client's (Tenant B) reply subject to the service account (Tenant A) as a dynamic subject local to Tenant A that the service can publish response to for a period of time.

Thanks #tbeets!.
I created a simple setup to test the full setup. Imagine two accounts server and client and an exported service called rpc.
Here is what happens:
The client imports the rpc service and does the usual req-rep. It advertises a regular _INBOX.xxx replyTo subject.
However the server, being a different account/tenant, receives the message with the replyTo overwritten to _R_.yyyy. The server replies to _R_.yyy but the client still receives its response on the original topic _IBOX.xxx.
That's pretty slick!
The only change needed is to let the server publish to _R_.> (--allow-pub '_R_.>')

Related

Microservices async operation HTTP response

We're building a microservice app where clients can create projects. The following diagram shows the technical flow of this process:
My question: what HTTP response should the API gateway return to the client (step 1.)?
My initial idea was to give back a 202, but the problem there is that I don't know the Location yet (/projects/{id}), because the id of the project will be created at the Project Management Service.
Considering that the IDs of the newly created project entity is not known at the request time (i.e. it is generated after the insertion into the database) you indeed cannot generate the url to the project resource.
Instead, you could assign an ID (i.e. 1234-abcd-5678-efgh) to the command before sending to the bus and keep track of its execution status on the API gateway itself. Then you can respond to the client with an command execution status endpoint like /commands/1234-abcd-5678-efgh where it can query by polling.
The alternative would be to use another service that would reserve&deliver unique IDs but you must make a blocking call to it and this hurts scalability. Or you can host this service inside the API gateway itself (onto the same node) to minimize latency. Also, there is a risk of loosing some IDs in case of project creation failures but this can be compensated by releasing those IDs in those situations (thus increasing the architecture complexity).
A third solution could be the use of a project surogate ID, like a GUID, assigned as a property of the project, included in the command, having the purpose of an alternate identity that can be used only in the pre-creation phase of the process. Then, the response to the client could be like this: /projects/by-guid/1234-abcd-5678-efgh and after the project is created a GET to this url would permanently redirect to the final project url.

asynchronous request with callback in Apigee

How can i implement an asynchronous callback scenario in Apigee.
For example i need to call a host and the host may take some time to process response. Once the response is ready that needs to be delivered to the caller/client.
Thanks in Advance
Regards
Can not claim that it is a standard way of doing this, however here is a design:
Assumption: The target host must support registering a call back URL.
When the client calls Apigee proxy, Apigee proxy in the middle can generate a unique callback URL and send to the target as a parameter when making the API request. In the meantime it would have to block the client ( and start polling an internal storage).
The callback URL would be itself be a proxy in Apigee that receives the response from the target side and then updates an entry in Apigee persistence store, which is being polled by the first proxy.
If the callback happens within say x seconds, then the apigee proxy can send the response back to the client. If it does not happen within that time than it can send back some error.
To implement you can use Key Value Map or Caching policy in apigee for the transient persistence store. And for blocking the client and polling the persistence store use java or javascript policies
Take a look at https://github.com/apigee/api-platform-samples/tree/master/sample-proxies/async-callout and see if that helps. This sample makes the requests to the target, stores the response handles in the JS "session", goes away to do other things, and then retrieves the handles from the "session" and checks the responses.

How to Intercept ScaleoutMessage Broadcast: (Edited: How to send message directly to ServiceBus SignalR Backplane)

I have following scenario:
User request for certain resource on server, This request is long running task and very like 2~3 seconds to 10 seconds. We issue a JobTicket to user, As our user want to wait.
On receiving request we store that request in persistence storage and issue a token to user as JobTicket (GUID).
User make connection with Hub to get information about that GUID.
In Background:
We have WAS Hosted as well as Windows Service to perform some operation on that request.
On complete, WAS Hosted/Windows Service call our Web Application that job has been completed.
From there based on job Ticket we identify which user and on its connection we let user know its job has been completed.
Now we have farm of servers, we are using Windows Server On Prem ServiceBus 1.1 which is working fine, But challenge we have is that we are not able to intercept ServiceBus based backplane message broadcast and message is going to all the client. As we have farm, user intermediately may have drop connection and connected to other server based on load balancer so we need to have scale out using Service Bus as its kind of seamless to integrate and we are also using for our internal purpose in our application so we don't want to user any other mix in complex solution.
I have tried using IHubPipelineModule but still Scale out message broadcast not passing thru that, I tried to hookup SignalR code directly and debug thru it but its taking long. I don't want to mess-up something arbitrary in actual code. As I can see that in OnReceive I can see message are coming, but not able to follow further. I just need small mechanism that I can intercept broadcast message and make sure that it goes to client it intended and not all the client by wasting resources, and security concern as well.
Please help me on this issue, it's kind of stuck from last 4 days and not able to come to any solution and same time I want to go with establish pattern and don't want to fork any special build for this kind of small issues which I am sure one of you expert knows how I can do that seamlessly.
Thanks,
Shrenik
After lots of struggling and not finding straight forward way, I have found the way as below for someone else in future it might help.
Scenario:
1. Web Farm: Host External User facing Web Pages
2. Backend Process: Which is mix of WebApi, SharePoint, Windows Service etc.
User from Web Page submit some request and get a unique id as return back. Internally on receiving request, we queue that request to Service Bus using TopicClient for processing.
There are pool of Windows Service watching on Message on Service Bus using SubscriptionClient and process that message. On completion of process which can run from 5 seconds to 30 seconds and some cases even more. We need to inform client that its job done if its waiting on web page or waiting for completion notification.
In this story, We are using SignalR to push job completion notification to client.
Now my earlier problem is How I let know from windows service to web application that job is done so send notification to client who submitted request.
One way is we hosted another hub internally in web application, Windows service act as client and call web application hosted hub, and in that hub method it will call external facing hub method to propagate message to specific client who submitted request, for which we are using Single user Group.
And as we have register service bus as backplane it will propagate to other servers and then appropriate client will get notification. So this is ideal solution and should work in most cases.
In above approach we have one limitation that, how Windows Service connect to Web Client, as we donot have windows auth, but we have openid based auth with ADFS. Now in such case Web Application required special code in which provide separate userid or password for windows service to communicate or have windows authentication also allowed for that hub for service account of windows service.
I was trying and trying how to remove all this hopes between interserver communication and again management of extra security.
So I did below with simplicity, though it tooks me whole night to find our internal of SignalR. But it works:
Approach is to send message directly to ServiceBus Backplane, and as all Web Server already hooked-up with ServiceBus backplane then they will get message.
Unfortunately SignalR doesn't provide such mechanism to send message directly to Backplane. I think its on pub/sub model so they don't want somebody to hack in their system :). or its violation of their pattern, but its make sense, in my case because of different roles and security, I have simplify code as below:
Create a ServiceBusMessageBus instance in my code, Same way as Below: Though I have created separate instance and store till lifetime of Windows Service, so I don't create instance every time:
ServiceBusMessageBus serviceBusBackplane = new ServiceBusMessageBus(new DefaultDependencyResolver(), new ServiceBusScaleoutConfiguration(connectionString, appName));
Create a ClientHubInvocation Object: This is a message which actually get created in SignalR infrastructure when Backplane based message broadcast:
ClientHubInvocation hubData = new ClientHubInvocation
{
Args = new object[] { msg },
Hub = "JobStatusHub",
Method = "onJobStatus",
State = null,
};
Create a Message object which accept by ServiceBusMessageBus.Publish, Yes, so this is a method which actually get called on base class ScaleoutMessageBus.Publish. This class is actually responsible for sending message to topic and other subscribers on other server nodes. Why not use that directly. Now to create Message Object, You need following code:
Message backplaneMessage = new Message(
sourceId,
"hg-JobStatusHub." + name,
new ArraySegment(Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(hubData))));
In above second parameter is something interesting,
In case if you want to publish to all the client then syntax is "h-", in my case specific group user, so syntax is "hg-.. You can check the code here: https://github.com/SignalR/SignalR/blob/bc9412bcab0f5ef097c7dc919e3ea1b37fc8718c/src/Microsoft.AspNet.SignalR.Core/Infrastructure/PrefixHelper.cs
Publish your message to backplane directly as below:
await serviceBusBackplane.Publish(backplaneMessage);
I wish this PrefixHelper class have been public.
Remember: This is not recommended way and doent insulate from future upgrade for SignalR, as its internal they may change so any upgrade might come with small hazale to change this code. But in summary this works. Hope SignalR Team provide some mechanisam out of box to send message directly to backplane instead.
Thanks

Connected to multiple hubs and disconnect from only one

I'm writing a Single Page Application with Durandal and I'm planning on using SignalR for some functionality. First of all, I have a top bar that listens for notifications that the server may send. The site start a connection to the "TopBarNotificationHub".
On one of the pages I want to connection to another hub as two users might edit the data on this page simultaneous and I want to notify if someone updated the data. No problem, this works fine.
But, when leaving that page I want to disconnect from ONLY the second hub, but I can't find a way to accomplish this. If I just say hub.connection.stop(); the connection to th eTopBarNotificationHub also stops (as it's shared).
Is there a way to just leave one hubproxy and let the other exist?
As this is a SPA the "shell" is never reloaded so it doesn't connect to the hub again... I might be able to force this to reconnect everytime another page disconnects from a hub, but there might be a cleaner solution...
Thanks in advance.
//J
If you use multiple hubs on a single page that's fine, but they share the same connection, so it isn't taking up more resources on the client other than receiving the updates.
Therefore to "connect and disconnect to/from a hub" you need to slightly rearchitect. If you use Groups instead of Clients on the server side you can "register" with a Hub by calling a (for example) Hub1.Register method and sticking the client in the relevant group in that method. To "deregister" you call a (for example) Hub1.DeRegister and remove the client's ConnectionId from the group in that method. Then, when you push updates to clients, you can just use the Group instead of Clients.All.
(C# assumed for server language as you didn't specify in your tag)
To add a client to the hub group: Groups.Add(Context.ConnectionId, groupNameForHub);
To remove a client from the hub group: Groups.Remove(Context.ConnectionId, id.ToString());
To broadcast to that Hub's clients: Clients.Group(groupNameForHub).clientMethodName(param1, param2);
Just to make it confusing, though, note that the group named "myGroup" in Hub1 is separate to the group named "myGroup" in Hub2.
This is the exact approach recommended in the documents (copied here in case they move/change in later versions):
Multiple Hubs
You can define multiple Hub classes in an application. When you do that, the connection is shared but groups are separate:
• All clients will use the same URL to establish a SignalR connection with your service ("/signalr" or your custom URL if you specified one), and that connection is used for all Hubs defined by the service.
There is no performance difference for multiple Hubs compared to defining all Hub functionality in a single class.
• All Hubs get the same HTTP request information.
Since all Hubs share the same connection, the only HTTP request information that the server gets is what comes in the original HTTP request that establishes the SignalR connection. If you use the connection request to pass information from the client to the server by specifying a query string, you can't provide different query strings to different Hubs. All Hubs will receive the same information.
• The generated JavaScript proxies file will contain proxies for all Hubs in one file.
For information about JavaScript proxies, see SignalR Hubs API Guide - JavaScript Client - The generated proxy and what it does for you.
• Groups are defined within Hubs.
In SignalR you can define named groups to broadcast to subsets of connected clients. Groups are maintained separately for each Hub. For example, a group named "Administrators" would include one set of clients for your ContosoChatHub class, and the same group name would refer to a different set of clients for your StockTickerHub class.

SOAP Web Service on ASP.NET - Multiple Connection - Static Values - XMLRPC API

Have a SOAP Web Service that encapsulates calls to a 3rd party API... so our application can simply call my service and then my service handles all the various calls to the API. Works just fine.
However, we've hit a problem where the API we're connecting to allows a max of 10 connections at any given time for a given set of credentials.
Connections at most take a couple of seconds to process, but when we go live, we could in theory have users that max out this. So we've created multiple accounts (5) to the API giving us 50 connections across the 5 users.
How does ASP.NET handle connections to the Web service? I know it works asynchronously, but does it spawn multiple instances of my class or reuse the same class. Will variables persist across instances (i.e Will static variables work)?
What I need to do is if a call to the API fails on Client1, rollover to Client2 (or Clients[0], Clients[1]) etc... Sadly I have no way to detect if a given Client is out of connections at any given moment. I could poll it with a test call, but that would take time and be no guarantee the the client has a connection available when I make the call.
The API I'm calling is via XMLRPC Proxy class (CookComputing). Is the "connection" made when the Client is created or when the call is made, passing along the credentials?
public static IVoicestar GetClient(string userID, string password)
{
IVoicestar client = XmlRpcProxyGen.Create<IVoicestar>();
client.Credentials = new NetworkCredential(userID, password);
return client;
}
Seems from this that the credentials simply "ride along" until I make a call via Client.MethodCall() and then the connection is made.
If you are using ASP.NET Web Services (asmx) then it would spawn a new instance of your web service class for each request. In case WCF based web services, you can control the instancing /concurrency using attributes/configuartion (see this article) - you have three instancing modes possible - per call, per session and singleton.
Irrespective of what you are using, you can always implement your own pooling mechanism to pool your API connection. You already have a factory method to get the API client - just put call to pooling layer within method.
Normally Windows XP and Windows 7 have a limit of 10 concurrent TCP/IP connections. Maybe that's it. Be sure to work in a windows server version.

Resources