There are clear business and technical benefits to delivering your software using the cloud. A cloud-based deployment model can:
- Help you accelerate your application's time-to-value (through middleware).
- Help you spend less time and operating costs on owning and maintaining enterprise middleware.
- Help you reduce your investment in infrastructure.
For several years, we have been looking at how to leverage cloud computing as an alternative delivery model for WebSphere® software. Some of the practices that we learned are presented here, and should make it easier for you to adopt cloud computing in your development environment.
Advances in both web and mobile technologies let you leverage the open web and create more web-based tools that are more accessible to the masses. When you couple this with the self-service and self-help cloud deployment model, it should enable you and your organization to better collaborate with other companies and partners by making it easier for them to create and share assets beyond the boundaries of their organization and across geography. Also, if you tap into a cloud provider with a pay-as-you-go pricing model, your applications will benefit from the same flexible, usage-based structure as is found in the IBM® Smart Business Development and Test in the IBM Cloud.
This article describes the components found in a common platform for building software as a service (SaaS) applications (and what your choices are when you construct a platform). Next, it discusses multi-tenancy and its four common technical attributes. To wrap up, it provides a quick lesson on best practices you should know for three main tasks when working in the IBM Cloud: Provisioning your virtual machine, provisioning storage, and saving the virtual machines that run your applications.
As a quick guide, the best practices are listed in a sidebar.
One purpose of this article is to expose the best practices that enable you to manage SaaS cloud applications and to bring new applications online in the future. To start, one best practice involves:
- Deciding on the components to include in the description of a common SaaS-application-building platform.
- Understanding why those components are important to this platform.
To do this in the real world, we integrated a number of middleware components from IBM and from our partners into the IBM Cloud to achieve an end result that provides a rich and common user experience.
Figure 1 shows an architecture overview of this evolving SaaS framework.
Figure 1. Frameworks for building out multi-tenant cloud applications
Here are the components and functions we consider useful for a successful SaaS framework:
- Content delivery network integration
- User interface frameworks
- Community portals
- Tenant and users management
- Authentication and security
- Asset repositories
- Payment integration
- Operations monitoring
- REST APIs
Web-based cloud applications are dynamic and highly interactive. It is important to ensure they perform consistently for users accessing them no matter where they are located. However, the distance between the end users to the data center can impact the response time dramatically and Internet bottlenecks can affect applications availability.
To address these issues, we incorporated the Akamai Web Application Acceleration service into our SaaS frameworks to provide web content acceleration for our cloud applications. Requests and application responses between users and the data center are sent over the Akamai platform. Dynamic mapping technology directs the request to the closest Akamai server; it identifies the fastest, most reliable path back and employs connection techniques to optimize communication between servers, improving performance and reliability of both retrieval and delivery.
You want to create integrated solutions with a shared look and feel and enable a user experience that is fast, interactive, and easy to use. HTML5, CSS3, Dojo, REST, and Ajax are foundation technologies that help you achieve these goals.
However, those technologies alone are not sufficient to support a cloud environment where you have to dynamically provision applications for your tenants based on their subscription.
To support this, we incorporated the Business Space frameworks (WebSphere) to provide a common and consistent delivery of the user interface components. Business Space framework implements the iWidget component model so that we can aggregate web components together in a uniform fashion.
A community portal is a place where you can find recent news and connect with others via forums, blogs, or other social media. It's also where self-service registration is available for new tenants. Behind the scenes, the self-service registration provisions the applications and resources for the new tenants based on their subscription requests.
There are many excellent free software packages such as WordPress and phpBB that you can use as starting points for blogs and forums. You can easily integrate and customize them into your own unique community portal.
What defines a tenant?
- A tenant can be logically mapped to a company, an organization, or a team.
- A tenant can have one or more users.
- A tenant shares the physical infrastructure such as VMs, storage, network, and middleware in a data center with other tenants.
However, tenants have no visibility to each other. Tenant resource isolation is provided at the user interface and database layers. (An important feature of cloud computing, the discussion of tenant resource isolation is complex and involved and is beyond the scope of this article.)
The first user to register to a tenant becomes the default account administrator.
- A tenant provisions its own resources such as its own business spaces where it can
create its own assets. The assets the tenant creates are isolated from other tenants unless the originating tenant chooses to share them publicly.
- A user can be invited into an account. A user can also make a request to join an existing account using the self-service registration portal; in this case, the account administrator needs to approve the request.
You need a utility to manage passwords and to ensure proper authentication and authorization to back-end server resources. This can include password rules such as complex passwords with alpha and numeric characters, rules that require users to change passwords at predefined interval, support for single sign-on across multiple applications, the use of reverse proxy to provide additional security and encryption capabilities, and more. We use Tivoli® Access Manager to provide authentication and authorization.
Many SaaS applications need to capture and share assets. An asset repository plays a crucial role in supporting asset-centric collaboration while maintaining the desired levels of asset isolation and privacy for tenants. It provides tenants a way to publish and search for assets based on industry or domain. An asset repository can help customers adapt to fast growing business by collaborating with partners to evolve their assets to cover new business requirements. We use Rational® Asset Manager in the IBM Cloud to make this easier.
One of the best things about cloud computing is its capability to offer the user more value through its pay-as-you-go delivery model. However, you have to be able to measure and monitor tenant/user activity to implement accurate billing, so this component is essential to providing (and consuming) cloud services. We use the IBM Payment systems solutions in our framework.
As the number of VMs increase in the infrastructure, it is important to monitor the health and well-being of these VMs as well as the applications and databases that run on them. An operations monitoring component is deployed in the cloud to monitor the performance and the availability of cloud instances. By creating a number of agents to monitor URLs, logs, and network connectivity, you are able to detect problems and in many cases automatically recover from the problems without human intervention. To perform these functions, we use IBM Tivoli Monitoring (ITM).
It is important to design your platform in such a way that others can build their own web or mobile apps to present your platform data in new and different ways. We developed a set of common REST APIs that enable users to read and write data to our platform. For example, APIs that let users:
- Sign up for an account, login, or invite others to join your account -- useful for others to integrate your SaaS applications into their own site.
- Search for assets, news, and other items -- useful for sharing public content from your cloud with others.
Now let's look at multi-tenancy in cloud applications.
Multi-tenancy refers to the ability of services to be offered to multiple tenants in a way so that each tenant operates as logically isolated while, in fact, using physically shared resources. Examples of multi-tenant cloud applications start with our early work on IBM LotusLive® and expand through our work on IBM BPM BlueWorks and Cast Iron, all the way to our newest IBM Blueworks Live.
While each cloud application serves a different business purpose, from online collaboration to integration to documenting and running processes in cloud, they all share a number of common technical attributes:
- The notion that users make up a tenant (or a team). A tenant uses a SaaS application as if they own it, but they actually do not own a copy of the application.
- The ability to secure the assets of a tenant. SaaS applications allow geographically distributed teams to easily collaborate to create assets and accelerate consensus. Just because they have created the assets, it may not mean they want to share them widely across all the stakeholders. Supporting finer grained privacy settings on assets, protecting sensitive data such as personal identification, are examples of things that need to be considered.
- The need for the offering to be always available. As an offering becomes more popular or more mission critical, reducing any downtime due to application or infrastructure maintenance will become increasingly important.
- The need to scale up or down based on actual demand. By monitoring the actual usage, the frameworks can dynamically provision and add additional VMs into the system to handle the workload, and remove the VMs if they are not utilized.
The IBM Cloud provides a scalable infrastructure for development, test, and other dynamic workloads such as web-based or analytics solutions. In our experience, best practices point to three main tasks you need to learn to get started:
- Provisioning a VM
- Provisioning storage
- Saving a VM
The first task is to provision a virtual machine (VM) on the IBM Cloud. This can be done easily by using the Add Instance wizard shown in Figure 2.
Figure 2. Provisioning a virtual machine on the IBM Cloud via the wizard
Determine which data center you want your VM to reside and select an existing base image to base your VM from. The IBM Cloud is currently available in Raleigh, North Carolina and Boulder, Colorado, USA; Toronto, Ontario, Canada; and Ehningen, Baden-Wurttemberg, Germany. More geographies are being added over time.
Note: It might not matter where cloud applications are physically located, however some locations have government regulations that you must follow.
A large number of base images are available to help you reduce the time that is needed to install software. Once you have selected your configurations, submit your request and wait for it to be provisioned. After your VM is provisioned, use a tool such as PuTTY and your own SSH (Secure Shell) key to get into the VM and start installing or configuring additional software.
The second task that is useful is to provision storage for your solution. Storage is essential if you want to share files between multiple VMs or if you want to persist some files so that they are still available if you delete your VM.
You can easily provision storage on the IBM Cloud by using the Add Storage wizard shown in Figure 3.
Figure 3. Provisioning storage on the IBM Cloud via the wizard
The third task is very important. Save your VMs. This should be done when you are at a good point in your development cycle, and have configured and tested your software on a particular instance.
By saving your instance, you save all your configuration work such as firewall and other settings. If something happens to your VM, you can recreate it from the private image that you saved without having to start from the beginning.
Best practices point to how important it is to assume that things can fail in the cloud. Sa situation that you cannot control. For example, there are outages in the data center and the network can fail — By designing applications in ways to recover from failures, you can bring applications back up as fast as possible.
To save your VM, use the Create private image wizard shown in Figure 4.
Figure 4. Creating an image on the IBM Cloud via the wizard
This operation can take a long time if your VM has a lot of data. After your VM is successfully saved, it is a good practice to recreate your instance from the saved image to make sure every thing is recreated properly from the image.
This article introduced you to best practices from our own experiences pertaining to cloud application deployment architectures. It provided a high level overview of some of the key components that you may want to consider when designing your own cloud applications.
Future topics will include tenant resource isolation, provide insight into how to leverage the dynamic nature of the cloud, how to ensure your applications are secure and resilient to failure, and the impact of mobile computing on cloud computing development.
Check out the resources mentioned in this article:
- IBM Blueworks Live
- IBM LotusLive
- IBM BPM BlueWorks, a WebSphere cloud experiment
- WebSphere Cast Iron Cloud Integration
- Key features of IBM Blueworks Live
- Akamai Web Application Accelerator
- IBM payment systems solutions
- Tivoli Access Manager for e-business and IBM Tivoli Monitoring
- Rational Asset Manager
- phpBB open source bulletin board software
In the developerWorks cloud developer resources, discover and share knowledge and experience of application and services developers building their projects for cloud deployment.
The next steps: Find out how to access IBM Smart Business Development and Test on the IBM Cloud.
Get products and technologies
See the product images available on the IBM Smart Business Development and Test on the IBM Cloud.
Join a cloud computing group on developerWorks.
Read all the great cloud blogs on developerWorks.
Join the developerWorks community, a professional network and unified set of community tools for connecting, sharing, and collaborating.
Christina Lau is a distinguished engineer in WebSphere, experienced in such emerging technologies as cloud and mobile computing. Her current focus is on developing advanced technologies that support the delivery of online cloud services across the BPM, connectivity, and ILOG portfolio.
Valentina Birsan is a senior developer in WebSphere, currently focused on cloud projects. Previously Valentina was a technical lead on Rational Application Developer. Valentina was one of the initial members of the Eclipse TPTP open source project and served as the chair of the TPTP Architecture Group. She was the lead architect for the Cosmos Service Modeling Eclipse open source project and member of the SML open standard.