Re: [Architecture] Social features for WOS2 products : commenting system
Hi Manu, One question regarding the Comment on Comment use case. How deep of a nesting are you planning to support? Multiple levles (as in CodeProject) or just a single level below the initial comment? On Sun, Jul 28, 2013 at 12:00 AM, Manuranga Perera m...@wso2.com wrote: As the first step of implementing social features for WOS2 products we are planning to implement a commenting system. It will be integrated to store first and subsequently to the AF. Italicized terms are used in the meaning as it’s defined by the Activity Stream specification [0]. A PoC will be done based on the architecture described below, and we shall re-review this architecture after that. * Implementation details* - Each input will be an activity including comments and ratings. this will be extendible to receive activities form the host application (i.e. WSO2 ES/AF) as well as from third party systems (such as JIRA). - Cassandra will be used as the database. this will allow us to plug-in BAM and CEP for analyzing and event generation later-on. we will reuse the BAM’s Event Stream architecture to store data. but we will try to retrieve data (at least most of it) directly via CQL interface rather than going through HIVE to avoid update delays. - UI will be a separate Jaggery app, and it will be integrated to the host application UI via a HTML IFrame. UI will be SSOed with the host application. - Permission will be handled using existing carbon user role system. we plan to be aligned with AF’s future model, since we should be able to use AF’s team concept.To do this, we define a UI-visible sub set of user’s roles. each action of the user will be published against one of these roles. any action published to a role will be visible to all the users in that role. - A REST API will be available for publishing activities to roles. * Use-cases to be implemented in first release (with Store 1.0 and AF APasS) * - View - View commnet stream for an object. an object can be a Store asset, API, AF application, etc. - View my activity stream - this will show all activities that are visible for me including relevant comments. - Comment - Comment on an object - Comment on comments - Rate - Rate objects - Rate comments * Possible future use-cases* - Real time updating the UI when events occur - Extend the same back-end to a forum - Integrate with a platform wide friend/circles concept [0] http://activitystrea.ms/specs/json/1.0/ -- With regards, *Manu*ranga Perera. ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- -- *Sameera Perera* Senior Manager, Cloud Technology Group gtalk: samee...@wso2.com *WSO2, Inc.* http://wso2.com/ lean.enterprise.middleware ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Re: [Architecture] Social features for WOS2 products : commenting system
at code level we are planing to support multiple levels because it will be useful in the feature to extend it to a more forum like look. but the host application will be able to pass a parameter to limit it to single level. For store use case we are having single (or double , haven’t finalized yet) level commenting. On Mon, Jul 29, 2013 at 8:39 AM, Sameera Perera samee...@wso2.com wrote: Hi Manu, One question regarding the Comment on Comment use case. How deep of a nesting are you planning to support? Multiple levles (as in CodeProject) or just a single level below the initial comment? On Sun, Jul 28, 2013 at 12:00 AM, Manuranga Perera m...@wso2.com wrote: As the first step of implementing social features for WOS2 products we are planning to implement a commenting system. It will be integrated to store first and subsequently to the AF. Italicized terms are used in the meaning as it’s defined by the Activity Stream specification [0]. A PoC will be done based on the architecture described below, and we shall re-review this architecture after that. * Implementation details* - Each input will be an activity including comments and ratings. this will be extendible to receive activities form the host application (i.e. WSO2 ES/AF) as well as from third party systems (such as JIRA). - Cassandra will be used as the database. this will allow us to plug-in BAM and CEP for analyzing and event generation later-on. we will reuse the BAM’s Event Stream architecture to store data. but we will try to retrieve data (at least most of it) directly via CQL interface rather than going through HIVE to avoid update delays. - UI will be a separate Jaggery app, and it will be integrated to the host application UI via a HTML IFrame. UI will be SSOed with the host application. - Permission will be handled using existing carbon user role system. we plan to be aligned with AF’s future model, since we should be able to use AF’s team concept.To do this, we define a UI-visible sub set of user’s roles. each action of the user will be published against one of these roles. any action published to a role will be visible to all the users in that role. - A REST API will be available for publishing activities to roles. * Use-cases to be implemented in first release (with Store 1.0 and AF APasS) * - View - View commnet stream for an object. an object can be a Store asset, API, AF application, etc. - View my activity stream - this will show all activities that are visible for me including relevant comments. - Comment - Comment on an object - Comment on comments - Rate - Rate objects - Rate comments * Possible future use-cases* - Real time updating the UI when events occur - Extend the same back-end to a forum - Integrate with a platform wide friend/circles concept [0] http://activitystrea.ms/specs/json/1.0/ -- With regards, *Manu*ranga Perera. ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- -- *Sameera Perera* Senior Manager, Cloud Technology Group gtalk: samee...@wso2.com *WSO2, Inc.* http://wso2.com/ lean.enterprise.middleware ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- With regards, *Manu*ranga Perera. ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Re: [Architecture] [AppFactory][aPaaS] Tenant isolation in Git
So, on a related note, our GIT based deployment synchronization can utilize this feature? On Mon, Jul 29, 2013 at 6:15 AM, Asanka Dissanayake asan...@wso2.comwrote: Hi All, Milestone 1 goals for tenant isolation in git achieved successfully. But not fully integrated with the application creation process. Now, when a user belongs to a tenant creates and repository, it is created in the tenant space. Filtering applications for a user is done by the existing plugin ,so there is no need to change it. cheers!! On Fri, Jul 19, 2013 at 2:12 PM, Asanka Dissanayake asan...@wso2.comwrote: Hi All, I tried the $subject with gitblit 1.3.0 . It works fine. *What have been done so far?* There is a service called *TenantRepoCreation* service.which is a super tenant service. It creates the tenant space it gitblit for the tenant. Thereafter every repository created for the tenant will be created in the tenant space allocated for the tenant in gitblit . As Ajanthan mentioned , we can map tenant to ProjectModel in the gitblit api. *What next?* 1. Modify the appfactory plugin to support projectmodels. 2. Filter out and view repositories for the user inside the tenant . 3. Permission module. On Mon, Jul 15, 2013 at 5:07 PM, Asanka Dissanayake asan...@wso2.comwrote: Thanks Ajanthan, that will be quite useful will look into this. On Mon, Jul 15, 2013 at 4:52 PM, Ajanthan Balachandran ajant...@wso2.com wrote: There is another option also.You can use gitblit ProjectModel[0].This is the perfect map for tenants. On Mon, Jul 15, 2013 at 4:39 PM, Asanka Dissanayake asan...@wso2.comwrote: Yes, that can be done using a permission plugin. Will list out the security concerns soon. On Mon, Jul 15, 2013 at 4:10 PM, Paul Fremantle p...@wso2.com wrote: Can we apply security based on this scheme easily? I don't know how Git security works... Paul On 15 July 2013 11:32, Asanka Dissanayake asan...@wso2.com wrote: Hi All, I am working on the $subject and here is the my point of view of achieving the $subject. Simply we can group repositories in the Git using repo creation url as host/tenantName/repo.git So it will create a subfolder with name tenantName and create repo.git inside it. So that folder will act as a tenant space.All git repositories of the tenant can be found in that folder. (I tested this in local setup) -- *Asanka Dissanayake Software Engineer* *WSO2 Inc. - lean . enterprise . middleware | wso2.com* * email: asan...@wso2.com ruch...@wso2.com, blog: cyberwaadiya.blogspot.com, asankastechtalks.wordpress.com mobile: +94 71 8373821* ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- Paul Fremantle CTO and Co-Founder, WSO2 OASIS WS-RX TC Co-chair, Apache Member UK: +44 207 096 0336 US: +1 646 595 7614 blog: http://pzf.fremantle.org twitter.com/pzfreo p...@wso2.com wso2.com Lean Enterprise Middleware Disclaimer: This communication may contain privileged or other confidential information and is intended exclusively for the addressee/s. If you are not the intended recipient/s, or believe that you may have received this communication in error, please reply to the sender indicating that fact and delete the copy you received and in addition, you should not print, copy, retransmit, disseminate, or otherwise use the information contained in this communication. Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions. ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- *Asanka Dissanayake Software Engineer* *WSO2 Inc. - lean . enterprise . middleware | wso2.com* * email: asan...@wso2.com ruch...@wso2.com, blog: cyberwaadiya.blogspot.com, asankastechtalks.wordpress.com mobile: +94 71 8373821* ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture [0] https://github.com/gitblit/gitblit/blob/master/src/main/java/com/gitblit/models/ProjectModel.java -- ajanthan -- Ajanthan Balachandiran Senior Software Engineer; Solutions Technologies Team ;WSO2, Inc.; http://wso2.com/ email: ajanthan http://goog_595075977@wso2.com; cell: +94775581497 blog: http://bkayts.blogspot.com/ Lean . Enterprise . Middleware ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- *Asanka Dissanayake Software Engineer* *WSO2 Inc. - lean . enterprise . middleware | wso2.com* * email: asan...@wso2.com ruch...@wso2.com, blog: cyberwaadiya.blogspot.com, asankastechtalks.wordpress.com
Re: [Architecture] [AppFactory][aPaaS] Tenant isolation in Git
On Mon, Jul 29, 2013 at 10:15 AM, Nirmal Fernando nir...@wso2.com wrote: So, on a related note, our GIT based deployment synchronization can utilize this feature? I'm not familiar with all the details of this implementation, however the carbon deployment synchronization should work regardless of tenant isolation is available or not since it just expects a git repo for a tenant. On Mon, Jul 29, 2013 at 6:15 AM, Asanka Dissanayake asan...@wso2.comwrote: Hi All, Milestone 1 goals for tenant isolation in git achieved successfully. But not fully integrated with the application creation process. Now, when a user belongs to a tenant creates and repository, it is created in the tenant space. Filtering applications for a user is done by the existing plugin ,so there is no need to change it. cheers!! On Fri, Jul 19, 2013 at 2:12 PM, Asanka Dissanayake asan...@wso2.comwrote: Hi All, I tried the $subject with gitblit 1.3.0 . It works fine. *What have been done so far?* There is a service called *TenantRepoCreation* service.which is a super tenant service. It creates the tenant space it gitblit for the tenant. Thereafter every repository created for the tenant will be created in the tenant space allocated for the tenant in gitblit . As Ajanthan mentioned , we can map tenant to ProjectModel in the gitblit api. *What next?* 1. Modify the appfactory plugin to support projectmodels. 2. Filter out and view repositories for the user inside the tenant . 3. Permission module. On Mon, Jul 15, 2013 at 5:07 PM, Asanka Dissanayake asan...@wso2.comwrote: Thanks Ajanthan, that will be quite useful will look into this. On Mon, Jul 15, 2013 at 4:52 PM, Ajanthan Balachandran ajant...@wso2.com wrote: There is another option also.You can use gitblit ProjectModel[0].This is the perfect map for tenants. On Mon, Jul 15, 2013 at 4:39 PM, Asanka Dissanayake asan...@wso2.comwrote: Yes, that can be done using a permission plugin. Will list out the security concerns soon. On Mon, Jul 15, 2013 at 4:10 PM, Paul Fremantle p...@wso2.comwrote: Can we apply security based on this scheme easily? I don't know how Git security works... Paul On 15 July 2013 11:32, Asanka Dissanayake asan...@wso2.com wrote: Hi All, I am working on the $subject and here is the my point of view of achieving the $subject. Simply we can group repositories in the Git using repo creation url as host/tenantName/repo.git So it will create a subfolder with name tenantName and create repo.git inside it. So that folder will act as a tenant space.All git repositories of the tenant can be found in that folder. (I tested this in local setup) -- *Asanka Dissanayake Software Engineer* *WSO2 Inc. - lean . enterprise . middleware | wso2.com* * email: asan...@wso2.com ruch...@wso2.com, blog: cyberwaadiya.blogspot.com, asankastechtalks.wordpress.com mobile: +94 71 8373821* ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- Paul Fremantle CTO and Co-Founder, WSO2 OASIS WS-RX TC Co-chair, Apache Member UK: +44 207 096 0336 US: +1 646 595 7614 blog: http://pzf.fremantle.org twitter.com/pzfreo p...@wso2.com wso2.com Lean Enterprise Middleware Disclaimer: This communication may contain privileged or other confidential information and is intended exclusively for the addressee/s. If you are not the intended recipient/s, or believe that you may have received this communication in error, please reply to the sender indicating that fact and delete the copy you received and in addition, you should not print, copy, retransmit, disseminate, or otherwise use the information contained in this communication. Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions. ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- *Asanka Dissanayake Software Engineer* *WSO2 Inc. - lean . enterprise . middleware | wso2.com* * email: asan...@wso2.com ruch...@wso2.com, blog: cyberwaadiya.blogspot.com, asankastechtalks.wordpress.com mobile: +94 71 8373821* ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture [0] https://github.com/gitblit/gitblit/blob/master/src/main/java/com/gitblit/models/ProjectModel.java -- ajanthan -- Ajanthan Balachandiran Senior Software Engineer; Solutions Technologies Team ;WSO2, Inc.; http://wso2.com/ email: ajanthan http://goog_595075977@wso2.com; cell: +94775581497 blog: http://bkayts.blogspot.com/ Lean . Enterprise . Middleware ___ Architecture mailing list
Re: [Architecture] [Appfactory] Tenant Isolation in Jenkins
Hi Shamika, On Wed, Jul 24, 2013 at 5:20 PM, Ajanthan Balachandran ajant...@wso2.comwrote: On Wed, Jul 24, 2013 at 4:34 PM, Shamika Ariyawansa sham...@wso2.comwrote: HI, As we discussed so fa,r we tried/trying following approaches for the $subject. 1. Deploying Jenkins web app in AS per tenant. - Solution was not scalable due to the size of the Jenkins Web-app (61MB - without plugins) and its not practicable to deploy this as the tenant count gets increased. If the content of the war duplicated for tenants you can put the common libs into $CARBON_HOME/repository/components/lib(in parent classloader) and make minimal war file that contains tenant specific stuffs. How will this handle the load of a build job? Say that each of these Jenkins server instances can run a number of build jobs(more than 1 build per tenant). How can we handle the concurrent build load? 2. Use one Jenkins server and make it possible to make it multi-tenant by introducing a role-based plugin (an extension to Role-Strategy Plugin). Here all the tenants related jobs are stored in one space (no operation between tenant) and the multi-tenancy is achieved by having a filtering mechanism based on the logged users tenant. Problem here is everything will be done in one workspace so it will be difficult to manage when the the tenant count gets increased with the job count. Jenkins has lots of extension points. Can we have a concept of folders/collections in Jenkins jobs? If so we can group jobs by tenant. This could be done as a part of the Role-Strategy plugin. 3. Patch the Jenkins to set the JENKINS_HOME directory on the fly so that separate HOME directory will be used for the different tenants. By looking at the Jenkins code we found that the Jenkins Home is set to a singleton class (jenkins.model.Jenkins) and the whole system uses that class to obtain JENKINS HOME. As a solution we can update this class to return JENKINS_HOME based on logged users tenant. Main risk for this is that in the in above class has a public variable to store the JENKINS_HOME (variable - root). Also there is also an encapsulated method to get this too.( getRootDir() ). We are not sure the how the other plugins have referred this. I am trying to do an hard-coded test whether this works or not? This will not work unless you reload all the configurations from disk after returning the JENKINS_HOME.In jenkins on start up all the config files are loaded from disk(job configs also).We change JENKINS_HOME at the middle but still in the memory there are configs(job configs) from previous JENKINS_HOME. We should be able to work with an existing Jenkins deployment without doing any modifications to the code. If this can be done through a plugin, then I guess it is fine. Otherwise I'm -1 for this. Thanks, Janaka WDYT? -- Shamika Ariyawansa Senior Software Engineer Mob:+ 94 772929486 -- ajanthan -- Ajanthan Balachandiran Senior Software Engineer; Solutions Technologies Team ;WSO2, Inc.; http://wso2.com/ email: ajanthan http://goog_595075977@wso2.com; cell: +94775581497 blog: http://bkayts.blogspot.com/ Lean . Enterprise . Middleware ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- *Janaka Ranabahu* Senior Software Engineer; WSO2 Inc.; http://wso2.com* E-mail: jan...@wso2.com **M: **+94 718370861** *Lean . Enterprise . Middleware ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Re: [Architecture] [Appfactory] Tenant Isolation in Jenkins
*Harsha Thirimanna* Senior Software Engineer; WSO2, Inc.; http://wso2.com * http://www.apache.org/** email: **hars...@wso2.com* az...@wso2.com* cell: +94 71 5186770** twitter: **http://twitter.com/ http://twitter.com/afkham_azeez** harshathirimann linked-in: **http: http://lk.linkedin.com/in/afkhamazeez**// www.linkedin.com/pub/harsha-thirimanna/10/ab8/122* * * *Lean . Enterprise . Middleware* * * On Mon, Jul 29, 2013 at 1:07 AM, Janaka Ranabahu jan...@wso2.com wrote: Hi Shamika, On Wed, Jul 24, 2013 at 5:20 PM, Ajanthan Balachandran ajant...@wso2.comwrote: On Wed, Jul 24, 2013 at 4:34 PM, Shamika Ariyawansa sham...@wso2.comwrote: HI, As we discussed so fa,r we tried/trying following approaches for the $subject. 1. Deploying Jenkins web app in AS per tenant. - Solution was not scalable due to the size of the Jenkins Web-app (61MB - without plugins) and its not practicable to deploy this as the tenant count gets increased. If the content of the war duplicated for tenants you can put the common libs into $CARBON_HOME/repository/components/lib(in parent classloader) and make minimal war file that contains tenant specific stuffs. How will this handle the load of a build job? Say that each of these Jenkins server instances can run a number of build jobs(more than 1 build per tenant). How can we handle the concurrent build load? As ajanthan said , if we can deploy jenkins instance for every tenant then we can maintain multiple slave node to every master node to handle the load. This point was mentioned that with previous email thread by ajanthan. Subject : [Architecture] [Appfactory] Tenant Isolation for Jenkins. 2. Use one Jenkins server and make it possible to make it multi-tenant by introducing a role-based plugin (an extension to Role-Strategy Plugin). Here all the tenants related jobs are stored in one space (no operation between tenant) and the multi-tenancy is achieved by having a filtering mechanism based on the logged users tenant. Problem here is everything will be done in one workspace so it will be difficult to manage when the the tenant count gets increased with the job count. Jenkins has lots of extension points. Can we have a concept of folders/collections in Jenkins jobs? If so we can group jobs by tenant. This could be done as a part of the Role-Strategy plugin. 3. Patch the Jenkins to set the JENKINS_HOME directory on the fly so that separate HOME directory will be used for the different tenants. By looking at the Jenkins code we found that the Jenkins Home is set to a singleton class (jenkins.model.Jenkins) and the whole system uses that class to obtain JENKINS HOME. As a solution we can update this class to return JENKINS_HOME based on logged users tenant. Main risk for this is that in the in above class has a public variable to store the JENKINS_HOME (variable - root). Also there is also an encapsulated method to get this too.( getRootDir() ). We are not sure the how the other plugins have referred this. I am trying to do an hard-coded test whether this works or not? This will not work unless you reload all the configurations from disk after returning the JENKINS_HOME.In jenkins on start up all the config files are loaded from disk(job configs also).We change JENKINS_HOME at the middle but still in the memory there are configs(job configs) from previous JENKINS_HOME. We should be able to work with an existing Jenkins deployment without doing any modifications to the code. If this can be done through a plugin, then I guess it is fine. Otherwise I'm -1 for this. Thanks, Janaka WDYT? -- Shamika Ariyawansa Senior Software Engineer Mob:+ 94 772929486 -- ajanthan -- Ajanthan Balachandiran Senior Software Engineer; Solutions Technologies Team ;WSO2, Inc.; http://wso2.com/ email: ajanthan http://goog_595075977@wso2.com; cell: +94775581497 blog: http://bkayts.blogspot.com/ Lean . Enterprise . Middleware ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- *Janaka Ranabahu* Senior Software Engineer; WSO2 Inc.; http://wso2.com* E-mail: jan...@wso2.com **M: **+94 718370861* * *Lean . Enterprise . Middleware ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Re: [Architecture] [Appfactory] Tenant Isolation in Jenkins
Does that mean a build cloud or a build server per tenant? On Mon, Jul 29, 2013 at 10:53 AM, Harsha Thirimanna hars...@wso2.comwrote: *Harsha Thirimanna* Senior Software Engineer; WSO2, Inc.; http://wso2.com * http://www.apache.org/** email: **hars...@wso2.com* az...@wso2.com* cell: +94 71 5186770** twitter: **http://twitter.com/ http://twitter.com/afkham_azeez** harshathirimann linked-in: **http: http://lk.linkedin.com/in/afkhamazeez**// www.linkedin.com/pub/harsha-thirimanna/10/ab8/122* * * *Lean . Enterprise . Middleware* * * On Mon, Jul 29, 2013 at 1:07 AM, Janaka Ranabahu jan...@wso2.com wrote: Hi Shamika, On Wed, Jul 24, 2013 at 5:20 PM, Ajanthan Balachandran ajant...@wso2.com wrote: On Wed, Jul 24, 2013 at 4:34 PM, Shamika Ariyawansa sham...@wso2.comwrote: HI, As we discussed so fa,r we tried/trying following approaches for the $subject. 1. Deploying Jenkins web app in AS per tenant. - Solution was not scalable due to the size of the Jenkins Web-app (61MB - without plugins) and its not practicable to deploy this as the tenant count gets increased. If the content of the war duplicated for tenants you can put the common libs into $CARBON_HOME/repository/components/lib(in parent classloader) and make minimal war file that contains tenant specific stuffs. How will this handle the load of a build job? Say that each of these Jenkins server instances can run a number of build jobs(more than 1 build per tenant). How can we handle the concurrent build load? As ajanthan said , if we can deploy jenkins instance for every tenant then we can maintain multiple slave node to every master node to handle the load. This point was mentioned that with previous email thread by ajanthan. Subject : [Architecture] [Appfactory] Tenant Isolation for Jenkins. 2. Use one Jenkins server and make it possible to make it multi-tenant by introducing a role-based plugin (an extension to Role-Strategy Plugin). Here all the tenants related jobs are stored in one space (no operation between tenant) and the multi-tenancy is achieved by having a filtering mechanism based on the logged users tenant. Problem here is everything will be done in one workspace so it will be difficult to manage when the the tenant count gets increased with the job count. Jenkins has lots of extension points. Can we have a concept of folders/collections in Jenkins jobs? If so we can group jobs by tenant. This could be done as a part of the Role-Strategy plugin. 3. Patch the Jenkins to set the JENKINS_HOME directory on the fly so that separate HOME directory will be used for the different tenants. By looking at the Jenkins code we found that the Jenkins Home is set to a singleton class (jenkins.model.Jenkins) and the whole system uses that class to obtain JENKINS HOME. As a solution we can update this class to return JENKINS_HOME based on logged users tenant. Main risk for this is that in the in above class has a public variable to store the JENKINS_HOME (variable - root). Also there is also an encapsulated method to get this too.( getRootDir() ). We are not sure the how the other plugins have referred this. I am trying to do an hard-coded test whether this works or not? This will not work unless you reload all the configurations from disk after returning the JENKINS_HOME.In jenkins on start up all the config files are loaded from disk(job configs also).We change JENKINS_HOME at the middle but still in the memory there are configs(job configs) from previous JENKINS_HOME. We should be able to work with an existing Jenkins deployment without doing any modifications to the code. If this can be done through a plugin, then I guess it is fine. Otherwise I'm -1 for this. Thanks, Janaka WDYT? -- Shamika Ariyawansa Senior Software Engineer Mob:+ 94 772929486 -- ajanthan -- Ajanthan Balachandiran Senior Software Engineer; Solutions Technologies Team ;WSO2, Inc.; http://wso2.com/ email: ajanthan http://goog_595075977@wso2.com; cell: +94775581497 blog: http://bkayts.blogspot.com/ Lean . Enterprise . Middleware ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- *Janaka Ranabahu* Senior Software Engineer; WSO2 Inc.; http://wso2.com* E-mail: jan...@wso2.com **M: **+94 718370861* * *Lean . Enterprise . Middleware ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- Thanks, Samisa... Samisa Abeysinghe VP Engineering WSO2 Inc. http://wso2.com http://wso2.org ___ Architecture mailing list Architecture@wso2.org
Re: [Architecture] [Appfactory] Tenant Isolation in Jenkins
Hi, On Mon, Jul 29, 2013 at 10:53 AM, Harsha Thirimanna hars...@wso2.comwrote: *Harsha Thirimanna* Senior Software Engineer; WSO2, Inc.; http://wso2.com * http://www.apache.org/** email: **hars...@wso2.com* az...@wso2.com* cell: +94 71 5186770** twitter: **http://twitter.com/ http://twitter.com/afkham_azeez** harshathirimann linked-in: **http: http://lk.linkedin.com/in/afkhamazeez**// www.linkedin.com/pub/harsha-thirimanna/10/ab8/122* * * *Lean . Enterprise . Middleware* * * On Mon, Jul 29, 2013 at 1:07 AM, Janaka Ranabahu jan...@wso2.com wrote: Hi Shamika, On Wed, Jul 24, 2013 at 5:20 PM, Ajanthan Balachandran ajant...@wso2.com wrote: On Wed, Jul 24, 2013 at 4:34 PM, Shamika Ariyawansa sham...@wso2.comwrote: HI, As we discussed so fa,r we tried/trying following approaches for the $subject. 1. Deploying Jenkins web app in AS per tenant. - Solution was not scalable due to the size of the Jenkins Web-app (61MB - without plugins) and its not practicable to deploy this as the tenant count gets increased. If the content of the war duplicated for tenants you can put the common libs into $CARBON_HOME/repository/components/lib(in parent classloader) and make minimal war file that contains tenant specific stuffs. How will this handle the load of a build job? Say that each of these Jenkins server instances can run a number of build jobs(more than 1 build per tenant). How can we handle the concurrent build load? As ajanthan said , if we can deploy jenkins instance for every tenant then we can maintain multiple slave node to every master node to handle the load. This point was mentioned that with previous email thread by ajanthan. Does this means that we have multiple slave nodes that is been used by every master(of each tenant)? Or do we spawn a number of slaves for every tenant? Ideally what we need to do is to spawn a Jenkins slave on demand. Thanks, Janaka Subject : [Architecture] [Appfactory] Tenant Isolation for Jenkins. 2. Use one Jenkins server and make it possible to make it multi-tenant by introducing a role-based plugin (an extension to Role-Strategy Plugin). Here all the tenants related jobs are stored in one space (no operation between tenant) and the multi-tenancy is achieved by having a filtering mechanism based on the logged users tenant. Problem here is everything will be done in one workspace so it will be difficult to manage when the the tenant count gets increased with the job count. Jenkins has lots of extension points. Can we have a concept of folders/collections in Jenkins jobs? If so we can group jobs by tenant. This could be done as a part of the Role-Strategy plugin. 3. Patch the Jenkins to set the JENKINS_HOME directory on the fly so that separate HOME directory will be used for the different tenants. By looking at the Jenkins code we found that the Jenkins Home is set to a singleton class (jenkins.model.Jenkins) and the whole system uses that class to obtain JENKINS HOME. As a solution we can update this class to return JENKINS_HOME based on logged users tenant. Main risk for this is that in the in above class has a public variable to store the JENKINS_HOME (variable - root). Also there is also an encapsulated method to get this too.( getRootDir() ). We are not sure the how the other plugins have referred this. I am trying to do an hard-coded test whether this works or not? This will not work unless you reload all the configurations from disk after returning the JENKINS_HOME.In jenkins on start up all the config files are loaded from disk(job configs also).We change JENKINS_HOME at the middle but still in the memory there are configs(job configs) from previous JENKINS_HOME. We should be able to work with an existing Jenkins deployment without doing any modifications to the code. If this can be done through a plugin, then I guess it is fine. Otherwise I'm -1 for this. Thanks, Janaka WDYT? -- Shamika Ariyawansa Senior Software Engineer Mob:+ 94 772929486 -- ajanthan -- Ajanthan Balachandiran Senior Software Engineer; Solutions Technologies Team ;WSO2, Inc.; http://wso2.com/ email: ajanthan http://goog_595075977@wso2.com; cell: +94775581497 blog: http://bkayts.blogspot.com/ Lean . Enterprise . Middleware ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- *Janaka Ranabahu* Senior Software Engineer; WSO2 Inc.; http://wso2.com* E-mail: jan...@wso2.com **M: **+94 718370861* * *Lean . Enterprise . Middleware ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- *Janaka