The IM Account Server
Introduction
The Informatics Matters Account Server (AS) is an early prototype service designed to manage and administer Product Subscriptions required by our IM-related Merchants, which include the Data Manager. It allows services to query products, authorise billable Actions (like running Jobs or storing files) and then bill for those actions. The AS also has the capacity to monitor and enforce Product-defined work and file-system quotas.
The AS is one component in a larger monetization solution.
In our design, monetization of billable services consists of software that falls into three broad functional areas, as illustrated in the following diagram: -
Billable Services
Account Management (including the Account Server)
A Payment Infrastructure
Today…
We have one Billable Service/Merchant (the Data Manager) and a working prototype for the Account Management solution (the Account Server). The AS permits the creation of Product Subscriptions and has a private (merchant-facing) API to allow merchants make calls into the AS to claim, authorise, and charge for billable activities.
The AS also exposes a public (customer-facing) API that lets users create and delete Products and view their current and predicted billing costs.
We’ll discuss these working aspects of the solution later.
At the moment: -
We have a limited customer-facing GUI for the management of Products, Organisations, and Units
The AS Swagger API provides better control of these AS objects
There is no Payment Infrastructure. No money changes hands through the AS
The AS is currently at a stage where it can function as an authorisation and billing mechanism for our services - the Payment Infrastructure, for now, is not required.
Realisation
The AS is a container image that’s deployed into a Kubernetes cluster using an associated Ansible Role that can be found in our account-server-ansible peer project.
It offers two independent REST interfaces - one interface that’s attached to a public Ingress (intended to be used by customers) and one that’s private, attached to a Service (that’s only available to services co-located in the same cluster).
It consists of three Pods: -
as-api - running the AS logic behind the public API, managed by a kubernetes StatefulSet
as-internal - the AS logic behind the private API, managed by a kubernetes StatefulSet
as-cashier - running scheduled (regular processes) for accounting, managed by a kubernetes Deployment
The AS depends on a PostgreSQL database and RabbitMQ message bus that are typically deployed to an infrastructure Namespace as illustrated below: -
The public API provides Users (and IM Administrators) with the ability to: -
Create Organisations (Admin users only)
Create Units (these are groups within an Organisation)
Manage (create and delete) Users within Organisations and Units
Manage (create and delete) Product Subscriptions (that belong to Units)
Manage Assets (text-based material)
View Billing
The private API provides merchants with the ability to: -
Claim claimable subscriptions (given a product)
Release claimable subscriptions (given a product)
Pre-authorise billable actions (against a unit or product)
Charge for billable actions (using a unit or product)
Acquire assets to use within the services of the merchant