Many cloud-based, on-demand software services are actually multi-tenant applications, able to serve multiple users simultaneously on a single application instance. In the enterprise, for example, you might use Salesforce.com's customer relationship management (CRM) service at the same time other companies are also using the same Salesforce.com application instance for their business purposes (without having to maintain the applications and data themselves).
The complexity of multi-tenancy can vary depending on the nature of the service, but building any multi-tenant infrastructure is not trivial and requires a lot of upfront thought and architectural work. In this first article of a three-part series on implementing a multi-tenant cloud architecture, I explore the multi-tenancy approaches that enterprise development organizations can use.
Security Risks of Multi-tenant Architecture
Before delving into the details of multi-tenancy approaches, let's first address a major concern with multi-tenant architecture in general: data security.
Because of two main risk factors, most multi-tenant systems adhere to much higher security standards than standalone systems, depending on what type of multi-tenant infrastructure the system uses. The first risk applies to virtualized infrastructures, where a single physical machine hosts many separate virtual machines. In this kind of setup, one of the machines theoretically could monitor what its neighbors are doing, burrowing into the underlying infrastructure to bypass security implemented at the software layer.
The second risk is that a poorly implemented access management process or some kind of software bug could inadvertently expose one user's data to other users. People are most conscious of this risk in a multi-tenant database, where every customer's data is stored in the same tables. However, this risk also exists in multi-tenant infrastructures where only the application code is shared.
Approaches for Multi-tenant Architecture
So, how is multi-tenancy achieved? A typical software application consists of an application tier and a database tier (see Figure 1). Different strategies can be applied at the application and database tier to support multi-tenancy.
|Figure 1. Typical Software Application|
A Separate Instance Per Tenant
The simplest approach to implementing multi-tenancy is to create completely separate instances of servers (application and database) for each tenant. With this approach, application code and database schema for each tenant are deployed on completely separate servers and there is no sharing across tenants except the common codebase and schema definition. Each tenant can potentially have its own extension of the code and database schema to support any difference in processes and functionality from other tenants.
However, maintaining tenant-specific extensions can get very expensive. Even though a single codebase is shared across multiple tenants, the cost of deployment for each tenant can be pretty high. In turn, the cost of the service will increase. One way to optimize the cost with this approach is to host multiple instances of the application and database servers on the same hardware. This can be further optimized by using server virtualization. This approach is best used when the number of tenants is expected to be very small.