Design

August 23, 2012

Converting Single-Tenant to Multi-Tenant Apps

Characteristics of Successful SaaS Application

Scott Chate, the VP or Product at Corent Technologies very well describes the characteristics of a successful SaaS application in hist post Convert your Web Application to a Multi-Tenant SaaS Solution from 2010. As per his post successful SaaS application must possess the following characteristics.

  • It must support multi-tenancy
  • It must offer self-service sign-up
  • It must have subscription and billing mechanisms in place
  • It must scale efficiently
  • It must support monitoring and management of tenants
  • It must support user authentication and authorization for each tenant
  • It must support tenant customization

In order to achieve true multi-tenancy, which also allows the highest efficiency your application should be able to share the database and the application logic among tenants. 

However what does this mean for application developers. 

Database Redesign

The first step in the application redesign is the introduction of tenant identifier column in each database table and view. The tenant identifier is used to filter the data that belongs to a particular tenant. This has several implicatioins for the application developers:

  • All database scripts need to be changed so they can include the tenant idetifier. This includes creation scripts, updates to primary and foreign keys, stored procedures etc. For example if you have an order processing application and you used the order number as primary key you need to make sure that now the primary key includes also the tenant ID. Thus two different tenants can have the same order numbers if their policies require it.
  • As part of the database redesign you need to update the indices on all tables so that these take into account the tenant id. This will make sure database queries that reuire tenant specific information are executed with the necessary performance in mind.
  • Next you need to update all database queries made at the business logic tier and the tenant identifier. This has direct impact on the source sode and depending on how well your application is architected this may be relatively easy or hard to do. If for example there is no designated data access layer and SQL queries are hardcoded and spread all across the code, changing those will be a nightmare.
  • Last but not least you need to think how you can scale the database tier. Now that you store data from multiple tenants in the same database the chances are that you will reach the limit much faster than when you have separate database for each tenant. You need to think how to shard the data, and whether you will do this at the application tier or at the data tier.

Security

The next big topic you need to consider during the redesign process is the security. Although it is always about securing the data there are two aspects here:

  • Security at runtime
  • Security at the data tier

In the true-multitenancy case the business logic code is shared among multiple tenants. What that means is that the users from different tenants will be handled by the same code running not only on the same machine but even in the same process on that machine. In order to ensure that users from particular tenant never see the data of other tenants you need to be much more diligent about security.

Let's look at a particular scenario. Imagine that you have a mortgage calculator that calculates the monthly payments for a customer based on the principal amount of the loan and the length of the loan supplied by the customer, and the interest rate that you read from the database. Because the interest rate does not change very often and is the same for every customer you may be tempted to cache this in a static field in your application. This may work OK for a single-tenant application but if you want so have multiple banks using your application in a multi-tenancy scenarios it will be disastrous. The issue is that you cannot assume that all banks will offer the same interest rate to their customers and the code that reads the interest rate from the database will overwrite the static varieble for each tenant. In this case you will not only provide the end user with misleading information but will also expose competitive information to the rest of the tenants.

As we already discussed, on the data tier each tenant must be uniquely identified when accessing the data. You may want to create different logins for each tenant and give them permissions to just their view of the data or you may want to restrict the access to it by special WHERE clause to achieve the same. And of course each tenant may have different access permissions for users from different roles, so you will need to keep the user authorization code from your single-tenant app (maybe with some modifications).

Last but not least data access auditing is even more important for multi-tenant applications than for single-tenant ones. Now you need to keep track not only of which user accessed the data but to which tenant this user belongs to in order to be able to trace back any unauthorized access.

 

Scale and Performance

 

I've already touched a bit on this topic in the Database Redisign section when I discussed the need for data sharding but there are other things that you need to consider when you are converting your application to multi-tenant one.

One of them is the diverse set of tenants you may have. If we take the previous example, the mortgage calculator may be used by banks from any size - like small local banks and credit unions with just few thousand clients and by big banks with millions of clients. In a multi-tenant environment you cannot expect that each tenant will be the same size and you need to make sure that your application is able to serve them equally, and it is easy to scale out and in when the need arises. As part of the application design you need to take care of things like:

  • Throttling the request of demanding tenants. Some times scaling out your application may require some time and it can vary from couple of seconds to tens of minutes or even may require manual intervention. In the mean time if your application is not able to throttle the requests from the one tenant that consumes all the resources you other tenants may be down. Hacker attacks or security issues may also be the reason for such spikes in particular tenant's activity.
  • Avoiding code that stores the session state in memory on the server side. If you suddenly need to scale your application out the odds are that the next request from the user may not land on the same server and if the session state is stored in memory then they will lose all that information. You need to make sure that such state is stored either on the client size (browser cookie or local browser storage) or in a shared location like database. Although this one is true for every cloud application, not only multi-tenant ones, you need to keep in mind that scale out scenario is much more common in multi-tenant applications.
  • Gracefully hadle errors. Lot of things can go wrong when your application is under heavy load. Timeouts, session data loss, connectivity loss are just few of the causes for errors. You need to make sure that such fault scenarios are easy to recover from as well as on the server also on the client side.

Those are just some of the design considerations for multi-tenant applications. There are certainly platforms (like my current employer's Apprenda) that will do most of the work for you when you migrate your applications to multi-tenant ones, however you still need to be aware of possible areas where such automatic conversion cannot be done. Taking a closer look at your code is always necesary in conjunction with the automation platforms.

October 31, 2008

Do your user scenarios fail with catastrophic errors?

While in Japan 2 weeks ago I needed a photo organizing tool for my photos. What I needed was a way to edit the caption and description as well as to add some tags to the photos. I went through a couple of choices described below.

Google Picasa 3

I used Google Picasa for quite a long time and it was my first choice. It is OK for browsing pictures but what I figured out was hard to do was to edit their properties. Let me be clear - it is not hard but it is confusing, and I wasn't sure what the end-effect will be. Finding the actual menu (or button) for the properties was small challenge. As a long time Windows user my first choice was right click menu -> Properties. This brought a pop-up window showing me all kind of "useful" information about the picture, like file name, file size, camera information, aperture and bunch of other things - all of it... READ-ONLY. Good! Now what? From the quick screening of the available buttons on the screen Geo-Tag was the only one that sounded similar to what I wanted to do but I already knew this is not what I was looking for. From my experience with computers I learned that I should let myself be surprised and clicked on the button. Of course it asked me to install Google Earth. No, I am sorry but this is not what I need. Next choice was the menus but the only choice I had there was Picture -> Properties, which brought up the same properties pop-up as above. Now I was stuck and went to my second choice - Windows Explorer, described below.

Few days later I came back to Picasa because I was curious to learn how I can achieve my goals with it and after some more searching I found the following button: image with a tooltip "Tag photo(s) with words for searching". Great! I found it!... Or at least I thought so. It seems that this button allowed me to tag the pictures but only that.  Changing the caption/title (I am not sure whether those are the same?!?!) and adding description is done from other places on the UI or there is no chance to do it at all.

By some reason Picasa saves the Caption in what Vista considers Comments field - Duh!

One more thing I would like to have from a photo organizing tool is to give me a way to easily filter photos that are not tagged, have no titles and most likely use some cryptic filenames. Picasa provides some filtering functionality but I couldn't find a way to get only pictures from specific year for example.

Here is my scenarios checklist for Picasa:

  • Bulk edit - Poor - I can do bulk edit but only the tags
  • Properties edit - Poor - Not concentrated in one place but spread everywhere in the UI
  • Filtering - Poor - Although I may want to filter by face (I am still trying to figure out why this one is the most important) I would like to have richer filtering like date, camera etc.
  • Search - Great - I really admire Google for their search (and may continue to repeat it over and over again); if the picture is tagged you can find it within a second
  • Upload to Web - Poor - works only with Picasa Web (I know, Google wants to push their apps, but... I like Flickr)
  • Easy to achieve your task - Not at all - I had to think a lot
Windows Explorer

My next choice was Windows Explorer. With all the marketing messages you will think it is easy to do lot of things as far as "photos" are concerned. And it is! You can bulk edit, add titles, tags and subject and few other things. What a surprise was when for the same file type I received different properties in the Details Pane. Here the pictures:

image

image

They are both JPEGs - why do I get just subset of properties for some pictures? After some thinking (and heavy headache) I figured out that files with longer names have fewer properties shown in the Details Pane. I guess it depends on the screen resolution but on my laptop on 1024x768 the last column of properties was disappearing. More interesting is that together with the last column disappears also the last property from the column before the last. This made me think that there is some idea behind the behavior but... there isn't. Putting this to the side I think Windows Explorer does pretty good job for editing picture properties.

Here the summary:

  • Bulk edit - Very Good - I can select bunch of file and edit every one of their properties at once
  • Properties edit - OK - Right-click -> Properties works well but the bug (or feature) described above makes the editing in the Details Pane annoying
  • Filtering - Non existent - I cannot filter by criteria
  • Search - Poor - It is slow... really slow
  • Upload to Web/Share - Non existent - I don't expect Windows Explorer to be able to upload to Flickr but...
  • Easy to achieve your task - Quite Easy - for Windows user the learning curve is quite steep
Windows Live Photo Gallery

If you are wondering where the title of this post comes just continue reading. I already had Windows Live Writer installed, but I didn't want to install the whole suite because I don't care about the toolbar and Windows Live Hotmail - I don't see any useful functionality in the toolbar and I stopped using Hotmail short after Sabeer Bhatia sold it to Microsoft. Writer I find pretty useful though after I started using it about month and a half ago. Deciding to add the next application to the suite I went to Windows Live Photo Gallery Web page and clicked on Get it Free. Free is cool :) when the installation started I got the following error:

clip_image002

This is CATASTROPHIC ERROR! I am really sorry but the colleagues from Live really screwed it up! How can they imagine that somebody will always install their whole suite? And the error message? It is ridiculous! "Catastrophic failure"? C'mon, can't you guys think of something better? I can imagine my mother seeing this error message - she will run to the next available photo organizing application and just forget about Live Photo Gallery. Few retries didn't solve the problem. Searching in Google and Live Search returns mostly results about failure installing Live Messenger. After some browsing through different message boards and some hard thinking I decided to un-install Writer and install both applications together. Voila! It worked. To be honest I would expect to see this topic as the first one in the troubleshooting notes for Windows Live Suite.

Once again I would like to emphasize - how do people from Windows Live thought that installing applications from the Live Suite one by one is not so common scenario? Why didn't they test that more thoroughly?

After I passed the troubles having Photo Gallery installed I could say this was the software I was looking for. It was missing features like slide show but I still had hover preview and full preview and this was enough for me.

Here is my summary:

  • Bulk edit - Very Good - Right Click -> Properties allows you to edit almost every property
  • Properties edit - OK - Right-click -> Properties works perfect but you can edit only few things in the Info Pane 
  • Filtering - Good - I can filter by tags and date taken, which is very helpful
  • Search - OK - It is comparable to Google search but I was wondering why it differs from Windows Explorer one. One more thing is that it doesn't search among the Tags set by Windows Explorer
  • Upload to Web/Share - Good - I can upload to Windows Live Spaces and... Flickr. Good one, guys!
  • Easy to achieve your task - Quite Easy - I was able to get around with most of the functionality pretty quickly
Adobe Photoshop Album Starter Edition

Adobe PhotoShop is my favorite tool for editing images and I started using it almost 15 years ago. Having this in mind I expected Adobe Photoshop Album Started Edition to be quite sophisticated tool for organizing photos.

After some clicking around I found it pretty easy to tag photos and filer by tags or date taken. Although the controls looked quite strange (sliding control with years as scale) finding out how to do certain things is not so hard. However not all of the image properties could be edited and also different properties are edited from different parts of the UI, which I find not very convenient. Search was completely missing and it seems Adobe put their effort in creating other "useful" features like Messagebox for example, which offers you to "Save $20US on Adobe Photoshop Elements 7". Sure, this is what I was looking for from a photo organizing software!

In general:

  • Bulk Edit - Poor - You can edit only the tags and captions in bulk
  • Properties Edit - Poor - You cannot edit other properties than tags and caption
  • Filtering - Good - Filtering by tags and date taken is quite easy if you get familiar with the controls
  • Search - Non existent - sorry, but I cannot live without this one
  • Upload to Web/Share - Very Good - Send via e-mail, send to mobile phone and share online (including Flickr:)) are all available
  • Easy to achieve your task - Easy - Once again, I needed some time to understand how the UI controls work but after that I was able to do most of the things quite easy

Coming back to my scenario here is what were my prerequisites and goals:

  • Between Oct. 14th and Oct. 18th 2008 I took about 300 pictures
  • I used two different digital cameras - point and shoot and SLR
  • Both cameras save the pictures with different file names and both use something cryptic
  • I wanted to download the files from both cameras to my PC and add captions, author, tags and some description to the pictures
  • After that I wanted to upload my pictures to Flickr and expected to have the information preserved
  • Optional I wanted to be able to organize my pictures the way Flickr organizes them (in sets and collections)

From all the tools I chose Windows Live because it mostly matches my goals. I may not be the typical user (or I may be) but I would expect most of the tools to cover this simple scenario above.

Few other things that I noticed while investigating the tools:

  • Not covering the main scenario people want to go through frustrates them
  • Adding unfamiliar UI elements on top of complex workflow adds even more to the frustration
  • Separating common functionality and spreading it throughout the UI adds confusion (and more frustration)
  • Not supporting "standard" ways for accessing some functionality increases the confusion (and hence the frustration)

There are trends and new inventions but product goals should be to make live easier for the user (and not harder). Now I will go and organize my photos.

Disclaimers:
  1. While playing with the tools I may have missed some of their features but my goal was not to do side-by-side comparison. This Google Picasa may be able to upload to Flickr and Windows Live Photo Gallery may have slide show and Adobe Photo Album may be able to edit all the properties. I was just not able to find this functionality if it exists.
  2. I need to remind you that I am Microsoft employee and some people may think that I am recommending Windows Live Photo Gallery because I am biased. If this was the case I wouldn't have named my post with the failure I saw while installing it :) I will try to do my best to submit this information to my colleagues and I really hope they will improve the experience in the next release. And working closely with Windows Live content team I will suggest troubleshooting article for the failure I saw.

UPDATE: As G pointed out below there is a slide show button in Windows Live Photo Gallery. He (or she) mentions that the button is on the Menu Bar but I couldn't find one there. However one of the controls at the bottom triggers the slide show: image

October 07, 2008

Staples found an easy way to lose money - AdSense

My first post was supposed to be about my positive experience with Comcast, and I even have the post drafted, but I couldn’t let this one go just like that. Yesterday I was looking for TV stand for our living room and did search on Google for the terms “tv stands”. I browsed here and there in the organic results and decided to try the links from the paid ads on the right. Everything was fine until I clicked on one from Staples. It linked to… an error page. Initially I though this is just an intermittent issue with their server and I went back, searched again and clicked on the link to Staples… again (this time it was ranked differently, and title and description were different but the URL was still pointing to staples). Guess what? Generic error… again! Slowly I started getting frustrated. It is not only sending me to an error page but the error message is really stupid:

“Generic Error
A system error has occurred. Please continue to staples.com.”

Hello! I am looking for TV stands. I “continued” to staples.com. The home page had 3 different banners – one rotating for saving on bunch of stuff, another to save $5 on multipurpose paper and third one for 50% on some other paper, long list of categories, list of best sellers, and banner for helping fight breast cancer (I appreciate that one – at least they contribute to good cause). However I wasn’t able to see TV stands anywhere. I typed “tv stands” in the search box and list of about 30 items was presented to me. I didn’t like any of those and went away.

Tonight though, while browsing, I remembered Staples and decided to check whether they fixed the issue. I searched again for the same terms, and again Staples was one of the paid ads on the right. Aaaand… ta-daaa. Generic Error! “This is ridiculous”, I thought. Staples is a publicly traded company with $14B market capitalization, $20B revenue last quarter and gross profit over $5B. They should be able to afford decent web site. It isn’t something I developer alone in my spare time.

I really got curious and started analyzing the case. Here are some questions floating in my head while clicking around to get more information about Staples:

  • Why the heck Staples pays for ads that target TV stands? For me Staples is office supplies company and not furniture company.
  • How much they pay for those keywords? According to Google AdWords Keyword Tool “tv stands” is very highly competitive phrase for advertisers. This tells me that bidding can go up to few dollars for this phrase.
  • What is the search volume for this keyword? According to the same tool “tv stands” search volume is 550K for September while “tv stand” (without the “s”) is 673K for the same month. Staples link appeared only for “tv stands” (with the “s”) phrase, which means they bid only for this phrase. Also their ad is not present on every search, which means they don’t pay the highest bid.
  • Is TV stands one of their main items they sell? I went back to Staples’ web site and tried to find TV stands in the list of categories. It is under Furniture – Carts, Printer & TV Stands. Duh! I surely want to put my TV on a cart and roll it around. However there was no banner or something on the home page telling me that they want to promote TV stands and the lack of good landing page (the one with Generic Error I don’t consider landing) made me think that they just bid for all keywords matching one of their categories or items. How smart this is?… Hmmm, not smart for me.

For my calculations I decided to use $1 per click and assuming 5% click-through rate here is what I got 550K * 5% = 27.5K * $1 = $27.5K for September. Not so much for $14B company – they can afford it.

However if you are smart here is how you can approach the problem and save yourself $27K.

  • Make sure your landing page is always up. If you are running campaign for specific item, prepare good landing page showing the user the benefits to buy this item from your web site – lower price, broad selection, fast delivery… you chose. ERROR PAGE AS LANDING PAGE IS UNACCEPTABLE.
  • Bid only for keywords that describe items you specialize in. I know you sell also mops but you are flooring store, not cleaning supplies store. If you sell something as byproduct don’t bid for keywords describing it – it is just waste of money; you cannot provide such a good selection as a store specializing in cleaning supplies.
  • If you are running campaign for specific item make sure the landing page for the campaign is linked from the home page (and also other key pages). If you really want to get rid of those mops make sure people browsing your web site know that you sell mops.

And some more tips for the error pages:

  • Use descriptive error pages. Generic Error is a lame message to show to the user. You should always know what the error is. If your developer is so lazy and doesn’t want to catch every exception at least provide something more engaging like: “Ooops, we screw it up. Please excuse our laziness, but we are really not sure what happened”. At least it will make people laugh.
  • Give more options to navigate out of the error page. Don’t send the users to the home page only - give them options to search, browse categories, call a phone number etc.
  • Always provide link to report the problem. Not everybody will report an error but somebody will. If Staples provided this option I would have clicked on it. Always treat those reports with highest priority – you pay money for people to land on this page and if somebody reports error on it you should fix it immediately.

Hope you get the idea. Just one more thing – I clicked 5 times on the Staples’ ad for TV stands and bought nothing. I wonder how many other people did the same.