Patent Grant
8566449
The following relates to data processing systems and processes that use common network-based platforms to support applications executing on behalf of multiple tenants.
Modern software development is evolving away from the client-server model toward “cloud”-based processing systems that provide access to data and services via the Internet or other networks. In contrast to prior systems that hosted networked applications on dedicated server hardware, the cloud computing model provides applications over the network “as a service”. The cloud computing model can often provide substantial cost savings to the customer over the life of the application because the customer no longer needs to provide dedicated network infrastructure, electrical and temperature controls, physical security and other logistics in support of dedicated server hardware.
In particular, multi-tenant cloud-based architectures have been developed to improve collaboration, integration and community-based improvement between customer tenants without sacrificing data security. Generally speaking, multi-tenancy refers to a system wherein a single hardware and software platform simultaneously supports multiple customers or other groups of users from a common data store. The shared platform in the multi-tenant architecture is usually designed to virtually partition data and operations so that each tenant works with a unique virtual application instance. The Force.com service available from salesforce.com of San Francisco, Calif., for example, provides an application-centric approach that abstracts the server hardware altogether and allows multiple tenants to simultaneously yet securely implement a wide variety of applications that are accessible via the Internet or a similar network.
In some instances, the different applications provided by a particular multi-tenant server are accessed via unique names and addresses. Certain tenants, for example, may wish to provide their applications from the shared server using customized domain names that uniquely identify the tenant's applications, and that differentiate that tenant's applications from those belonging to other tenants of the same shared server. A single multi-tenant server may therefore simultaneously support applications that are accessible via any number of different domain names.
The various domain names used to access the different applications can be published to users using the well-known Internet domain name service (DNS), or the like. Issues can arise, however, in maintaining consistency between multi-domain application servers and the publicly-available DNS service. If the public DNS becomes incorrect for any reason, then users may have difficulty in connecting to desired applications. It is therefore desirable to maintain the reliability and consistency of DNS information and/or other configuration data relating to multi-domain application servers, particularly when such servers support applications that are accessible via multiple distinct domains. Similar issues may arise in maintaining consistency and accuracy of other configuration information as well.
Exemplary embodiments will hereinafter be described in conjunction with the following drawing figures, wherein like numerals denote like elements, and
Various systems and methods are described to validate domain name services (DNS) or other configuration data for multiple services provided on a network by a common multi-tenant application server. In various embodiments, a validation system suitably receives configuration data from the multi-tenant application server for each of the services provided. The validation system also performs a validation query to a domain name services or other public service on the network to obtain public data about each service. The publicly-available information is compared to the data received from the multi-tenant application server, and any anomalies are reported and/or repaired as appropriate.
Various processes and systems described herein are able to validate that the distributed DNS data and/or other configuration information is correct. Some embodiments may alternately or additionally provide for dynamically-correcting incorrect or outdated information. Although this document primarily refers to exemplary embodiments that validate and/or repair DNS configuration data, other embodiments may relate to other types of real-time validation of production configurations that may be useful to applications and servers in a multi-tenant cloud computing infrastructure. The various systems and methods disclosed herein are not limited to DNS applications, then, but may equivalently apply to any number of other dynamic configuration systems, data or applications as appropriate. For example, equivalent systems and processes could be used to validate and/or repair load balancing information, routing tables, configurations of social media accounts, and/or any other configuration data as appropriate.
Turning now to the drawing figures and with initial reference to
Generally speaking, a user of a client system 140 suitably invokes a browser or other client program 142 that is able to contact an appropriate server application 128 executing on a multi-tenant server 102 via the Internet or another network 145. Typically, client program 142 and/or another process executing on client system 140 accesses the application 128 on network 145 using an IP or other network address 151. Browsers and other client applications 128 generally obtain internet protocol (IP) or other addresses associated with various services available on the Internet or another network using a widely-available domain name services (“DNS”) system 155. The DNS system 155 typically includes multiple servers 155A-B that are distributed throughout the Internet or another network 145 to associate textual domain names (e.g., “salesforce.com”) with Internet Protocol (IP) or similar addresses (e.g., “204.14.234.33”).
Different applications 128A-B executing in a multi-tenant server 102 can each be mapped to different domain names 150A-B that are each separately accessible via the Internet or another network 145. This can allow different tenants to each provide their applications 128 using a unique domain name 150 that is different from other users of the same shared server 102. Even if two hypothetical tenants (e.g., “Acme Fireworks Inc.” and “Joe's Bait and Tackle”) were to develop applications using the same multi-tenant server 102, then, the two tenants' applications 128 could be separately accessible via different domain names 150 (e.g., “acme.multiserver.com” and “fishing.multiserver.com”, respectively). The separate domain names could reference a common network address 151 associated with the common server 102, or different network addresses 150A-B each associated with the particular application as desired. In the example illustrated in
Invalid data may propagate through the DNS system 155 for any number of reasons. In some circumstances, for example, an initial DNS entry created for a particular application 128 may fail to register due to network or system issues. As another example, DNS entries may be slow to update and/or may fail to update entirely as tenants move between different network server instances (e.g., between servers 102A-C), or as applications 128 change over time. Such issues may not be reported in a timely fashion due to asynchronous nature of the DNS system 155. Other types of configuration data may experience similar issues.
To validate DNS or other configuration data for the multiple applications 128A-B executing on servers 102A-C, then, a validation system 152 obtains configuration information from the server(s) 102A-C and compares the information obtained directly from the primary source (e.g., the server 102) with the information distributed from the DNS or other distribution service 155 on network 145. If any anomalies are found, these may be reported out to an administrator or other user for manual repair.
Further embodiments may additionally or alternately automatically repair any anomalies by updating a provider service 154 that updates the information propagated on network 145 by the DNS or other distribution service 155. Examples of DNS services 155 include the services provided by ULTRADNS, GODADDY.COM, and many others. Many of these services 155 include application programming interfaces (APIs) or other interfaces that allow programs, scripts or other validation systems 152 to automatically update DNS or other configuration information. Such services 155 typically ensure that received information is appropriately distributed or otherwise propagated throughout the public DNS or other distribution system 155.
The operation of an exemplary process for validating DNS or similar configuration data is described in detail below with respect to
Validation system 152 may be implemented using any appropriate computing hardware 164, software, firmware and/or the like. In some embodiments, validation system 152 is implemented using a software application or script that is stored and executed on general-purpose computing hardware 164, such as the processor 165, memory 166 and input/output features 167 commonly associated with a conventional personal computer, server or other computing system. In other embodiments, validation system 152 may reside on the same computing hardware 104 used to execute and implement one or more application servers 102. Still other embodiments may implement validation system 152 using other types of hardware and/or software, including any sort of workstation-based, cloud-based, server-based and/or other computing resources that may be available. The actual data processing and algorithms described herein may be implemented using any sort of programming or scripting features, including any sort of Perl, Python, Ruby or similar scripts that manually or automatically execute on any temporal basis; any sort of compiled or interpreted application, applet or the like in any source or object code format (e.g., a Java Servlet-type application); and/or the like.
The exemplary multi-tenant application system 100 illustrated in
In this context, a “tenant” generally refers to a group of users that shares access to common data within database 130. Tenants may represent customers, customer departments, business or legal organizations, and/or any other entities that maintain data for particular sets of users within system 100. Although multiple tenants may share access to a common server 102 and database 130, the particular data and services provided from server 102 to each tenant can be securely isolated from those provided to other tenants, as needed. The multi-tenant architecture therefore allows different sets of users to share functionality without necessarily sharing each other's data 132.
Database 130 is any sort of repository or other data storage system capable of storing and managing data 132 associated with any number of tenants. Database 130 may be implemented using any type of conventional database server hardware. In various embodiments, database 130 shares processing hardware 104 with server 102. In other embodiments, database 130 is implemented using separate physical and/or virtual database server hardware that communicates with server 102 to perform the various functions described herein. Although only one database 130 supporting multiple application servers 102A-C is illustrated in
Each application server 102A-C in this example is implemented using one or more actual and/or virtual computing systems that collectively provide a dynamic application platform for generating virtual applications 128A-B. Server 102 operates with any sort of conventional computing hardware 104, such as any processor 105, memory 106, input/output features 107 and the like. Processor 105 may be implemented using one or more of microprocessors, microcontrollers, processing cores and/or other computing resources spread across any number of distributed or integrated systems, including any number of “cloud-based” or other virtual systems. Memory 106 represents any non-transitory short or long term storage capable of storing programming instructions for execution on processor 105, including any sort of random access memory (RAM), read only memory (ROM), flash memory, magnetic or optical mass storage, and/or the like. Input/output features 107 represent conventional interfaces to networks (e.g., to network 145, or any other local area, wide area or other network), mass storage, display devices, data entry devices and/or the like. In a typical embodiment, processing resources, communications interfaces and other features of hardware 104 using any sort of conventional or proprietary operating system. As noted above, server 102 may be implemented using a cluster of actual and/or virtual servers operating in conjunction with each other, typically in association with conventional network communications, cluster management, load balancing and other features as appropriate.
Data and services provided by server 102 can be retrieved using any sort of personal computer, mobile telephone, tablet or other network-enabled client device 140 on network 145. Typically, the user operates a conventional browser or other client program 142 to contact server 102 via network 145 using, for example, the hypertext transport protocol (HTTP) or the like. HTTP or other communications based upon the TCP/IP protocol stack may use the IP addresses 151 described above; other types of protocols (e.g., voice or other telephony protocols, military protocols, secure or proprietary protocols and/or the like) may equivalently use different types of addresses 151 as appropriate.
In various embodiments that support two or more application servers 102, the various servers 102 may share configuration information with each other as appropriate (function 202). The servers 102A-C in
Configuration data may be obtained from one or more application servers 102 in any manner (function 206). In various embodiments, the validation system 152 requests configuration data from the server(s) 102 (function 204). Data may be requested in response to an administrator or other user manually executing a software program or script on validation system 152, for example. Alternately, requests 204 may be automatically scheduled (e.g., using a CRON-type scheduler executing on validation system 152) to execute on any regular or irregular time basis. Still other embodiments may schedule requests 204 for configuration data at times when application server 102 is known to be relatively idle, or at times when application server 102 is observed or expected to have a relatively low processing load (e.g., during hours when most users of the particular system are asleep, during weekends or holidays, or the like). Although
In some implementations, application server 102 confirms that validation system 152 is authorized to receive configuration data (function 205). Some implementations may simply check the IP or other address of validation system 152 to verify that the request 204 is originating from a particularly-known system, or at least a system that is operating within an approved network, subnet, domain, address range and/or other approved location. Other implementations may include further security mechanisms to require validation system 152 to provide a credential (e.g., userid/password, digital signature, biometric data and/or other credential) prior to receiving the configuration data.
Configuration data is received in any format (function 206). Configuration data may be received in a batch mode, for example, or data about particular domains or other settings may be individually received as desired. Various embodiments may provide the requested data in any organized format, such as a table or the like. DNS data, for example, could be provided as a table with each listing representing information for a particular domain supported by application server 102. The listing for each domain may include, for example, the domain text, an identifier of the tenant associated with the domain, an identifier of a particular application server 102A-C that hosts applications associated with the domain or tenant, and/or a description of the domain as follows:
To continue the “Acme” and “Joe's Bait and Tackle” example presented above, an exemplary data structure that includes data about these two domains could appear, in one embodiment, as follows:
The validation system 152 queries (function 208) the public DNS service 155 (or another information service on network 145 as appropriate) to obtain the publicly-distributed information for the same domains (function 208). The public information may be received in any manner (function 210). In various embodiments that process DNS configuration information, public DNS information may be obtained through conventional NSLOOKUP queries to a DNS service 155 on network 145. An exemplary NSLOOKUP response 210 from service 155 may appear as follows:
In this example, an NSLOOKUP query on the “acme.appserver.com” domain shows that the public information available from the DNS system 155 associates the domain with a server “nal.appserver.com” at the IP address 209.14.234.101. Other embodiments would provide additional and/or different information as appropriate. For example, information returned from ping, host, dig and/or other queries may be equivalently processed, as desired.
“Public” in this context simply means that the information is distributed or made available on network 145. If network 145 is a private or non-public network, the information provided by service 155 may not be available to members of the general public even though the information is “public” to users of network 145.
Rather than querying each domain individually, as described above, equivalent embodiments may simply request information about an entire domain or range of network addresses as appropriate. For example, some DNS systems 155 may support “zone file” or similar queries 208 that provide a listing of all domains associated with a particular network address, a particular range of network addresses, or a particular higher-level domain name (e.g., all of the subdomains associated with “appserver.com” or the like). Receiving and parsing a batch list may be more efficient than positing individual queries 208 in some embodiments.
Data received in function 206 and/or information received in function 210 can be parsed and stored in memory at the validation system 152 as appropriate. The configuration data 206 received from the application server 102 is then compared (function 212) to configuration information 210 received from the public service 155 to identify any anomalies between the two. As noted above, the parsing and comparing functions may be performed by a software application, applet, script (e.g., a PYTHON script) or the like executing on validation system 152.
Any differences or other anomalies between the server data 206 and the public information 210 may be reported out as desired (function 213). The report may be provided to a file or display that is readable by a human operator, for example. Reports of one or more anomalies may also be provided via email, text message, RSS or similar data feed, instant message and/or any other format, as desired. Other embodiments may report the anomalies to another data processing routine that is able to make changes or otherwise repair the anomalies, as desired.
Various embodiments may further repair any differences or other anomalies that are identified (function 214). Anomalies may be repaired on an automatic basis without further intervention from the administrator or user, or on a manual basis wherein the administrator initiates repair of one or more anomalies. To update the information for a particular domain name, for example, the validation system suitably contacts a service provider 154 using an API or other interface that allows changes to the configuration information. In some cases, configuration information may be updated by replacing the current entry entirely (e.g., by deleting the current entry and then adding a new entry as a replacement).
The updated configuration information then propagates throughout the DNS or other public service 155, as appropriate (function 216). Typically, service provider 154 has automated processes for distributing the updated information to the public service 155 to ensure adequate distribution on a relatively timely manner, considering the nature and scope of the DNS or other distribution service 155.
Various embodiments may additionally verify that the updated information is being distributed by service 155 (functions 218, 220). After a suitable period of time has elapsed to allow the updated information to propagate through the network, validation system 152 may place a subsequent query 218 to the DNS or other public service 155 and process the resulting response 220 to verify that the information about the domain is correct. The successful and/or unsuccessful results may be reported to an administrator, user or other process as desired.
As noted above, the various functions and features of process 200 may be carried out with any sort of hardware, software and/or firmware logic that is stored and/or executed on any platform. Some or all of method 200 may be carried out, for example, by logic executing within one or more systems shown in
Various exemplary systems and processes for validating domain name services and/or other configuration information have therefore been described. The term “exemplary” is used herein to represent one example, instance or illustration that may have any number of alternates. Any implementation described herein as “exemplary” should not necessarily be construed as preferred or advantageous over other implementations.
Although several exemplary embodiments have been presented in the foregoing description, it should be appreciated that a vast number of alternate but equivalent variations exist, and the examples presented herein are not intended to limit the scope, applicability, or configuration of the invention in any way. To the contrary, various changes may be made in the function and arrangement of the various features described herein without departing from the scope of the claims and their legal equivalents.
This application claims priority to U.S. Provisional Application Ser. No. 61/419,599, which was filed on Dec. 3, 2010 and is incorporated herein by reference.
| Number | Name | Date | Kind |
|---|---|---|---|
| 5577188 | Zhu | Nov 1996 | A |
| 5608872 | Schwartz et al. | Mar 1997 | A |
| 5649104 | Carleton et al. | Jul 1997 | A |
| 5715450 | Ambrose et al. | Feb 1998 | A |
| 5761419 | Schwartz et al. | Jun 1998 | A |
| 5819038 | Carleton et al. | Oct 1998 | A |
| 5821937 | Tonelli et al. | Oct 1998 | A |
| 5831610 | Tonelli et al. | Nov 1998 | A |
| 5873096 | Lim et al. | Feb 1999 | A |
| 5918159 | Fomukong et al. | Jun 1999 | A |
| 5963953 | Cram et al. | Oct 1999 | A |
| 6092083 | Brodersen et al. | Jul 2000 | A |
| 6169534 | Raffel et al. | Jan 2001 | B1 |
| 6178425 | Brodersen et al. | Jan 2001 | B1 |
| 6189011 | Lim et al. | Feb 2001 | B1 |
| 6216135 | Brodersen et al. | Apr 2001 | B1 |
| 6233617 | Rothwein et al. | May 2001 | B1 |
| 6266669 | Brodersen et al. | Jul 2001 | B1 |
| 6269378 | Quirt | Jul 2001 | B1 |
| 6295530 | Ritchie et al. | Sep 2001 | B1 |
| 6324568 | Diec et al. | Nov 2001 | B1 |
| 6324693 | Brodersen et al. | Nov 2001 | B1 |
| 6336137 | Lee et al. | Jan 2002 | B1 |
| D454139 | Feldcamp et al. | Mar 2002 | S |
| 6367077 | Brodersen et al. | Apr 2002 | B1 |
| 6393605 | Loomans | May 2002 | B1 |
| 6405220 | Brodersen et al. | Jun 2002 | B1 |
| 6434550 | Warner et al. | Aug 2002 | B1 |
| 6446089 | Brodersen et al. | Sep 2002 | B1 |
| 6535909 | Rust | Mar 2003 | B1 |
| 6549908 | Loomans | Apr 2003 | B1 |
| 6553563 | Ambrose et al. | Apr 2003 | B2 |
| 6560461 | Fomukong et al. | May 2003 | B1 |
| 6574635 | Stauber et al. | Jun 2003 | B2 |
| 6577726 | Huang et al. | Jun 2003 | B1 |
| 6601087 | Zhu et al. | Jul 2003 | B1 |
| 6604117 | Lim et al. | Aug 2003 | B2 |
| 6604128 | Diec | Aug 2003 | B2 |
| 6609150 | Lee et al. | Aug 2003 | B2 |
| 6621834 | Scherpbier et al. | Sep 2003 | B1 |
| 6654032 | Zhu et al. | Nov 2003 | B1 |
| 6665648 | Brodersen et al. | Dec 2003 | B2 |
| 6665655 | Warner et al. | Dec 2003 | B1 |
| 6684438 | Brodersen et al. | Feb 2004 | B2 |
| 6711565 | Subramaniam et al. | Mar 2004 | B1 |
| 6724399 | Katchour et al. | Apr 2004 | B1 |
| 6728702 | Subramaniam et al. | Apr 2004 | B1 |
| 6728960 | Loomans et al. | Apr 2004 | B1 |
| 6732095 | Warshavsky et al. | May 2004 | B1 |
| 6732100 | Brodersen et al. | May 2004 | B1 |
| 6732111 | Brodersen et al. | May 2004 | B2 |
| 6754681 | Brodersen et al. | Jun 2004 | B2 |
| 6763351 | Subramaniam et al. | Jul 2004 | B1 |
| 6763501 | Zhu et al. | Jul 2004 | B1 |
| 6768904 | Kim | Jul 2004 | B2 |
| 6782383 | Subramaniam et al. | Aug 2004 | B2 |
| 6804330 | Jones et al. | Oct 2004 | B1 |
| 6826565 | Ritchie et al. | Nov 2004 | B2 |
| 6826582 | Chatterjee et al. | Nov 2004 | B1 |
| 6826745 | Coker | Nov 2004 | B2 |
| 6829655 | Huang et al. | Dec 2004 | B1 |
| 6842748 | Warner et al. | Jan 2005 | B1 |
| 6850895 | Brodersen et al. | Feb 2005 | B2 |
| 6850949 | Warner et al. | Feb 2005 | B2 |
| 7340411 | Cook | Mar 2008 | B2 |
| 7620655 | Larsson et al. | Nov 2009 | B2 |
| 7698160 | Beaven et al. | Apr 2010 | B2 |
| 7930428 | Drako | Apr 2011 | B2 |
| 8082301 | Ahlgren et al. | Dec 2011 | B2 |
| 8095413 | Beaven | Jan 2012 | B1 |
| 8095594 | Beaven et al. | Jan 2012 | B2 |
| 8275836 | Beaven et al. | Sep 2012 | B2 |
| 8321551 | Gardner | Nov 2012 | B2 |
| 8423607 | Saleem et al. | Apr 2013 | B2 |
| 20010044791 | Richter et al. | Nov 2001 | A1 |
| 20020072951 | Lee et al. | Jun 2002 | A1 |
| 20020082892 | Raffel | Jun 2002 | A1 |
| 20020129352 | Brodersen et al. | Sep 2002 | A1 |
| 20020140731 | Subramanian et al. | Oct 2002 | A1 |
| 20020143997 | Huang et al. | Oct 2002 | A1 |
| 20020162090 | Parnell et al. | Oct 2002 | A1 |
| 20020165742 | Robbins | Nov 2002 | A1 |
| 20030004971 | Gong | Jan 2003 | A1 |
| 20030018705 | Chen et al. | Jan 2003 | A1 |
| 20030018830 | Chen et al. | Jan 2003 | A1 |
| 20030066031 | Laane et al. | Apr 2003 | A1 |
| 20030066032 | Ramachandran et al. | Apr 2003 | A1 |
| 20030069936 | Warner et al. | Apr 2003 | A1 |
| 20030070000 | Coker et al. | Apr 2003 | A1 |
| 20030070004 | Mukundan et al. | Apr 2003 | A1 |
| 20030070005 | Mukundan et al. | Apr 2003 | A1 |
| 20030074418 | Coker et al. | Apr 2003 | A1 |
| 20030120675 | Stauber et al. | Jun 2003 | A1 |
| 20030151633 | George et al. | Aug 2003 | A1 |
| 20030159136 | Huang et al. | Aug 2003 | A1 |
| 20030187921 | Diec et al. | Oct 2003 | A1 |
| 20030189600 | Gune et al. | Oct 2003 | A1 |
| 20030204427 | Gune et al. | Oct 2003 | A1 |
| 20030206192 | Chen et al. | Nov 2003 | A1 |
| 20030225730 | Warner et al. | Dec 2003 | A1 |
| 20040001092 | Rothwein et al. | Jan 2004 | A1 |
| 20040010489 | Rio et al. | Jan 2004 | A1 |
| 20040015981 | Coker et al. | Jan 2004 | A1 |
| 20040027388 | Berg et al. | Feb 2004 | A1 |
| 20040128001 | Levin et al. | Jul 2004 | A1 |
| 20040186860 | Lee et al. | Sep 2004 | A1 |
| 20040193510 | Catahan et al. | Sep 2004 | A1 |
| 20040199489 | Barnes-Leon et al. | Oct 2004 | A1 |
| 20040199536 | Barnes-Leon et al. | Oct 2004 | A1 |
| 20040199543 | Braud et al. | Oct 2004 | A1 |
| 20040249854 | Barnes-Leon et al. | Dec 2004 | A1 |
| 20040260534 | Pak et al. | Dec 2004 | A1 |
| 20040260659 | Chan et al. | Dec 2004 | A1 |
| 20040268299 | Lei et al. | Dec 2004 | A1 |
| 20050050555 | Exley et al. | Mar 2005 | A1 |
| 20050091098 | Brodersen et al. | Apr 2005 | A1 |
| 20080060054 | Srivastava | Mar 2008 | A1 |
| 20090089438 | Agarwal et al. | Apr 2009 | A1 |
| 20120036179 | Hegde et al. | Feb 2012 | A1 |
| Number | Date | Country | |
|---|---|---|---|
| 20120144023 A1 | Jun 2012 | US |
| Number | Date | Country | |
|---|---|---|---|
| 61419599 | Dec 2010 | US |
