Submit a request

Setup Multi-Tenant Environment

Avatar
Kepion Support
  • Updated

Introduction

In this setup guide, we will walk through the steps to set up the multi-tenant environment where you can host multiple instances of Kepion applications. You should already be familiar with our Standard Setup Guide procedures, and understand how to setup a single instance of Kepion before you start on this guide.

 

 

1. Verify Prerequisites

Download the following files from the Kepion Resource Center:

Software Downloads > v6.0 > Manual Configuration

  • EnableFeaturesOnServer.zip
  • Package.zip

Software Downloads > v6.0 > Manual Configuration > Multitenant

  • CPMAppHost.zip
  • kepion.override.json

 

 

2. Enable Web Server Features

Unzip the file EnableFeaturesOnServer.zip downloaded from the previous step, and run it in a CMD prompt with Administrator privileges. The EnableFeaturesOnServer.bat script will turn on features on the Windows server that Kepion requires for its Web Server.

After running the script, please make sure all the required server roles are enabled.

 

 

3. Restore Database

On SQL Server, unzip CPMAppHost.zip and restore CPMAppHost.bak with the following name format: CPMAppHost_<Customer>.

For example:

  • Tenant #1 : CPMAppHost_Customer1
  • Tenant #2 : CPMAppHost_Customer2
  • Etc.

 

 1-Restore_Database.png

 

The CPMAppHost_ database stores Kepion system settings. Modify the following:

 

1. Add yourself to the [dbo].[SystemAdmins] tables by entering into the following fields:

  • UserName: your login <DOMAIN>\<USERNAME>
  • DisplayName: Friendly display name
  • ModifiedBy: 0

 

2-modify-cpmapphost-customer.png

 

2. Update the table [dbo].[SystemSettings] with the following settings. Make sure to use the following template after replacing <MULTITENANT>.

 

Setting Description
DefaultAppDBConnectionStringFormat This defines the template for the SQL connection string for new Kepion applications. Used by the Kepion Web Server to communicate with SQL databases.

Template:

        Persist Security Info=False;Integrated Security=SSPI;database={0};server=<MULTITENANT>

 

 

Setting Description
DefaultAppDBOlapConnectionStringFormat This defines the template for the SQL connection string when connecting from SSAS to SQL relational databases.

Template:

Persist Security Info=False;Integrated Security=SSPI;database={0};server=<MULTITENANT>;Packet Size=32767

 

 

Setting Description
DefaultOlapServer This represents the default OLAP server for new Kepion applications. When you take a Kepion application and “Deploy to OLAP”, a SSAS database will be generated to this server.

Example:

MULTITENANT

 

3-multi-cpmapphost-systemsettings.png 

 

 

4. Configure Security

Configure security by reviewing the Advanced Security section.

 

 

5. Set Up the Directory

Create a directory on the machine for the Kepion Web Server. Note that the path can be anything that is valid on the machine:

Create Directory

  • C:\Kepion.Customer1\
  • C:\Kepion.Customer2\

 

Copy Files to Directory

  • Unzip the Package.zip file and copy the contents into the directory.
  • Copy the kepion.override.json file into this directory as well. This file will determine which CPMAppHost to connect to for the Kepion Web Server.

 

 4-setup-directory.png

 

Edit the kepion.override.json File

  • Update the value for database, server, and Application Name
  • For example,
    “appHost”: “Persist Security Info=False;Integrated Security=SSPI;database=CPMAppHost_Customer1;server=MULTITENANT;Application Name=Kepion Planning Customer1

 

 

6. Create the Application Pool

Create the Application Pool from Internet Information Services (IIS) Manager. You can launch this from the run command using inetmgr. Right click Application Pools and select Add Application Pool…

 

 5-multi-add-application-pool.png

 

Create an Application Pool for each customer/tenant. For example:

  • Kepion Customer1 AppPool
  • Kepion Customer2 AppPool
  • Etc…

Choose the following settings in the Add Application Pool dialog:

 

6-multi-add-application-pool-1-300x272.png

 

It is important to set a unique credential for each Application Pool. This will prevent one instance of Kepion Planning from accessing the resources of another. By doing so, we create a security barrier between different customers/tenants on the same machine.

Verify the following are configured for each Application Pool (Note that the Identity should be different for each Application Pool for enhanced security):

 

 7-multi-application-pool-advanced-settings.png

 

 

7. Create a Website in IIS

Create the Kepion Planning Website for each customer/tenant.

1. Add a new Website - Right click on Sites and select Add Website….

 

8-multi-add-website.png

 

2. Click Select… and select the Application Pool created in the previous step.

 

9-multi-add-website-select-application-pool.png


3. Specify the Site name and the Physical path. The physical path should point to the directory that you previously created for the Kepion Web Server. For each website, grant it with its own Port number (i.e. 8888, 8889, etc.).

 

10-multi-configure-website.png

 

4. Configure Authentication - Double click on Authentication. Right click on Windows Authentication and select Enable.

 

11-multi-windows-authentication.png

 

5. With the Windows Authentication selected, click on Providers….

 

12-multi-windows-authentication-providers-630x286.png

 

6. Select Negotiate and click Remove.

 

13-multi-windows-authentication-providers-settings.png

 

7. Grant permission for Service Identity (SI) to access Web Site
Click Edit Permissions…

 

14-multi-iis-website-edit-permissions.png

 

8. On the Security tab, click Edit…

 

15-multi-website-security.png

 

9. Add your SI (i.e. CORP\tenantSI1). Make sure the SI has Read & execute, List folder contents and Read.

 

16-multi-website-security-add-si.png

 

 

8. Launch Website

Launch the website http://localhost:8888 from IE. Repeat the above steps for each customer/tenant that you want hosted.

 

17-launch-kepion-website.png

Was this article helpful?
0 out of 1 found this helpful
Return to top

Comments

0 comments

Please sign in to leave a comment.

Related articles