September 02, 2024

Things to Know when Considering Multi-Tenant or Multi-Threaded Applications

1 hour 58 minutes

It’s time to talk about the types of things you should consider when diving into multi-tenant applications and things to be especially aware of if you attempt to make things faster by going multi-threaded at the same time. Join us as Allen continues is non-winning / non-losing streak, JZ is taken out by a storm, and Outlaw continues to ignore the notes for the intro to the show…

News

Reviews

Spotify – Colum Ferry

Upcoming Events

Atlanta Dev Con
September 7th, 2024
https://www.atldevcon.com/

DevFest Central Florida on September 28th, 2024
https://devfestflorida.com/

Episode

Single vs multi-tenanted applications and multi-threaded programming

Be very careful about sharing state when doing anything in multi-threaded AND multi-tenanted applications

What are some important things to consider when writing multi-tenanted applications – per Claude

As mentioned in the episode, Claude’s answers seem to be very database heavy

Data isolation: Ensure that each tenant’s data is securely separated and inaccessible to other tenants.

Authentication and authorization: Implement robust systems to verify tenant identity and control access to resources.

Scalability: Design the architecture to handle growth in both the number of tenants and data volume per tenant.

Performance: Optimize database queries and resource allocation to maintain speed as tenant count increases.

Customization: Allow for tenant-specific configurations and features without compromising the core codebase.

Monitoring and logging: Implement comprehensive logging and monitoring to track usage, errors, and performance per tenant.

Maintenance and updates: Design the system to allow for updates and maintenance with minimal disruption to tenants.

Data backup and recovery: Implement tenant-specific backup and recovery processes.

Compliance and data regulations: Ensure the system can meet various regulatory requirements that may differ by tenant.

Tenant onboarding and offboarding: Create efficient processes for adding new tenants and removing old ones.

Good feature flagging support?

Tracing / OpenTelemetry

Can you elaborate on the data isolation?
Data isolation is crucial in multi-tenant systems to prevent unauthorized access and ensure data privacy. Here are some key strategies to ensure data isolation:

Separate databases

Use a separate database for each tenant

Pros: Strong isolation, easier compliance

Cons: Higher maintenance, potentially higher costs

Shared database with separate schemas

Each tenant gets their own schema within a shared database

Pros: Good isolation, more cost-effective than separate databases

Cons: Requires careful access control, potential for errors

Shared schema with tenant ID

Use a single schema but include a tenant ID column in each table

Pros: Most cost-effective, easiest to maintain

Cons: Highest risk of data leaks, requires vigilant query filtering

Row-level security

Implement database-level security policies to restrict access based on tenant ID

Particularly useful with shared schema approach

Encryption

Encrypt sensitive data, potentially using tenant-specific keys

Adds an extra layer of protection even if other measures fail

Connection pooling

Use separate connection pools for each tenant to prevent session mixups

Query filtering

Always include tenant ID in queries, preferably at the database level

Use ORMs or query builders that automatically add tenant filters

API and application-level checks

Validate tenant ID in all API calls and application logic

Implement middleware to enforce tenant-specific access

Resources / Mentions

Salable Postgres product – Citus
https://www.citusdata.com/

Envelope encryption if you’re wanting to use tenant specific keys for multi-tenanted encryption – one approach is envelope encryption
https://en.wikipedia.org/wiki/Hybrid_cryptosystem#Envelope_encryption
https://cloud.google.com/kms/docs/envelope-encryption

OWASP multi-tenant or “Cloud Tenant” Isolation
https://owasp.org/www-project-cloud-tenant-isolation/

C#’s Parallel.ForEach method – the easy way to do parallel processing in C#
https://learn.microsoft.com/en-us/dotnet/api/system.threading.tasks.parallel.foreach?view=net-8.0

Can’t remember why we linked episode 11, but here it is!
https://www.codingblocks.net/podcast/episode-11-design-patterns-part-1-you-create-me/

Tips of the Week

Speculative fix? If you’re not sure that your fix is going to work, or you can’t reproduce the problem then consider over-communicating it and keeping artifacts such as screenshots of what you attempted.

It’s useful for communication, but also for looking back when and if you start second guessing yourself.

Shapez 2 is a cool refactoring, automation, and puzzle game. It’s similar to Factorio, but with a heavier emphasis on refactoring and puzzles.
https://store.steampowered.com/app/2162800/shapez_2/

Kotlin – measureTimeMillis
https://kotlinlang.org/api/latest/jvm/stdlib/kotlin.system/measure-time-millis.html

Google skills – learn and get certified in Google Cloud https://www.cloudskillsboost.google

Pay for a year’s worth of training for $299 and get $200 towards a certification – over $1,500 value https://www.cloudskillsboost.google/payments/new https://www.cloudskillsboost.google/subscriptions

From Ivan Kuchin – Dasel – like JQ except it does JSON, YAML, TOML, XML and CSV with zero runtime dependencies
https://github.com/TomWright/dasel

Google Cloud products in 4 words or less
https://cloud.google.com/blog/topics/developers-practitioners/back-popular-demand-google-cloud-products-4-words-or-less-2022-edition
https://googlecloudcheatsheet.withgoogle.com/

...more

View all episodes

By Allen Underwood, Michael Outlaw, Joe Zack