Consolidation of physical resources is a key driver of PaaS solutions. But consolidation implies that multiple PaaS instances will reside on the same servers and there must exist a way to isolate Tenants from each other. At a minimum, a PaaS solution must isolate
An obvious technique for consolidating multiple Tenant instances on a single physical server is to use virtualized servers. This technique is quite effective as each instance can assume they have complete control over the server. However it is important to realize that multi-tenancy goes far beyond simply virtualizing at the operating system level. More importantly, various levels of multi-tenancy can be achieved without the use of virtualization at all. Consider the following breakdown:
The components of each Tenant's instance (e.g. application servers, database) reside entirelyon their own physical set of resources. Complete isolation is possible since very little if no sharing occurs between Tenants (e.g. perhaps a common web SSO or LDAP infrastructure is shared). This is not a very common approach for SaaS as it defeats any chance of cost reduction thru consolidation.
The components of each Tenant's instance reside entirely within virtualized containers running on a hypervisor. Multiple virtualized containers execute on shared hardware. The container itself may be a full realized operating system or highly specialized Java Virtual Machine executing directly on the hypervisor itself. This is a common isolation approach however when each container executes a full operating system instance there is less optimal resource usage on the physical servers. Benefits of a virtual isolation strategy is the full de-coupling of the containers from underlying physical resources. This de-coupling allows the containers to be re-targeted on different servers without modification.
The components of each Tenant's instance are directly configured on physical servers. Each component must individually support an isolation strategy. For example, WebLogic domains can be assigned to separate Tenants. The database may be segmented using Tenant specific identities and tablespaces. Logical isolation is useful for smaller PaaS environments that want to get started quickly without the associated infrastructure needs of a virtualization technology. Logical isolation requires more management work than virtual isolation for assignment of physical resources and migration of Tenant instances to new physical resources. In addition, the multi-tenancy features may start to impact how applications are built and deployed within each instance. For example, without a tenant-specific tablespace, it would be necessary to add a Tenant specific identifier column to each database table to separate rows.