CoreTech Foundation Apps for Humanity

(1)

CoreTech Foundation Apps for Humanity

(2)

We believe the nonprofit

world deserves access to game-changing technology

If you’re a nonprofit, you’ve likely come up against one or more of the following challenges:

1. Shortage of funds

2. Shortage of time

3. Shortage of human resources

IT solutions exist to address these problems, but they can be time-consuming, expensive, skill-based, and difficult, particularly if you don’t have great IT help. That’s why we’ve created a technology toolbox to help nonprofits achieve their purpose more affordably and efficiently, so you can get back to focusing on your

CoreTech Foundation builds technology solutions for organizations committed to making the world a better place

(3)

Software Development

Our software toolbox, CORE, helps address your basic organizational needs.

CORE allows you to:

• collect, analyze, and manage data of any size

• measure data against funders’ measurement standards • develop engaging fundraising and awareness platforms • maximize follow-up engagement with donors

• monitor and report on progress

• seamlessly communicate with internal and external stakeholders

1

CTO as a Service

Get the expertise of a CTO without having to hire a full-time IT professional.

Consulting Services We work with you to build and implement custom solutions quickly and

Consulting Services

2

CoreTech offers nonprofits a two-fold solution:

(4)

Our mission is to empower organizations with the best technology to make the world a better place

Who does CoreTech benefit?

Nonprofits looking for IT help

Many nonprofits lack technical expertise. We help them understand and implement technology, so they can transform their ideas into a reality.

IT professionals looking to

contribute

CoreTech offers a rare opportunity for smart, driven IT professionals to give back to the world. We offer a variety of ways for developers, project managers, and CTOs to contribute their time to help nonprofits make a positive impact.

Donors passionate about supporting a meaningful cause

Looking to make a difference? Choose to contribute to a project that speaks to you, or make a general donation. 100% of the proceeds are invested into sustainable technology solutions that empower the

(5)

CoreTech’s Project LiQuid addresses the global water crisis by giving the world’s poor and marginalized people access to clean water. At its core, LiQuid is a mobile application and service ecosystem that connects end consumers to clean water, produced by water purification systems.

Creating a new entrepreneurial ecosystem around clean water

Project Prime is a social engagement and fundraising platform built to connect and inspire young people around STEM (Science, Technology, Engineering, and Math) projects. We partner with organizations committed to STEM initiatives, providing them with a platform to achieve social engagement and nonprofit fundraising.

Developing social engagement and fundraising

around STEM (Science, Technology, Engineering, and Math)

Project Prime Project LiQuid

Enabling 27,000 seriously ill children per year to have a comfortable camp experience

CoreTech developed Shell as a software solution to provide a seamless experience for campers, parents, staff, and onsite medical personnel. They can now access

(6)

INTRODUCTION AND OVERVIEW

CORE is an acronym for, Central Open Reusable and Easy services, meaning that those base-services will drive rapid, inexpensive software development that can run on multiple infrastructure abstraction layers: i.e. any hypervisor, any infrastructure, any PaaS platform. Unlike today’s methods that price many necessary projects out of the market, CORE services are meant to open new pathways for low cost and rapid innovation. By providing building blocks into the global community at no cost, students and experienced developers alike can more quickly solve problems and deploy them into the community or commercialize those. Just as the desktop publishing revolution sparked creativity around the world so will CORE services spark technical innovators to try new things at minimal cost.

The core architecture is comprised of a set of components designed to be used interchangeably to enable to development of high quality services in a fast and cost effective manner. The architecture leverages a variety of open sources and COTS (“commercial off the shelf”) components to deliver this capability.

(7)

APPLICATION: Physical Infrastructure

The application infrastructure is comprised of the physical infrastructure layer which may be a physical datacenter or a cloud provider such as Amazon. In addition to the physical layer there is a logical layer of application infrastructure that hosts the containers used to execute the application code. The logical layer provides many of the capabilities such as availability and scale out such that the physical implementation can be made more generic.

The physical implementation of the core architecture will vary depending on use case, size of client, and capabilities of infrastructure provider. The implementations of these could vary and may leverage IaaS cloud providers like Amazon, Azure, and Google Compute.

(8)

APPLICATION: Physical Infrastructure

The physical implementation of the core architecture will vary depending on use case, size of client, and capabilities of infrastructure provider. The implementations of these could vary and may leverage IaaS cloud providers like Amazon, Azure, and Google Compute.

The framework can be run on a laptop or single server as necessary but to have sufficient capacity and redundancy for a production use case it is recommended to have it run on redundant physical infrastructure.

The major components of the physical architecture would be:

1. Compute Servers 2. Storage Service 3. Networking Services

The compute architecture can be standard x86 servers. Typically the recommended minimal environment suitable for supporting a prod environment and associated dev/qa environment would be 12 servers.

The 12 servers would be deployed as:

• 3 Management Nodes running Mesos/Marathon/ZooKeeper Master nodes.

• 3 Mesos Slaves for Dev/QA Cluster running Mesos Slave nodes.

(9)

APPLICATION: Logical Infrastructure

The logical architecture is designed in such a way that it can be deployed on top of any physical architecture including IaaS and PaaS providers. The logical architecture is basically a thin layer than runs on top of linux. This layer is comprised of the following components: Mesos, Marathon, ZooKeeper, and Docker

The logical architecture providers the following features:

• Scheduling of workloads (find a place to run an app service with sufficient

memory/cpu.

• Resiliency - Any service that dies is automatically restarted. If a server fails all

services that were running on that server and moved to servers with available capacity and restarted.

• Load Balancing - All services that are exposed externally are automatically load

balanced via HA Proxy.

• Isolation - Each workload is isolated in its own docker container

• Runtime flexibility - All nodes can be run as baremetal workloads or as virtual

machines.

(10)

CORE building blocks

CORE Da ta Mg m t/ Ba ck up (S 3, DB ,Sh ar ed fi le s) Meta Change Mgmt

Physical Infrastructure Mgmt(IaaS/Bare Metal, PaaS)

Mo ni to rin g Ev en ts Micro Services - DNS - SSL - FW Tr an sa ct io n Fr am ew or k Pe rs on al Id en tit y Project 1 Client 1

- Water-coin transaction flow - SMS-flow / UX

- Data Modelling

- Mgmt views (report / audit) - Portal for donor / reports

Project 2 Client 2

- Web services platform

Fo rm s & W or kf lo w en gi ne Project n Client n Packaging No tif ic at io n Re po rt in g (C om pl ia nc e) Lo gg in g Sc he du lin g …

(11)

Description of the building blocks

Application Infrastructure

• Physical Infrastructure

– Very flexible, can run on x86 servers.

– No San or Nas necessary.

– The size of servers and network gear can be tweak to fit the workloads.

– Typical Small installation capable of both dev/qa & prod environments hosting multiple

apps with 1gb of internet bandwidth would consist of:

• 3 Quad Node Servers (12 Servers Total)

• 2 Stackable 1gb switch

• 24 SSDs (eg, Samsung 850 Evo or better)

– Similar Amazon environment supporting a single environment would be 6 nodes, of

m3.xlarge or better.

• Logical Infrastructure

– Comprised of Linux, Mesos, Marathon, Zookeeper, and Docker

• Effectively a mini-paas

• Run on single node (eg Laptop)

• Scale out to entire datacenters (or cloud providers)

– Scale out highly resilient environment typically consists of a three

(12)

CORE Service Framework

• _{Framework is comprised of:}

– CLI - Command Line interface for working with framework.

– Microservice Abstractions - Microservice for each service below.

– Adapters - That map the abstractions to specific implementations.

– Meta Service - Central service for configuration and meta-data.

– Libraries - Available in a variety of languages.

• APIs (CLI, REST, lib interfaces):

– Service specific parms

– Framework specific parms

• AuthToken

• Meta-Context

• Reason

• Schedule

• Dependencies

(13)

CORE Data Streaming Capability

• Primary data management of CORE

– Enable realtime and batch analytics & processing

• Data Collection

– SL4j

– Syslog

– Files

• Data Movement & Processing

– Distributed Commit Log (Kafka)

– Storm as processing engine

• Data Storage

– Elasticsearch

– (MongoDB & Cassandra optional)

• Data Delivery

– Stream Listener

– Web Sockets

– Notification services for specific, registered events

– Self service for querying (search & reporting)

• HA

– Replication

(15)

Events

• The event-ing system is used to both track all events that

happen inside the core framework, but it is also available as a service bus for applications built using core.

• The events can be used to trigger policy enforcement,

workflows, or notifications.

• An application built using the core fromework could

create an event (eg. app.down, or customer.signedup) which could be thrown from inside the app. Using the event-ing system meta could listen for this event, and trigger a script or set of actions.

(16)

Notification

• Extensible framework for communication between

apps and communication platforms

• Adapters included in June rev:

– Email: POP/IMAP/IMAPS, Google Mail

– SMS & Voice: Twilio

(17)

Logging

• Allowing application developers to ship log data off

the host machines in realtime

• Direct Logging

– SLF4J compliant logger writing to CORE Datastream service

• Indirect Logging

– For legacy apps

– Syslog streaming

– File streaming

(18)

Monitoring

• Based on Icinga2

• Set of docker containers provides the base of the

Monitoring capability

• Every container has an Icinga 2 client

• Service Framework will find the appropriate

(19)

Reporting

• Reports can be generated by querying meta

• Framework provides all necessary capabilities for

collecting and providing the needed data

• Compliance:

– Records of all state

– Who had access

– Who made changes and when and why

– All stored in CORE Meta

• PCI/HIPAA compliant reports are not being generated

with September release but can be created based on Meta

(20)

Launching/Scheduling

• Launcher

– The launcher service is responsible for the deployment of all services associated with a particular application. This includes provisioning the

services on an infrastructure provider, managing intraservice configuration and orchestrating external services. As such, the application launcher

(“Launcher”) sits at the intersection of Meta, IaaS/PaaS providers, and configuration such as DNS.

• Scheduling

– While Launcher is concerned with the deployment and maintenance of

longrunning, multiservice applications, there is often the need for

standalone, shortduration tasks. Examples include restarting infrastructure services, initiating backup procedures, etc. A Scheduler service would

allow these jobs to be scheduled, potentially on a repeating basis, while leveraging the other frameworks, such as Meta and Security. It also is possible to combine schedule jobs against Launcher, to facilitate

(21)

Change Management

• Base for Change Management included in the Service

framework based on Workflow adapters

• Adaptor for Activities platform ready by September

(22)

Packaging

• Applications are packaged as docker containers or

mesos jobs.

• Containers or Job run inside VM or BareMetal

instances.

(23)

Micro Services

• SSL Orchestration is managed by combining info from

Meta with Launcher capabilities

– Automatic creation of an app container which natively supports SSL certificates

– Multiple adaptors

– Support for June release: SSLMate

• Firewalling

– Supported by June: Amazon FW

– Added by September: Local FW

• DNS

– Integrated in Meta

(24)

Transaction Framework

• General architecture for doing transactions.

• Process is:

1. Events come in from variety of sources 2. Event is connected to user/app

information.

3. Custom App Logic decides what should happen (Debit, Credit, Fulfill Transaction, ,etc)

4. Account Balances update in Meta GL solution.

5. Meta GL Service executes transaction on blockchain or traditional financial

network.

6. User/Org/App GL entries updated. 7. Custom App Logic notifies users via

notification adapter. (Can take different or multiple paths from triggering event)

(25)

Personal Identity

• Pluggable Identity Stores

– Support for databases, Active Directory/LDAP, Oauth, Samle

• Authorization Frameowrk Built In.

• Ability to store personal information.

• Managing access to encrypted data and metadata based on policies Generating audit trails (hash values of hashed data and metadata, which can be exported to the blockchain)

• Achieving PII and HIPAA compliance

– Currently planned for September release but not committed by SoW

(26)

Contact Us:

www.coretechfoundation.org [email protected] CoreTech Foundation