Introduction
In this setup guide, we will walk through the steps to set up the multi-tenant environment where you can host multiple instances of Kepion applications. You should already be familiar with our Standard Setup Guide procedures, and understand how to setup a single instance of Kepion before you start on this guide.
1. Verify Prerequisites
Download the following files from the Kepion Resource Center:
Software Downloads > v6.0 > Manual Configuration
- EnableFeaturesOnServer.zip
- Package.zip
Software Downloads > v6.0 > Manual Configuration > Multitenant
- CPMAppHost.zip
- kepion.override.json
2. Enable Web Server Features
Unzip the file EnableFeaturesOnServer.zip downloaded from the previous step, and run it in a CMD prompt with Administrator privileges. The EnableFeaturesOnServer.bat script will turn on features on the Windows server that Kepion requires for its Web Server.
After running the script, please make sure all the required server roles are enabled.
3. Restore Database
On SQL Server, unzip CPMAppHost.zip and restore CPMAppHost.bak with the following name format: CPMAppHost_<Customer>.
For example:
- Tenant #1 : CPMAppHost_Customer1
- Tenant #2 : CPMAppHost_Customer2
- Etc.
The CPMAppHost_ database stores Kepion system settings. Modify the following:
1. Add yourself to the [dbo].[SystemAdmins] tables by entering into the following fields:
- UserName: your login <DOMAIN>\<USERNAME>
- DisplayName: Friendly display name
- ModifiedBy: 0
2. Update the table [dbo].[SystemSettings] with the following settings. Make sure to use the following template after replacing <MULTITENANT>.
Setting | Description |
---|---|
DefaultAppDBConnectionStringFormat | This defines the template for the SQL connection string for new Kepion applications. Used by the Kepion Web Server to communicate with SQL databases. |
Template:
Persist Security Info=False;Integrated Security=SSPI;database={0};server=<MULTITENANT>
Setting | Description |
---|---|
DefaultAppDBOlapConnectionStringFormat | This defines the template for the SQL connection string when connecting from SSAS to SQL relational databases. |
Template:
Persist Security Info=False;Integrated Security=SSPI;database={0};server=<MULTITENANT>;Packet Size=32767
Setting | Description |
---|---|
DefaultOlapServer | This represents the default OLAP server for new Kepion applications. When you take a Kepion application and “Deploy to OLAP”, a SSAS database will be generated to this server. |
Example:
MULTITENANT
4. Configure Security
5. Set Up the Directory
Create a directory on the machine for the Kepion Web Server. Notice that the path can be anything that is valid on the machine:
Create Directory
- C:\Kepion.Customer1\
- C:\Kepion.Customer2\
- …
Copy Files to Directory
- Unzip the Package.zip file and copy the contents into the directory.
- Copy the kepion.override.json file into this directory as well. This file will determine which CPMAppHost to connect to for the Kepion Web Server.
Edit the kepion.override.json File
- Update the value for database, server, and Application Name
- For example,
“appHost”: “Persist Security Info=False;Integrated Security=SSPI;database=CPMAppHost_Customer1;server=MULTITENANT;Application Name=Kepion Planning Customer1“
6. Create the Application Pool
Create the Application Pool from Internet Information Services (IIS) Manager. You can launch this from the run command using inetmgr. Right click Application Pools and select Add Application Pool…
Create an Application Pool for each customer/tenant. For example:
- Kepion Customer1 AppPool
- Kepion Customer2 AppPool
- Etc…
Choose the following settings in the Add Application Pool dialog:
It is important to set a unique credential for each Application Pool. This will prevent one instance of Kepion Planning from accessing the resources of another. By doing so, we create a security barrier between different customers/tenants on the same machine.
Verify the following are configured for each Application Pool (Observe that the Identity should be different for each Application Pool for enhanced security):
7. Create a Website in IIS
Create the Kepion Planning Website for each customer/tenant.
1. Add a new Website - Right click on Sites and select Add Website….
2. Click Select… and select the Application Pool created in the previous step.
3. Specify the Site name and the Physical path. The physical path should point to the directory that you previously created for the Kepion Web Server. For each website, grant it with its own Port number (i.e. 8888, 8889, etc.).
4. Configure Authentication - Double click on Authentication. Right click on Windows Authentication and select Enable.
5. With the Windows Authentication selected, click on Providers….
6. Select Negotiate and click Remove.
7. Grant permission for Service Identity (SI) to access Web Site
Click Edit Permissions…
8. On the Security tab, click Edit…
9. Add your SI (i.e. CORP\tenantSI1). Make sure the SI has Read & execute, List folder contents and Read.
8. Launch Website
Launch the website http://localhost:8888 from IE. Repeat the above steps for each customer/tenant that you want hosted.
Comments
0 comments
Please sign in to leave a comment.