1 Preface
After years of Enterprise Informatization Construction, nine business website subsystems, nine Professional application subsystems, 20 independent information modules, and 330 processes are gradually formed in the office system. These systems or modules are built on Microsoft IIS, Apache Tomcat, WebLogic, and cordys bop. They are independent of each other and do not affect each other.
If repeated investment, resource sharing, and O & M are not considered, there are still some long-term problems that are difficult to solve:
(1) The Organization and accounts of various systems are inconsistent, making maintenance difficult;
(2) In some systems or modules, cross-department personnel are still processed in two or more accounts, which is not intuitive but relatively operational;
(3) virtual team support is implemented through coding, which has a long implementation cycle and lacks flexibility.
Due to the fever of cloud computing issues, in IAAs virtualization resource pools and shared data centers, how can we provide services with the same or even customizable services for most clients with a single system architecture and service, in addition, it can still ensure the customer's data isolation, so that the multi-tenant technology becomes the above requirement to provide a set of solutions.
2 Multi-tenant technology overview 2.1 multi-tenant technology Overview
According to the definition in Baidu encyclopedia, multi-tenant Technology (Multi-Tenancy technology) is a software architecture technology, it explores and implements how to share the same system or program components in a multi-user environment and ensures data isolation between users.
Multi-tenant technology originated in the 1960 s. Many companies rented a portion of their computing resources from their mainframe suppliers to use more computing resources, these users often use the same application. At that time, the user's account ID is determined based on the data entered when the user logs on to the system, mainframe vendors can use this ID to calculate the resource usage, including CPU, memory, floppy disk, or tape, this practice is also used by SAP companies in their r/1 to R/3 product lines.
In the 1990 s, the Application Service Provider Model emerged. Its Practice and operation model were the same as when large hosts were rented, but the resources were rented on software, in addition to the operating system, it also contains applications on it, such as ERP systems or CRM applications. The system may run on several different machines, or share different databases on the same host to differentiate and calculate the customer's resource usage, and use it as the billing standard, this technology also effectively reduces the supplier's physical machine costs (because it can run the application processes rented by multiple users simultaneously on one computer ). In modern times, popular consumer-oriented web applications (such as Hotmail or gmail) Support all users on a single application platform, this is already the result of the natural evolution of the Multi-tenant technology. The multi-tenant technology also allows customers to further customize their applications.
With the maturity and application expansion of virtualization technology, multi-tenant technology can control the virtualization platform and strengthen the isolation between user applications and data, enable multi-tenant technology to make full use of its features.
In terms of functionality, SAAS applications need to fulfill the functional requirements in application requirements. There is no difference between this and traditional applications. In addition, the most important feature of SAAS applications is to support multiple tenants. This is especially required for enterprise-oriented SaaS applications.
2.2 Gartner's 7 multi-tenant Models
Next, let's take a look at what kind of multi-tenant model can be used during the establishment of SAAS applications. In this way, we can clearly understand which multi-tenant services can be provided to users by using SaaS developed on the PAAs platform in the future.
Gartner proposes seven multi-tenant deployment and implementation models, which can serve as a reference model for any multi-tenant environment. In specific implementation and large enterprises, you can decide what kind of multi-tenant model Gartner proposes based on your own needs, or several multi-tenant models can exist in a cloud environment.
First, let's take a look at the seven models proposed by Gartner. Then, based on the actual situation of this project, we will propose the multi-tenant model design to be built using the workflow engine product.
First, Gartner divides the multi-tenant model at four levels, namely, the infrastructure layer (mainly refers to various servers) and the data layer (that is, the database layer), application platform layer (that is, the application running container, also known as the application server), and application logic layer (that is, the application function ). As shown in:
The first model is called "shared nothing", that is, it does not share any resources. In this model, each tenant is exclusive from the underlying infrastructure layer to the application logic layer at the top. This mode is also a traditional IT development and deployment mode. That is, each customer needs to purchase hardware devices and deploy the other three layers on their own hardware devices.
The second model is known as "shared Hardware", that is, sharing hardware resources. All hardware servers form a hardware resource pool, and all tenants share these resources as needed. In this model, the underlying virtualization technology is used to virtualize multiple hardware servers and allocate them to different tenants. However, the tenant needs to purchase and deploy the content at other levels. This mode is now a common IAAs mode.
The third model is called "shared OS", that is, the shared operating system. In this model, all hardware resources are installed with the same operating system, and computing resources are shared by splitting and allocating operating system processes between tenants. Like the second model, this model focuses on the sharing and allocation of underlying computing resources, and the higher level of content is the exclusive resources of each tenant. Purchase and deploy the service separately.
The fourth model is shared database. In this model, all tenants share a database. Each tenant's own application server and applications running on it use the data resources allocated for this tenant in the shared database.
The fifth model is shared container. Note: In this model, each tenant only shares the running container of the application, and the database corresponding to the application is exclusive to each tenant. This is a fundamental difference from the sixth model. In this model, containers running applications must support multi-tenant access, that is, containers can intelligently distinguish requests from tenants. Although different tenants may call the same function, that is, sending the same API request to the container, because the container itself can distinguish the context of the tenant, the requests called by each tenant will not be confused, instead, the data is sent to the specified data source of the tenant and the correct data is returned. No data leakage occurs.
The sixth model is "shared everything", that is, full sharing. In this model, all tenants share all resources from top to bottom. The provider of the service can make the best use of various resources and deploy only one program once based on the multi-tenant application container, it can meet the needs of all tenants for public applications.
The sixth model has the best scalability and is the best choice for public applications. The fifth model has a good data isolation effect, so it is an ideal deployment method for tenant-specific applications. The other models mentioned in this Article do not use application containers that support multiple tenants. Therefore, they are the traditional development and deployment methods for the application layer. Even for public applications, you must deploy these models for each tenant. In addition, each tenant must purchase and deploy the corresponding application container, it is also an unreasonable division of resources.
The seventh model is called "Custom multitenancy", that is, customized multi-tenant. In this model, the method to implement multi-tenancy is to transform existing APIs in the application logic to increase the tenant dimension. However, this mode only works for an application. Because it does not use an application server that supports multiple tenants, but wants to share the application container with each tenant, it has to be written in the application logic. However, the disadvantages are also obvious. If there are many applications, each application needs to be transformed accordingly. for developers, a lot of repetitive work will be done to increase development costs.
During information platform construction, an appropriate multi-tenant model should be built based on the needs of specific customers to provide them with SaaS application services at different service levels. For customers who require more economical SaaS applications, the sixth multi-tenant model can be provided. For customers who require higher data isolation and computing resources, the Fifth Multi-tenant model is available.
2.3 features of Multi-tenant applications
(1) user customization
You can customize applications as needed;
Multiple versions are allowed to run simultaneously.
(2) shared instances
Convenient deployment and management;
Easy to expand;
It facilitates data integration.
(3) Application Isolation and Data isolation
2.4 Multi-tenant Use Cases
For multi-tenant scenarios, applications and deployment isolation, database isolation, and different databases are used.
For example, the marketing department, the rental business process, and professional applications. Then, after logging on to the system, the market operator can view the business process and professional application Application menus and have the corresponding permissions to perform business operations. The business application permissions are configured by the business application administrator.
3. Use multi-tenant technology to implement cross-department and virtual team functions 3.1 Introduction
In information system design, system personnel are also common in cross-department situations. Generally, they are solved through organization management and role management. When the system grows larger, this solution will be more complex and less flexible.
As described in this article, multiple independent systems are also called "shared nothing" in Gartner's first model, which is solved one by one.
Nowadays, with the popularization of information technology, information systems are becoming increasingly large and complex. The early content needs to be integrated into a unified platform and adopt the "Fever-level" cloud technical architecture, cross-department and virtual team solutions are highlighted. How can this problem be solved more rationally?
3.2 Solutions Using Multi-tenant Technology
A solution that uses multi-tenant technology is not only a technical solution, but also a management solution. In this way, let's start with the technical solution.
(1) There should be unified user account services, unified to-do task services, and Tenant Services on the target business operation platform.
Unified User Account Service is only one set of user accounts and standard organizations for all applications on the business operation platform;
The unified to-do service is applicable to process applications. All process applications are provided by the Unified to-do service;
Tenant service is a Tenant lease activation management provided by the platform.
(2) As shown in, deploy an application on tenant content. If a tenant has Personalized Requirements, the new version will be customized on the original application version and used on the new tenant.
Based on this principle, a business application usually contains a basic version. Others are used to expand personalization and versions, rather than a large and comprehensive version. In this way, the functions of related personnel across departments and virtual organizations are as follows, as a service, it can be solved within the application.
If, in terms of the management solution.
(1) Cross-department or virtual organization is often temporary or has a deadline. In this way, from the management perspective, new tenants are created to provide relevant services for the temporary organization;
(2) For special multi-identities, functional structures, and individuals, a dedicated tenant is established to meet the needs of cross-department and virtual organizations.
3.3 examples of Multi-tenant use
(1) process of using applications
As shown in, you can log on to the system through a unified organization directory to obtain basic user information and permissions (Application menu entry), and enter the activated application through the menu, you can obtain the role permissions under this application (used to process virtual organizations) and draft documents by Virtual Organization roles.
(2) process of handling to-do tasks
As shown in, you can log on to the system through a unified organization directory to obtain basic user information and permissions (Application menu entry), read to-do tasks through a unified to-do list, and include rental application information in the to-do list, then, you can directly locate the specific application function. When you enter the activated application, you can obtain the role permissions under the application (used to process virtual organizations) and approve documents by virtual organization role.
Based on the above process analysis, virtual organizations and personnel can be centrally managed across departments. The concept of unified management is limited to the technical level, so that it can be applied on the unified business operation platform. From the perspective that business applications serve virtual teams, tenants should be activated for virtual teams to deploy relevant business applications for virtual teams. From the perspective that virtual teams can use an application, create a role group for the virtual team in the application.
The role groups (permission clusters) of the virtual team should be centrally managed and allocated to the corresponding applications.
4 thoughts on using SaaS model development 4.1 about SaaS Model
According to Baidu encyclopedia, SAAS is a software-as-a-service (software as a service ). SAAS is called software operation or software camp in the industry. Is an application model that provides software services on the Internet. With the development of Internet technology and the maturity of application software, a completely innovative software application model that emerged in the 21st century is the latest trend in the development of software technology.
SAAS is neither cloud computing nor SAAS. SAAS is the performance of applications on cloud computing, and cloud computing is the basic backend Service Guarantee of SAAS. Cloud computing will weaken the SAAs threshold and promote SaaS development. Cloud computing applications are directly stripped away, leaving the platform behind, making the platform always a platform, and people who are cloud computing resources concentrate on senior scheduling and services. SAAS service providers only need to focus on their own software functions and do not need to invest a lot of money in backend infrastructure construction.
Based on whether SaaS applications are configurable, high-performance, and scalable, The SAAs Maturity Model is divided into four levels. Each level adds one of the three features compared with the previous level.
|
Configurable |
High Performance |
Scalable |
Level1 |
N |
N |
N |
Level2 |
Y |
N |
N |
Level3 |
Y |
Y |
N |
Level4 |
Y |
Y |
Y |
(1) custom development-level1
In this model, the software service provider customizes and deploys a set of software for each customer. Each customer uses an independent database instance and application server instance. The data structure and application code in the database may have been customized and modified according to customer requirements. (Multiple development)
(2) configurable-level2
Different configurations are used to meet the needs of different customers, without specific customization for each customer, in order to reduce the cost of custom development.
However, the deployment architecture of the software has not changed much, and a running instance is still independently deployed for each customer. However, each running instance runs the same code and meets the personalized requirements of different customers through different configurations.
The more common implementation method of configurability is achieved through metadata (metadata. (Multiple deployments during one development)
(3) Multi-rent architecture-level3
The application architecture of a Multi-tenant single-instance (Multi-tenant) is typically a real SaaS application architecture, which can effectively reduce the hardware and operation and maintenance costs of SAAS applications, maximize the scale effect of SAAS applications. (One development and one deployment)
(4) Scalable Architecture-level4
The third-level multi-tenant singleinstance system is extended to multi-tenant multiinstance. The end user first connects to the tenant load balance layer and is assigned to different instances. Using multiple instances to share the access of a large number of users, we can achieve almost unlimited horizontal scaling of applications.
The saas2.0 model requires service providers to provide SaaS application platforms with flexible customization, real-time deployment, and rapid integration, and provide Web-based application customization, development, and deployment tools, it can implement unprogrammed SaaS applications, stability, and deployment.
4.2 thoughts on using the SAAs Model
The saas2.0 model officially targets enterprise users.
As shown in, market competition information applications are assembled through software components (Information Publishing, information interaction, information display, information statistics, and UI combination, the assembled market competition information application is provided to Market Operation Department tenants. The saas2.0 mode is recommended for such a solution. Let's talk about the architecture functions first.
(1) The application display interface can be configured or adjusted according to rules. The simple method is to provide an information column template, which can be configured on the topic;
(2) functional components are designed and developed according to interface specifications and webserice specifications to facilitate adaptation and assembly;
(3) the granularity of functional components should be moderate to facilitate management and assembly. The principles can be defined as follows: business integrity, modular interface display, and technical service professionalism.
5 thoughts on O & M management
Platforms and software using multi-tenant technology are complex, flexible, and diverse, which brings certain challenges to O & M management. Therefore, O & M management should be defined during the design. For cross-department and virtual team management, personnel O & M management can be started.
(1) personnel changes
Adjusting departments, adjusting positions, and transferring to different companies is common O & M work. In this way, the corresponding tenants, application modules (Application List), roles, and permissions are managed around the adjustment of personnel, and resources are adjusted from the original resource information to the target resource information from the perspective of people, make the change log.
(2) Virtual Team Management
From the operational platform perspective, unified and systematic management of virtual teams, including team member management and permission management, also have multi-angle cross-cutting issues that need to be fully considered during design.
O & M management is limited to the length and topic of the document. Here we will discuss it later.
Finally, I hope that the discussion in this article will serve as a reference to the informatization construction of enterprises based on cloud computing technologies. Due to the rush of time and lack of words and logic, it is convenient to give some advice.
References:
Baidu Encyclopedia: Multi-tenant Technology
Baidu Encyclopedia: SaaS Model
Informatization Construction adapts to current reform-simplifying the process and information transparency
Multi-tenant technology is used in IT systems to provide solutions for cross-department and virtual teams (draft)