=============================================================
Saas Lens=============================================================
1.1、术语
1.1.1、tenant-租户
1.1.2、部署模式
1.1.2.1、silo:租户单一使用,没有其它租户干扰
1.1.2.2、Pool: 多租户使用,有noisy neighbor
1.1.2.3、Bridge : silo和pool混合模式
1.1.3、Saas Identity
1.1.3.1、用户必须有对应tenant identity
1.1.4、Tenant isolation
1.1.5、Data Partitioning
1.1.6、Noisy Neighbor
1.1.7、Tenant onboarding
1.1.7.1、租户开户(启用)过程
1.1.8、Tenant Tiers
1.1.8.1、租户分层、不同租户使用不同服务及SLA等级
1.1.9、Tenant Activity and Consumption
1.1.9.1、Metering and Billing
1.1.9.2、Tenant-aware operations
1.1.9.2.1、注意包括分析和评估Tenant 相关的趋势(trend)和模型(pattern)
1.2、设计原则-Design principle
1.2.1、There’s no one-size-fits-all Saas architecture没有统一的Saas 架构
1.2.2、Decompose each service based on its multi-tenant load and isolation profile: 居于多租户特性解构每个服务隔离和负载
1.2.3、isolate all tenant resource:隔离所有(注意不要求物理隔离)租户相关resource,避免非法访问
1.2.4、Design for growth: 设计时候考虑增长,保留租户数量、租户本身增长
1.2.4.1、Saas architecture must build a highly agile, frictionless environment that can accommodate spikes in tenant onboarding without adding significant operational overhead
1.2.5、instrument,capture and analyze tenant metrics
1.2.6、onboard tenants through a single ,automated ,repeatable process
1.2.7、Plan to support multiple tenant experiences
1.2.7.1、通过不同profile 支持不同类型的租户
1.2.8、Support one-off requirements through global customization
1.2.8.1、通过配置满足全球(所有)租户的定制化需求
1.2.9、Bind user identity to tenant identity
1.2.10、Align infrastructure consumption with tenant activity
1.2.11、limit developer awareness of multi-tenant concepts
1.2.11.1、降低开发人员需要掌控的租户相关概念、降低开发难度及风险
1.2.12、Saas is a business strategy-not a technical implementataions
1.2.13、create tenant-aware operational views
1.2.14、measure the cost impact of individual tenants
1.3、Pillars
1.3.1、operational excellent
1.3.1.1、How are you able to effectively monitor and manage the operational health of a multi-tenant environment
1.3.1.1.1、防止问题跨租户扩散1.3.1.1.2、create granular views of health and activiety that needed 1.3.1.1.2.1、基于views 创建 dashboards 1.3.1.1.2.2、开发对应运维工具1.3.1.1.3、ability to drill into the operational data for individual tenants and tiers、注意是操作数据,不是tenant本身业务数据1.3.1.1.4、https://www.slideshare.net/AmazonWebServices/gpstec309saas-monitoring-creating-a-unified-view-of-multitenant-health-featuring-new-relic
1.3.1.2、How are you capturing and surfacing metric data that can be used to analyze the
usage and consumption trends of individual tenants?
1.3.1.3、How do you support the need for tenant-specific customizations?
1.3.1.3.1、find a strategy that allows you to meet these occasional one-off needs without
creating a forked version of your product
1.3.1.4、How are new tenants onboarded to your system?
1.3.1.4.1、包括注册、开通资源、开通管理员、服务、计费等
1.3.2、Security
1.3.2.1、Identity and Access Management
1.3.2.1.1、How are you associating tenant context with users and applying that context within
your SaaS architecture?
1.3.2.2、Detective Controls
1.3.2.3、Infrastructure(服务也视为infra) Protection
1.3.2.3.1、How are you ensuring that tenant resources are protected from cross-tenant access?1.3.2.3.2、The Isolation Mindset 1.3.2.3.2.1、Isolation is not optional 1.3.2.3.2.2、Authentication and authorization are not equal to isolation 1.3.2.3.2.3、Isolation enforcement should not be left to service developers 1.3.2.3.2.4、If there’s not an out-of-the box isolation solution, you may have to build it yourself 1.3.2.3.2.5、Isolation is not a resource-level construct 1.3.2.3.2.6、Domains may impose specific isolation requirements 1.3.2.3.2.6.1、some high compliance industries may require that every tenant have its
own database、In these cases, the shared, policy-based approaches to isolation may not be adequate.
1.3.2.3.3、Core Isolation Concepts 1.3.2.3.3.1、Silo Isolation 1.3.2.3.3.2、Pool Isolation 1.3.2.3.3.3、Bridge Model 1.3.2.3.3.4、Tier-based Isolation 1.3.2.3.3.4.1、package and offer different flavors of isolation to different tenants with different profiles 1.3.2.3.3.5、Targeted Isolation 1.3.2.3.3.5.1、isolation choices in your system can be quite granular
1.3.2.4、Data Protection
1.3.2.4.1、要避免平台/infra 人员接触租户数据1.3.2.4.2、无特殊,但个人认为需要建立类似公有云职责分离的数据保护
1.3.2.5、Incident Response
1.3.2.5.1、无特殊,但个人认为需要建立类似公有云职责分离的response
1.3.3、Reliability
1.3.3.1、Foundations
1.3.3.1.1、How do you limit an individual tenant’s ability to impose load that might impact
availability for other tenants of your system?
1.3.3.1.1.1、need to be especially proactive in your efforts to identify workloads
and patterns of consumption that could impact the reliability of your system.
1.3.3.1.1.2、must introduce mechanisms that can detect and resolve
workload issues before they can impact the reliability of your application
1.3.3.1.2、How do you proactively detect and maintain tenant health? 1.3.3.1.2.1、need to introduce code into your application that will publish health
insights with tenant context.
1.3.3.1.3、How are you testing the multi-tenant capabilities of your SaaS application? 1.3.3.1.3.1、Cross-tenant impact tests 1.3.3.1.3.2、Tenant consumption tests 1.3.3.1.3.3、Tenant workflow tests 1.3.3.1.3.4、Tenant onboarding tests 1.3.3.1.3.5、API throttling tests 1.3.3.1.3.6、Data distribution tests 1.3.3.1.3.7、Tenant isolation testing
1.3.3.2、Change Management
1.3.3.2.1、多版本、蓝绿、金丝雀等管理是必须具备的
1.3.3.3、Failure Management
1.3.3.3.1、多租户下的通知模式如何处理?
1.3.4、Performance Efficiency
1.3.4.1、How do you prevent one tenant from adversely impacting the experience of another
tenant?
1.3.4.2、How are you ensuring that the consumption of infrastructure resources aligns with
the activity and workloads of tenants?
1.3.4.3、Monitoring
1.3.4.3.1、How do you enable varying levels of performance for different tenant tiers and plans?1.3.4.3.2、是否需要多层(租户)、平台的模式
1.3.4.4、Tradeoffs
1.3.4.4.1、对应HPC场景,是否可以让租户选择tradeoff 策略?
1.3.5、Cost Optimization
1.3.5.1、Cost-Effective Resources
1.3.5.2、Matching Supply and Demand
1.3.5.3、Expenditure(预测) Awareness
1.3.5.3.1、How do you measure the resource consumption of individual tenants?1.3.5.3.2、How are you correlating tenant consumption with the costs of your infrastructure? 1.3.5.3.2.1、如何分摊公共消耗?