keep payments running
TRANSCRIPT
Keep PaymentsRunning
•Being a payment Facilitator•Nginx as a Shield•Simulating Production Load•Monitoring and Alerting
Contents
•Facilitate payments•Onboard merchants with third parties.(worldpay,vantiv Litle, vantiv PWS)•Payments with POS (swipe/keyed In) •Online payments•Payments adjustments (refund,partial refunds,Reaurth.....)•Ledgering and billing
•Support services•Administration tools•Finance tools•Warning and Alerting
•Reporting•ReportNG reports•Finance reports
What We Do.......
Challenges
•Depend on few third parties (Magensa, Idology, WorldPay, Vantiv Litle, Vantiv PWS)•High responsibility•Security•Variation in traffic
•Security•Provide TLS 1.2 protection•avoid clickjacking•content-type sniffing•Cross-site scripting•Secure supporting applications
•Routing•Throttling
•IP wise throttling•API wise throttling
Nginx as a Shield
•Find the breaking point of payment gateway
•Test effectiveness of remedies•throttle with IPs and APIs
•Find bottlenecks•Mono•Nginx•Gateway•Operating system
Simulating Production Load
Available Approaches•Use Load testing tool (Jmeter, Locust)
•uses one IP•network and performance limitation
•Use online distributed loading testing services (Apica LoadTest, loader.io, loadfocus)
•High cost.
•Write our own testing tool •Much dev effort
Redline 13
Demonstration
•Pros•Low cost•Facilitate both spot instances and on-demand Instances•Can customize server regions and types.•Analytical results
•Cons•Troubles with allocating spot instances.
Monitoring and Alerting
What is Graylog ?
● Graylog is a powerful log management and analysis tool that has many use cases, from monitoring SSH logins and unusual activity to debugging applications. It is based on Elasticsearch, Java, MongoDB, and Scala.
Graylog vs other tools
● Other similar tools require paid subscriptions.
● Graylog is open source
Why we need Graylog?
● Several production servers● Many application logs - nginx,
gateway and payment scheduler
● Automated alerting system
Features of Graylog
● Search● Dashboards● Archive● Alerts and triggers● Users and roles● Rest API
Demonstration