VRT Performance & Cost Optimization
In the current VRT, we have an excessive number of microservices, leading to degraded VRT performance and increased resource consumption on our infrastructure, resulting in higher infrastructure costs. To optimize this, we are merging the following microservices:
- Api-gateway, Security & Authentication → Api-gateway
- Esb & Igw → Esb
- Sync Engine, Vflow-execution & Vrt-config-engine → Sync Engine
As a result, after the current release, the number of microservices will be reduced by 5.
Impact
- Performance Improvement
- Incremental Cost Benefits
We will be upgrading all Vahana 2 VRTs (Sandbox, Shared, GTM) and Vahana 1 VRTs (Sandbox & Prod) under this release. All clients are requested to upgrade their respective VRTs to avail the benefits.
Deprecations :
- Download Build Setting in Designer 2.0 (Once VRT is upgraded)
With the performance optimization of VRT, there will be changes to the VRT Config Fetch URL on the Downloads Module page. As a result, all existing users with Designer 2.0 builds will be required to create new builds. To ensure a smooth transition, we will provide 30 days of support for current builds. However, after this period, older builds will cease to function. Therefore, we strongly advise all users to trigger the creation and distribution of new builds promptly.
- "Previously, SSO Token APIs posed security risks due to their lack of security measures. To address this concern, we have migrated these APIs from the authentication module to the API Gateway and implemented enhanced security measures. As a result, older SSO APIs have been deprecated and will be completely removed within 30 days.( Once VRT is upgraded)
-
You have to change endpoint of following apis:
-
http://{host}:{port}/authentication-service/generate/SSOToken → http://{host}:{port}/router/generate/SSOToken
-
http://{host}:{port}/authentication-service/validate/SSOToken → http://{host}:{port}/router/validate/SSOToken
-
http://{host}:{port}/authentication-service/sso-login-details → http://{host}:{port}/router/sso-login-detail
-
Also, Send clientsecret key in header for the app which you want to generate/validate sso token clientsecret : {client secret for which we want to generate/validate sso token}
Multipart & Full Sync
The current Sync functionality is encountering security concerns from the banks’ end, resulting in occasional blocks by the banks’ security measures. These concerns include issues such as Payload Size, SQL Injection, and Regex Blocking.
To address these security challenges, we are introducing Multipart Sync. With Multipart Sync, data will be transmitted to VRT in a zip file format, mitigating the aforementioned security issues.
If we flush VRT redis or need to link another VRT, it necessitates a resync of all configurations. However, this is currently not feasible as we only support incremental sync. To address this limitation, we are introducing Full Sync to provide a solution to this problem
Import/Export in Release Manager
In the current scenario, banks have raised concerns about establishing a direct connection between Vahana Cloud VRT and their servers due to security reasons. Additionally, banks are required to whitelist and keep ports open for VRT, which poses additional security challenges. To address this issue, we are implementing Export/Import functionality for Vahana Configuration. This feature will allow users to export the configuration from Vahana and import it into their VRT at their end, providing a secure and convenient solution for configuration management.
Bug Fixes
- Fixed an error when Release Manager was not accessible when agent ID is updated
- Fixed an issue when user is not able to link VRT when agent ID is updated
- Fixed an issue when user was not able to link new VRT with existing environment
- Fixed an issue where HTTP methods apart from POST & GET were not configurable at Service level
- Fixed an issue where Sync status remains stuck in Pending state even when sync call is Failed
- vConnect now does not injects interface parameter in new Service configuration
- Mandatory error messages in IGW issues is now fixed