How to manage gradual deployment of a web app - php

I am developing a web app and want to be able to stagger the deployment of new builds and versions across our users. For example...
Deploy new version of app and migrate a couple of test accounts to it for testing
When testing is happy, move say 5% of customers to the new version and monitor support problems and server load problems with those customers.
if it is still going ok, gradually move more and more customers over to the new version until everyone is updated.
Fogbugz and Kiln from FogCreek are using a deployment system like this. You can read about it here...
The problem I am trying to solve at the moment is that different accounts on the system can be using different versions of the code.
What is a good way of managing and controlling this? Can Apache do some of the heavy lifting here? I want to avoid too much overhead, or weird loader scripts to work out where to send the request. How do web apps like Fogbugz on Demand deal with the problem? Is there a recognised design pattern for this?
The users are identified via a domain name (eg user1.example.com, user-bob.example.com, etc).

There are easily hundreds of ways to accomplish this; so let's think at a high level without talking specifics of the architecture:
Large public sites like Yahoo and MSN handle design changes with random samples and set cookies with long timeouts to identify who should be receiving the new design.
For paid upgrades and beta invites you should be able to identify and tag which customer accounts will receive the new 'design' or feature set upon their login. For instance, the new updates to Digg v4 were for logged-in and opted-in customers only. Facebook had a similar rollout across their system with the new profile pages.
You may decide to pay for beta testers. You can easily use Amazon's Mechanical Turk or sites like custfeedback.com
The specifics will be up to you and your architecture. Hopefully you've written your software with this functionality in mind; and hopefully you've provided easy ways to provide both application and database upgrades easily at deploy time. Magento (an open-source e-commerce platform) handles this very well. Each module is built in a form of a plugin and each of its components keep record of their own version. Database upgrades are performed on the fly with install and upgrade scripts based on the new/future version retained in configuration files.
You may choose to move your beta testers to a new domain or database that has more detailed logging and realtime analysis than your production machine. This was the method mentioned in the Kiln blog post - they referenced the site http://martinfowler.com/bliki/BlueGreenDeployment.html - eventually, however you accomplish the segregation of your accounts and traffic, you eventually have to consolidate. You'll need to perform your migration in a maintenance window most likely and get everyone up to the same version.
Best of luck!

Related

How to handle infrastructure for the website in PHP which will be used many times?

I have a few PHP Laravel projects (restful API, admin app, client app). There is only one database which is used by API. The project is some kind of app which can be used by some companies. They have access to admin panel, client web page, they can use own API, they can make own users, permissions and so on. There is no problem if this project will be used by one client, but I'm going to sell this app to many people. I will be responsible for updates, hosting, configurations etc. I wonder how to make it the best way and I have a few ideas.
I thought about cloning the app on the server each time someone buys it from me. This requires setting up a new subdomain on the server and a lot of disk space. Not sure about it.
Or maybe cloning the app and sharing some files with symlinks like vendor, node_modules etc.
Another idea is to make it as a one project with many databases for different clients, but how to make it in Laravel in the best way? I will need some dynamic way to change the database connections (I want each client to have separate database), I'm not sure about conflicts with sessions, cache etc.
Maybe separate databases is a wrong idea, and it's better to have one database and make it as a one project and sell the access to project? But then I need to keep data of my client in one database.
What do you think?
Create this application as SaaS (software as a service). You can give them some default templates of front end or even client app (website and admin part), but keep all backend at your servers. Make REST endpoints, authenticate clients and give them functionality that they bought.
For example:
Client A bought calculator services from you. It authenticates, and makes GET call to /api/calculate/subtract/5/1. You give them response what your calculator does, for example 5-1 = 4. They can use your prepared templates for this data preview or create their own.
Client B bought calculator and storage services from you. You calculate same value, give it back, but also store it in your own database. So client B also can make call GET /api/storage/last_calculation and you give them 4, because client data stored in your database, he bought storage service too so he do not need to setup database for himself.
It is very simple example, but you should get the point.
For example simple scheme with separate database for each client:

Azure DevOps Custom Page for Requesting / Tracking Features or Bugs

I'm new to using AzureDevOps to handle my team's development needs. Currently I'm faced with the question of how are we going to gather the requirements, change requests, suggestions or bug reports from the end users of our products, that are either deployed or under development.
My idea is to have a simple page that is linked with our Azure DevOps account, which can simply retrieve the list of projects, to help the end user set the category, and then simply email the request to one of the developers to be handled manually. Our end users are limited so this is not an issue of being flooded.
I've search google and others for a template / working example of such page to help me build it quicker, as I'm also very limited on time.
I'm sure someone has done this before. It's just a simple request page connected to DevOps.
Asking about Azure DevOps hosted on Microsoft cloud, with 5 active developer accounts working on 5 different projects. We also use Sharepoint and AzureAD for the company's internal use, and would like to limit the requests to only come from company employees. I tried looking this up, but couldn't find anything "ready made".
We had a similar problem where we wanted to let people access parts of ADO who dont have an Azure AD account. We need this because we are a large corporation with slow and complicated Active Directory processes...
I asked on server fault and found a little service called TicketStudio in the Marketplace that works good for us: https://azuremarketplace.microsoft.com/en-us/marketplace/apps/aveyaramrsoftwaregbr1612902674653.ticket_studio?tab=Overview

local website connect to wordpress online

Long time reader first time asker, if my question is silly or missing info or miss titled lemme know and I'll fix it.
Okay, so I'm working at a community center for the next 8 weeks as a tech help assistant, I'm also a CS student.
They have a web application that is quite old running locally on an iis server (version 7). It's for keeping track of their members, events and registration It's written in asp.net and is using and Access database. They also have a wordpress website (php, mysql, apache) for advertising events and sharing information about what's going on in the community.
What they would like is to link their wordpress to the local application. I've been racking my brain about if this is even possible or not. I'm leaning towards not possible because the local application and shouldn't be outward facing as it has sensitive data on it and was not designed to be secure in the face of would-be hackers.
The only solution that I could think of is create a "walled off" section of the computer hosting the local application. Also an outward facing port that accepts incoming data from the wordpress site that is then passed onto the access database as an update (increasing a counter for the amount of people registered to a program). It needs to be possible for a file to have some kind of global (from the web) executable permissions and have all the other files on the localhost computer locked down from this global permission.
We would also need to be able to get 2 boolean values from the local app for the wordpress site. This is for if the program/camp/whatever is full and if the update was unsuccessful in the event of something going wrong. I'm just not sure if something like that is even possible and where to start with that. The most important thing is that it's secure.
If a secure API could work I have time to create something like that.
I don't have enough time to upgrade their local system to make it safe enough to be online because I have to run tech help sessions. I know that is the most realistic option.
Thanks very much
What they would like is to link their wordpress to the local
application. I've been racking my brain about if this is even possible
or not. I'm leaning towards not possible because the local application
and shouldn't be outward facing as it has sensitive data on it and was
not designed to be secure in the face of would-be hackers.
I think you've hit the nail on the head right there. It looks like you have a decent understanding of the situation but not of their internal app. The fact is that it's hard to scope something like this without getting in and getting details. Step 1 would be to see if you can talk to whoever it is that built the thing and get their feedback. It might be secure enough to expose some sort of connection.
Really there's not enough information here to determine a good answer, and you should be wary of anyone that says it's secure. There are a ton of factors that go into web security.
You might be able to throw together a basic RESTful API with authentication to send only to the wordpress site's IP. But if it's sharing the IP that information can be consumed by third parties so you'll have to decide if that is an okay risk.
I wouldn't try and expose everything and partition with apache. A basic RESTful API with authentication would be best at first glance IMO. That way you only show consumable data and limit what can be used.

PHP Development (LAMP environment) - Confluence or GitHub?

I have recently been put in charge of our PHP Web Developers (I'm a programmer in general of over 30 years, currently the Salesforce Administrator and sometimes Developer in Apex). My team members are suggesting both GitHub and Confluence for page versioning, check-out control, being able to review the multiple changes any one of several users could make to any given file before they deploy to the live servers, etc.
I'm curious what would be the better choice for this? Based solely on reputation and what I'm reading online in general, I'd tend toward GitHub.
The Development server we're getting ready to setup will be AT the webhost (remote to us), local to the live servers.
Thanks for any insights. ;-)
Confluence is not the tool for what you're attempting to do. Confluence is a great choice for intranet forums or wikis, but it isn't the best for keeping track of updated files. While it could alert interested parties every time a new file is attached to certain pages, or every time a page itself is updated, it isn't really intended for your purposes as described in the question.
Here's a page describing Confluence's usefulness: http://www.atlassian.com/software/confluence/overview/team-collaboration-software
Again, I'd emphasize that it's really great for allowing non-programmers to generate wiki-content within groups or for an entire company, but I wouldn't recommend it for your purposes.

C++ access to on-line file storage

I am looking to add to an existing C++/Windows application the on-line storage of application files, for backup purposes and easy of application file access between multiple computers. The files are around 100k in size, and I’d estimate that each customer will want to store 1-10 of these files, but some may wish to store hundreds in different folders. I would estimate that over time several thousand customers would want to use this feature, but the average use per month would not be that high (my customers tend to use the software extensively for a couple of months and then settle to a much lower usage pattern).
The security requirements are not high (no personal or sensitive information is in the application files), but basic login authentication would have to take place. I have a user forum (phpbb), which may be the easiest place to take care of the login creation / password recovery (depending on the server used below).
I have a web server (with php & mysql), and the disk space / bandwidth should not be a problem. I do not wish to use 3rd party libraries without source, as past experience has shown this introduces bugs / problems upgrading compilers etc.
I’m aware that I’ll need both server and client software and they will need to communicate using a protocol. As far as I can tell, my options are:
Use an existing online storage provider, such as DropBox. The problem I see with this is the client side interface software (I know of SharpBox, but it is .net), and other possible restrictions on storage space, account activity etc.
Use open source online storage software, such as OwnCloud. WebDAV should be able to be used for the interface, but again there currently is no client software for OwnCloud. I did get as far as setting up OwnCloud 2 and 3, but WebDAV seemed to only be partically supported. This is my preferred solution – use an off the shelf server with decent example C++ client to get me started.
Create my own server, protocol and client front end. I could use WebDAV or SOAP for the protocol. This is my last option just because of the amount of work to re-invent the wheel, but gives the simplest, most flexible system and best chance of integration with the phpbb forum for login credentials etc.
Are there other options which meet my needs which I have overlooked?

Categories