TCS Internal Security. 2 TCS Internal Objective Objective : Android Platform Security Architecture.
The Internal Design of Force.com’s Multi-Tenant Architecture
-
Upload
best-tech-videos -
Category
Documents
-
view
1.733 -
download
4
description
Transcript of The Internal Design of Force.com’s Multi-Tenant Architecture
![Page 1: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/1.jpg)
The Internal Design of Force.com’s Multi-Tenant Architecture
Craig Weissman, Chief Software Architectsalesforce.com
![Page 2: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/2.jpg)
True Multi-Tenancy is our Religion
TimeTechnologyAdvances
MajorArchitectural
Shift
BusinessModel
Changes
Shift
Agenda
� Our Religion
� Virtual Database
� App Model
![Page 3: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/3.jpg)
Single tenant applications: lots of waste
App
Db
��
�
�
�
�
�
�
��� �
App
Db
��
�
�
�
�
�
�
��� �Db �
�� �
�
App
Db
�
�
�
�� �
�
�
�
Db �
�� �
�
App
Db
�
�
�
�� �
�
�
�
![Page 4: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/4.jpg)
Multi-tenancy benefits are self-evidentBut isolation is much easier said than done…
App
�
�
�� �
�
�
App
Db
![Page 5: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/5.jpg)
Our religion: Not all “multi-tenant” designs are created equal
App
Db
App
Db
“Can’t we create a
separate stack for just this
one customer? I promise
it’s just this one…”
![Page 6: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/6.jpg)
Introducing the Force.com metadata-driven, multi-tenant, Internet application platform
Poly-Morphic
Application
![Page 7: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/7.jpg)
Key Architectural Principles
� Stateless AppServers
� Database system of record
� No DDL
� All tables partitioned by OrgId
� Smart PKs, Polymorphic FKs� Smart PKs, Polymorphic FKs
� Creative de-normalization and pivoting
� Use every RDBMS feature/trick
![Page 8: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/8.jpg)
Metadata, data, and pivot table structures store data corresponding to virtual data structures
![Page 9: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/9.jpg)
The Objects table stores metadata about custom objects (tables)
![Page 10: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/10.jpg)
The Fields table stores metadata about custom fields (columns)
![Page 11: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/11.jpg)
The Data heap table stores all structured data corresponding to custom objects
![Page 12: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/12.jpg)
A single slot can store various types of data that originate from different objects
![Page 13: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/13.jpg)
The Indexes pivot table manages tenant-specific selective indexes
![Page 14: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/14.jpg)
The UniqueFields pivot table facilitates uniqueness for custom fields
![Page 15: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/15.jpg)
The Relationships pivot table facilitates referential integrity and optimizes joins
![Page 16: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/16.jpg)
All data & metadata structures are partitioned to improve performance and manageability
� Tables hash partitioned by OrgId
� Separate conn pools point to physical hosts
� App tier is also dynamically partitioned by OrgId
� Distributed metadata cache w/transactional invalidation
![Page 17: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/17.jpg)
Application Framework: a whole lot for free
� Native Declarative features
� Bulk Processing
� The Recycle Bin
� Full Text Search
� Smart Bulk DML
� Web Services APIs
![Page 18: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/18.jpg)
Force.com’s native Application Framework provides declarative development, no coding
![Page 19: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/19.jpg)
Validation rules and simple formulas:Business analysts can “code” these
![Page 20: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/20.jpg)
Not so simple: Rollup-summary fields provide for easy cross-object summaries
![Page 21: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/21.jpg)
Force.com’s bulk processing optimizations reduce overhead for data loads
![Page 22: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/22.jpg)
Data definition processing is optimized to avoid performance hits or concurrency limits
Examples:
� Sort all records by primary key before attempting DML
� Operate on tables in deterministic order
� Slot reallocation for field datatype change
� Deferred calculation for new rollup-summary field� Deferred calculation for new rollup-summary field
� Background processing of mass changes
![Page 23: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/23.jpg)
The Recycle Bin: Smart Undeletes
Restore
� Individual object instances (records)
� Related object instances (parent/child records)
� Entire fields and objects(dropped columns and tables)
![Page 24: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/24.jpg)
Force.com’s full-text search engine
� Asynchronously maintains indexes for all text fields
� MRU caches contain recently updated objects
� Optimizes ranking of search result records based on result records based on current user, modification history, and weighting preferences
![Page 25: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/25.jpg)
Multi-tenant Query Optimization Principles
� Consistent SQL generation across the application
� Deep awareness of pivot table structure
– Flex schema does impose a cost
� Tenant, user, object, fields statistics are crucial
� No runaway queries allowed� No runaway queries allowed
� Deep integration with the sharing model
![Page 26: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/26.jpg)
Force.com’s query optimizer writes optimal queries for internal data access operations
Multi-tenant optimizer statistics
![Page 27: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/27.jpg)
The optimizer considers pre-query selectivity measurements when writing a query
Pre-Query Selectivity
Measurements
… nested loops join; drive using view of rows that the user can see.LowLow
Write final database access query, forcing …FilterUser
… use of index related to filter.HighHigh
… ordered hash join; drive using Data table.LowHigh
… use of index related to filter.HighLow
![Page 28: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/28.jpg)
Apex: Force.com’s procedural frontier
![Page 29: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/29.jpg)
Apex code is stored as metadata, interpreted at runtime, and cached for scalability
![Page 30: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/30.jpg)
Apex is deeply integrated with platform features
� Bulk DML
� Email and messaging
� Asynchronous processing (Futures)
� XmlStream / HTTP (RESTful) services classes
� Declarative exposure as new Web Services� Declarative exposure as new Web Services
![Page 31: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/31.jpg)
Force.com governs Apex code execution
Limits on:
� CPU
� Memory
� # of DML statements
� # calculations
� # web service calls� # web service calls
� … and more
![Page 32: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/32.jpg)
Unit tests must accompany Apex code
� Required 75% code coverage
� Profiling is built into the platform
� Run during application install
� All tests are run before each platform release by us
![Page 33: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/33.jpg)
Force.com is a proven multi-tenant application platform that performs and scales
4.0
5.0
6.0
7.0
8.0
750
1,000
1,250
Page Response Time (ms)
Quarterly Transactions
(billions)
0.0
1.0
2.0
3.0
4.0
Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2
0
250
500
2005 2006 2007
Fiscal Year
![Page 34: The Internal Design of Force.com’s Multi-Tenant Architecture](https://reader034.fdocuments.net/reader034/viewer/2022050815/546a167aaf79592a298b4dcb/html5/thumbnails/34.jpg)
Concluding Remarks
� PaaS is a major architectural shifts
� PaaS is Application focused, high level of abstraction
� Force.com is the most mature, proven PaaS offering mature, proven PaaS offering available today
� Optimized for fast, secure, and reliable multi-tenant application development and deployment