The Lessons from enabling search for multitenant applications:
Multitenant search solutions provide search
capabilities to any number of tenants who cannot see or share data of any other
tenant. Searching often requires content virtualization across different
sources where the content can be considered a shared resource. Providing
content isolation with search capabilities is the topic of this article.
A search service usually builds an index of the
content so that the queries for the content can return results efficiently
since the index is far easier and more efficient to lookup than traversing the
entire content store. The search service can be considered equivalent to a
database service and indeed search can be provided out of box from a database. All
the multitenant considerations for database services hold for the search
service as well. Each index within a search service has its own schema, which
is defined by several customizable fields. Search services, indexes, fields and
documents are infrastructure and there is little or no user control.
Some considerations for multitenant applications:
Multitenant applications must effectively
distribute resources while preserving privacy between the tenants. A few
considerations must be made when designing the architecture for such an
application.
-
Tenant Isolation – No tenants must have unauthorized or unwarranted access
to the data of other tenants
-
Cloud resource cost – any solution must remain cost-effective.
-
Ease of operation – the impact on the application’s operations and
complexity is important.
-
Global Footprint – Applications may need to effectively serve tenants
which are distributed across the globe
-
Scalability – applications may need to reconcile between maintaining a
sufficiently low level of complexity and scaling to the number and size of
workloads.
A uniform scope is assumed where each tenant is a
whole instance of an application, but they can handle many smaller scopes. If
the service per tenant and index per tenant are not sufficiently small scopes, then
the index can be utilized for a finer degree of granularity. A field can be
added to an index to make it behave differently to different client endpoints.
This helps to achieve separate user accounts, separate permission levels, and
even separate applications.
Reference: https://1drv.ms/w/s!Ashlm-Nw-wnWhLMfc6pdJbQZ6XiPWA?e=fBoKcN