Multitenant mode

In multitenant mode, one installation of Alvao Server serves several customers (tenants).

Creating a tenant database

Using DatabaseDeploy

Create a tenant database on SQL Server by running DatabaseDeploy with parameter /multitenant.

Setting multitenant mode

Asset Management Collector

For multitenant mode, first prepare a ZIP package to install service instances for each tenant:

1. Install the MSI package AlvaoAssetCollector.msi using the "admin" installation: msiexec /a AlvaoAssetCollector.msi

Note: Run the command line "as administrator".

2. In the folder where you installed the package (where the EXE and DLL libraries of the application are), extract the contents of the package

CollectorServiceControlScripts.zip

3. Then "zip all the files" and create one ZIP archive, e.g.: .AMCollector.zip

Alvao Service

1. Edit the appsettings.json file, e.g. using Notepad.
2. Find the ConnectionString section.
3. In this section, replace the existing connection with the new one. Replace it with a connection named AlvaoTenants that contains a connection string to the tenants database.

Example:

"AlvaoTenants": "Data Source=localhost;Initial Catalog=AlvaoTenants; Max Pool Size=2000; Integrated Security=True; MultipleActiveResultSets=True"

note

On SQL Server, set the necessary permissions for Alvao Service. The settings for the tenant database are the same as for the database in single tenant mode. The recommended user roles are db_datareader, db_datawriter, db_ddladmin, db_owner and db_executor.

Alvao RestApi

1. Edit the appsettings.json file, e.g. using Notepad.
2. Find the ConnectionString section.
3. In this section, replace the existing connection with the new one. Replace it with a connection named AlvaoTenants that contains a connection string to the tenants database.

Example:

"AlvaoTenants": "Data Source=localhost;Initial Catalog=AlvaoTenants; Max Pool Size=2000; Integrated Security=True; MultipleActiveResultSets=True"

WebApp

1. Edit the appsettings.json file, e.g. using Notepad.
2. Find the ConnectionString section.
3. In this section, replace the existing connection with the new one. Replace it with a connection named AlvaoTenants that contains a connection string to the tenants database.

Example.:

"AlvaoTenants": "Data Source=localhost;Initial Catalog=AlvaoTenants; Max Pool Size=2000; Integrated Security=True; MultipleActiveResultSets=True"

Custom Apps WebService

This component is installed only for tenants who have purchased the ALVAO Asset Management Custom Apps or ALVAO Service Desk Custom Apps module.

For multitenant mode, first prepare a ZIP package to install service instances for each tenant:

1. Install the MSI package AlvaoCustomAppsWebService.msi using the "admin" installation: msiexec /a AlvaoCustomAppsWebService.msi

   note

   Run the command line "as administrator".

2. 2. "Zip" the folder from IIS where the application was installed (e.g. C:\inetpub\wwwroot\AlvaoCustomAppsWebService) and create a single ZIP archive, e.g. CustomAppsWebService.zip

Adding a new tenant

1. For a new customer, register a new (sub)domain in DNS (e.g. zakaznik1.alvao.com) that points to the IP address of the server with the Alvao web applications installed.

2. On SQL Server, use the DatabaseDeploy utility to create a DatabaseDeploy for customer . new database in the appropriate language (according to the customer's requirement). Activate the database.

   note

   • The name of the database is recorded as case sensitive text, so be sure to observe case when transcribing.
   • When a new database is created, a strong authentication code is automatically generated for AM Agents. The code can be changed in global scan settings.
   note

   On SQL Server, set the necessary permissions for IIS processes. The settings for the tenant database are the same as for the database in single tenant mode. The recommended user roles are db_datareader, db_datawriter, db_ddladmin, db_owner and db_executor.

3. Go to the AlvaoTenants database, e.g. using SQL Server Management Studio, edit the Tenant table and insert the corresponding values into it.

Ex:

• Organization = Customer 1
• Domain = zakaznik1.alvao.com
• ConnectionString = Data Source=server1;Initial Catalog=Zakaznik1; Max Pool Size=2000; Integrated Security=True;TrustServerCertificate=True

tip

Since Alvao 11.2 SP1 you can add a new tenant to AlvaoTenants (step 3) and then use DatabaseDeploy with multitenant parameter to create a new database (instead of step 2).

Alvao Provider

One of the tenants can be designated as an Alvao provider. The provider has the right to create News for other tenants as well. To designate a provider, set the IsProvider column in its row in the tenant database to 1.

Asset Management Collector

1. Create a new folder with the name of the tenant in *C:\Program Files (x86)\ALVAO\ Asset Management Collector*

E.g.: Customer 1

2. Extract the ZIP package with the AMCollector.zip files (see Multitenant Mode Settings) into this folder.

3. Edit the AMCollector.config file and set the connection string to the tenant database in the configuration/database/connectionStrings section.

4. Run the CreateService.cmd script ("as administrator") to create the AM Collector service for the tenant. The script will start the service directly.

   note

   For the proper functioning of the service, we recommend creating a service account to which you assign sufficient rights to manage the database. The tenant can then be easily identified in the services.

   note

   For proper functioning of the service, we recommend creating a service account to which you assign sufficient rights to manage the database (i.e. the right db_ddladmin, db_datawriter, db_datareader and db_executor). Then run all Collector services under this account. Be sure to also allow this account access to the folders from where it will perform file retrieval. This is the "C:\Windows\Temp" folder and the hidden "C:\ProgramData\ALC" folder.

5. Go to the tenant's Alvao WebApp and in Administration - Asset Management - Servers create settings for the specific server.

   • Enter the name on the network of the server running Alvao services.
   • In the File Loading section, enable automatic loading of CXM files from the folder: c:\ProgramData\Alvao Asset Management Collector\Scans<tenant organization name>

Custom Apps WebService

1. On IIS, create a new folder named AlvaoCustomAppsWebService_<tenant name without hooks, commas, spaces and other special characters>, e.g.: C:\inetpub\wwwroot\AlvaoCustomAppsWebService_Zakaznik1
2. Extract the ZIP package CustomAppsWebService.zip (see Multitenant Mode Settings) into this folder.
3. Edit the appsettings.json file, e.g. using Notepad. Find the section connectionStrings and set the connection string to the tenant database.
4. Create an application pool specifically for this tenant's Custom Apps WebService with the same settings, as the other Alvao apps. Leave the pool identity at ApplicationPoolIdentity.
5. On SQL Server, set the IIS APPPOOL account with db_datareader, db_datawriter, and db_executor permissions for the tenant database only.
6. In the IIS Manager, select the newly created folder and select Convert to Application from the context menu. Select the application pool created in the previous steps and confirm the dialog by pressing OK.
7. Enter the correct service address in the following SQL script and run the script on the new tenant's database:

exec  spUpdateInsertProperty  'CustomAppsWebService.Url', 'https://<server>/CustomAppsWebService_Customer1'

Distribution of AM Agents

Install AM Agents on computers in your organization with the following command line parameters:

• APIURL=<address of the REST API with a specific tenant (sub)domain>, e.g.: https:// customer1.onalvao.com/AlvaoRestApi

• AUTHCODE=<authentication code>

  note

  The Agent Authentication Code was generated automatically when the DB was created. You can find it in global scan settings.

note

Agents can also be extended using GPOs with preset parameters - see Installation via GPO, or other tools.

Tenant upgrade

All tenants on a particular server must be upgraded at the same time because they share common server applications. If you need to upgrade only some tenants, you must first move them to another server.

Database upgrade

If you need to upgrade the database (installing SP1 or a new "big" version), use the DatabaseDeploy utility to upgrade all tenants' databases to the new version.

Asset Management Collector

1. Re-create the ZIP package for the current version of Alvao, see above.

2. In Windows - Computer Management - Services and Applications - Services, stop the AM Collector services for all tenants.

note

That is, all AM Collector services that have the organization name in parentheses at the end of the service name.

3. Extract the prepared ZIP package without the AMCollector.config file into the folders of all tenants one by one, so as not to overwrite the instance settings.

4. Start all services again.

Alvao RestApi

1. Install a new version of Alvao RestApi.

note

Alvao RestApi is common for all tenants on a given server.

Alvao Service

1. Install a new version of Alvao Service.

note

Alvao Service is common for all tenants on a given server.

Alvao RestApi

1. Install a new version of Alvao RestApi.

note

Alvao RestApi is common for all tenants on a given server.

WebApp

1. Install a new version of WebApp.

note

WebApp is common for all tenants on a given server.

Custom Apps WebService

1. Re-create the ZIP package for the current version of Alvao, see above.
2. Extract the prepared ZIP package without the appsettings.json file into the tenants folders one by one, so that the instance settings are not overwritten.

Removing a tenant

1. Go to the AlvaoTenants tenant database and edit the Tenant table, find the correct tenant and delete the entire row.
2. On the SQL server, delete the Alvao database for the tenant.

Asset Management Collector

1. Go to *C:\Program Files (x86)\ALVAO\Asset Management Collector* and find the subfolder of the specific tenant.
2. In the folder, run the script RemoveService.cmd ("as administrator").
3. Remove the entire tenant folder.

Custom Apps WebService

1. In the IIS Manager, delete the tenant application using the Remove command in the local menu.
2. Remove the application pool for the Custom Apps WebService of this tenant.
3. In the C:\inetpub\wwwroot folder, delete the instance folder for this tenant.