Clarify / Dovetail – in the Cloud
“The Cloud”
Recently, we migrated our Clarify/Dovetail implementation to the cloud. Specifically, into Amazon’s AWS infrastructure.
We setup a sandbox environment a couple months ago, and then migrated our production instance this month.
As far as I know, we have the only Clarify production implementation running in the cloud.
If you navigate to our support site at https://support.dovetailsoftware.com – that’s all running in AWS.
We have multiple AWS servers/components in play, as well as some tools that we use, which I’ll cover in more detail here.
Application Server
The app server is Windows Server 2008 R2 DataCenter edition.
No surprise, we run our Dovetail suite of applications, including:
- Dovetail Admin
- Dovetail Agent
- Dovetail Mobile
- Dovetail Agent Reporting
- Dovetail SelfService
- BOLT
- Bootstrap
- Carrier
- Rulemanager
- Seeker
- SchemaEditor
- ArchiveManager (DIET)
In addition, we also have some of our own customizations, including:
- Custom web services
- Custom Rulemanager actions (mostly Powershell scripts)
- Custom scheduled tasks (mostly Powershell scripts)
Database Server
The database server is Windows Server 2008 R2 DataCenter, running Microsoft SQL Server 2014.
This is our production Clarify database. It’s the only actual piece of “Clarify” software that we use. The rest is all Dovetail.
In case you’re curious, our Clarify schema revision is 54 – which is Clarify version 9, released back in 2000.
Load Balancer
We use Amazon Elastic Load Balancing for load balancing and for SSL termination.
Logging
All of our Dovetail apps use log4net for logging. The most common logging endpoint is to log to a file.
But, log4net also supports logging via UDP, which allows us to send logs to a RemoteAddress on a specific port.
Here’s an example of a log4net config showing how to log to a UDP appender.
We send our logs to Logstash, which are indexed for searching with Elasticsearch, and then we use Kibana for visualizing the log data.
KIbana is easily accessible through the web.
For example, I can easily see and dive down into any errors that may have occured across all of my applications:
Monitoring
We use NewRelic for monitoring the health of our servers, and to alert us in case of trouble. NewRelic is easily accessible through the web.
For example, I can easily see that my app server is humming along just fine:
In addition, NewRelic will notify us when something is wrong.
For example, during testing, we weren’t cleaning up our database backup files, so we were running out of disk space, which NewRelic notified us about:
Database Backups and File Storage
Our database is backed up on a regular basis, and we store our backups on Amazon Simple Storage Service (Amazon S3).
A simple PowerShell script executes the database backup via a scheduled task, and then it’s pushed to S3.
We also use S3 for backups of our file attachments.
Security
Security is always a concern, especially when your data is not in your own data center.
In addition to our Clarify line of products, we also have a side of our business that is a SaaS-based application for HR Case Management. That product line has been running in AWS for years now, and we’ve done a lot of work to enforce best practices in regards to security.
Lucky for me, I’ve been able to lean heavily on what we’ve learned on that side of the business, and we work closely with our HR operations team to ensure that our environments are secure.
There’s some basic security steps – such as enabling SSL for our web apps, locking down Remote desktop via IP address, locking down database access so it can’t be accessed other than from certain servers, complex password requirements, etc. And then there’s a bunch of more complex things that are configured as well. We have a Director of Security, who oversees all this stuff. Hopefully he’ll post soon about some of the security policies and procedures we have in place that make sure our environment is as secure as possible.
Source code control and deployment tools
We store all of our applications, code, and config files in Github.
When we want to deploy an app to production, we use Octopus Deploy, which gets what it needs (code, config files, etc.) from Github, copies the files to our application server, sets up websites and application pools, configures everything, runs any needed scripts, etc. All of this happens from a single button click on the Octopus website, or via a rake task which calls the Octopus API. Then we have the latest version of our app up and going in AWS. It’s pretty sweet!
Here’s an example showing that we deployed an updated version of SelfService to our production site today. Notice the total deploy time: 27 seconds!
Want some of this fluffy cloud goodness for yourself?
It may seem like a lot of moving parts, but in all honesty, it’s not any more than what we typically see with an on-premise implementation.
If you’re interested in moving your Clarify/Dovetail implementation to the cloud, we can help.
At a minimum, we can share details about what we did, and offer suggestions and guidance. Or, our Professional Services team can take on all the heavy lifting, and do the migration for you. Or anything in between.
In short – we can help you get there.
Feel free to get in touch if this is something you’d like to discuss.
Maybe I should add Philosopher to my business card…