Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Introduction
Software as a service (SaaS, pronounced ss or ss), sometimes referred to as "on-demand software", is a software delivery model in which software and associated data are centrally hosted on the cloud. SaaS is typically accessed by users using a thin client via a web browser. SAAS is fundamentally a business model where the application is owned, operated and managed by the vendor. The consumer pays for the usage and consumes the application. SAAS offers a hands-off model for consumers which frees the consumer from pain of server/application management and instead allows the consumer to focus on business.
SAAS
Desktop Applications
Mainfra mes
Intranet Solutions
SAAS
Technology Architecture Business Model
ISV Realignments
Operational Structure
Operational structure of the organization needs to be realigned to support an internet based solution both in terms of rapid development and also in terms of support offerings
Business Model
SAAS enabling the solution offering requires may require a change in terms of pricing models from traditional boxed offerings
Application Architecture
By bringing in multi tenancy, economies of scale can be achieved by better utilization of infrastructure and the savings can be passed on to consumers
5
SAAS Advantages
SAAS offerings are increasingly being considered within enterprises due to the following advantages
Pricing Most of the SAAS offerings are Multi Tenant enabling vendors to reduce prices due to economies of scale
Accelerated Feature Delivery SAAS offerings are delivered from Internet allowing vendors to update and offer new features regularly Open Protocols Increased competition and multi tenant nature of software forces vendors offer standard APIs for data access over open protocols
Customization and Configuration To reduce onboarding effort of customers, SAAS offerings typically offer self service customization and configuration options to end users
ARCHITECTURE CONSIDERATIONS
Multi Tenancy
Multi Tenancy is considered an essential part of SAAS systems. By adding an abstraction layer over the product, it enables ISV to optimally utilize the hardware and achieve economies of scale Compared to on-premise installation, bringing multi tenancy introduces additional complexity in terms of customization and data privacy Customization is a tricky topic as analysts have made both pro and anti customization calls
Customization branches the code making code management problems Without customization, customers may move not decide to buy the service as every business is unique
Ideal SAAS product should have Single Code base used by multiple customers.
Theming
Theming is an essential strategy within the application architecture to ensure that the customer feels that the solution aligns with the rest of the internal applications Theming may include one or more of the following elements
Customer Logo Application colors and themes Application Layout Dashboards
To ensure that the product branding is intact, the product logo can be part of the footer with a link to the product portal It may not be necessary to offer a user level color theme as part of customization
9
Metering
Metering is the process of monitoring usage and tracking application use
Helps in multiple billing methodology for different flavors of customers Metering also helps in capacity planning and knowing system health Consolidated metering information related to tenant can be made available pro-actively to customer administrators
10
Billing
Pricing models for SAAS applications vary based on type of application, usage, customer profile, etc
Unlike the boxed product, a SAAS product can have innovative pricing models
User based Usage based Fixed monthly cost Fixed yearly cost Freemium Multi year contracts
Billing models can be tested out early during trials to identify usage and can be finalized later Amortization of total cost can be over multiple customers multiple billing cycles
11
SLA Monitoring
With Product hosted on Internet and managed by the ISV, it is essential to guarantee SLA for customers to have confidence in the solution SLA guarantee can be promised for the following aspects
Availability Performance Security
A service guarantee to customer also helps in to build the necessary monitoring layer into the application that governs all the aspects of the application
14
Automated Provisioning
Onboard customers automatically with the shortest time and customer support effort
Automated provisioning also helps with offering trial plans for prospects
Self service customization makes it easier for customers to modify the service offering to fit their company needs Self managed tenant accounts liberates the support team from routine activities and reduces support calls
Provisioning on multi tenant SAAS systems require no changes to infrastructure and only adds records to Tenant Information Database
15
Customization
Customization can be offered at multiple levels depending on the need of the industry Table Structure
Allow additional fields to have tenant specific information Fixed number of columns in each table for customization Fully extensible EAV tables for complex and unlimited extensibility
Workflow
Control process flow and customize flow authorization Drag and Drop managed workflow for self service Factory pattern based coded workflow by ISV support team for complex scenarios
16
Governance
SAAS application being owned, hosted and managed by ISV, the onus of governance and compliance needs if any falls on the ISV
Data Security
Encryption in Transit and at rest
Certifications
Industry specific validations
Governance concerns are high in enterprises and compliance/certifications can allay the fears of IT decision authorities
17
Customers are worried about data security and privacy in multi tenant solutions. Due to governance rules within the customer legal department, customers may not prefer SAAS solutions
To ensure that the product caters to all customers, developing a hybrid solution covers all types of customers
Multi tenant SAAS solution for SMBs Independent hosting for other customers Boxed product of same codebase for intranet customers
Architecture needs to have a Factory based implementation of critical components to support both on-premise and cloud based services
18
Disaster Recovery
Disaster recovery policy for SAAS applications are necessary since the infrastructure management is handled by the ISV DR Strategies can vary based on time to recovery, point of recovery objectives Cloud based infrastructure enables quick recovery For Hot DR, it is essential to have an effective DNS services that quickly updates the DNS records
DR Type Cold Warm Hot Cost Low Medium High Time to recover High Medium Low 19
20
DESIGN CONSIDERATIONS
21
URL is the singular way to identify a tenant in a multi tenant setup without exposing the list of tenants to others
Subdomains
http://customer.product-brand.com Supports both the customer and product branding CNAME redirection to the Azure hosted service URL using DNS dashboard ISV managed DNS mappings
Customer URL
http://productname.customer.com Product branding in URL is lost even though the application may have product logo displayed in the UI Customer managed DNS mappings
For both methods, map the tenant URL to Windows Azure application URL using DNS CNAME records
22
23
High Availability
Application Availability can be improved by consuming inherent fault tolerant code blocks/services
Windows Azure compute is by default fault tolerant and starts up automatically in case of failures
Application SLA targets can be achieved by enabling the application to run in high availability mode Windows Azure by default guarantees 99.5% uptime guarantee if an application is run on a minimum of 2 nodes SQL Azure guarantees an uptime of 99.5% for their services By building stateless web/app tier and by adding retry logic within data access calls, SLA guarantee for SAAS applications can be made to customer
24
Identity Management
For enterprises, integration with their internal IT security for identity management is important
Microsoft Active Directory LDAP
Federated identity is the easiest way for integration with enterprise security for SAAS applications
Microsoft Active Directory Federation Services Windows Azure Active Directory
SAAS systems need to cater for both SMB and Enterprises. It is essential to build an integrated identity management solution within the product to cater to SMB needs.
SQL Authentication
25
Session
For high availability, Stateless web/app tiers are necessary Web tier usually maintains session state in memory for active users To enable Stateless web server design, state information can be moved to any of the following Windows Azure Services
SQL Azure Windows Azure Table Storage Windows AppFabric Caching
Moving session state out of memory increases session access latency but the impact is usually minimal
26
Caching
Application performance and throughput can be improve manifold by incorporating a caching strategy within the product Caching can be employed in multiple layers with minimal or no cost
Data HTML Server Pages Proxy Server Browser
For Data and Server Caching needs, employ cloud based caching services for high availability and scalability
Windows Azure Appfabric Cache Memcache
For proxy/browser caching, set the appropriate HTTP headers to ensure that data is cached in transit
27
Scalability
Windows Azure is an elastic environment which allows machines to be added/removed to the cluster at ease By adding auto scaling block to the web/app tier, an application can dynamically add/remove servers to the tier without lowering performance and with minimal cost considerations Scaling rules can be applied on web/app tier as
Add new instance to the group if average CPU utilization is over 75% for last 60 seconds Add new instance to the group if the number of pending items in Queue is over 250 for last 180 seconds Remove an instance from the web/app tier if the average memory utilization is less than 20% for last 120 seconds
Performance
Split the application into multiple types
Static Data Dynamic Data
By splitting the load between multiple domains, the browser optimally downloads the content increasing throughput of web servers Effective caching strategy reduces the amount of download making web applications load quickly Configuring multiple buckets and having multiple URLs configured improves overall content delivery to User browser CDN enabling the blob storage can reduce the network latency and deliver files from a closer data center location Compress web content using GZIP/Deflate methods to reduce the content size
29
Encryption
Encryption is a core part of security compliance for certificates like PCI Encryption has to be done for data in both forms
In Transit In Rest
Connectivity between Browser and Web Server can be encrypted using SSL/TLS services
Web roles can be secured using Server certificates Blob storage allows both http/https access using MS certificate
30
Logging
Plugging Logging module into applications are easier due to existence of multiple frameworks
Log4Net Microsoft Enterprise Library Logging block
Securely transfer all logs to Windows Azure Table storage and Windows Azure blobs
IIS Logs Application Logs Performance Metrics Errors and Exception logs Crash dumps
31
Data is paramount to analyze and monitor SLA. The data is also essential to scale out applications during heavy loads
32
Contact Us @
AZURE@8KMILES.COM OR CLOUD@8KMILES.COM
33