Multi-tenancy technology, or multi-tenancy technology, is a software architecture technology that explores and implements how to share the same system or program components in a multi-user environment and still ensure that each Data isolation between users.
There are three main schemes for multi-tenancy in data storage, namely
1. Independent database
This is the first solution, that is, one database per tenant. This solution has the highest level of user data isolation and the best security, but is also costly.
advantage:
Provide independent databases for different tenants, which helps to simplify the extension design of the data model and meet the unique needs of different tenants;
In the event of a failure, restoring data is simpler.
shortcoming:
The number of installations of the database is increased, and the maintenance cost and the acquisition cost are also increased.
This solution is similar to the traditional one customer, one set of data, and one set of deployment, the only difference is that the software is uniformly deployed at the operator. If you are dealing with tenants such as banks and hospitals that require a very high level of data isolation, you can choose this model to increase the rental price. If the price is low and the product takes the low-price route, this solution is generally unaffordable for operators.
2. Shared database, isolated data schema
This is the second solution, that is, multiple or all tenants share the Database, but each tenant has one Schema.
advantage:
Provides a certain degree of logical data isolation for tenants with high security requirements, not complete isolation; each database can support a larger number of tenants.
shortcoming:
If there is a failure, data recovery is more difficult, because the recovery of the database will involve data of other tenants;
If you need cross-tenant statistics, there are certain difficulties.
3. Shared database, shared data schema
This is the third solution, that is, tenants share the same Database and the same Schema, but distinguish tenant data in the table by TenantID. This is the mode with the highest degree of sharing and the lowest level of isolation.
advantage:
Comparing the three schemes, the third scheme has the lowest maintenance and acquisition costs and allows the maximum number of tenants supported by each database.
shortcoming:
The isolation level is the lowest and the security is the lowest, and it is necessary to increase the amount of security development during design and development;
Data backup and recovery is the most difficult, and it needs to be backed up and restored table by table and item by item.
This scenario is best if you want to serve the most tenants with the fewest servers, and the tenants accept the cost of sacrificing isolation levels.
Data layer tenant isolation method:
1 Add the tenant's identification field to each table, and bring the identification judgment when querying. Advantages and disadvantages: strong code intrusion, low tenant isolation level, and easy performance problems when using a single table at the same time
2 Switch multiple database instances and create a database instance for each tenant. Advantages and disadvantages: The tenant isolation level is the highest, and the data operations of one tenant will not affect other tenants at all, but it is necessary to create a database instance for each tenant, which is expensive, and there is no way to open and cancel accounts instantly. At the same time, if the database instance adopts cloud products such as Alibaba Cloud RDS, the implementation cost is higher;
3 Use the same database instance to dynamically switch schemas. Advantages and disadvantages: The tenant's data layer isolation level is moderate, the maintenance cost is low, the development cost is high, and the DataSource needs to be dynamically switched during runtime.
What are the benefits of multi-tenancy
In summary, the main points are as follows:
First, the system maintenance cost is low
The multi-tenant system only needs to be updated once when the system is upgraded.
Maintenance personnel do not need to update each user, saving a lot of operation and maintenance costs!
Second, improve data security
In the cloud computing environment, many applications are placed in the cloud, resulting in leakage of sensitive data, no detailed records of data access, and access to open interfaces by impersonation at the application entrance;
In the operation and maintenance portal, developer accounts are mixed, operations are not recorded in detail, high-risk misoperations cannot be controlled, and sensitive data is leaked
Through the multi-tenant data resource isolation mechanism, data security can be guaranteed.
2. What is the difference between multi-tenancy and multi-user and single-tenancy?
(1) Difference from multi-user
First of all, tenants and users are two completely different concepts
Each tenant has a dedicated virtual computing environment and is deployed outside the application and users are the consumers of the application.