Softrip Platform Infrastructure - Net + Next

This document is out of date, please see Softrip Platform Infrastructure instead

Terminology/Glossary

Self-Hosted Client

  • A Softrip client who hosts the Softrip applications in their own environment, on their own hardware. This can be on-premise, in the cloud, or in a colocation.

  • A self-hosted client is responsible for their own infrastructure, including: security, configuration, monitoring, maintenance, management, scaling, and operation of their environments, networks, applications, and hardware.

Softrip-Hosted Client

  • A Softrip client whose Softrip applications are hosted on Softrip hardware and environments

  • Typically for smaller clients – 5-20 internal staff or under 50,000 annual passengers

  • Softrip handles the security, operation, configuration, monitoring, maintenance, and management of its own environments, networks, applications, and hardware.

  • Softrip’s hosting environment and resources (hardware, databases, bandwidth, etc.) are shared between all hosted clients, meaning that one client’s traffic and operations may impact other hosted clients’ system performance.

Softrip User Types

  • Internal User – An authenticated internal staff member – Includes call center agents and all staff

  • Direct Consumer (“Direct User”) – An authenticated/logged-in direct consumer

  • Travel Agent – An authenticated/logged-in Travel Agent

  • WebUser – An unauthenticated user (browsing/shopping without logging in). These users are treated as direct consumers for purposes of display and permissions.

  • External User – (as opposed to Internal User) - Umbrella term for WebUsers, Direct Consumers, and Travel Agents

SoftripNet

  • Softrip's "legacy" applications

  • Includes the following components (see below for details on components):

    • STServer

    • STRes

    • STWeb

    • STApps

SoftripNext

  • Softrip's new applications

  • Includes the following components (see below for details on components):

    • STServerWeb

    • ResWebNext

      • Includes reservations, CMS, and CRM applications

    • AppsNext

Softrip Applications and Components

STServer

  • The middle tier/business logic tier for all legacy Softrip applications ("SoftripNet")

  • Installed as a Windows Service

  • Listens on TCP 8000 for HTTP requests (8000 is Softrip’s default listening port - Different clients may use different ports)

  • Talks to the “Main Database” SQL Server instance (TCP 1433)

  • Talks to the RServer application (TCP 443/https)

  • Writes files (attachments and logs) to the fileshare)

STServerWeb

RServer

  • The connector between the Softrip platform and third-party providers

    • Includes GDSs (like Amadeus) and hotel consolidators/providers (like Dingus, HBSi, etc.)

  • Installed as an http://ASP.Net application hosted in IIS

  • Listens on TCP 443 (https)

  • Talks to the Softrip database (TCP 1433)

  • Sends requests to third-party providers through the internet (TCP 443/https)

STApps

  • The back-office "legacy" applications ("SoftripNet") used by internal users to load product, run operations, accounting, reporting, etc.

  • Built as DLLs that are hosted in user browsers (Internet Explorer) and served through IIS

  • These can also run as a standalone Windows executable (WinForms) to be installed on users' workstations

  • These applications send HTTP requests to STServer on TCP 8000 for processing

    • Note that the applications are served to back-office users through IIS, but the applications send requests from users' workstations to the middle tier (TCP 8000)

AppsNext

  • Softrip's "SoftripNext" back-office applications

  • Installed as an IIS virtual directory (only serves static files)

  • Listens on TCP 443 (https)

  • Talks to the STServerWeb application (TCP 443/https)

    • Note that the applications are served to back-office users through IIS, but the applications send requests from users' workstations to the middle tier (TCP 443/https)

STRes

  • The Softrip reservation application

    • Serves internal users/call center agents, direct consumers, and travel agents

  • Installed as an http://ASP.Net application hosted in IIS

  • The reservation system sends HTTP requests to STServer on TCP 8000 for processing

  • Listens on TCP 443 (https)

ResWebNext

  • SoftripNext's reservation system, CMS, and CRM application

  • Installed as an http://ASP.Net MVC application hosted in IIS

  • Listens on TCP 443 (https)

  • Talks to the STServerWeb application (TCP 443/https)

STWeb

  • The Softrip CMS application

    • Serves internal users/call center agents, direct consumers, and travel agents

  • Installed as an http://ASP.Net application hosted in IIS

  • The CMS sends HTTP requests to STServer on TCP 8000 for processing

  • Listens on TCP 443 (https)

Database

  • The main Softrip database holding all records used by the Softrip platform

  • Built as a MS SQL Database

  • Listens on TCP 1433

  • Note that certain automation tasks are built as SQL Server Agent scheduled jobs that send requests to the middle tiers. As such, the database may need to send requests to STServer (TCP 8000) and/or STServerWeb (TCP 443/https)

SSRS

  • Microsoft SQL Server Reporting Services

  • Used by Softrip to generate reports and reservation documents

  • Pulls report data directly from the main database, or from STServer (for more complex datasets – Example: Reservation Invoices)

    • Sends requests to the main database (TCP 1433) and to STServer/STServerWeb (TCP 8000, TCP 443/https)

  • Listens on TCP 443 (https)

  • SSRS uses its own database to hold its report definitions

    • This database may be hosted on the same server as the Reporting Services host, or hosted on the main SQL database server

Softrip Processes

Release Cycle

For a complete release schedule calendar, see: https://softrip.atlassian.net/wiki/spaces/KBPUB/calendars

Softrip releases new versions of its applications and components every three weeks (“Sprint”).
This three-week process is defined as follows:

  • Two weeks of development

    • Build a “Release Candidate” at the end of the two weeks of development

  • One week of Quality Assurance

    • Test and fix any gaps found in the Release Candidate

    • Promote the Release Candidate to Stable at the end of the QA week

    • New Stable version is available to be deployed to client Testing environments for User Acceptance Testing, or to client Production environments if UAT passes

  • Start the next 3-week Sprint

Example

  • Mon 01 May - Fri 12 May

    • Softrip implements scheduled fixes and features

  • Mon 15 May

    • Softrip builds a new Release Candidate for the new version

  • Mon 15 May - Fri 19 May

    • Softrip deploys and tests the Release Candidate in QA environments (daily deployments)

    • Any bugs or incomplete implementations found are addressed during this week and updated in the Release Candidate

  • Fri 19 May (EOD)

    • Softrip promotes the Release Candidate to Stable

  • Mon 22 May

    • Softrip deploys the new Stable version to client testing/UAT environments

  • Mon 22 May - Fri 26 May

    • Client tests the new Stable version in their Test environment and report any bugs found to Softrip

    • Softrip reviews reported bugs to be addressed as a hotfix (to be fixed in current version) or for a future Sprint/version

  • Mon 29 May

    • Softrip deploys the new Stable version to client Production environments

Deployment Mechanisms

Softrip uses Octopus Deploy to push new versions to client environments.
Softrip recommends installing Octopus Deploy Tentacles on all servers hosting Softrip applications (UAT and Production).
If Octopus Deploy is not a viable option for the client, Softrip deploys new versions "by hand".

Server Instances

Web Server

  • Suggested domain: www.domain.com

  • Requires SSL

  • Serves the public and internal staff

  • Typically installed in a DMZ (other components typically reside in the LAN)

  • Installed software:

  • Hosts the following Softrip applications:

    • STRes

    • STWeb

    • STApps

    • ResWebNext (CMS/CRM)

Application Server/Middle Tiers

  • Suggested domain: mt.domain.com

  • Requires SSL

  • Serves the business logic to internal staff and Softrip applications

  • Installed software:

  • Hosts the following Softrip applications:

    • STServer (Windows Service)

    • STServerWeb (IIS application)

Resource Server

  • Suggested domain: rserver.domain.com

  • Requires SSL

  • Processes RServer requests and sends requests to the internet for third-party providers (GDSs, hotel interfaces, etc.)

  • Installed software:

  • Hosts the following Softrip application:

    • RServer (IIS application)

Database Server

  • Suggested domain: db.domain.com

  • Hosts the Softrip database

  • Installed software:

    • MS SQL Server 2016 Standard Edition+

    • Notepad++

    • SQL Server Management Studio

  • Should be on SQL collation "SQL_Latin1_General_CP1_CI_AS"

Reporting Server

  • Suggested domain: reports.domain.com

  • Requires SSL

  • Hosts the MS SSRS service

  • Installed software:

    • MS SSRS 2016+

    • MS SQL Server 2016+ (to host the ReportServer and ReportServerTempDB databases used by SSRS)

      • Also possible to host the ReportServer and ReportServerTempDB databases on the main database server

    • Notepad++

Redis Server (DMZ)

  • Suggested domain: redis-dmz.domain.com

  • Hosts a Redis instance

  • Used by ResWebNext for caching

  • Softrip recommends using a managed Redis instance if available, or the latest Redis version on a Linux server

Redis Server (LAN)

  • Suggested domain: redis-lan.domain.com

  • Hosts a Redis instance

  • Used by STServerWeb for state storage and caching

  • Softrip recommends using a managed Redis instance if available, or the latest Redis version on a Linux server

FileShare Server

  • Suggested domain: fs.domain.com

  • Built as a UNC/SMB fileshare

  • Holds Softrip logs and rendered attachments/historical documents

  • Application Server writes to this share

  • Web Server reads from this share

    • As an IIS virtual directory with appropriate credentials and permissions

User Accounts

Softrip uses the following user accounts for applications, permissions, and security.

  • STService

    • The account running the Softrip back-end applications

    • Scope: DOMAIN

    • Runs:

      • STServerWeb (IIS Application Pool)

      • STServer (Windows Service)

    • Permissions:

      • Read/write for fileshare

      • Softrip recommends giving this account read/write access to the database (using SSPI)

        • Alternative is to use a SQL user, with account credentials in middle tier configuration files - Less secure

      • Open listening port TCP 8000 on middle tier server (netsh http add urlacl url=http://*:8000/ user=DOMAIN\STService)

  • STShare

    • The account reading from the file share to serve attachments to the web server

    • Scope: FileShare, WebServer

    • Should be created as a local Windows user account on the file share server and the web server

    • Runs:

      • www.domain.com/STNAttach (virtual directory on web server)

      • www.domain.com/STNView (virtual directory on web server)

      • www.domain.com/STNAuxAttach (virtual directory on web server)

    • Permissions:

      • Read permissions for fileshare

  • STReports

    • The account running Softrip reports in SSRS

    • Scope: Reports Server

    • Permissions:

      • Full permissions (site and root folder level) in SSRS

  • STAdmin

    • The account used by Softrip staff for maintenance, updates, and debugging

    • Scope: Domain, Web Server

    • Permissions:

      • Local administrator on each machine/server

      • RDP for each machine/server

  • STAdmin

    • The SQL account used by Softrip for debugging and database maintenance

    • Scope: SQL Server (SQL user account - Not a Windows user)

    • Permissions:

      • Full permissions on the Softrip database

      • Permissions for building and updating SQL Server Agent scheduled jobs

Networking Diagram

Notes on Load-Balancing

  • SoftripNet applications (legacy back-office and reservations) must be configured to be connected to all middle tiers/STServer instances

    • Each instance of the reservations application will be configured to point to all STServer instances

    • This is due to "session stickiness": A user session belongs to exactly one STServer instance, and each STServer instance is unaware of other STServer instances

  • SoftripNext applications (back-office, CMS Next, CRM) can be connected to a single load-balanced endpoint

    • No requirement for the application to know all STServerWeb instances

    • SoftripNext has no "session stickiness": Its user sessions are shared between all STServerWeb instances, and any STServerWeb instance can process a request for any user session

    • Easier dynamic load-balancing if needed

    • If configured properly, NLB can route requests only to available/working STServerWeb instances (useful for maintenance/patching)

  • Examples:

    • SoftripNet Reservations Configuration:

      • "MyMiddleTiers": "A:STServer1.domain.com,B:STServer2.domain.com"
      • STServer1.domain.com and STServer2.domain.com are two different machines, each hosting an instance of STServer

    • SoftripNext Back-Office Configuration:

      • "MyMiddleTier": "https://stsw.domain.com"
      • stsw.domain.com is a load-balanced NLB/ARR instance which will route requests to any available STServerWeb instance

Softrip Ports and Purposes

Source

Destination

Ports

Purpose

Middle Tier (STServer and STServerWeb)

Database

TCP 1433

SQL Communication

Middle Tier (STServer and STServerWeb)

SSRS

TCP 443

SQL Reporting Services

Middle Tier (STServer and STServerWeb)

Resource Server/RServer

TCP 443

Business Logic

Middle Tier (STServerWeb)

Redis Repository

TCP 6379

State Storage

Database

Middle Tier (STServer and STServerWeb)

TCP 8000, TCP 443

Business Logic for custom reports

SSRS

Database

TCP 1433

Reporting Services port for pulling data from the database

SSRS

Middle Tier

TCP 8000, TCP 443

Reporting Services port for pulling data from the middle tiers for more complex datasets

Web Server

Middle Tier (STServer and STServerWeb)

TCP 8000, TCP 443

Business Logic

Web Server

Redis Repository

TCP 6379

CMS Cache

Resource Server/RServer

Database

TCP 1433

SQL Communication

Resource Server/RServer

Internet

TCP 443

External Resources (APIs like Amadeus etc.)

Staff Workstation

Middle Tier (STServer and STServerWeb)

TCP 8000, TCP 443

Business Logic - Back-office applications

Staff Workstation

Web Server

TCP 443

Access to the web site and applications

Public

Web Server

TCP 443

Public access to the web site

Softrip Environment/VPN Client

Database

TCP 1433

SQL Communication

Softrip Environment/VPN Client

SSRS Server

TCP 443

SQL Reporting Services

Softrip Environment/VPN Client

Middle Tier (STServer and STServerWeb)

TCP 8000, TCP 443

Business Logic

Softrip Environment/VPN Client

RServer

TCP 443

Business Logic

Softrip Environment/VPN Client

Web Server

TCP 443

Access to website and web applications

Softrip Environment/VPN Client

Database

TCP 3389, UDP 3389

RDP - Maintenance

Softrip Environment/VPN Client

SSRS Server

TCP 3389, UDP 3389

RDP - Maintenance

Softrip Environment/VPN Client

Middle Tier (STServer and STServerWeb)

TCP 3389, UDP 3389

RDP - Maintenance

Softrip Environment/VPN Client

Web Server

TCP 3389, UDP 3389

RDP - Maintenance

Softrip Environment/VPN Client

Resource Server

TCP 3389, UDP 3389

RDP - Maintenance