Trillo Workbench raises the abstraction level and hides Google Cloud complexities. The application developers deal with the application domain model, which includes metadata, plugins-code, workflows, and schedules. Although Trillo Workbench runs on top of Google Cloud, as an application developer, you don’t see the Google Cloud or internals of Trillo Workbench. The diagram below shows this abstraction brought in by Trillo Workbench. This higher level abstraction makes the Google Cloud and common services of Trillo Workbench black boxes
Blackbox View of Trillo Workbench
Whitebox View of Trillo Workbench
The above diagram hides the internals of Trillo Workbench and Google Cloud. As an application developer, you probably don’t want to spend time on their complexities but want to know more about them. The following diagram shows the important components of both. See details of each component and its functionality after the diagram.
Trillo Workbench is a runtime platform(engine). It reads metadata, plugs in the code and synthesizes the application using several in-built services.
The following sections discuss services, how they work for an application, scalability, security, and benefits.
Trillo Workbench Services
The following table provides a short description of Trillo Workbench Services.
Trillo Workbench Component
Description
Metadata Service
It manages application metadata such as database schemas, configuration files, SQL query templates, schedules, and workflow definitions.
Data Service
It creates, alters, and operates on the database tables based on meta properties specified for each table and its columns. Using meta properties, it imposes access control rules (for example, a certain role can access a certain column). It provides CRUD, batch operations, and query APIs.
Storage Service
Storage Service manages files using Google Cloud Storage. File management includes uploading, downloading, sharing, and supporting folder/file operations such as mode, delete, and copy.
Function Service
Function Service dynamically compiles and executes plug-in code. In the production environment, it can use dynamic compilation with a jar file.
Workflow Service
Workflow service executes functions in the background as tasks or workflows consisting of multiple steps. Developers can define workflows graphically. Alternatively, a function can implement a workflow by controlling the execution of multiple steps. Each step, in turn, is a function.
Scheduling Service
Scheduling Service schedules a function or workflow for the periodic execution.
Firebase Notification
Trillo Workbench provides out-of-the-box integration with Firebase Notification for applications requiring a real-time push to a UI.
Audit Logging
Audit Logging is a powerful feature of Trillo Workbench. It tracks workbench activities performed by a client program or backend tasks. Standardizing audit log records provides easy search and filtering of a particular activity. It serves multiple purposes – troubleshooting, operations management, and compliance.
User Management
Trillo Workbench provides in-built user management and authentication using a database or Google Cloud identity platform. Using SAML and OIDC, it can integrate with external authentication systems.
API Gateway
A client can access Trillo Workbench services using an in-built API gateway. The API gateway is oauth2 compliant.
Git Integration
Trillo Workbench uses a database for storing metadata. It retains multiple versions of metadata. It also integrates with a git repository so an admin can push metadata and plug-in code to a git-repo. A workbench instance running in a different environment can pull code from Git. Thus a typical Trillo Workbench deployment uses Git for managing development to QA to production code deployment processes.
How does Trillo Workbench Work
To understand the working of Trillo Workbench, let us use a simple application as an example. This application provides a UI to view and edit data. The data is stored in the database. The application requires access control policies that provide access to certain database tables to privileged users.
1
Using Trillo Workbench UI, create database tables required by the application. You can define columns and, for each column, several meta properties.
2
Trillo Workbench publishes database tables as API so your UI team can start building its user interface.
3
A few tables require server-side validations before updating. You can write a serverless function in a language of your choice using your favorite IDE and APIs. Deploy the function in the Google Cloud using Trillo Workbench UI. Trillo Workbench automatically publishes it as an endpoint. Your UI can start using the function endpoint to update the table.
4
Notice that the bulk of time you would be spending on the database schema optimization and writing custom logic for validations. Trillo Workbench provides common services.
5
Notice that the bulk of time you would be spending on the database schema optimization and writing custom logic for validations. Trillo Workbench provides common services.
Trillo Workbench Performance and Scalability
We developed Trillo Workbench over four years by working with several customers on real-life applications in various domains. These applications vary in use cases and structures. During this time, we worked on its robustness. We optimized its performance for several common scenarios. We feel confident that the Trillo Workbench is a robust and optimally performing platform.
Trillo Workbench, internally, consists of a set of microservices. These are deployed on a Google Kubernetes Engine (GKE). GKE provides an auto-scalable compute cluster. Trillo Workbench auto-scales from a small deployment to a very large one.
Trillo Workbench Application Level Security and Compliance
Trillo Workbench provides application security and compliance as follows.
1
Role-Based Access Control (RBAC)
Trillo implements roles and groups of users. A developer or administrator can configure access to application resources such as database tables, columns, functions, workflows, etc. These rules are enforced at the runtime.
2
Data Security
The database tables and columns can be configured to be encrypted using a custom key (provided by Google Cloud Key Management). Trillo secures data in transit using HTTPS. In addition to that, Trillo Workbench can transparently use Google’s Data Loss Prevention (DLP) for identifying, masking, and anonymizing sensitive data.
3
Credentials
Trillo Workbench uses Google Cloud Secret manager to store external credentials for databases, APIs, etc.
4
Authentication and Identity Management
Trillo Workbench uses the Google Cloud Identity Platform for user authentication. It provides Google scale authentication, which complies with the legal requirements of several countries. In addition, Trillo Workbench can use other identity platforms using LDAP, SAML, and OIDC protocols.
5
OAuth2 for API Access
Trillo Workbench secures API access by OAuth2 , which means using access-token obtained through OAUth2 grants.
6
Audit Logging
Trillo Workbench provides APIs to log activities. It standardizes logging and also creates database records for selected checkpoints. Trillo Workbench uses this API in its code to track several critical activities. These APIs can also be used in the application code. By following Trillo recommended best logging practices, an application can deliver robust audit logging.
Trillo Workbench Benefits
Based on the above discussion, we can arrive at the following benefits of Trillo Workbench.
Time-Saving
It takes several months or even a year to develop robustly and optimally performing common services. Trillo Workbench provides robust and high-performance common services out-of-the-box, cutting time significantly.
Reduced Pain
You have always thought, why can’t a platform provide common services, integrated and working cohesively? Trillo Workbench eliminates this repetitive work, which may consume 75% time and keep you awake at night.
Build Better Application
Since Trillo Workbench frees up your time, you can focus on building a better and complete application. The modular architecture using metadata and plug-ins lets you evolve it in stages.
Low Cost of O&M
The metadata and plug-ins architecture of Trillo Platform makes it easy to make changes, and isolate functionality in a module. In the long run, it leads to reduced costs of operation and maintenance (O&M).