Gianpaolo CarraroGianpaolo CarraroArchitecture Strategy TeamArchitecture Strategy Teamgianpc@microsoft.comgianpc@microsoft.com http://http://blogs.msdn.com/gianpaoloblogs.msdn.com/gianpaolo

ContextContext

Facts:Facts:Software as a Service (SaaS) is getting a lot of attentionSoftware as a Service (SaaS) is getting a lot of attention

Lots of buzz but little architectural guidance on the topicLots of buzz but little architectural guidance on the topic

Architecture Strategy Team is investing in SaaS Architecture Strategy Team is investing in SaaS GuidanceGuidance

Currently, more an ISV topic than a SI or EnterpriseCurrently, more an ISV topic than a SI or EnterpriseEven though I talked to several enterprises developing SaaSEven though I talked to several enterprises developing SaaS

Today’s Objectives:Today’s Objectives:Share with you Share with you ourour current thinking current thinking

Get Get youyou thinking / get thinking / get youryour thinking thinking

(maybe) find ways to collaborate / engage in projects(maybe) find ways to collaborate / engage in projects

AgendaAgenda

Software as a Service (SaaS) OverviewSoftware as a Service (SaaS) Overview

Architectural Shift OverviewArchitectural Shift Overview

Some Design PatternsSome Design Patterns

Q&A Q&A

SaaS “Actors” and InterestsSaaS “Actors” and Interests

What is SaaS: What is SaaS: ISV definitionISV definition

Simply put:Simply put:

Software deployed as a hosted service and accessed over the Internet.

as opposed to: as opposed to: “on premise”“on premise”

This said, not all SaaS are This said, not all SaaS are equal:equal:•Degree of customization per Degree of customization per “user”“user”•Scalability of the serviceScalability of the service•Enterprise / ConsumerEnterprise / Consumer•Monetization model Monetization model •Sales model (direct / indirect)Sales model (direct / indirect)•……2 categories of SaaS applications are getting the most

attention: (a) Enterprise LOB SaaS(b) “Web 2.0” Consumer SaaS

SoftwarSoftware e

ServicesServices

Realizing SaaSRealizing SaaS

Business Business ModelModel

ApplicatiApplication on

ArchitecArchitectureture

OperatioOperational nal

StructurStructuree

SaaS impacts the entire consumption cycle SaaS impacts the entire consumption cycle : : In particular in the L.O.B. application spaceIn particular in the L.O.B. application space

PurchasePurchase DeploymentDeployment ManagementManagement

FromFrom::Long Eval ProcessLong Eval Process

CapExCapExToTo::

Try before you buyTry before you buy OpEx OpEx

FromFrom::CustomizatioCustomizatio

nn

ToTo::ConfiguratioConfiguratio

nn

FromFrom::Reliance on Reliance on internal ITinternal IT

ToTo::SLAsSLAs

Enable:Enable:Try before you Try before you

buybuy

EnableEnable::ConfiguratioConfiguration n (no custom (no custom

code)code)

EnableEnable::SLA monitoring / SLA monitoring /

enforcementenforcement

BuyerBuyer

SellerSeller

Big Deal 1: Importance of Economy of Big Deal 1: Importance of Economy of ScaleScale

Hardware Costat Provider

People Costat Provider

Big Deal 2: The Long TailBig Deal 2: The Long Tail

Your Large CustomersYour Large Customers

Dozens of markets of millions or Dozens of markets of millions or millions of markets of dozens?millions of markets of dozens?

$ / Customer$ / Customer

# of Customers# of Customers

Your Typical CustomersYour Typical Customers

(Currently) “non addressable” Customers(Currently) “non addressable” Customers

What if you lower your cost of sale (i.e. What if you lower your cost of sale (i.e. lower barrier to entry) and you also lower lower barrier to entry) and you also lower cost of operationscost of operations

New addressable market >> current marketNew addressable market >> current market

Big Deal 3: Monetization OptionsBig Deal 3: Monetization Options

Subscription Subscription (monthly fee per seat)(monthly fee per seat)

Transaction based pricing Transaction based pricing (profit sharing)(profit sharing)

Ad-based revenue Ad-based revenue (e.g. pay per click)(e.g. pay per click)

Big Deal 4: Humans are costlyBig Deal 4: Humans are costly

Reduce human interventionReduce human interventionNo Direct Sales (but referrals and breadth No Direct Sales (but referrals and breadth marketing)marketing)

Self ProvisioningSelf Provisioning

Self CustomizationSelf Customization

Delegate AdministrationDelegate Administration

Automatic billingAutomatic billing

Impact on your architectureImpact on your architecture

Requires Architectural Shift:Requires Architectural Shift:single instance – multi tenancysingle instance – multi tenancy

Multi-tenant efficientMulti-tenant efficientSharing resources (Sharing resources (One instance to run them One instance to run them all)all)

CustomizableCustomizableCustomization through configurationCustomization through configuration

ScaleableScaleableMany applications will require Internet scaleMany applications will require Internet scale

““Basic” SaaS Maturity ModelBasic” SaaS Maturity Model

Ad-hoc / Custom

Application Hosting Model (ASP)

Configurable (but single tenant)

Physical or Virtual Isolation

Configurable, Multi tenant

Scalable, Configurable, Multi tenant

Share vs. IsolateShare vs. Isolate

Share

Isolate

Economy of Scale

Simpler Management

SLA per tenant

Data Separation

The right balance is determined by:

• Business model (“can I monetize isolation?”)

• Architectural model (“can I run on a single logical instance?”)

• Operation model (“can I guarantee my SLA without isolating?”)

• Customer demand (“I want my data to be separate”)

High Level Application ArchitectureHigh Level Application Architecture

BrowserSmart Client

Presentation

Process Services

Business Services

Meta Data Services

Security Services Directory

Service

DatabasesFile System

Meta Data

Meta Data ServiceMeta Data Service

UI/Branding

Workflow/Business Rules

Data Model Extensions

0 or more scopes

Scope

Access Control

Customizable:Customizable:

UI/BrandingUI/Branding

WorkflowWorkflow

Data ModelData Model

Business rulesBusiness rules

Domain-specificDomain-specific

Scope:Scope:Nested hierarchy of Nested hierarchy of customizationcustomization

InheritableInheritable

E.g. Enterprise, E.g. Enterprise, department, user department, user levelslevelsDomain-specific ext.

Security ServicesSecurity Services

Authentication

Authorization

Auditing

Authentication:Authentication:Username/password, Username/password, X509 CertificatesX509 CertificatesSSOSSO

Authorization:Authorization:RBAC, Rule-basedRBAC, Rule-based

Audit:Audit:Security eventsSecurity eventsPolicy driven on/offPolicy driven on/off

Access ControlAccess Control

Role

Users

Groups

Permission

Permission

…

Business Rules

Authorization policies can be defined at different Authorization policies can be defined at different scopesscopes (enterprise, dept etc.)(enterprise, dept etc.)Permissions, roles, groups and business rules can be Permissions, roles, groups and business rules can be customizable per tenantcustomizable per tenant

Scope

Data Model ExtensionData Model Extension

Challenges:Challenges:Defining custom fields and storing custom data Defining custom fields and storing custom data for each tenant.for each tenant.

Business logic that can handle custom fieldsBusiness logic that can handle custom fields

Presentation logic that can handle custom Presentation logic that can handle custom fieldsfields

Tenant Tenant AA

Product IDProduct ID

DescriptioDescriptionn

Category Category IDID

Catalog Catalog ItemItem

Tenant Tenant BB

Product IDProduct ID

DescriptionDescription

Classification Classification CodeCode

Catalog Catalog ItemItem

Custom Fields Data and Custom Fields Data and DefinitionDefinition

Meta-data/data dictionary requiredMeta-data/data dictionary required

3 general approaches:3 general approaches:Separate database for each tenantSeparate database for each tenant

Shared database, a canned set of extended Shared database, a canned set of extended fieldsfields

Shared database, any number of extended Shared database, any number of extended fieldsfields

Tradeoff between each approachTradeoff between each approach

Dedicated Tenant DatabaseDedicated Tenant Database

Approach:Approach:Separate database for each Separate database for each tenanttenantDatabase maintains data Database maintains data dictionarydictionary

Advantages:Advantages:Easy to implementEasy to implementMeta data identifies database Meta data identifies database instance for each tenantinstance for each tenant

Tradeoff:Tradeoff:Number of tenants per database Number of tenants per database server is lowserver is lowInfrastructure cost of providing Infrastructure cost of providing service rise quicklyservice rise quickly

When to use:When to use:When tenant has data isolation When tenant has data isolation requirementsrequirementsAble to monetize the data Able to monetize the data extension/isolation featureextension/isolation feature

TenanTenant 1t 1

TenanTenant 3t 3

TenanTenant 2t 2

Shared Database, fixed set of Shared Database, fixed set of extensionsextensions

Approach:Approach:All tenants data in one All tenants data in one database.database.Pre-defined set of custom Pre-defined set of custom fieldsfields

Advantages:Advantages:Easy to implementEasy to implementMaximize number of tenants Maximize number of tenants per database serverper database server

Tradeoff:Tradeoff:Tendency to results in sparse Tendency to results in sparse tabletable

When to use:When to use:When data co-mingling is OKWhen data co-mingling is OKEasy to anticipate pre-defined Easy to anticipate pre-defined custom fieldscustom fields

Tenant Tenant IDID

F1F1 F2F2 C1C1 C2C2 C3C3

345345 TedTed 5353 NullNull paipaidd

NullNull

777777 KayKay 3434 2323 NullNull NullNull

784784 MarMaryy

4545 NullNull NullNull NullNull

345345 NedNed 2121 NullNull oweowe NullNull

438438 PatPat 2626 NullNull NullNull yesyes

Same database, variable Same database, variable custom extensionscustom extensions

ApproachApproachAll tenants in one All tenants in one databasedatabaseVariable number of Variable number of custom fieldscustom fieldsName-value pair in Name-value pair in separate tablesseparate tables

AdvantageAdvantage““Unlimited” Unlimited” number/option for custom number/option for custom fieldsfields

TradeoffTradeoffIncrease Increase index/search/query/update index/search/query/update complexitycomplexity

When to useWhen to useOK to co-mingle tenant OK to co-mingle tenant datadataCustom fields are high Custom fields are high value featuresvalue featuresDifficult to predict custom Difficult to predict custom fieldsfields

Tenant Tenant IDID

F1F1 F2F2 Record Record IDID

764764 TedTed $56$56 893893

673673 JohnJohn $32$32 NullNull

783783 SalSal $99$99 564564

Record IDRecord ID NameName ValueValue

893893 StatusStatus GoldGold

893893 ExpireExpire 7-29-20087-29-2008

564564 AffiliationAffiliation AcmeAcme

Scaling ApplicationScaling Application

StatelessStatelessImprove service memory footprintImprove service memory footprint

Improve ability to load balanceImprove ability to load balance

Asynchronous I/OAsynchronous I/ODo useful work while waiting for I/O to completeDo useful work while waiting for I/O to complete

Resource PoolingResource PoolingThreads, network and database connectionsThreads, network and database connections

Maximize concurrencyMaximize concurrencyMinimize exclusive lockingMinimize exclusive locking

Scaling DataScaling Data

Data PartitionData PartitionDivide subscriber data into smaller partitions to Divide subscriber data into smaller partitions to meet performance goalsmeet performance goals

Schemes: hashing, temporal, etc.Schemes: hashing, temporal, etc.

Dynamic RepartitioningDynamic RepartitioningAutomatically repartition when database size Automatically repartition when database size reaches maximum sizereaches maximum size

SLAsSLAs

SLA MonitoringSLA Monitoring

SLA EnforcingSLA Enforcing

ThrottlingThrottling

Early evidence shows SaaS customer are Early evidence shows SaaS customer are expects more when hosted than in-houseexpects more when hosted than in-house

Shared ServicesShared Services

““Classic” HostingClassic” HostingCPU-Storage-BandwidthCPU-Storage-Bandwidth

Shared Services: e.g. Billing, Metering, SLA Monitoring…a.k.a. SO Infra, Service Delivery Platform, OSS/BSS

As provider: do you build or buy the hosting?

“Classic”Hoster

SaaSHoster

SaaSProvider

SOA vs. SaaSSOA vs. SaaS

Questions?Questions?

© 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.

MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

gianpc@microsoft.comhttp://blogs.msdn.com/gianpaolo