Building Multi-tenant SaaS Applications using WSO2 Private PaaS
Building Multi-tenant SaaS Apps using
WSO2 Private PaaS
> Hello WSO2, We are building a Survey application
and looking for a platform to deploy it. Let me give
you more details of our Survey application.
• Enables customers design the survey, publish the survey and collect
• Upon subscribing, customers will get their own space in the
application where they will personalize the look and feel.
• Customers will have different levels of access to the features of this
application, depending on the package they select during
• Administration and configuration task are “self-service” and
performed by the customer.
> We got just the thing you want.
> You are building a multi-tenant SaaS
application. We would recommend you to
use WSO2 Private PaaS here
> Why do we need a PaaS?
> Why can’t we simply develop this
application and deploy in a cluster of
Appserver instances in the IaaS layer.
> Look, SaaS application has its own unique goals
> They are different from building traditional
> We can categorize these requirement in the
perspective of the SaaS application provider and
the SaaS application consumer.
Requirements of a SaaS application
• Isolation - Tenants want the application to appear as though they are
exclusively using it.
• Availability - Guaranteed SLA. Other tenant activities should not affect the
• Scalability - Application should meet a tenant’s demands no matter what
level resource optimization is in place
• Personalization - Ability to customize the application in various ways.
• Costs - Cost should be much less than running a dedicated hardware
Requirements of a SaaS application
• Achieving tenant’s requirements
• Resource Optimization
• Billing and Metering
Why you need a PaaS
• PaaS makes it easy to deploy, run and scale applications.
• PaaS gives unlimited language and framework support for
• PaaS provides core services such as multi-tenancy, logging,
repository, identity management, elasticity etc..
• PaaS allows applications to be deployed in variety of IaaS
> You can fulfill most of these requirements if you use WSO2
Private PaaS to develop and deploy your application.
> IaaS alone cannot fulfill all these requirement of a SaaS
> Or else you can implement all the features from the scratch.
But I don’t think thats your core business.
> You need to build your Survey application as fast as you can
and gain a competitive advantage.
> Let me give a brief introduction to WSO2 Private
PaaS as well to its architecture. Then I will explain
how a SaaS application can leverage capabilities
offered by WSO2 Private PaaS.
> Okay. Can you show how WSO2
Private PaaS will helps us achieve all
the necessary requirements?
WSO2 Private PaaS
• Complete, multi-tenant, self-service, metered middleware
cloud for enterprise ready projects.
• governance and
Platform as a Service
• Built on top of Apache Stratos
A Package of Code that plugs into WSO2 Private PaaS to offer a
new PaaS service.
Stratos will run and manage a separate instance for each
Stratos will run multiple instances of partitions so that
sets of tenants run on sets of instances.
Build to the metal - these servers are written from the
scratch to be multi-tenant.
> Multi-tenancy is all about isolation.
> A multi-tenant solution should provide
isolation is many aspects. Let me explain.
> Now that you mention multi-tenancy,
how can I achieve tenant level isolation
when developing applications on top of this
WSO2 Private PaaS?
Multi-tenancy is about isolation
• Configuration information
• User Interface
How to Achieve Tenant Isolation
• Each tenant is given a security domain
• Each domain may have its own userstore and permissions.
• Each domain is isolated and do not have access to other domains.
> There are a bunch of APIs.
Let me briefly explain some
> Okay. If I am building my
application on top WSO2 Carbon
server Cartridges then what are the
available Java APIs?
• Identity and Security API - Manage users, roles, permission,
authentication and authorization functionalities
• Registry/Repository API - crud api for repository.
• Caching API - Java caching API
• CarbonContext API - CarbonContext is the entity which provides the
runtime related contextual information of the current executing
• Any code running in Stratos can retrieve following information from
the CarbonContext API.
a. Tenant information who is executing the code.
b. Logged in user information, if any.
c. Application information, if any.
> If I am using non WSO2 Carbon server
cartridges then how can I achieve multi-
> How can I use above mentioned APIs?
> If you are planning to use non WSO2 Carbon servers like Tomcat,
JBoss, PHP then you will have to maintain an instance of these
servers per tenant.
e.g. each and every tenant will have a separate PHP instance.
> You will have limited options, if you want to access those APIs
that I’ve described in the previous slides.
> But we do have certain exposed REST APIs, let me list them down
> We are in the process improving these APIs.
APIs available for non Carbon based Apps
• APIs available to communicate with the connected Userstore
• Tenant-mgt REST API to get tenant information. This APIs is available in the Stratos
• Admin Services in Stratos Manager. These are Carbon level APIs. Can extract necessary
> Use firstname.lastname@example.org for business
> For technical information you
following open lists.
> Thanks WSO2. How can I contact
you for more information?