Concepts and Design Principles

This page gives a high level overview of the concepts on which the VSETH infrastructure is built.

The VSETH Student Innovation Platform (SIP) is the development and deployment platform of VSETH which enables student organizations to easily develop, test, deploy and maintain applications using the VSETH IT infrastructure.

The student innovation platform consists of the following components:

  • The VSETH IT Infrastructure on which all applications and supporting systems run.
  • A set of design principles and guidelines which govern how applications are developed and how they interact with other VSETH systems.

Main Goals

The main goals of the VSETH Student innovation platform are:

  • Providing a secure, reliable and cost-effective way to host applications of student organizations.
  • Simplifying the task of developing and deploying new software inside student organizations.
  • Enabling student organizations to use the work done by other student organizations and give back to the community.

Main Design Principles

This section summarizes the main design principles the SIP is built on. For each principle further documentation is linked.

Landscape

The basis for the student innovation platform is formed by a comprehensive IT infrastructure (the blue and orange rectangle in the overview) which provides systems that are used by many applications such as:

  • Databases
  • Application Storage
  • Logging and Monitoring
  • Hosting for containers

This infrastructure is managed centrally by VSETH therefore removing a lot of the complexity of hosting an application (such as managing database updates and backups) from the individual student organizations.

Container

All applications deployments on the SIP are done using docker containers. This has the big advantage of bundling all dependencies of an applications such as libraries inside the container without negatively impacting other applications.

To standardize this even further VSETH provides a set of base images which all applications should use and clear guidelines how containers should be used and how containers get their configuration (such as database connections) from the system managing the containers.

Continuous Integration / Gatekeeper (Deployment-Process)

Most application have some dependencies on resources like databases which are needed to run the application which are provided by the VSETH infrastructure. Gateekeper is a custom VSETH application which simplifies the deployment-process by automatically creating and managing the necessary resources. After the resources have been created Gatekeeper is also responsible for deploying the container to the hosting solution and injecting the necessary config.

Microservices

SIP heavily builds on the concept of micro-services: breaking down bigger components into small manageable pieces that can be developed, tested, deployed and maintained independently of each other. A good rule of thumb is that it should be possible to redevelop a component over the course of a semester.

APIs

The student innovation platform provides a set of easy to use application programming interfaces (API) using the GRPC protocol for common tasks such as getting user information (people-api) or sending emails from an application (mail-api). This hides the complexity of certain actions from the developers and ensures compatibility even if the underlying systems change (e.g. migration of the VSETH mail server).

User Management

Most of applications depend on some kind of user management, e.g. for authentication. The VSETH uses the user management infrastructure of ETH Zurich and provides an API (people-api) for accessing user and group information.

Authentication

Almost every complex application needs some form of authentication to restrict access to certain users (e.g. only VSETH board members should be able to send out the VSETH newsletter etc.). Since authentication is needed in almost any application SIP provides an easy to use solution for this by using the SWITCH AAI login for authentication while also providing a central authentication and authorization sever to enable fine grained access control.

Dev-Environment

Developing software can sometimes be frustrating. But it is even more frustrating if you've developed an awesome application which perfectly runs on your local system, but as soon as you want to deploy the application a swatch of problems arises, like the database version is not compatible etc. That's why SIP provides a development environment which can be run locally on your system which emulates the production environment, reducing the risks of incompatibilities with the production system