Mutli-tenancy Vs Single tenancy - http

I want to know the difference between multi-tenancy and single tenancy.
Is tomcat supporting mutli-tenancy .Can you explain both with an example.
I am asking this question in context to http-servers.

Definition
From Wiki definition
In a multitenancy environment, multiple customers share the same application, running on the same operating system, on the same hardware, with the same data-storage mechanism. The distinction between the customers is achieved during application design, thus customers do not share or see each other's data.
So you can imagine that single tenancy is the other way around.
Example
Let's take JIRA as an example,
If you use OnDemand JIRA Service, it is multi-tenant, cloud-based service.
If you download JIRA Standalone and install it for you organisation. It is single tenancy case.
Designing multi-tenancy software
Designing multi-tenancy software is nothing to do with the hosting technology. It's actually about the way you architect the software.
Tomcat in your case, is absolutely suitable for multi-tenancy software.

Related

Azure API gateway vs nginx

I am evaluating wep api gateway for my new projects. I used azure api gateway in the past. Reading about nginx as it is new and adopted by many. Can someone help me point out with some facts, pros, cons? Bug matrix will be a best help for me
Azure API Management is a mature and widely-used product, with many customers being very respected enterprises. Take a look at some public case studies.
It offers a very wide range of features, which are typical of an API management platform, and it is still being very actively developed. However, one of its biggest strengths lies in integration with Microsoft Azure services and features - multiregional deployments, virtual networks, monitoring and alerting solutions, native support for Service Fabric, Azure Function Apps and Azure Logic Apps, Azure Active Directory and others.
If you are considering hosting your new projects with Microsoft Azure, Azure API Management is a no-brainier.
The product is also one of the main reasons why Gartner named Microsoft a leader in the enterprise integration space.
Disclaimer: Although all of the above is best to my knowledge, I am affiliated with Azure API Management.
Although I have just started looking into this myself, here's what I can already conclude.
Looking at www.nginx.com/blog/deploying-nginx-plus-as-an-api-gateway-part-1/, Nginx requires a lot of manual configuration washed over many text files. That doesn't look flexible or effective, but I may have gotten a wrong impression.
Judging by how you're supposed to define your API keys using the map directive, Nginx API Gateway also looks like a new idea stretched on top of the existing product, while Azure API was designed for that exact purpose from the ground up.
Azure APIs, when published, come with auto-generated documentation and an interactive console that are in sync with all your updates.
With Azure API, you're putting all your eggs into one basket and completely depending on it's pricing and availability. At any moment Microsoft can increase their prices, or discontinue the product, and you cannot migrate elsewhere, at least not easily/quickly. At the same time, you can do your Nginx work once and run it on pretty much any server, starting with a low-end VPS or a Raspberry PI, if you'd like. It's pretty much yours.

Splitting and naming Microservices

I recently started a side-project. It was supposed to be a virtual recipe-book with the capabilities to store and retrieve recipes (CRUD), rate them and search through them. This is nothing new, but i wanted to build it as a desktop application to learn more about databases, unit testing, UIs and so on. Now that the core domain is pretty much done (i use a DDD approach) and i implemented most of the CRUD Repositories, i want to make this a bit more extensible by hosting the core functionality online, so i am able to write multiple backends (desktop application, web application, web api, etc).
Service Oriented Architecture (or Microservices) sound like a good approach to me to do that. The problem i am facing is how to decide, which parts of my project belong into a separate service and how to name them.
Take the following parts of the project:
Core domain (Aggregates, Entities, Value Objects, Logic) -> Java
Persistence (DAOs, Repositories, multiple Database backend implementations) -> Java
Search (Search Services which use SQL queries on the persistence DB for searching) -> Java
Desktop Application -> JS (Electron) or JavaFX
Web Application -> Flask or Rails
Web API (Manage, Rate, Search for recipes using REST) -> ?
My initial approach would be to put the core domain, the persistence, the search and the web api into a single sub-project and host that whole stack on Heroku or something similar. That way my clients could consume the web interface. The Desktop and Web apps would be different projects on their own. The Dektop app could share the core domain if they are both written in Java.
Is this a valid approach, or should i split the first service into smaller parts? How do you name these services?
Eric Evans on GOTO 2015 conference ( https://youtu.be/yPvef9R3k-M) and I 100% agree with him, answered to your question. Microservice scope should be one or maybe more Bounded Context(s). Including its supporting classes for persistence, REST/HTTP API, etc.
As I understood, the microservice is deployment wrapper over Bounded Context, with adding the isolation, scaling and resilient aspects.
As you wrote, you didn't apply Strategic Design to define bounded context. So its time to check, before tearing the app to parts.

What is the best way to implement SSO for ASP.NET Web Apps with Active Directory?

My organisation has several web facing ASP.NET Web Forms Apps. They currently use Windows Authentication with impersonation enabled. The web apps are hosted internally but are exposed publicly via different domains e.g. www.abc.com & www.xyz.org.
A new requirement, is that a single log on page will be provided for all users of these apps to log in via.
Some of the solutions proposed are:
Implement an OpenId Provider backed by Active Directory (DotNetOpenAuth), modify existing apps to become relying parties of this OP.
Implement SSO through MS Forefront Threat Management Gateway.
I don't have experience with either of these. Are the proposed solutions feasible? What are the pros and cons of each? Are there other solutions that might be more appropriate?
OpenId Provider is a fairly good idea. It will be an easier route and there are some good details around the web.
You may also want to look into Active Directory Federation Services.
http://msdn.microsoft.com/en-us/library/bb897402.aspx
It is not uncommon for businesses moving to hosted solutions look to implement federated services and this is something Microsoft anticipated when setting up and creating Azure - to be corporate friendly.
They have put together a comprehensive guide here, which while not directly related to your question, does have extensive details about the technology behind federated services.
http://msdn.microsoft.com/en-us/library/windowsazure/hh127796.aspx
For more thoughts and information on, specifically the pros and cons, take a look at these articles which answer it in more depth:
http://technet.microsoft.com/en-us/magazine/ff721824.aspx
http://windowsitpro.com/active-directory/ease-cloud-security-concerns-federated-identity
http://www.csoonline.com/article/221034/the-truth-about-federated-identity-management
Some DotNetOpenAuth thoughts:
http://www.codeproject.com/Articles/325228/Choosing-technologies-for-NET-project
http://social.msdn.microsoft.com/Forums/en-US/windowsazuresecurity/thread/7a1c4e0c-346c-4008-9e5c-87ba1273b2aa/
Finally, we have personally gone with OpenAuth for one of my teams solutions. The implementation was fairly painless once we took time to really understand the RFCs (which was no easy feet, but worth taking the time to do). There are also a ton of resources on the web to get a hang of the implementation.

Strategies for providing locally (intranet) hosted MVC ASP.NET website

platform: ASP.NET 4.5, MVC 4, C#
I'm currently designing a website that's available on the public domain. However, there is a meaningful % of my target market that would be uncomfortable putting some information on a public site, even if it's https etc.
What I'd like to be able to do is allow corporate users use my site, and one way to do that is to allow them to host my website on their intranet. The usual disadvantages are, of course, that they don't get their site updated as fast as the public one would, and it's also a headache for me in terms of support.
My questions are
What are some strategies to make "corporate friendly" deployments easy and hassle-free?
Are there ways I could keep the site public with just the database inside the intranet (can't see how... but then I'm no techno-know-all)
If I have no choice but to make it locally hosted - then what's the best way to do it to keep my development/support overheads at a minimum?
I hope the mods don't lock this. I'm asking for specific methods and technical approaches to a very real problem.
Thank you,
For #1, there's a many facets to the question. A couple thoughts that might help you think it out:
Deploying your app: Make it simple to deploy, and to upgrade, between versions of your application. Try to make it happen as a single operation, not upgrading different parts by hand manually. As Darin Dimitrov mentioned, you could look into a technology like Web Deployment Packages, especially with Visual Studio 2012 which will have incremental database publishing (in VS2010, the database was non-incremental so there wasn't really an "update" story). Keep the cost of deployment down so that they can afford to upgrade more frequently (not the cost of your product, but the overhead of who's getting paid to keep the system updated and running).
Consider differences between running on the Internet and on an Intranet: For example, authentication on the Internet is usually done with forms based authentication. On an intranet, you may want to consider supporting Windows authentication for a seamless login experience for corporate users. This should impact your designs to allow authentication to be modular between your deployments.
Corporate adoption of newer technologies might be slower than you want: You're using the latest and greatest (ASP.NET 4.5/MVC4). Some companies might not be prepared to deploy this now, or for a couple years. Consider if you could use an older, established technology, such as .NET 4 - having been out for a few years, it's already somewhat proven and has adoption.
For your 2nd question, it comes down to what their IT is willing to accommodate. Many corporate sites have the database within a secured LAN, but the web server is accessible from the public Internet. It's certainly a well-understood network design, but depending on the assets involved in your application, your customers may or may not agree to it. This one's a business decision.
For #3 the answer is common to any long term software project. It has to be high quality and maintainable if you want to minimize the hassle.
If you're only going to support the last N versions, make that very clear. Avoid supporting code that you're already fixed long in the past. Consider providing extra support or affordable upgrades to keep your customers on newer (and hopefully better) releases.
Keep in mind what components need to be upgraded between versions. Your web app (obviously), but also your database schema and any dependencies or libraries you're using. This is mostly the same considerations as #1. Make sure you have a good plan for upgrades and rollbacks.
Most importantly, test, test, test. Have functional regression tests and install/upgrade tests, and try out as many possibilities as you can think of.
Answer to only 1) above.
I would recommend a continuous integration tool. We use TeamCity and deploy mvc3 and mvc4 applications to our public as well as privately hosted sites with a click of a button. Previously, we used cruise control, but now we are more satisfied with TeamCity. Read up on them. Might lead you in the right direction.
You may checkout Visual Studio's Web Deployment Packages. They allow you to prepare a package that could directly be installed on your client's web servers.

ASP.NET Cloud application Vs Ordinary ASP.NET

I was reading this article Build Your First Cloud Application Using Visual Studio 2010 when It hit me:
Why would I switch from my normal
hosting (shared account, VPS, or
whatever) to host it on cloud
servers ?
Do I have to build my website with
ASP.NET Cloud Application to be able
to host it with any cloud providing
service company ?
How can I edit my ASP.NET Web
Application to be an ASP.NET Cloud
Application ?
Those are the questions I thought would help to gather a full picture about this new technology and it's own application template! but please feel free to add more points to consider in the answers.
Edit
so beside the difference in implementing a website between Azure and other cloud server
is there is a performance difference or any other differences between Azure and the other cloud servers ?
I didn't quite get what you meant by "bringing your app on site with your own staff may become more economical"
the Azure pricing are high and requires a whole new dedicated project to work with it restrictions. so both the hosting and the development are costy
I hope if there's any article about the good cloud hosting out there and perhaps any articles about the user experience (a legitimate review and maybe yours if you have any)
First, I believe "cloud" in the context of the blog article you read should really be more granularly defined as Azure. There are several cloud solution offerings and Azure is only one although it is gaining immense popularity in the MS community space. The Azure cloud is fairly unique compared to products like Amazon's cloud in that it requires applications that use it to comply to a specific set of APIs. To build an application for azure requires you to embrace certain architectural principles from the beginning and to build your app using its web and worker roles. To "fit in" to these roles, your app must be built within a special VS project that references the Azure SDK.
If you were to use another cloud solution like Amazon, it is more similar to firing up a VM or group of VMs that can host your app as is without the constraints of specific APIs. You simplu would fire up a windows server instance, install what you need on it like any other server you would use in a hosted or or leased data center environment.
I am not implying that the azure solution is flawed or overly restrictive. Rather, I think it supports some architectural constraints that will allow you to "fall into the pit of success." However, it may be difficult to effortlessly migrate many brown field apps to azure without making significant changes.
As far as why host a application in the cloud as opposed to a normal hosted environment. It really depends on your app, your business/budget constraints and your traffic level. For many small, hobby sites, you may be better off keeping your app on a traditional hosted environment. For larger scale apps, the cloud begins to make more sense. The cloud is really supporting a "pay per use" model. If you need to have the ability to scale out quickly without the funds or the ability to wait on a purchase of lots of additional hardware, the cloud is a good option. Cloud providers have deep pockets and plenty of server resources and bandwidth to send your way at a moments notice that you can rent instead of buy.
Also, because cloud providers are large and typically highly reputable, they can afford to hire expert staff and follow best practices that you may not be able to afford on your own. They can and will handle a lot of the day to day ops administration enabling you as a developer to not have to think of things like security and redundancy.
So as I see it, cloud solutions are ideal for apps that are beginning to see a fair amount of traffic, need guaranteed up time, and do not want to pay or bother themselves with their own admin staff, server purchasing and data center management. I think they are not practical for many small hobby sites and once you become really big, bringing your app on site with your own staff may become more economical.
That all said. it has become "cool" in the .net space for any site to run on azure. I'll admit that some of the architectural models are interesting and seem fun to work with. However, if you take a close look at the pricing model, you may find you are better off with your hosted plan.
Moving your .NET application to a cloud or hybrid infrastructure allows you to start evolving to a Microservices Architecture, with the ability to phase in Containers and a Serverless architecture.
You mentioned that Azure costs are high and maybe cumbersome in your situation.
Maybe consider other popular cloud providers like AWS. They have a ton of vendors and services all readily available to help make the adoption easy, in fact over 57% of Windows workloads currently run on AWS.
Here is an eBook we recently published about this exact topic.

Resources