Design concept of Saas platform

News 2023-04-17 05:11:42 views: null

What is multi-tenancy?

Multi-tenancy is a unique product in the Saas field. In Saas services, tenants refer to customers who use the Saas system. Tenants are different from users. For example, in B-side Saas products, users may be employees of a certain organization, but the entire enterprise organization is Saas Tenants of the system. Multi-tenant technology is a software architecture technology that enables multiple tenants to share system instances, and enables isolation of data and behavior between tenants.

The difference between the traditional software model and the Saas model:

Traditional software projects generally refer to developing a specific software system for customers and deploying it in an independent environment, usually the internal environment of the enterprise. The Saas model is to deploy software services to the cloud environment, which can provide the same software services to different customers.

Isolation mode for Saas multi-tenancy:

For the Saas model, resource isolation between multi-tenants is a very basic capability. In consideration of cost and operational efficiency, Saas service providers need to build a multi-tenant access software environment. Although different tenants access the same set of Saas product services, resource access requires be strictly isolated;

Saas resource isolation consists of several levels:

  1. The first layer is the isolation of computing, storage, network and other resources involved in the bottom layer of the Saas system
  2. The second layer is the isolation of the system foundation, mainly including organizations, users, roles, permissions, product capability authorization relationships, etc.;
  3. The third layer is the isolation of various business dynamic data during system use, such as business documents, operation records, etc.;

The multi-tenant architecture is mainly to solve the isolation problem of the first layer, that is, the isolation of computing, storage, network and other resources. In order to realize the multi-tenant isolation architecture, it is necessary to figure out several common tenant isolation modes:

Shaft mode:

Some Saas service providers choose the silo isolation mode, that is, each tenant runs in an isolated set of resources. Some people will say, isn't this the traditional software model? Why Saas mode? If these silo resources have standardized tenant identification, occupancy process, billing system, deployment process, and operation process, then he is still a Saas model, but each customer has a set of end-to-end basic advantages.

advantage:

  1. To meet the strong isolation requirements, some customers may put forward very strict isolation requirements for system and data security, expecting software products to be deployed in a completely independent environment, unlike other tenants' application instances, and data together.
  2. The billing logic is simple: Saas service providers need to bill for the resources used by tenants. For complex business scenarios, the relationship between computing, storage, and network resources is also very complicated. The billing model is very challenging, but in the silo mode, the billing mode is relatively simple.
  3. Reduce the impact of failure: because each customer's system is deployed in its own environment, if one of the environments fails, it will not affect other customers' use of software services;

shortcoming:

  1. Scale problem: Since the Saas environment of tenants is independent, each time a tenant settles in, a Saas environment needs to be created and operated. If there are only a small number of tenants, it is better to manage, but if there are thousands of tenants, Managing and operating these environments will be very challenging.
  2. Cost problem: Each tenant has an independent environment, and the cost spent on a single customer is very high, which will greatly reduce the profitability of Saas software services.
  3. The problem of agile iteration: One of the advantages of the Saas model is that it can quickly respond to market demand and iterate product functions. But the silo strategy will hinder this agile iterative ability, because updating, managing, and supporting the Saas environment of these tenants will become very complicated and inefficient;
  4. System management and monitoring: In the same environment, it is relatively simple to manage and monitor the deployed infrastructure. However, each tenant has an independent environment. In this decentralized mode, it is very complicated and difficult to manage and monitor the infrastructure of each tenant;

Sharing mode:

I believe that many Saas service providers will give priority to using the shared model, that is, multi-tenants share a set of infrastructure resources, which can make Saas software services more efficient, agile, and low-cost;

Advantage:

  1. Efficient management: Under the sharing strategy, all tenants can be managed and operated in a centralized manner, and the management efficiency is very high. At the same time, it will be easier to manage and monitor infrastructure configuration. Compared with the silo strategy, the iterative update of the product will be faster;
  2. Low cost: A large part of the cost structure of Saas service providers is the cost of infrastructure. Under the sharing model, the service provider can dynamically scale the system according to the actual resource load of the tenants, so that the utilization rate of the infrastructure will be very high;

Disadvantages:

  1. Interaction of tenants: Since all tenants share a set of resources, when one tenant occupies a large amount of machine resources, the user experience of other tenants is likely to be affected. In this scenario, it is necessary to design some restrictions on the technical architecture (limited flow, downgrade, server isolation, etc.) to minimize the impact surface;
  2. Billing difficulties for tenants: In the silo mode, it is very easy to count the resource consumption of tenants. Then, in the shared mode, since all tenants share a set of resources, more effort needs to be put into calculating the reasonable cost of a single tenant.

Domain isolation mode:

Traditional large enterprises prefer the traditional model of private deployment and personalized delivery, because they need stronger control and higher security. However, small and medium-sized enterprises have limited payment capabilities and their needs are often more standardized, so they prefer lower-priced, simpler-to-order Saas products. In order to meet the needs of different customers, there is also a model that mixes the silo model and the shared model, that is, the domain isolation model. In this mode, basic domains and dedicated domains are subdivided. Basic domains use a shared model, and all tenants share a set of resources; private domains use a silo model, and each tenant has an independent resource environment. For most small and medium-sized customers, they use Saas products in the basic domain environment, and only a small number of large customers use Saas products in dedicated domains. Usually, they have strong payment capabilities and strong isolation requirements. However, it should be noted that in order to avoid the emergence of multiple product versions, Saas service providers need to ensure that the product versions of the basic domain and dedicated domain are consistent, and the personalized part should be constructed through the component Pass platform as much as possible to allow ISVs to participate in the construction. Otherwise, once the standardization of Saas products is reduced, the maintenance of subsequent versions will become a disaster.

Positioning of the multi-tenant system:

After understanding the various multi-tenant isolation modes, let's summarize the positioning of the multi-tenant system. The multi-tenant system is to satisfy multiple users to use a set of products, and realize data and behavior isolation among users. However, according to different needs of users, software and hardware resources can be shared or isolated. The system architecture can flexibly support multiple isolation modes:

A multi-tenant system needs to have the ability to:

  1. Multiple tenants support sharing a set of cloud resources, such as computing, storage, network resources, etc., and a single tenant can also occupy a set of cloud resources;
  2. Data and behavior can be isolated between multiple tenants, and tenants can be controlled by rights and domains;
  3. Tenants can support management based on organizational structure, and can authorize and manage product capabilities;
  4. Different product capabilities can be supported to run on different cloud resources according to customer needs;

Multi-tenancy conceptual model:

The core concept of multi-tenancy:

  1. Tenant: generally refers to a corporate customer or individual customer, and the data and behavior between tenants are isolated;
  2. User: A specific user in a tenant can log in to the Saas system to use software services by using login information such as account name and password;
  3. Organization: If the tenant is an enterprise customer, it usually has its own organizational structure;
  4. Employee: refers to a specific employee within the organization;
  5. Solution: In order to solve certain types of business problems of customers, Saas service providers combine products and services to provide merchants with an overall packaged solution;
  6. Product capability: refers to the product application that Saas service sells to customers, especially the ability to help customers realize end-to-end scenario solution closed-loop;
  7. Resource domain: a set of cloud resource environments used to run one or multiple product applications;
  8. Cloud resources: Saas products are generally deployed on various cloud platforms, such as Alibaba Cloud, Tencent Cloud, Huawei Cloud, etc. The computing, storage, network, container and other resources provided by these cloud platforms are abstracted into cloud resources;

Conceptual schema design:

  1. The Saas platform can create and manage multiple platform users, multiple tenants, and multiple resource domains;
  2. A single platform user can be associated with multiple tenants. For example, platform user Zhang San can be a user of tenant A or tenant B. Multiple users can be owned under a single tenant;
  3. A single tenant can order multiple solutions, and a solution can include the capabilities of multiple products, and the product capabilities run on a certain resource domain;
  4. There is a superior-subordinate relationship between organizational units. There can be multiple employees under a single organization, and employees are bound to a single user;

The core scenario of multi-tenancy:

Tenant internal model relationship. For Saas products, tenant is the top-level concept. Tenants have models such as organizations, users, product capabilities, and cloud resources. Tenants are like renting a big house, and other models are internal to the house. Furniture or Facilities:

Identification of tenants:

In various isolation modes, it is very important to identify the identity of the tenant and obtain the resource configuration of the tenant. When a user logs in to the Saas system, the system will return the tenant context information. The context will include the tenant information bound to the user and the isolation mode . Tenant context information will be attached to each system interaction, running through the entire system call link, so that the upstream caller knows to route to those downstream resources:

Management of tenant billing:

In the silo isolation mode, since the resources themselves are isolated, billing and metering can be done based on the occupied computing, storage, and network resources, and the logic is relatively simple. However, in the sharing mode, billing and metering are more complicated. We need to be able to accurately collect the usage of actual resources by each tenant. Generally, billing will be combined based on data such as concurrent requests, storage capacity, and data objects. deal with;

Summarize:

This article first introduces what multi-tenancy is, and compares the difference between the traditional software model and the Saas model. By analyzing the three isolation modes of multi-tenant, the system architecture design of multi-tenant is gradually sorted out, including conceptual model, scenario deduction, application architecture, etc. Hope to help students;

Guess you like

Origin blog.csdn.net/qq_25580555/article/details/129994213
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com