We use Consul and we are willing to enforce that developers can alter it only using git2consul approach, to retain the history of property changes and maintain a backup.
In order to ensure that, we would like to make Consul Key-Value browser UI read-only. How could we achieve this?
Consul Web UI is an ember gui on-top of the Consul API, using the same methods as the tools using Consul. Therefore you should be able to configure the web UI using the ACL system to restrict use to READ only on scopes needed.
There is a Github Issue talking about this here: https://github.com/hashicorp/consul/issues/3399
Related
We're looking into how we could manage the configuration of several microservices (10 - 15 services) and fat client applications which are installed in equipment (several hundreds). The applications are being developed in Java (for what it's worth). The equipment doesn't always have a working connection to the network, so the configuration must also be cached locally.
We have been looking in to Spring Cloud Config and services such as Consul, Zookeeper and Etcd. We particularly like Consul as it comes with a lot of functionality out-of-the-box, not in the latest a user interface.
What we are still struggling with is how we should setup such a tool especially for the equipment configuration. We have four different types of equipment which can be running slightly different versions of their respective applications. These applications share some configuration settings, whereas other settings are specific to a version, an equipment type or even a single equipment.
It seems pretty easy to store the configuration for one version of a single type in a tool like Consul, but how could we structure the settings in Consul for the environment we have in such a way that it is still clear and understandable for service engineers who shouldn't be too familiar with all the intricacies of the application? Is Consul actually the right tool for this?
I'm uncertain if you want to simplify your configuration management that you can reuse anytime.
You might want to check out some popular Key-Value Management software such as Hashicorp Vault, AWS Secret Manager, Bitnami Sealed Secrets, and others.
Cheers!
At this url you can have a look at my project jut to have some context:
https://github.com/Deviad/clarity/tree/feature/hyperledger
Long story short I am building an open source framework for building Escrows that can take advantage of the latest PSD2 https://www.openbankingtracker.com/
It support Cryptocurrency payments and implements some sort of side chain in order to have a proof that a contract was signed.
Basically of all of the things that Istio does what I really need is the Authentication Policy using JWT.
This in order to avoid writing this part in every microservice that I am creating.
Of course the gateway is also something important.
The main issue is that I have no idea while I am developing using my IDE (Intellij IDEA) what I can do in order to avoid having to stop, rebuild and start containers every single time I need to rebuild since once I use Istio, I will need to use Istio also in development, otherwise I would have to write some dummy services that fake the authorization from istio when I want to check if a certain user has the permissions to access a resource.
What possibilities I have to have a lean workflow with Istio and eventually what alternatives to Istio do I have?
As for the workflow part of my question, I have found a possible solution:
https://garden.io
There is a nice workshop available here:
https://www.youtube.com/watch?v=Xfi9XqcZ76M
I'm using Spring-Insight and Pivotal tc server to deploy and monitor two Spring applications but I have to create some alerts in case of threshold violation. Do you know if this is possible to make this alerting system without creating a customized plugin? I just can't find anything in the documentation.
Finally, I didn't find any solution to my problem but I think this is possible with a customized plugin. I personally chose another option : monitor my application with Dynatrace even if Dynatrace isn't free.
Can anyone tell me that if I use Session(inside an ASP.NET MVC 3 application) in Windows Azure environment with multiple instances(means multiple virtual machines), then it work without any configuration or I need to use ASP.NET Universal Providers or I need to handle this manually by using AppFabric?
You can't use in-process session state, but must use a shared session state provider.
The only supported session state model is to use Azure Cache, but you can use a provider that works with either Azure Storage or SQL Azure.
UPDATE:
I wrote some articles on my blog which go into using SQL Azure for session state with Entity Framework Code First. Hopefully, you'll find useful pointers there, even if you're not using Entity Framework.
Something to bear in mind using the standard SQL Server Session State Provider is that it doesn't have the retry logic which is considered good practice when working with SQL Azure.
This discussion on ASP.NET MVC providers may help you:
http://azureproviders.codeplex.com/discussions/276053
, also, look here for how to implement a session provider using Azure AppFabric Caching:
http://weblogs.asp.net/shijuvarghese/archive/2011/05/04/using-windows-azure-appfabric-caching.aspx
"...Without any configuration..."
As Steve Morgan mentioned, The Azure AppFabric Cache provides a supported mechanism for caching. The cache itself is independent from your compute instances. In fact, a single cache could be accessed by multiple applications, if you wanted to use it in such a way.
Regarding configuration, you'll have to modify web.config, as the AppFabric Cache has a custom cache provider. The web.config snippet itself is auto-generated for you via the portal; it's as easy as copy-n-paste.
You can find out more info on caching, including sizes and pricing, here.
We are looking at a standard way of configuring the various "endpoints" of our application. Our application is a distributed system with Windows Desktop applications, Windows Server "services" and databases.
We currently configure each piece using XML files. This is getting a little out of hands as we work with larger customers who can have dozens of Servers running our application and hundreds of desktop clients.
Can anyone recommend a Microsoft technology or a third party that would allow us to centralize all that configuration information and manage it in a one place for all our applications? Any changes would be "pushed" to the endpoint(s) that are interested.
For example, if we were to change the login for one of our database, we would make that change on the database, then reflect that change in our centralized system. Following that last step, any service that needs to connect to the database would be notified of the change (and potentially receive the new data). How and what each endpoint does with that information is outside the scope of the system.
Our primary business is not "Centralized Configuration Services". We are a GIS company that provides solutions for various utilities worldwide.
I've done a couple of things to give myself this functionality over the years. I build enterprise applicatons that may be distributed across many servers. I don't want to bury config settings in each services config file or each web server's web.config file. For application specific stuff I usually create an application settings table in the app's database. The table only has two fields. SettingName and SettingValue. I then write a web or wcf service whose sole function it is to retrieve these settings. I write a function called GetSetting where you pass "SettingName" and it returns SettingValue or an empty string if your setting is not found. This way I can store all application settings for all components of the application in one spot. Maintenance and troubleshooting for this is really easy, I'm not hunting through scads of config files spread across a dozen web and app servers.
For larger scale apps I might create a separate AppSettings database where I add a new field to my table mentioned above. ApplicationName. My web or wcf service for this approach has the same method call (GetSetting) only at this scope I pass ApplicationName and SettingName and it returns SettingValue or an empty string.
Doing either of these things allows you to centralize all app settings for any size application or IT shop. It has worked really well for us.
You could use RSS together with BitTorrent to distribute changes. See Wikipedia. It is not MS specific however, but should provide the flexibility you need - a configuration server holding the configuration and providing the feeds needed to configure the clients and possibly servers.
Any VCS through a secure channel?
For example, git through ssh (both available in cygwin).
I think the first step is to have the secure channel (if you want the push ability, pulling might be different).
As for managing the "versions" in different "branches", what's better than a version control system?
As it goes for the Microsoft requirement, well the Microsoft sofwares in that exists in that area would suck pretty bad in your case (as in not the best tool for the job).