This presentation introduces the different modes of deployment of applications on a private cloud. Each solution is evaluate in terms of access control, performance and scalability.
2. Introduction
This presentation is an introduction to the
different modes of deployment of multitenant application in the cloud, taking into
account security, access control, scalability,
performance and maintainability.
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
2
3. Elements of Multi-tenancy
There are 3 key elements to consider in
deploying a multi-tenant SaaS that defines the
degree of isolation in a cloud environment
between tenants.
• Accesspolicies
• Application deployment
• Data access and privacy
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
3
4. Access policies
Proxies or web traffic managers are used to
control access to cloud resources.
Users’
credentials
tenant
tenant
External
content
Client
source
Target
resources
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
4
5. Application deployment options
They are several options for deploying
application servers to support multiple
concurrent tenants in a cloud environment
• Isolated business logic
• Virtualized application servers
• Shared virtual servers
• Shared application servers
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
5
6. Isolated Business Logic
Each tenant accesses a dedicated physical
server running a specific, customized business
process (100% isolation)
tenant
tenant
6
7. Virtualization
Each tenant accesses an application server and
database running on a dedicated virtual
machine. Virtual machines may share the same
underlying physical server.
tenant
tenant
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
7
8. Shared Virtualization
Each tenant accesses a dedicated application
server with database running on a shared
virtual machine.
tenant
tenant
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
8
9. Shared Application Server
Several tenants share the same application server
running on the same virtualized environment.
The execution of the business logic is done
through dedicated thread or processed, providing
limited isolation
tenant
tenant
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
9
10. Data: Deployment vs. Privacy
There are 5 configurations for deploying databases
multi-tenant environment in a secure and private
manner:
• Dedicatedhosts
• Shared virtualized hosts
• Dedicated databaseon shared hosts
• Dedicateddatabase instances on shared
databases
• Shared Schema
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
10
11. Data on Dedicated Host
In this configuration the database resides in a
dedicated server, providing tenant with a fully
isolated data access
tenant
tenant
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
11
12. Data on Virtual Machine
The tenant accesses his/her data from separate
databases running on a dedicated virtual
machine but sharing a host.
tenant
tenant
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
12
13. Databases on Shared Virtualization
In this configuration the tenants access dedicated
databases sharing the same virtual machine, with
very limited isolation.
tenant
tenant
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
13
14. Shared Databases
The tenants manage their data residing on
different tables within the same database
instance. Although very cost effective for the
cloud provider, this solution provides the
customer with very limited privacy and
isolation
tenant
tenant
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
14
15. Strategy
A cloud provider has to balance the different
objectives, constraints when building a platform
with resources shared among tenants:
• Regulatory constraints
• Data isolation
• Maintenance costs
• Schema extensibility
• Business continuity and recovery
• Liability regarding security breaches
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
15
16. Costs vs. Data Privacy
It is obvious that greater application and data
isolation increases deployment costs while sharing
resources represents risks for data thief and loss
Costs
Dedicated
host
Database
on virtual
machine
Database
on shared
host
Shared
database
Data privacy risks
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
16
17. Design
The key requirements to build a first class, robust
multi-tenant SaaS are
• Data protection and liability
• Scalability and costs
• Customization and reusability
• High availability
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
17
18. Mitigating Risks
The SaaS architect is responsible for setting up
the defense perimeter to protect data from
unintentional access or attack, for a
configuration with a limited isolation. The
toolbox should include
• Filteringproxies (OAuth, NAT, Reputation,..)
• Access control lists (SAMM, Kerberos, Identity
management, …)
• Cryptology
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
18
19. Data Distribution
The distribution of data is the most important
factor in the scalability of a SaaS application that
serve large amount of content. The most
common techniques are
• Dynamic provisioning
• Partitioning
• Sharding
• Indexing
• Caching
Patrick Nicolas (C) Copyright 2007-2013
patricknicolas.blogspot.com
19