I am developing a web application for data analysis on agricultural datasets. Actually I want to make the
application to be multi tenant and I wish to deploy that SaaS application in a private cloud (in our school).
I got a few basic doubt in the programming part.
Do I need to develop the application in the Hadoop's map/reduce functionality?
Secondly,the selection of database. Since the data are highly structural in nature (like sql) can I use a sql server to manage data in cloud? In such do I need any middleware in addition to the IaaS setup and the SaaS application?
I am using J2EE technology for SaaS development. And the number of tenants will be within 50. Which approach is better in tha data base aspect. Actually security is not a big concern here.
Could you please tell me what are the basic requirements to develop a multi-tenant SaaS? ie whether all the application,platform and database to be configured for multi tenancy or else only the database part?
I am new to this technology and I preferred to use only the open source technologies for the development.
Kindly give me your suggestions which could be highly helpful to proceed in the right direction.
Thank you for your valuable time.
Regards,
Sangita
Do I need to develop the application in the Hadoop's map/reduce functionality?
map/reduce has no relation to SaaS or multitenancy
Secondly,the selection of database. Since the data are highly structural in nature (like sql) can I use a sql server to manage data in cloud? In such do I need any middleware in addition to the IaaS setup and the SaaS application?
This mainly depends on your data usage. However, one of the main aspects of multitenant system is the data model extension. There are multiple established options to support this in RDBMS world. Look here for more details.
In general, NoSQL databases are preferred as they support more unstructured data structures.
I am using J2EE technology for SaaS development. And the number of tenants will be within 50. Which approach is better in tha data base aspect. Actually security is not a big concern here.
If security is of not a big deal then you can co-locate the data of all customers in the same singe db schema instance. This is the simplest approach but would mean more dba headaches like archiving/backup etc. Look at the pros and cons here
Could you please tell me what are the basic requirements to develop a multi-tenant SaaS? ie whether all the application,platform and database to be configured for multi tenancy or else only the database part?
Branding (Customer specific UI themes etc), Workflow, data model extensions and access control are 4 main aspects that need to be considered for any multitenant system. (Source). So any design or architecture you choose should be able to address these aspects.
Suggested reading: Force.com multi-tenant architecture
Basic SAAS application has to:
- Use a single instance of code base per many tenant instances
- Map URLs with user instances of the application
- Map tenants in the database to their application instances.
If you're using SQL and you don't have any specific technology requirements for MSQL or Oracle, you can use Postgres or MySQL, or whichever you're most comfortable with. They all do the same thing. When you're building your data, make sure you add an additional column 'tenant_id' to each table to be able to select the content relevant to that instance.
If you're building ACL's, you'll want to set up an ACL for the system and a generic application-ACL for each tenant. So when the user logs in, they see a control panel that allows them to control their instance. If you just want them to log straight into their instance without a control panel, then you can ditch a layer of code and database complexity.
As far as J2EE goes, I can't help you there.
One of the most important aspects of SAAS is tenant instance security. You must display the correct data at all times and you must ensure that any changes made to the database for a single account don't affect any other accounts. Above all else, the database and code base must be protected from injection attacks.
Your application is only as strong as the weakest component and if you don't secure it properly, it'll fall down at the first hurdle.