multi-tenancy in private clouds
TRANSCRIPT
Cloud ComputingMulti-tenancy
Patrick Nicolashttp://patricknicolas.blogspot.comhttp://www.slideshare.net/pnicolas
https://github.com/prnicolasNov 7, 2007
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
2
Introduction
This presentation is an introduction to the different modes of deployment of multi-tenant application in the cloud, taking into account security, access control, scalability, performance and maintainability.
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
3
Elements of Multi-tenancy
There are 3 key elements to consider in deploying a multi-tenant SaaS that defines the degree of isolation in a cloud environment between tenants.• Access policies• Application deployment• Data access and privacy
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
4
Access policies
Proxies or web traffic managers are used to control access to cloud resources.
Client source
Users’ credentials
Targetresources
Externalcontenttenant
tenant
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
5
Application deployment options
They are several options for deploying application servers to support multiple concurrent tenants in a cloud environment
• Isolated business logic• Virtualized application servers• Shared virtual servers• Shared application servers
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
6
Isolated Business Logic
Each tenant accesses a dedicated physical server running a specific, customized business process (100% isolation)
tenant
tenant
7
Virtualization
Each tenant accesses an application server and database running on a dedicated virtual machine. Virtual machines may share the same underlying physical server.
tenant
tenant
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
8
Shared Virtualization
Each tenant accesses a dedicated application server with database running on a shared virtual machine.
tenant
tenant
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
9
Shared Application Server
Several tenants share the same application server running on the same virtualized environment. The execution of the business logic is done through dedicated thread or processed, providing limited isolation
tenant
tenant
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
10
Data: Deployment vs. Privacy
There are 5 configurations for deploying databases multi-tenant environment in a secure and private manner: • Dedicated hosts• Shared virtualized hosts• Dedicated database on shared hosts• Dedicated database instances on
shared databases• Shared Schema
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
11
Data on Dedicated Host
In this configuration the database resides in a dedicated server, providing tenant with a fully isolated data access
tenant
tenant
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
12
Data on Virtual Machine
The tenant accesses his/her data from separate databases running on a dedicated virtual machine but sharing a host.
tenant
tenant
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
13
Databases on Shared Virtualization
In this configuration the tenants access dedicated databases sharing the same virtual machine, with very limited isolation.
tenant
tenant
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
14
Shared Databases
The tenants manage their data residing on different tables within the same database instance. Although very cost effective for the cloud provider, this solution provides the customer with very limited privacy and isolation
tenant
tenant
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
15
Strategy
A cloud provider has to balance the different objectives, constraints when building a platform with resources shared among tenants:• Regulatory constraints• Data isolation• Maintenance costs• Schema extensibility• Business continuity and recovery• Liability regarding security
breachesPatrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
16
Costs vs. Data Privacy
It is obvious that greater application and data isolation increases deployment costs while sharing resources represents risks for data thief and loss
Data privacy risks
Costs
Dedicatedhost Database
on virtual machine
Databaseon shared
host
Shareddatabase
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
17
Design
The key requirements to build a first class, robust multi-tenant SaaS are• Data protection and liability• Scalability and costs• Customization and reusability• High availability
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
18
Mitigating Risks
The SaaS architect is responsible for setting up the defense perimeter to protect data from unintentional access or attack, for a configuration with a limited isolation. The toolbox should include• Filtering proxies (OAuth, NAT,
Reputation,..)• Access control lists (SAMM, Kerberos,
Identity management, …)• Cryptology
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
19
Data Distribution
The distribution of data is the most important factor in the scalability of a SaaS application that serve large amount of content. The most common techniques are• Dynamic provisioning• Partitioning• Sharding• Indexing• Caching
Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com