Location>code7788 >text

Core conceptual model for multi-tenant systems

Popularity:449 ℃/2024-10-30 14:24:09

Hello, I'm Master Tang~

Let's take a closer look at the conceptual model of a multi-tenant system. The conceptual model is the "backbone" of a multi-tenant system and helps us understand how the various parts of the system are organized and operate.

Core conceptual model for multi-tenancy

  • person who leases: Typically refers to an enterprise customer where data and behavior are isolated between different tenants.
  • subscribers: Specific users within a particular tenant use information such as account numbers and passwords to log in to the SaaS system and use the software services.
  • organization: If the tenant is a corporate client, it usually has its own organizational structure.
  • workers: Refers to specific members within the organization.
  • prescription: To solve a customer's specific business problem, SaaS providers package a combination of products and services to provide a total solution.
  • offerings: SaaS providers sell customers software applications that help them realize closed-loop solutions for end-to-end processes.
  • resource domain: A set of cloud resource environments for running one or more software applications.
  • cloud resource: SaaS offerings are generally deployed on various cloud platforms (e.g., AliCloud, Tencent Cloud, Huawei Cloud, etc.), which provide resources such as compute, storage, network, containers, and so on, which are abstracted as cloud resources.

SaaS platforms can create and manage multiple platform users, tenants, and resource domains. This model structure enables multiple enterprise customers and users to run on the same platform while being independent of each other's data and resources.

A platform user can be associated with multiple tenants. For example, Zhang San, as a platform user, can belong to both tenant A and tenant B. This design allows platform users to flexibly switch between the tenants they belong to, making it easy to work across different enterprise accounts.

It is also possible to have multiple users in a single tenant, allowing multiple employees within an organization to share the tenant's resources and services.

A single tenant can subscribe to multiple solutions, and one solution often contains multiple products to meet the diverse needs of enterprise customers. These products can run on specific resource domains, ensuring efficient management and resource isolation of different products within the same tenant.

The organizational structure within a tenant supports hierarchical relationships. Within a single organizational unit, multiple employees can be configured and bound to platform users, making it easy for employees to access related services through their own accounts.

Examples of application scenarios for the conceptual model

1. Tenant and internal model relationships

In SaaS products, the tenant is the topmost concept, which can be understood as the renter of a big house, while the organization, users, products, cloud resources and other models inside the house are like various furniture and facilities in this house.

In other words, a tenant is a separate space that a SaaS product dedicates to each customer or enterprise, while models such as organization, user, product, and cloud resources are segmented structures within the tenant to support different usage requirements and permission assignments.

  • Tenant: equivalent to the ownership of the whole house, i.e. the tenant has the right to use this house in the SaaS platform and is the top-level manager of all internal resources.
  • Organization: Similar to the layout of rooms, each with a specific function (e.g., subsidiary, department), the organization structure helps companies map real-life management-level relationships within the platform.
  • Users: like the people who move around the house, users are given different roles and permissions that determine who has access to which rooms and who can use which furniture.
  • Products: Like a wide variety of furniture, appliances, and facilities in a home to meet different needs. Different tenants can choose from different product portfolios, adding or subtracting as needed to meet their business needs.
  • Cloud resources: similar to infrastructure such as water, electricity, coal, etc., to support the normal operation of the functions in the house, to ensure that the product is stable and smooth to provide services.

Through this analogy, it can be seen that SaaS products take the tenant as the topmost concept, providing a set of independent space for the enterprise, and the various resources within the tenant are flexibly managed and used under this framework, so that the enterprise customers can obtain customized services and resource-isolated security.

2. Tenant identification

In multi-tenant SaaS systems, regardless of the isolation model, it is critical to accurately identify tenants and obtain the appropriate resource allocation.

When a user logs into the SaaS system, the system generates and returns tenant context information. This context information includes the tenant that the user is associated with and the corresponding isolation mode (e.g., shared or independent resources).

Tenant context information is attached to every system interaction throughout the entire system call chain. The tenant context is retained at every step from user request to internal system processing. This allows upstream request processing modules to know how to route and access downstream resources.

Tenant context information enables the system to accurately identify tenant identity and configuration during request delivery. The system dynamically selects databases, application instances, or network resources based on the context, realizing data and resource isolation and ensuring that access by different tenants does not interfere with each other.

3. Tenant billing and metering management

Billing metering management for tenants is an integral part of the SaaS platform. Billing varies in different isolation models.

Billing is relatively simple in the silo isolation model. Because the resources (compute, storage, network, etc.) used by each tenant are individually allocated, it is as if each tenant has its own piece of "independent territory".

Therefore, we only need to count the amount of resources occupied by each tenant to calculate the cost. This model is logical and clear at a glance.

Billing is a bit more complicated in the shared model. Because multiple tenants share the same pool of resources, the ideal is to ensure that each tenant only pays for the portion they actually use.

Typically, we consider several metrics in combination, such as the number of requests, storage capacity, and the number of data objects created. By combining these data, we can calculate the cost per tenant with relative accuracy.

This article has been featured on, my tech site: Inside there are, algorithm Leetcode detailed explanation, interviews eight stock text, BAT interview questions, resume templates, architecture design, and other experience sharing.