This is a continuation of series of articles on hosting solutions and services on Azure public cloud with the most recent discussion on Multitenancy here This article discusses the architectural approaches for web applications in multitenant solutions.
A multitenant application solution can involve a web application where different tenants customize their web user experience but otherwise share the same basic business requirements. Examples of large multitenant applications are Microsoft 365, Outlook.com and VisualStudio.com
The provider for the multi-tenant solution intends to optimize operational and cost efficiencies with a shared platform and a single version can meet the needs of many tenants and their customers, which allows consolidation of system administration tasks such as monitoring, performance tuning, software maintenance and data backups. The most significant goals and requirements from a providers perspective includes provisioning, maintainability and monitoring. Provisioning new tenants for the application must be automated for cases where the number of tenants is large. Maintenance activities must not stop the business operations of any tenant who are using it.Monitoring must be performed at all times and enable troubleshooting. A properly implemented multitenant application will pass on the following benefits to its tenants: Isolation of tenants’ data and operations so that one does not impact another, availability with guarantees of a specific SLA, scalability to meet the various demands of the tenants without the degrading the experience of one another, lowered costs from shared resources at various levels rather than dedicated solutions, and customizability for the end-users.
The tenants have some more expectations from the multitenant solution but they also fall into the categories of profitability, billing, multiple service levels, provisioning, maintainability, monitoring and automation
Isolation can be achieved for web applications by segmenting website tenants by host headers, with or without TLS communications, segmenting based on query parameters or using web services and worker roles where worker roles typically process data on the backend and the web roles act as the frontend for the applications.
Storage can be achieved using Azure SQL database or Azure Storage services. This provides access for large amounts of unstructured data and the blob service, which provides services to store large amounts of unstructured text or binary data such as video, audio and images.
Data can be secured with per-tenant SQL logins, specifying a container level access policy, adjusting permissions without having to issue new connection string and protecting with shared access signatures.
Queues can be used to drive processing on behalf of tenants and may be used to distribute work required for provisioning or management. Service Bus which is a messaging infrastructure allows applications to exchange messages in a loosely coupled way with high scalability and resiliency.
Networking services support authentication and improve manageability of hosted applications. These services include Azure Virtual Network which helps provision and manage private networks, the Traffic Manager that allows load balancing for web application traffic and Azure AD which provides identity management and access control.
Provisioning of resources can be automated in a variety of ways. These include worker roles that provision and de-provision per tenant resources, collect metrics for metering and manage scale in response to threshold exceeds for key performance indicators. The same role may also be used to push out updates and upgrades to the solution. Storage containers and blobs can be segregated based on naming conventions to provide isolation of tenant data and support provisioning. Database actions can be automated with Data Definition Language based scripts, deploying packages remotely, and syncing from master database. Data can also be imported and exported.
These constitute some of the approaches for designing web application based multitenant solutions.
No comments:
Post a Comment