On Wed, 15 Jul 2020, 10:02 David Yahalomi, <da...@articode.co> wrote:
> Hey Jubha and Awasum! > > We've created FaaS (Fineract as a service) <https://faas.articode.co/> > and part of that was automating the creation of new tenants. Our service is > public and meant for development purposes so the API to create new tenants > did not include any security considerations. > That being said, the front end site does not send requests directly to > Fineract but rather goes through an AWS lambda function (that could > potentially check for permissions/credits and whatnot) and it handles > calling Fineract. > > We have created a system user on the "default" tenant and it is used to > authenticate against this new "create tenant" API. > We would love to contribute this process if we could figure out a way to > deliver that functionality without too many moving parts. ideally, the > current Fineract server should handle the whole process on its own. > The crux I think is that creating an additional DB for a new Tenant is somewhat dependent on the details of the actual deployment... How do you create a new Tenant DB? Just SQL "create database newtenant;", OR using an API of a managed database by your favorite Cloud provider? (E.g. https://www.fineract.dev uses https://cloud.google.com/sql, but YMMV, fair enough.) But anyone motivated to do this sure could still make a start with contributing a Pull Request that adds a new Tenant Management Java Resource class eyc. for API which, for now, does the SQL (and that could later be extended for specific managed DBs in cloud). Go for it! Another consideration is scaling of such a setup. At the moment, Fineract > handles each tenant with it's own DB connection. That means that many > resources are allocated at the booting stage of Fineract server but > potentially never used (on less active tenants). This is something that we > should potentially figure out before offering production-grade deployment > of Fineract as a service. > I'm not sure I understand what exactly you mean here (just set the connection pool configuration appropriately, no?), but Pull Requests with any suggested Improvements to connection handling are always welcome, of course. Best, > > David Yahalomi > Co-Founder > > Rothschild Blvd 3, Tel Aviv-Yafo, Israel > mobile: + 972 52 817 9787 > email: da...@articode.co > <https://articode.co> > > ᐧ > > On Wed, Jul 15, 2020 at 10:27 AM jubha mayala <basston...@gmail.com> > wrote: > >> Hi All, I do not remember the name, but some guys from Israel have done >> this kind of thing. And they shared here the demo for people to have a look >> and test. anybody remembers this please point out their name. >> >> On Wed, Jul 8, 2020 at 7:08 PM Saransh Sharma <sara...@muellners.org> >> wrote: >> >>> Definitely, this could be a bonus if we could do the same for fineract >>> cn. >>> >>> Some thoughts, >>> >>> Super user can only or special right with 2fa API access. >>> >>> No delete option >>> >>> We can use db to be loaded as a service where , flyway migration happens >>> real time. >>> >>> Let me know what you think >>> >>> >>> >>> On Wed, 8 Jul 2020, 19:25 Awasum Yannick, <awa...@apache.org> wrote: >>> >>>> Hi All, >>>> >>>> I think it will be a good idea to automate the process of creating and >>>> managing new tenants (DBs) on Fineract 1.x. At the moment, this is done via >>>> manual process and scripts as seen here: >>>> https://mifosforge.jira.com/wiki/spaces/docs/pages/187498786/How+to+Setup+New+Trail+Instance >>>> >>>> Will it be a good idea to automate this process so that each new tenant >>>> is created using say, an API endpoint? Maybe this endpoint will need to be >>>> protected (secure) so that not anyone can create a new tenant? How do we >>>> secure this process? >>>> >>>> >>>> Any thoughts? Are there people who have done things like this before? >>>> and might want to contribute back? >>>> >>>> I created an issue for this: >>>> https://issues.apache.org/jira/browse/FINERACT-1081 >>>> >>>> >>>> Thanks. >>>> Awasum >>>> >>> Mifos-developer mailing list >>> mifos-develo...@lists.sourceforge.net >>> Unsubscribe or change settings at: >>> https://lists.sourceforge.net/lists/listinfo/mifos-developer >> >>
