Resources for architects and developers of multitenant solutions

Architectures for multitenant applications

The following articles provide examples of multitenant architectures on Azure.

Architecture Summary Technology focus
Multitenant SaaS on Azure Reference architecture for a multitenant SaaS scenario on Azure, which is deployed in multiple regions Web
Use Application Gateway Ingress Controller with a multi-tenant Azure Kubernetes Service Example for implementing multitenancy with AKS and AGIC Kubernetes
Serverless batch processing with Durable Functions in Azure Container Instances Use cases include multitenant scenarios, where some tenants need large computing power, while other tenants have small computing requirements Containers
All multitenant architectures Lists all the architectures that include multitenancy Multiple

Cloud design patterns

The following cloud design patterns are frequently used in multitenant architectures.

Pattern Summary
Deployment Stamps pattern Deploy multiple independent copies (scale units) of application components, including data stores.
Federated Identity Delegate authentication to an external identity provider.
Gatekeeper Protect applications and services, by using a dedicated host instance that acts as a broker between clients and the application or service, validates and sanitizes requests, and passes requests and data between them.
Queue-Based Load Leveling Use a queue that acts as a buffer between a task and a service that it invokes, in order to smooth intermittent heavy loads.
Sharding Divide a data store into a set of horizontal partitions or shards.
Throttling Control the consumption of resources that are used by an instance of an application, an individual tenant, or an entire service.

Antipatterns

Consider the Noisy Neighbor antipattern, in which the activity of one tenant can have a negative impact on another tenant's use of the system.

Microsoft Azure Well-Architected Framework

While the entirety of the Azure Well-Architected Framework is important for all solutions, pay special attention to the Resiliency pillar. The nature of cloud hosting leads to applications that are often multitenant, use shared platform services, compete for resources and bandwidth, communicate over the internet, and run on commodity hardware. This increases the likelihood that both transient and more permanent faults will arise.

Multitenant architectural guidance

  • Accelerate and De-Risk Your Journey to SaaS (video): This video provides guidance for transitioning to the "software as a service" (SaaS) delivery model - whether you're starting by lifting-and-shifting an existing solution from on-premises to Azure, considering a multitenant architecture, or looking to modernize an existing SaaS web application.

Resources for Azure services

Governance and compliance

  • Organizing and managing multiple Azure subscriptions: It's important to consider how you manage your Azure subscriptions, as well as how you allocate tenant resources to subscriptions.
  • Cross-tenant management experiences: As a service provider, you can use Azure Lighthouse to manage resources, for multiple customers from within your own Azure Active Directory (Azure AD) tenant. Many tasks and services can be performed across managed tenants, by using Azure delegated resource management.
  • Azure Managed Applications: In a managed application, the resources are deployed to a resource group that's managed by the publisher of the app. The resource group is present in the consumer's subscription, but an identity in the publisher's tenant has access to the resource group.

Compute

Storage and data

Messaging

Identity

Analytics

IoT

AI/ML

Community Content

Kubernetes

  • Three Tenancy Models For Kubernetes: Kubernetes clusters are typically used by several teams in an organization. This article explains three tenancy models for Kubernetes.
  • Understanding Kubernetes Multi Tenancy: Kubernetes is not a multi-tenant system out of the box. While it is possible to configure multi-tenancy, this can be challenging. This article explains Kubernetes multi-tenancy types.
  • Kubernetes Multi-Tenancy – A Best Practices Guide: Kubernetes multi-tenancy is a topic that more and more organizations are interested in as their Kubernetes usage spreads out. However, since Kubernetes is not a multi-tenant system per se, getting multi-tenancy right comes with some challenges. This article describes these challenges and how to overcome them as well as some useful tools for Kubernetes multi-tenancy.
  • Capsule: Kubernetes multi-tenancy made simple: Capsule helps to implement a multi-tenancy and policy-based environment in your Kubernetes cluster. It is not intended to be yet another PaaS, instead, it has been designed as a micro-services-based ecosystem with the minimalist approach, leveraging only on upstream Kubernetes.
  • Loft: Add Multi-Tenancy To Your Clusters: Loft provides lightweight Kubernetes extensions for multi-tenancy.