My company is about provide e-commercial website service and finding the best solution for deployment.
Our application is a multi-tenant e-commercial application. Once purchased, our customer has a website. The newly created website can be browsed by default subdomain on our domain (our domain is invishop.com) eg: mikeshop.invishop.com. The website also can be browsed by customer's custom domain. This requires to create CNAME record to our domain name (invishop.com). Our multi-tenant application is developed in ASP.NET MVC platform.
The simplest solution our considered is Windows hosting with Dedicated IP but this solution does not meet big users requirement. Our application will be used by up to 1000 or higher at a same time. If we deploy our service on shared ASP.NET hosting our service is always can not access. We want to run our application on higher availability Infrastructure but do not want to focus on building and managing Infrastructure. We only want to focus on develop our application and business.
So what service we should use ?
You can use Azure virtual machines for hosting. VMs are scalable and you can make availability set with other VMs. So, if is going down (update etc), the second will working. You can create virtual network and assign some VMs to it (Web server and database server). You can use backup services for each VM too.
You can make VM with dedicated IP - Be careful it is possible to configure ONLY before you make VM - you must use PowerShell.
Create dedicated IP via PowerShell (see on internet commands)
Create virtual network (not necessary)
create VM - web server and assign it to IP via PowerShell
create VM - SQL server
Configure server for IIS - it is possible to host multiple websites on one VM via host names (I use this). Add A record to your domain(xyz.com and www.xyz.com and your dedicated IP)
Related
i have a server that has a common dns and hosts multiple containers of different applications but the problem here for each domain name for an application, any app on the server can be accessed with the right port number. i have an internship management system and hospital management system on a single server with the respective domains; ims.ius.ca.com and hms.ius.ca.com where the common dns is "ius.ca.com". These two application have different port numbers 2301 and 2401 respectively. However, when a user keys hms.ius.ca.com:2301 the internship management system application is accessed instead of the hospital management. How do I resolve this conflict.
I agree with #Martheen The common solution for this problem is to have a reverse proxy in front of your applications (docker applications). You could use Nginx or HAProxy as reverse proxy.
This is my first VPS, so I am pretty new to administrating my own box. I already have experience with a managed web server, registrars, DNS settings, etc. The basics. Now I'd like to take it a step further and manage my own VPS to run multiple services for different business and private projects.
So far I got an VPS from Contabo, updated the system, set up a new user with sudo rights, secured the root user, configured Ufw, installed Nginx with server blocks for two domains and created SSL certificates for one domain using Certbot.
Before I go on with setting up my VPS, I'd like to verify my approach for hosting multiple services for multiple domains makes sense and is a good way to go.
My goal is to host the following services on my VPS. Some of them will be used by all projects some only by a single one:
static website hosting
dynamic website hosting with a lightweight CMS
send and receive emails
Nextcloud/Owncloud
Ghost blog
My current approach is to run all services except for Nginx and the mail server with Docker. Using Nginx as proxy to the services encapsulated in Docker.
Is this an overkill or a valid way to go forward in order to keep the system nice and clean? Since I am new to all of this, I am unsure if I also could run all of the services without using Docker but still be able to serve the different projects on different domains without messing up the system.
Furthermore, I'd like to make sure, that access to the services and the stored data is properly separated between the different tenants (projects). And of course ideally the admin of the services is kind of manageable.
So I have Windows Server 2016 TP5 and I'm playing around with the containers. I am able to do basic docker tasks fine. I'm trying to figure out how to containerize some of our IIS-hosted web applications.
Thing is, we usually use integrated authentication for the DB and use domain service accounts for the app pool. I currently don't have a test VM (that is in a domain) so I can't test if this will work inside a container.
If the host is joined to an AD domain, are its containers also part of the domain? Can I still run processes using domain accounts?
EDIT:
Also, if I specify the "USER" in the dockerfile, does this mean that my app pool will run using that (instead of the app pool identity)?
There are at least some scenarios where AD-integration in Docker container actually works:
You need to access network resources with AD credentials.
Run cmdkey /add:<network-resource-uri>[:port] /user:<ad-user> /pass:<pass> under local identity that needs this access
To apply the same trick to IIS apps without modifying AppPoolIdentity you'll need a simplest .ashx wrapper around cmdkey (Note: you'll have to call this wrapper in run-time, e.g.: during ENTRYPOINT, otherwise network credentials will be mapped to different local identity)
You need to run code under AD user
Impersonate using ADVAPI32 function LogonUser with LOGON32_LOGON_NEW_CREDENTIALS and LOGON32_PROVIDER_DEFAULT as suggested
You need transport layer network security, like when making RPC calls (e.g.: MSDTC) to an AD-based resources.
Set up gMSA by using any guide that suites you best. Note however, that gMSA requires Docker host to be in the domain.
Update: this answer is no longer relevant - was for 2016 TP5. AD support has been added in later releases
Original answer
Quick answer - no, containers are not supported as part of AD so you can't use AD accounts to run processes within a container or authenticate with it
This used to be mentioned on the MS Containers site but the original link now redirects.
Original wording (CTP 3 or 4?):
"Containers cannot join Active Directory domains, and cannot run services or applications as domain users, service accounts, or machine accounts."
I don't know if that will change in a later release.
Someone tried to hack around it but with no joy.
You can't join containers to a domain but if your app needs to authenticate then you can use managed service accounts. Saves you the hassle of having to deal with packaging passwords.
https://msdn.microsoft.com/en-us/virtualization/windowscontainers/management/manage_serviceaccounts
I have a webdomain www.MyDomain.com and a MVC4 web application MyMVCWebApp.
First I publish the application to a local destination.
For instance: C:\TempLocation
And then I host it to my domain with a FTP-tool (FileZilla??)
The files will be hosted but I can't find the webpage.
Which url do I have to write?
http://www.MyDomain.com/MyMVCWebApp/Home/Index.chtml or something?!
Do I have change the settings in my web.config?
What do I have to do?
You can't host an application on a domain.
An application is hosted on a web server. A domain name is only a way to translate an easy to remember address like "www.google.com" to the web server ip address which looks like 173.194.66.104
It is possible to purchase a domain without a web server.
So before going further:
Check if you actually bought a domain only, or a domain with a server
Your domain should redirect to your server ip address, you can see if he is correctly configured by opening a command prompt and doing
C:\> ping www.yourdomain.com
If this is not the case you will need to update the A record of your domain, and wait for the update to be replicated on DNS server worldwird.
If you have a managed server, you should check your hosting provider website. They usually provide in depth documentation, and they all have a different way to do things. Most of the time indeed you will be able to upload your files using a FTP software such as Filezilla.
However, in order to host a MVC 4 application you need a server with
the IIS web server, which means that you need a Windows server. So if
you have a Linux server, you should contact your hosting provider
support and tell them you made a mistake during your order. (It is
possible to host a MVC 4 application on Linux, but I don't think it
is often provided on managed servers)
If you have a dedicated server you are on your own.
The URL you will have to write to access your application will depends on what you have configured in the RegisterRoutes method of the RouteConfigs.cs file.
I recommend you to watch the last video on this page to have a better overview of the possibilities.
I will developp and host an e-commerce website based on Asp.Net MVC4 (with several SQL Server Jobs).
I think use Azure in order to stay in Microsoft's world and avoid dedicated server management.
The package Web Site Shared with 1 site / 5Go SQL Server Database / 200Go Bandwidth is very interesting with the price based on 12 months.
But i don't know if this configuration is enough specially on the bandwidth.
What do you think of ? Did you use Azure with this type of application ?
Regards,
Guillaume.
If you want to develop E-Commerce application you will have to secure customers' sensitive data i.e. credit cards, address details etc. via secure connections (HTTPS; in many countries this is legal requirement). For that reason you will have to have SSL support.
Azure Website do not support SSL for custom domains. However, they support SSL for *.azurewebsites.net DNS name. So if your E-Commerce application DNS will be, say, my-ecom-app.azurewebsites.net then it's fine. Otherwise, I would not recommend Azure Website solution yet (I am sure SSL support for custom domains on Azure Website will be implemented).
Azure Cloud Services, on the other had, have full support of SSL for custom domains.
One of the really good websites to check Azure features and development roadmap is ScottGu's Blog
Azure Web Sites do not support SSL and I really don't know of any successful e-commerce site that does not run SSL for at least part of the website. If you really want to host your e-commerce on Azure today your only real choice is to run Virtual Machines for your web front end servers and use them for your DB or use SQL Azure.
We developed platform called Virto Commerce that does just that, MVC4 website hosted on Azure. There was also a need for SQL Jobs (indexing, payment processing, cart cleanups and so on) for which we used WorkerRole (instead of WebRole). WorkerRole and WebRole can actually be combined as part of a single deployment, however it is better to use a different instance for worker roles. In our case WorkerRole acted as a scheduler for multiple jobs defined in the database.
The challenge with WorkerRoles however is to make sure they scale well when new instances are added. So the workload needs to be distributed between multiple instances. This is done through the use of queues and blob locks, where each job is now split into two, one that schedules and partitions the work and the second that actually picks up the next partition and completes it.
Hope this helps!
PS: Virto Commerce is now available as an open source project on codeplex, go to http://virtocommerce.codeplex.com