I assembled this slide deck for a session for the Azure User Group in Brussels in Oct. 2012.
“Software as a Service” (SaaS) is a software distribution model that uses the Internet to deploy, maintain and run software solutions. Applications that are built to be used by thousands of customers have the need to be configurable and customizable to a high degree. This has a strong impact on the applications’ architectures. A single code base and a limited number of deployed instances have to serve a large number of customers (=tenants) although the users’ view on the system may be very different. In this session Rainer Stropek presents challenges that software architects are typically faced with when building such configurable multi-tenancy solutions. Based on this discussion Rainer will point out important consequences of multi-tenancy on operational costs and pricing models in SaaS solutions.
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Catching The Long Tail With SaaS + Windows Azure
1. RAINER STROPEK | SOFTWARE ARCHITECTS GMBH
Source: http://www.flickr.com/photos/fatboyke/2617432325/
Catching The Long Tail With
SaaS + Windows Azure
2. INTRODUCTION
Abstract
“Software as a Service” (SaaS) is a software distribution model that uses
the Internet to deploy, maintain and run software solutions. Applications
that are built to be used by thousands of customers have the need to be
configurable and customizable to a high degree. This has a strong impact
on the applications’ architectures. A single code base and a limited
number of deployed instances have to serve a large number of customers
(=tenants) although the users’ view on the system may be very different.
In this session Rainer Stropek presents challenges that software architects
are typically faced with when building such configurable multi-tenancy
solutions. Based on this discussion Rainer will point out important
consequences of multi-tenancy on operational costs and pricing models in
SaaS solutions.
2
3. INTRODUCTION
Introduction
• software architects gmbh
• Rainer Stropek
– Developer, Speaker, Trainer
– MVP for Windows Azure
since 2010
– rainer@timecockpit.com
– @rstropek
http://www.timecockpit.com
http://www.timecockpit.com/devblog
4. INTRODUCTION
Goals
• Why should I care?
• What does multi-tenancy + SaaS mean?
• How can the problems be solved?
• This is an architectural session
– BUT from the bottom of my heart I am a developer
– No live coding but a little bit of code walkthrough
• This is an interactive session
6. WHY SHOULD I CARE?
Source: http://www.flickr.com/photos/spursfan_ace/2328879637/
Rules Are Changing
6
7. WHY SHOULD I CARE?
Where We Come From
Customer
Dev Team
Close
Relationship
7
8. WHY SHOULD I CARE?
Where Many Of Us Are Today
External/New
Customers
Kunde
Kunde
Customer
Kunde Dev Team
Kunde
Customer
From Cost Center to Shared Service
Center or even Profit Center!
8
9. WHY SHOULD I CARE?
Where We Want To Be
Off-The-Shelf
Product
Customer
Kunde
Kunde Kunde
Kunde Kunde
Kunde Kunde
Kunde Kunde
Kunde Kunde Kunde
Kunde Kunde Kunde
Dev Team Kunde Kunde Kunde
Kunde Kunde
Kunde Kunde Kunde Kunde Kunde
Kunde Kunde
Kunde CustomKunde Kunde Kunde
Kunde Kunde
Customer Custom Kunde Kunde
CustomKunde
Kunde Kunde
Custom
CustomKunde
Customer
9
10. WHY SHOULD I CARE?
Catching The Long Tail
The Long Tail
http://www.wired.com/wired/archive/12.10/tail.html, Amazon
Free: The Future of a Radical Price
(Amazon)
10
11. WHY SHOULD I CARE?
Source: http://www.flickr.com/photos/mava/2445734571/
One Size Does Not Fit All
11
12. WHY SHOULD I CARE?
Extensibility and Customizing
SaaS Configuration Competency Model
Wei Sun, Xin Zhang, Chang Jie Guo, Pei Sun, Hui Su: Software as a Service: Configuration and
Customization Perspectives, in Proceedings of IEEE Congress on Services Part II, 2008
12
14. CHALLENGES
Multi-Tenancy
Multi-Instance
(ASP)
SaaS Maturity Levels
Kwok, Nguyen, Lam: A Software as a Service with Multi-tenancy
Support for an Electronic Contract Management Application,
IEEE International Conference on e-Business Engineering, pp.
179-186, 2008
This is where
Multi-Tenancy Windows Azure
shines 14
15. CHALLENGES
This is not the multi-
Cloud ≠ Multi Tenancy tenancy we are talking
about!
Subscription
owned by ISV Cloud
Tenant 1
...
Tenant n
Tenant m
Subscription owned
by customer 15
19. CHALLENGES
Simple
Implementation
Design to Cost
Strategic decision, not a
technical decision
Operational Costs/RGU [€]
Highly optimized
solution
Few large
customers Many small customers
Development Costs [€]
19
27. SCALING
Monitoring – How to Do Auto-Scaling?
• Relatively easy to monitor overall
load/health of compute servers
– Azure Diagnostics gathers data
– System Center Operation Manager or 3rd party
tools for monitoring
• Harder to monitor end-to-end performance
for a certain user/tenant
– Application-level logging
– 3rd party APM tools like DynaTrace
33. Resources
• Microsoft Patterns & Practices
The Autoscaling Application Block
• Windows Azure PowerShell Cmdlets (Version prio June 2012)
• Getting Started with Windows Azure PowerShell (June 2012 Version)
• System Center Monitoring Pack for Windows Azure Applications
• MSDN: Collecting Logging Data by Using Windows Azure Diagnostics
• MS TechNet: How to Shard with SQL Azure
• 3rd party tools
– AzureWatch
– opstera
– Compuware DynaTrace
– redgate Cloud Services
– Cerebrata Diagnostics Manager
34. Under Creative Commons License
Source: http://www.flickr.com/photos/massenpunkt/47436435/
Automation is King
36. APPROACH
Model-Driven Architecture
Meta- Base Customer-
Model Model specific Model
Respon- ISV ISV Partner
Partners Customer
sibility
• Different levels of users
– Deverlopers (ISV)
– Consultants (ISV) and partners (External)
– Power users (customer)
– End users (customer)
36
38. Become A Software Factory
Project A Project B
Custom Code Custom Code
Base Class Library
39. Become A Software Factory
Project A Project B
Model, Extensions, Configuration, Scripts Model, Extensions, Configuration, Scripts
Patterns, Practices, Guidelines
Custom Custom Custom Custom
Component Component Common Components Component Component
Base Class Library
44. APPROACH
Metadata Rulez!
Mapping
Data
Database
Structures
Data Model Business Processes and Logic
User Interface Authentication and
Authorization
44
46. DATA MODEL
Metadata Management
Domain-specific
Structure and Logic
Domain specific Model Controls
Domain specific Data Access
and Query Layer
Generate
Application
Serialize
Metadata SQL, ODATA, etc.
Tenant specific Database
Security: Prevent cross-
tenant data access
46
49. TIPS & TRICKS
Metadata Management (1/2)
• Use metadata infrastructure of underlying systems
– E.g. create DB tables instead of name/value pair storage
• Dynamic instead of OO
– DLR can build the bridge from OO to dynamic
• Use strong type checking wherever possible
– We use interfaces for that
– Semantic validation of model to reduce # of runtime errors
• DSLs
– XAML
• Better than pure XML: No additional schema
• Better than code: Clear separation between model and logic
– TCQL
• time cockpit Query Language
49
50. WALKTHROUGH
Combining Strong Type Checking And Extensibility
C# Code (Common Logic)
[ModelEntityInterface]
public interface IDuration
{
DateTime BeginTime { get; set; }
DateTime EndTime { get; set; }
decimal DurationInHours { get; }
}
[…]
IDuration timesheet = context.Timesheet.CreateEntity<IDuration>();
timesheet.BeginTime = DateTime.Now;
[…]
Strong type
checking
C# Code (Customization)
dynamic timesheet = context.Timesheet.CreateEntity<EntityObject>();
timesheet.Description = "This is a new timesheet!";
[…]
Dynamic extension
50
51. TIPS & TRICKS
Metadata Management (2/2)
• From model to SQL using a template engine
– We use StringTemplate from ANTLR and T4 from
Microsoft
– Support for multiple storage engines easy to
implement
– Automate DB design conventions
• Make model simple by offering domain specific
extensions
– E.g. data types, functions, multi language support,
etc.
• Security layer for multi tenancy
51
52. DATA MODEL
Designing The Tenants’ Databases
• Structurally identical DB for all tenants
– Key/value pair storage This is what we use
• Implements a database inside a database to simplify metadata
– Use XML/BLOBS for customizations repository structure
• Hard to maintain and query
– Reserved fields
• Limited customization possibilities This is what we do
• Inefficient (with regards to storage) at time cockpit
• Change DB structure on the fly
– Uses capabilities of the underlying storage
– Open for the use of e.g. standard query tools
– Self-describing
• Parts of the model are inside the storage engine
52
53. WALKTHROUGH
One DB Per Tenant – SQL Generation
Generate SQL Using Template Engine (Simplified)
group DataModelTemplates;
Tenant separation
CreateTable(context, entity) ::=
<<
CREATE TABLE [<context.Tenant>].[<entity.Name>] DB design
(
convention
<entity.Name>Uuid uniqueidentifier NOT NULL,
<entity.Properties:{ p | <p:(p.Type.Name)()>}; separator=",n">
)
ALTER TABLE [<context.Tenant>].[<entity.Name>] ADD CONSTRAINT
DF_<entity.Name>_<entity.Name>Uuid DEFAULT newid() FOR
<entity.Name>Uuid
ALTER TABLE [<context.Tenant>].[<entity.Name>] ADD CONSTRAINT
PK_<entity.Name> PRIMARY KEY CLUSTERED ( <entity.Name>Uuid )
>>
TextProperty(property) ::= "<property.Name> varchar(50) NULL„
NumericProperty(property) ::= "<property.Name> numeric(18,4) NULL"
53
54. WALKTHROUGH
Data Maintenance
Generate SQL Using Template Engine (Simplified)
group DataTemplates;
SaveObject(context, object) ::=
Tenant separation
<<
<if(object.IsNewEntityObject)>
insert into [<context.Tenant>].[<object.Entity.Name>] (
<object.Entity.Name>Uuid,
<object.Entity.Properties:{ p | <p.Name>}; separator=", ">
) values (
@Uuid,
<object.Entity.Properties:{ p | @<p.Name>}; separator=", ">
)
<else>
update [<context.Tenant>].[<object.Entity.Name>]
set <object.Entity.Properties:{ p|<p.Name>=@<p.Name>}; separator=", ">
where <object.Entity.Name>Uuid = @Uuid
<endif>
>>
54
55. DATA MODEL
Yet Another ORM? No!
• Not object oriented
• Very domain-specific
– Convention vs. versatile
• No code generation
– Duck typing instead of strong type checking at
compile time (see also next chapter)
• If you do not need a customized data model
don‘t do it!
55
57. BUSINESS LOGIC
Programming Model
(Internal And Public API)
• Let people access DB directly
– SQL is already dynamic
– Possible for reading, no-no for writing (sync!)
• Generate code
– Good for multi instance, bad for multi tenant This is what we do
at time cockpit
• Declarative
– Graphical (e.g. WF) and textual (e.g. DSLs, X(A)ML) are possible
– Great for common scenarios, doesn‘t work for everything
• Key/value pair model
– Similar to DataTable, DataReader, etc.
– Hard to write, hard to read
• Dynamic languages
This is what we do
– DLR is a great platform for that at time cockpit
57
58. BUSINESS LOGIC
time cockpit‘s Customization Architecture
Dynamic Objects (DLR) Basis for dynamic
Declarative UI language support
engine
Query Results
Model
(XAML and DLR enabled)
Persist
TC Expression Language
TCQL (time cockpit Query Language) “Floating”
VB LINQ
business logic
Compile
Compile
Expression
SQL, REST, ODATA
Trees
Data Store
58
59. BUSINESS LOGIC
„Floating“ Business Logic
Expression
Trees
Custom logic executed in UI
layer (data binding)
Model: Calculated Property DurationInHours
= Current.EndDate – Current.StartDate
TCQL:
Customized logic (functional From T In Timesheet Select T
expression language) Where T.DurationInHours > 4
Tenant filter
injection
SQL:
select […] from <Tenant>.Timesheet
where datediff(…) > 4
Custom logic
executed in DB layer 59
60. WALKTHROUGH
Script-based Model and Data Maintenance
IronPython
model = Context.GetWritableModel()
flatDim = ModelEntity()
flatDim.Name = "Customer"
Model
model.Entities.Add(flatDim)
model.Customer.Properties.Add(
TextProperty({ "Name": "CustomerName", "MaxStorageSize": 50 }))
[…]
Context.SaveModel(model)
[…]
Data
customer = Context.CreateCustomer()
customer.CustomerName = "C01"
Context.SaveObject(customer)
In C# 4 we can use
dynamic keyword
60
61. BUSINESS LOGIC
Where We Use What
CLR Languages and Scripting Declarative
• Offer vertical business • UI definition
templates for time tracking – Forms and lists (incl. queries)
• Interface development – Color schemas
• Actions – time cockpit is more or less a
– Predefined and customized runtime environment for our
model
– Flexible binding mechanisms to
support CLR- and WF-based • Calculated properties
actions (bridge to declarative • Validation rules
world) • Default values
• Exports for reporting
61
63. WALKTHROUGH
DSL For List Definition
Declaration of UI using XAML-based DSL
<List […] EditFormName="APP_TimesheetForm"
Query="
From Current
In APP_Timesheet.Include('APP_UserDetail')[…]
Order By Current.APP_BeginTime
Select Current">
<BoundCell Content="=Current.APP_UserDetail" />
<NumericCell Content="=Current.APP_HourlyRateActual"
NumberFormatPattern="#,##0.00" />
[…]
</List>
63
64. TIPS & TRICKS
Customization
• DLR is a great platform to build on
– Also possible if you still use C# 3
– Data binding customization is necessary
(big problem in Silverlight 3)
• Mix of predefined and customized data model
– We use interfaces for that strong type checking where possible
– Don’t forget to have a defined way for updating your model!
• Make common domain-specific scenarios as simple as possible
– Declarative instead of scripts
– Query and expression language go hand in hand
• Use tools for implementing domain specific languages
– Graphical or textual
– X(A)ML is the easy way time cockpit’s UI
64
66. DATA MODEL
Tenant Data Separation (SQL)
• Virtual or physical server per tenant
– Multi instance instead of multi tenant
• One DB per tenant
• Separation using schemas
• Shared tables
66
67. Decisions You Have to Make…
… decide about the right level of sharing
Influences security
Influences systems management
Influences operational costs
Example SQL Azure:
Shared Tables (+Views)
Separate tenants using schemas
Separate tenants using databases
Combination of these solutions
Tip: Consider using SQL Azure Federations for tenant
separation
68. Decisions You Have to Make…
… separate data stores of tenants appropriately
– Do not rely just on application-level security
– Influences tenant-specific backup/restore
… protect user/tenant assignments
… protect your connection strings
– e.g. using encryption
– Use ACS/Service Bus integration to protect service bus
namespaces
69. Deployment of SQL Azure Server
$subscriptionId = 'e84ee480-8cd4-4fa7-81b9-…'
$Certificate = Get-Item cert:CurrentUserMyF2242…
$sqlAdminLogin = "TechEdSqlAdmin"
$sqlAdminPassword = "TechEdSq1@dm1n"
$location = "North Europe"
$server = ( `
-AdministratorLogin $sqlAdminLogin `
-AdministratorLoginPassword $sqlAdminPassword `
-Location $location `
-SubscriptionId $subscriptionId `
-Certificate $Certificate).ServerName
$fullServer = $server + ".database.windows.net"
$ruleName = "Everyone"
`
-Server $server `
-RuleName $ruleName `
-StartIpAddress "0.0.0.0" `
-EndIpAddress "255.255.255.255" `
-SubscriptionId $subscriptionId `
-Certificate $Certificate
Note: The June 2012 version of Azure
PowerShell Cmdlets does not contain
commands to manage SQL Azure
70. Deployment of SQL Azure Server
Create 3-node cluster
$cmdLineQuery = "CREATE DATABASE TechEd2012
in Azure
GO
CREATE LOGIN TechEd2012Admin WITH PASSWORD = 'TechEd2012@dm!n'"
-S $fullServer -d -U $sqlAdminLogin -P $sqlAdminPassword -Q "$cmdLineQuery"
$cmdLineQuery = "CREATE USER TechEd2012Admin FOR LOGIN TechEd2012Admin WITH DEFAULT_SCHEMA = dbo
GO
EXEC sp_addrolemember N'db_owner', N'TechEd2012Admin'"
-S $fullServer -d -U $sqlAdminLogin -P $sqlAdminPassword -Q "$cmdLineQuery"
Create user in SQL
Azure
73. Resources
• Windows Azure PowerShell Cmdlets (Version prio June 2012)
• Getting Started with Windows Azure PowerShell (June 2012 Version)
• MSDN: How to: Run Partially Trusted Code in a Sandbox
• MSDN: Managing Application Pools in IIS 7
• Federations in SQL Azure
• 3rd party tools
– Cerebrata Cloud Storage Studio
76. CHALLENGES
Three-Tier Modell
Program Program
Version Version
Clients
Web Server
Database
Offline Service
Capabilities Version
Data Version
77. CHALLENGES
Multi-Tenancy, Cloud Program
Versions
Data
Versions
Offline Routing-
Capabilities service
Tenant 1
Tenant 2
Clients
Tenant n Web Server
Database
Service
Versions
Program
Versions
Multi-Tenant
Multiple Tenants Load Balancer App-Server Farm Cluster
78. CHALLENGES
Multi-Tenancy, Cloud Program
Versions
Data
Versions
Offline Routing-
Capabilities service
Tenant 1
Tenant 2
Clients
Web Server
Tenant n Database
Service
Manual release
Versions
management is
Program impossible!
Versions
Multi-Tenant
Multiple Tenants Load Balancer App-Server Farm Cluster
79. VERSIONSMANAGEMENT
Automated Build
Build Assemblies
C# Source
Schema
Definition (XAML)
Cloud
Which versions are
compatible with tenant DB?
Tenant Tenant Dir./
Database Mgmt. DB
80. VERSIONMANAGEMENT
Data, Service, and Program Version
Data version of
tenant
Program version
Data version of
offline store
Tenant
Client Database
Single Tenant
CMS
Cross-version Tenant Dir./
compatibility Mgmt. DB
Web Service
Cloud
81. Microsoft‘s SLAs No Silver Bullet
You get credits, not compensation for damage
Backup still important!
82. Backup and Recovery – SQL Azure
Azure Protects Us Of… We Have to Care For…
… loss of a single replica as every … Protection from unwanted
database is a three-node failover deletions/modifications (until
cluster point-in-time restore feature
becomes available)
… simultaneous or catastrophic • Copy database
hardware and system failures (MS-
• 3rd party tools
internal backups only)
… long-term archive (longer than
… Unwanted deletions/modifications
upcoming point-in-time restore
with upcoming point-in-time
feature supports)
restore feature
• Import/export BACPACs
• BCP
… per tenant backup/restore
83. Backup and Recovery – Azure Storage
Azure (Can) Protect Us Of… We Have to Care For…
… server failures (storage cluster) … protection from unwanted
deletions/modifications
… data center outages (geo-
• If you do not create blob
replication)
snapshots on application-level
… unwanted deletions/modifications
in Blob Storage Note: 3rd party tools/samples for Azure
• If you use snapshot-feature on Storage backup/sync are available
application-level
86. Resources
• MSDN: How to: Back Up Your Databases (SQL Azure)
• Azure Blog: Geo-replication for Windows Azure Storage
• SQL DAC Examples on CodePlex
• 3rd party tools
– redgate Cloud Services
– bluesyntax SQL Azure Backup
– CloudBerry Explorer for Azure Blob Storage
87. Failover Data Centers
• Deploy to multiple
locations
• Azure Traffic Manager
– Failover
– Performance
(routed to nearest
location)
– Round Robin
• SQL Data
– Data Sync
– Backup/restore (e.g.
BACPAC)
• Blobs/Tables
– Auto geo-replication
88. Create Traffic Manager Policy With PowerShell
cls
$subscriptionId = 'e84ee480-8cd4-4fa7-81b9-1379fdcf78a6'
$Certificate = Get-Item
cert:CurrentUserMyF2242BC0925A2F5B01B2F57B572E6439B721AD4D
$TMProfileName = 'TechEd2012TrafficMgr'
$profile = `
-ProfileName $TMProfileName ` Cross data center
-DomainName 'teched2012trafficmgr.trafficmanager.net' ` failover cluster
-SubscriptionId $subscriptionId `
-Certificate $Certificate
$endpoints = @()
$endpoints += -DomainName 'europenorth.cloudapp.net'
$endpoints += New-TrafficManagerEndpoint -DomainName 'northcentralus.cloudapp.net'
$monitors = @()
$monitors += –Port 80 –Protocol HTTP –RelativePath /
Note: The June 2012 version of Azure
PowerShell Cmdlets does not contain
commands to manage SQL Azure
90. Resources
• Windows Azure PowerShell Cmdlets (Version prio June 2012)
• Getting Started with Windows Azure PowerShell (June 2012 Version)
91. CHALLENGES
Low
implementation
effort
Complex pricing
model
92. CHALLENGES
Rating/Billing/Payment
– Account/balance infrastructure (debit system
• Web portal for… instead of credit system; example: Skype)
– …registration of new users (has to handle very • E.g. what to do with remaining balance if user cancels
sensitive credit card data has to be stored safely his account?
and securely, too!) • Fraud detection
– …maintaining customer billing data (e.g. customer
changes address or credit card provider) – Infrastructure for credit checking and fraud
– …cancelling accounts or users detection; examples are…
•
• Infrastructure for rating …credit card checking
• …check of credit ranking for users
– Measure usage
– Rage usage with rates/unit • Support infrastructure for rating/billing/payment
– Additional rating logic will be necessary; examples: issues
• Mechanisms for sales discounts (e.g. • Alternatives
introductory offer)
• Infrastructure for billing • Alternatives for building such a system from scratch
– Creation of invoices (in total for accounting and could be:
itemized bills for checking the correctness) – Buying an existing billing system (expensive; does
– Sending out invoices (electronically with/without only make sense if customer needs such a system in
signature, printed)
other areas, too)
– Storing invoices internally.
– Handle payments with payment partners (e.g.
• Infrastructure for payment; options could be:
payment via phone invoice difficult because such
– Credit card payments including mechanisms for
handling payment cancellations, invalid credit contracts have to be maintained country by country)
cards (e.g. expired cards), etc. – Use existing SaaS payment solutions (e.g. PayPal;
– Payments via online payment solution like PayPal difficult with pay-per-use)
– Payment with vouchers (e.g. voucher that an end
user received with hardware)
93. As an IT Pro You Might Have to…
… gather the base data to enable usage-
based billing
… enforce usage limits
… monitor fair use policies
… etc.
95. Conclusion
• Cloud computing enables
people
– There will be more
competition
• It‘s not easy
– Complexity comes from multi-
tenancy + customization
• Have your business plan
ready when moving to a
world of SaaS
– Technology will follow Source: http://www.flickr.com/photos/laurie_pink/2599768757/
95
96. Saves the day.
Thank you!
Questions? You want more?
rainer@software-architects.at
Hinweis der Redaktion
This side has intentionally been hidden. Just for attendees who want to work through the demo after the conference or for people how could not attend the session in person.
This side has intentionally been hidden. Just for attendees who want to work through the demo after the conference or for people how could not attend the session in person.
This side has intentionally been hidden. Just for attendees who want to know more after the conference.
This side has intentionally been hidden. Just for attendees who want to work through the demo after the conference or for people how could not attend the session in person.
This side has intentionally been hidden. Just for attendees who want to work through the demo after the conference or for people how could not attend the session in person.
Examples for Sandboxing:.NET Sandbox (see link on Resources slide)IIS Application Pools (see link on Resources slide)
This side has intentionally been hidden. Just for attendees who want to know more after the conference.
This side has intentionally been hidden. Just for attendees who want to know more after the conference.
This side has intentionally been hidden. Just for attendees who want to work through the demo after the conference or for people how could not attend the session in person.
This side has intentionally been hidden. Just for attendees who want to work through the demo after the conference or for people how could not attend the session in person.
This side has intentionally been hidden. Just for attendees who want to know more after the conference.