The concept of multitenancy is widely mentioned in modern architectures, especially with the growth of cloud computing. Multitenancy is an architecture in which a single instance of application runs on a server and serves multiple tenants. Tenants are groups of users who share a common access with specific privileges to the application instance. Application designed with a multitenant architecture provides every tenant a dedicated share of the instance – including its data, configuration, user management, tenant individual functionality and non-functional properties.
Why it matters
Architecting a product for a single client is an easy job. There is just one party to listen and cater to, even if they have many requirements. However, if we are offering our product to a service provider that will then be offered to their customers, we need to ensure that the product caters to multiple levels of users. In such a scenario, granular access control and infrastructure segmentation are essential for isolating every customer’s workloads from every other customer’s workloads and users. To fulfill the requirements for effective workload isolation – preventing unauthorized communications and preventing unauthorized access, multi-tenancy is a must.
Another key benefit of multitenancy is the economic advantage of reduced cost. The cost of maintaining one instance for many customers is lower than maintaining separate instances for each one of many customers.
The must-have features of a multi-tenant system
Implementing a truly multitenant application architecture is not just a matter of role-based access control; it is way more complex than that owing to the fact that multiple customers’ data is being commingled. A key component of multi-tenancy is the ability to restrict a given user’s permissions to allow them to see and control only what they are authorized to view and/or maintain with no visibility of other customers or any of their assets, or of anything within their own company that they have not been assigned permission to see.
A multitenant system should provide SPs the ability to:
- Define and manage tenants (customers)
- Define and manage user accounts as members of tenants
- Assign different roles and access permissions to users
- Restrict access to data/elements within each tenant
While the service provider owning the system should be able to manage multiple tenants and see data across all tenants, the tenant users should not have any administrative privileges.
A brief overview of multi-tenancy in Trace9
Cloud9 Networks’ Trace9: Unified IT Infrastructure Monitoring Solution is uniquely designed to help SPs achieve the full benefits of a multi-tenant monitoring system. Multi-tenancy feature in Trace9 goes beyond simple RBAC by implementing Host-groups feature to achieve distinction between the customers who share the same application, running on the same operating system, on the same hardware, with the same data-storage mechanism. Host groups are logical containers configured to contain each company’s respective infrastructure elements. Each host group is accessible only to a specific customer’s users possessing different functional roles with respective privileges.
With Trace9’s Multitenancy feature, Service Providers can monitor multiple customers’ IT environments from a single dashboard. SPs can easily move between different customer environments to view the status of devices and services, obtain customer-specific alerts, and generate customer-specific reports.
Find out more about Trace9: www.cloud9stack.io
Contact us: firstname.lastname@example.org