[forge-dev] Multitenancy for Forge as a Service

Pete Muir pmuir at redhat.com
Sat Feb 4 09:03:34 EST 2017 

On Wednesday, 1 February 2017, Max Rydahl Andersen <manderse at redhat.com>
wrote:

>
> > Hey Andrew,
> >
> > Yes, this is a really important question, and it's something that I
> > believe
> > that the Forge architecture supports out-of-the-box. Every interaction
> > with
> > the UI API (the Forge commands, per say) is stored in a request-scoped
> > UIContext[1] object that is initialized when a command is invoked and
> > destroyed when the command finishes executing. That means that you can
> > execute multiple concurrent commands in a single Forge instance and
> > they
> > will not affect each other.
>
> Excellent.
>

My understanding of the flow then is something like this:

1) The user works through one or more screens, inputting fields that
describe what they want
2) The web UI creates Forge commands from this, batching them all up to
send in a single request to the server
3) On receiving commands the server executes them in Forge, generates a
response, and then cleans up any resources generated on the server side

In other words, Forge as a Service is not stateful in anyway, so each time
you send a request, Forge must rebuild the project context.

If so, this sounds good, as IIRC Forge can build project contexts
relatively quickly.

A couple of things to follow up on in this area:

1) How confident are you with the cleanup step - principally I'm wondering
if you ensure a cleanup by using some sort of temporary file system whilst
the request is in progress and then removing it once the request completes?

Note that our backup thought here was just to cycle the container running
Forge regularly so that we don't run risk running out of disk space, so
this is not overly critical.

2) Actually this is related - how are you isolating projects on the server
side, particularly with disk?


>
> > When it comes to security, as a good practice, it is important to
> > restrict
> > the commands that the exposed REST service can execute.
> > That's why in the Obsidian backend[2] we only expose a REST
> > endpoint[3]
> > consuming the Forge API to execute a limited number of commands (more
> > specifically, the ones exposed by the obsidian-addon[4])
>

Very sensible :-)


> >
> > Last but not least, as the Forge Online app is just a PoC illustrating
> > how
> > Forge can work in a web environment, it does not impose restrictions
> > to the
> > supported commands, therefore it shouldn't be a web app to be used in
> > production.
>

We wouldn't want to use this app directly anyway...


>
> Since we need something for production I would be curious to know what
> you feel are missing ?
>
> > PS: It would be nice to ping the Fabric8 team for this matter as they
> > are
> > already using Forge as their project generator solution for a long
> > time now.
>
> In case you missed it - fabric8 team is now part of devtools and
> devtools are fabric8 :)
>
> We'll get James et.al. involved (they are in f2f meetings this week),
> but as I understood
> Fabric8 have a fork of the PoC adjusted to handle some more complex
> workflows they were
> exploring. Things they would like to get merged back as I understand it.
>
> That said - to outline the items we were discussing about forge as a
> SaaS:
>
> Main reason we need it in first place is that Forge is *massive*, takes
> up a lot of
> resources - even more than Eclipse Che; thus we are very interested in
> being able to run
> Forge without having one instance per user.
>
> In that we had some questions and concerns in addition to the ones
> above:
>
> A) can forge run without access to download updates etc. from maven and
> similar ?
>     i.e. can we lock updates down and ensure it and its execution cannot
> be altered
>     just because someone updated a plugin.
>     (We discussed firewalling it completely to be sure :)
>
> B) Is there a way to ensure that secrets like GitHub auth keys and
> others are
>     not exposed to users nor in logs ?
>
> C) Any expectations/ideas on how we would integrate obsidian generators
> with
>     fabric8 ?
>      Two options we considered:
>            1) call out to separate hosted obsidian-toaster and run the
> risk of
> exposing secrets on wire.
>        2) run obsidian-toaster or a copy of it inside fabric8 online so
> we don't expose any secrets.
>
> Pete and others might have more, but above are the ones I wrote down
> while being on bluejeans to the conversations.
>
> > I hope this helps. Looking forward to this list of requirements and
> > happy
> > to discuss about this anytime.
> >
> > [1] -
> > https://github.com/forge/core/tree/master/ui#uicommand-
> execution-lifecycle
> > [2] - https://github.com/obsidian-toaster/generator-backend
> > [3] -
> > https://github.com/obsidian-toaster/generator-backend/
> blob/master/src/main/java/org/obsidiantoaster/generator/
> rest/ObsidianResource.java
> > [4] - https://github.com/obsidian-toaster/obsidian-addon
> >
> > Best Regards,
> >
> > *George Gastaldi*
> >
> > https://onename.com/gastaldi
> >
> > On Tue, Jan 31, 2017 at 9:27 PM, Andrew Lee Rubinger <alr at redhat.com
> <javascript:;>>
> > wrote:
> >
> >> Hi, all:
> >>
> >> We have some requests coming down the pike from the Developer Group
> >> with
> >> regards to running Forge as a Service (which is great!).
> >>
> >> Additionally, I'm suspecting this will soon be very important for us
> >> as
> >> well, as we continue to build out what's currently known as the
> >> "Obsidian
> >> Generator", using Forge as a backend.
> >>
> >> I'm hoping the Forge team will kindly advise as to our preparedness
> >> for
> >> running Forge in a multitenant environment.  Concerns may include
> >> resource
> >> consumption (not running an instance-per-user), security, etc.  Have
> >> we yet
> >> broached this subject specifically in the prototypes I've seen thus
> >> far
> >> using Forge Online?
> >>
> >> I've requested of the Developer Group a list of requirements they've
> >> devised; will send those along here when I have them.  In the
> >> meantime,
> >> mind describing where we currently stand?
> >>
> >> S,
> >> ALR
> >>
> >> --
> >> Red Hat Developer Group Architecture
> >> @ALRubinger
> >> _______________________________________________
> >> forge-dev mailing list
> >> forge-dev at lists.jboss.org <javascript:;>
> >> https://lists.jboss.org/mailman/listinfo/forge-dev
> >>
> > _______________________________________________
> > forge-dev mailing list
> > forge-dev at lists.jboss.org <javascript:;>
> > https://lists.jboss.org/mailman/listinfo/forge-dev
>
>
> /max
> http://about.me/maxandersen
> _______________________________________________
> forge-dev mailing list
> forge-dev at lists.jboss.org <javascript:;>
> https://lists.jboss.org/mailman/listinfo/forge-dev
>

More information about the forge-dev mailing list