Multi-tenant Table Administration Flexibility without the complications. Richard Banville Fellow, Progress Software June 7, 2011 Agenda Administration architecture Multi-tenant Administration: “How to” Utility usage examples Multi-tenant Configuration Tool demo 2 © 2011 Progress Software Corporation. All rights reserved. Multi-tenant Identity Definitions Tenant • “Named” group of users • Share same application and data Multi-tenancy • Deployment supporting multiple tenants Default tenant • Users who do not assert tenant identity Super tenant • Tenant with ability to access/manage data of any tenant Multi-tenant group • Multiple tenants sharing data for a specific multi-tenant table 3 © 2011 Progress Software Corporation. All rights reserved. Multi-tenant Allocation Definitions Table instance Customer • Defined by a single table definition (schema) Record Data • Each table instance contains Name Index Cust-num Index Blob Data – A data segment for the record data – A separate data segment for each index/lob of the table • Each tenant/group has a different table instance • A tenant need not instantiate every multi-tenant table Data segment Record Data Name index • Tenant/group specific chain of data for each table/index/lob • Stored/encapsulated in its own physical data partition Physical data partition Record Data Name index • Managed storage for each object of a multi-tenant table instance • Do not span storage areas 4 © 2011 Progress Software Corporation. All rights reserved. Multi-tenant Administration What needs administration? Tenant Administration • Tenants • Table definition • Groups • Allocation • Domains • Location • Users • Maintenance • Security/Data Access Performance • Monitoring • Configuration 5 Data Administration © 2011 Progress Software Corporation. All rights reserved. Multi-tenant Model 3 Suzi@HD_Domain Allen@HD_Domain Cat@HD_Domain Rich@HD_Domain Rich@Lowes1 John@Lowes1 Claudio@Lowes2 Louie@Lowes2 Domains/Tenants 2 1 Name Tenant Data 0 thru 4 HomeDepot Customers Orders HD_Domain HomeDepot Name Tenant Lowes1 Lowes Lowes2 Lowes Name Tenant blank Default Edward Tenancy Layer Users © 2011 Progress Software Corporation. All rights reserved. … Lowes Customers Orders Items … Default de-allocated or migrated data Shared _file state 6 Items _field … _tenant … 7 © 2011 Progress Software Corporation. All rights reserved. Physical Model By Data and Datatype Data *Type II Storage Areas HomeDepot Customers Orders Tenancy Layer Items Lowes Customers CustOrderIdxs Area7 Area8 Area9 Area10 Orders Items … Default de-allocated or migrated data Shared _file state 8 … CustOrder Data _field _tenant ItemData ItemIdxs … … © 2011 Progress Software Corporation. All rights reserved. Shared Data A11 A12 Shared Indexes Physical Model By Tenant Data Type II Storage Areas HomeDepot HD CustOrder Data Customers Orders Tenancy Layer Items HD CustOrderIdxs … HD ItemData Area 7 HD ItemIdxs Lowes Lowes CustOrder Data Customers Orders Items … Lowes CustOrderIdxs Default Default Data Area de-allocated or migrated data Lowes ItemData Area 8 Lowes ItemIdxs Area 9 Default Index Shared _file state 9 _field … _tenant … © 2011 Progress Software Corporation. All rights reserved. Shared Data A10 A11 Shared Indexes Physical Model By Tenant By Data And Datatype Data Type II Storage Areas HomeDepot HD CustOrder Data A7 Customers HD CustOrderIdxs Orders Tenancy Layer Items … Lowes A9 Lowes CustOrder Data A11 Customers Orders Items … Lowes CustOrderIdxs Default A13 A8 A10 HD ItemIdxs A12 Lowes ItemData A14 Lowes ItemIdxs Default Index Area Default Data Area de-allocated or migrated data HD ItemData A15 A16 A17 A18 Shared _file state 10 _field … _tenant … © 2011 Progress Software Corporation. All rights reserved. Shared Data Shared Indexes Example: Adding A New Tenant “AceHardware” Data Type II Storage Areas AceHardware Ace CustOrder Data A23 Customers Ace CustOrderIdxs Orders Tenancy Layer Items … Shared 11 © 2011 Progress Software Corporation. All rights reserved. A25 A24 Ace ItemData A26 Ace ItemIdxs • • Determine physical layout 1st • Table instance allocation: delayed, immediate, none • Tenant Access: Allowed, disallowed Create tenant & assign partition locations next New Inventory Table With Existing Tenants Data Type II Storage Areas HomeDepot HD CustOrder Data A7 Customers HD CustOrderIdxs Tenancy Layer Orders Items Lowes Lowes CustOrder Data A11 Customers Lowes CustOrderIdxs Orders Items • 12 … A9 … Example: Adding an Inventory table © 2011 Progress Software Corporation. All rights reserved. A13 A8 A10 HD ItemData HD ItemIdxs A12 Lowes ItemData A14 Lowes ItemIdxs New Inventory Table With Existing Tenants Data Type II Storage Areas HomeDepot HD CustOrder Data A7 Customers HD CustOrderIdxs Tenancy Layer Orders Items A19 Lowes Lowes CustOrder Data A11 Customers Lowes CustOrderIdxs Orders Inventory 13 A10 HD Inventory Data Inventory Items • … A9 A8 … Lowes Inventory Data A13 A21 HD ItemIdxs HD InventoryIdxs A20 A12 Lowes ItemData A14 A22 Tenant specific space allocation immediate or delayed © 2011 Progress Software Corporation. All rights reserved. HD ItemData Lowes ItemIdxs Lowes InvIdxs Groups Tenants have their own table instance if: Data AceHardware Customers • Not part of a group … Tenancy Layer TaxCode State 14 HomeDepot Customers … TaxCode State © 2011 Progress Software Corporation. All rights reserved. Groups Tenants have their own table instance if: Data AceHardware Customers • Not part of a group … Tenancy Layer TaxCode State HomeDepot Customers Group data • Shared amongst tenants in the group • Can exists with no tenants assigned … TaxCode State • Follow allocation rules already defined Each group has only one table instance • Cannot delete table if it has groups TaxCodeGroup TaxCodes StateGroup Tax Code Data State Data A30 A31 Tax Code Indexes State Indexes States Can be spread across storage areas. 15 © 2011 Progress Software Corporation. All rights reserved. Groups Tenants have their own table instance if: Data AceHardware Customers • Not part of a group … Tenancy Layer TaxCodeGroup StateGroup HomeDepot Customers … TaxCodeGroup StateGroup Group data • Shared amongst tenants in the group • Can exists with no tenants assigned • Follow allocation rules already defined Each group has only one table instance • Cannot delete table if it has groups TaxCodeGroup TaxCodes StateGroup Tax Code Data State Data A30 A31 Tax Code Indexes State Indexes States Can be spread across storage areas. 16 © 2011 Progress Software Corporation. All rights reserved. 17 © 2011 Progress Software Corporation. All rights reserved. Multi-tenant Administration Appearance of database isolation where possible Administration mechanisms • Data Dictionary • SQL DDL • Browser based config tool • Command line tools • ABL administrative APIs Database enablement: proutil <db> -C enableMultitenancy dbutil describe: 14 Multi-tenancy Yes Create storage areas dbutil prostrct add[online] <db> <addmt>.st • No new syntax to database structure files (.st) • Coordinate with database designers/developers • Have a plan based on physical model • Naming conventions can ease your pain 18 © 2011 Progress Software Corporation. All rights reserved. Identify Multi-tenant Tables 3 Suzi@HD_Domain Allen@HD_Domain Cat@HD_Domain Rich@HD_Domain Rich@Lowes1 John@Lowes1 Claudio@Lowes2 Louie@Lowes2 Domains/Tenants 2 1 Name Tenant Data 0 thru 4 HomeDepot Customers Orders HD_Domain HomeDepot Name Tenant Lowes1 Lowes Lowes2 Lowes Name Tenant blank Default Edward Tenancy Layer Users © 2011 Progress Software Corporation. All rights reserved. … Lowes Customers Orders Items … Default de-allocated or migrated data Shared _file state 19 Items _field … _tenant … Object Creation Considerations w/out Tenants Schema manipulation tools such as data dictionary, SQL DDL, etc Convert existing table to multi-tenant table • All objects of table instance MUST reside in TII storage area • One way conversion • Default partition contains existing data Create new multi-tenant tables • No need for default partition (optional) • New multi-tenant “default index” goes in same area as table Adding new indexes with new tables • Activation state at index level, NOT tenant level – Can be changed after the fact 20 © 2011 Progress Software Corporation. All rights reserved. Sequence Creation Considerations Sequences • Shared or tenant specific • Definition database wide (max/min/cycle values) • Current value tenant specific • Not group specific – Avoid multi-tenant sequences for group data – Group data is shared amongst specific tenants 21 © 2011 Progress Software Corporation. All rights reserved. Tenant Creation 3 Suzi@HD_Domain Allen@HD_Domain Cat@HD_Domain Rich@HD_Domain Rich@Lowes1 John@Lowes1 Claudio@Lowes2 Louie@Lowes2 Domains/Tenants 2 1 Name Tenant Data 0 thru 4 HomeDepot Customers Orders HD_Domain HomeDepot Name Tenant Lowes1 Lowes Lowes2 Lowes Name Tenant blank Default Edward Tenancy Layer Users © 2011 Progress Software Corporation. All rights reserved. … Lowes Customers Orders Items … Default de-allocated or migrated data Shared _file state 22 Items _field … _tenant … Tenant Creation Using ABL Multi-tenant APIs using OpenEdge.DataAdmin.*. define variable service as DataAdminService no-undo. service = new DataAdminService("demo"). define variable tenant as ITenant no-undo. define variable partition as IPartition no-undo. tenant = new Tenant("HomeDepot"). assign tenant:Type tenant:IsOnline tenant:Description tenant:DefaultDataArea tenant:DefaultIndexArea tenant:DefaultLobArea tenant:DefaultAllocation = "Regular" /* or super */ = yes = "Describe HomeDepot" = service:GetArea("Data Area") = service:GetArea("Index Area") = service:GetArea("Lob Area") = "Delayed". /* Immediate or None */ /* Create the tenant */ service:CreateTenant(tenant). … 23 /* continued on next page */ © 2011 Progress Software Corporation. All rights reserved. Tenant Creation Using ABL Multi-tenant APIs Reference Interfaces, Services using OpenEdge.DataAdmin.*. define variable service as DataAdminService no-undo. service = new DataAdminService("demo"). define variable tenant as ITenant no-undo. define variable partition as IPartition no-undo. tenant = new Tenant("HomeDepot"). Set Area Defaults assign tenant:Type tenant:IsOnline tenant:Description tenant:DefaultDataArea tenant:DefaultIndexArea tenant:DefaultLobArea tenant:DefaultAllocation = "Regular" /* or super */ = yes = "Describe HomeDepot" = service:GetArea("Data Area") = service:GetArea("Index Area") = service:GetArea("Lob Area") = "Delayed". /* Immediate or None */ /* Create the tenant */ service:CreateTenant(tenant). … 24 /* continued on next page */ © 2011 Progress Software Corporation. All rights reserved. Partition Assignment Reassign partition location information prior to allocation. Allocation State: Delayed or None … /* continued from previous page */ assign partition = tenant:Partitions:Get(service:GetTable("Customer")) partition:Area = service:GetArea("HD CustomerArea“) partition = tenant:Partitions:Get(service:GetTable("Order")) partition:Area = service:GetArea("HD OrderArea") partition = tenant:Partitions:Get(service:GetTable("Item")) partition:Area = service:GetArea("HD ItemArea") partition:AllocationState = “None”. Allocate /* Allocate Space */ tenant:Allocate(). /* indicate allocation of everything in delayed state */ Service:UpdateTenant(tenant). delete object service. 25 © 2011 Progress Software Corporation. All rights reserved. Partition Location Re-assignment Reassign partition location after allocation • Table/index move OR Dump, de-allocate, reassign via APIs/tools, reload • Using table/index move utilities proutil <db> -C tablemove <table> <area> tenant <tenant> • New de-allocate utility (bye-bye data) proutil <db> -C deallocate <table> tenant <tenant> • Binary Dump: data is tenant indifferent – Dump file: <table>_<ID>{T|G}_<tenant | group>.bd[n] – Example: customer_2T_HomeDepot.bd1 proutil <db> -C dump <table> tenant <tenant> • Utilities also support “group” based operations 26 © 2011 Progress Software Corporation. All rights reserved. Using Domains 3 Suzi@HD_Domain Allen@HD_Domain Cat@HD_Domain Rich@HD_Domain Rich@Lowes1 John@Lowes1 Claudio@Lowes2 Louie@Lowes2 Domains/Tenants 2 1 Name Tenant Data 0 thru 4 HomeDepot Customers Orders HD_Domain HomeDepot Name Tenant Lowes1 Lowes Lowes2 Lowes Name Tenant blank Default Edward Tenancy Layer Users © 2011 Progress Software Corporation. All rights reserved. … Lowes Customers Orders Items … Default de-allocated or migrated data Shared _file state 27 Items _field … _tenant … Domain Creation Domain Tenant: Domains ALWAYS associated w/tenants • (default, regular named tenant, super tenant) define variable domain as IDomain no-undo. define variable cAccessCode as character init “secret-code" no-undo. domain = new Domain("HD_Domain") assign domain:DomainType domain:AccessCode domain:Tenant domain:IsEnabled domain:Description = service:GetDomainType("_oeusertable") = cAccessCode = service:GetTenant("HomeDepot") = yes = "HomeDepot security domain". service:CreateDomain(domain). Renaming a tenant “cascades” the rename to the domains Renaming a domain “cascades” the rename to the users NOTE: Multiple domains can map to the same tenant 28 © 2011 Progress Software Corporation. All rights reserved. Adding Users 3 Suzi@HD_Domain Allen@HD_Domain Cat@HD_Domain Rich@HD_Domain Rich@Lowes1 John@Lowes1 Claudio@Lowes2 Louie@Lowes2 Domains/Tenants 2 1 Name Tenant Data 0 thru 4 HomeDepot Customers Orders HD_Domain HomeDepot Name Tenant Lowes1 Lowes Lowes2 Lowes Name Tenant blank Default Edward Tenancy Layer Users © 2011 Progress Software Corporation. All rights reserved. … Lowes Customers Orders Items … Default de-allocated or migrated data Shared _file state 29 Items _field … _tenant … User Creation Users Domain Tenant (Adding users is optional) • Setting user establishes tenant identity determining data access define variable domain as IDomain no-undo. define variable auser as IUser no-undo. auser = new User(“fblake"). Nothing new here assign auser:GivenName = “Frank“ auser:SurName = “Blake" auser:Password = “HD_CEO". domain = service:GetDomain("HD_Domain"). domain:Users:Add(auser). service:UpdateDomain(domain). User Id: fblake Password: HD_CEO 30 © 2011 Progress Software Corporation. All rights reserved. Userid/Password is incorrect. User Creation Users Domain Tenant (Adding users is optional) • Setting user establishes tenant identity determining data access define variable domain as IDomain no-undo. define variable auser as IUser no-undo. auser = new User(“fblake"). Nothing new here assign auser:GivenName = “Frank“ auser:SurName = “Blake" auser:Password = “HD_CEO". domain = service:GetDomain("HD_Domain"). domain:Users:Add(auser). service:UpdateDomain(domain). User Id: fblake@HD_Domain Password: HD_CEO NOTE: “Can” permissions extended to tenant qualified userid 31 © 2011 Progress Software Corporation. All rights reserved. Group Creation Type II Storage Areas Data HomeDepot_NH1 Tenancy Layer Customers 32 … HomeDepot_NH2 Customers … HD #1 Data Area HD #2 Data Area A100 A101 A200 A201 HD #1 index Area HD #2 index Area CreditCheckGroup Credit © 2011 Progress Software Corporation. All rights reserved. Credit Data A300 A301 Credit Indexes Group Creation Type II Storage Areas Data HomeDepot_NH1 Customers … HD #1 Data Area A100 A101 HD #1 index Area Tenancy Layer CreditCheckGroup 33 HomeDepot_NH2 Customers … HD #2 Data Area A200 A201 HD #2 index Area CreditCheckGroup CreditCheckGroup Credit © 2011 Progress Software Corporation. All rights reserved. Credit Data A300 A301 Credit Indexes Group Creation Type II Storage Areas Data HomeDepot_NH1 Customers … HD #1 Data Area A100 A101 HD #1 index Area Tenancy Layer CreditCheckGroup HD_ItemsGroup HomeDepot_NH2 Customers … HD #2 Data Area A200 A201 HD #2 index Area CreditCheckGroup HD_ItemsGroup CreditCheckGroup Credit Data Credit HD_ItemsGroup HD Item Data A300 A301 Credit Indexes HD Item Indexes Items • 34 © 2011 Progress Software Corporation. All rights reserved. Multiple Home Depot tenants sharing same item list, same credit check data. Group Creation Create the group define variable partitiongroup as IPartitionGroup no-undo. partitiongroup = new PartitionGroup("HD_ItemsGroup“). assign partitiongroup:Table = service:GetTable("Item") partitiongroup:DefaultDataArea = service:GetArea(“A300") Set Area partitiongroup:DefaultIndexArea = service:GetArea(“A301") Defaults partitiongroup:DefaultLobArea = service:GetArea(“A300") partitiongroup:DefaultAllocation = "Immediate“ /* or delayed */ partitiongroup:Description = "Home Depot Items". service:CreatePartitionGroup(partitiongroup). 35 © 2011 Progress Software Corporation. All rights reserved. Adding Tenants To Groups Table allocation state: None • Simply add tenant as member of the group for that table define variable partitiongroup as IPartitionGroup no-undo. assign partitiongroup = service:GetPartitionGroup("HD_ItemGroup"). partitiongroup:Tenants:Add(service:GetTenant("HomeDepot_NH1")). partitiongroup:Tenants:Add(service:GetTenant("HomeDepot_NH2")). service:UpdatePartitionGroup(partitiongroup). NOTE: Tenant allocation state must be “None” to join a group 36 © 2011 Progress Software Corporation. All rights reserved. Adding Tenants To Groups Tenant’s table instance allocated? • It’s a bit more difficult. • Move or remove data from tenant’s table instance – Dump/load, buffer copy/delete via super tenant, etc • De-allocate tenant’s table instance (bye-bye data) proutil <db> -C deallocate <table> [ tenant <name> | group <name> ] • Add tenant as member of the group for that table – See previous slide 37 © 2011 Progress Software Corporation. All rights reserved. Adding A New Multi-tenant Object Once tenants exist… Use favorite tool • DB admin tool, navigator, load .df Default allocation state (per tenant/group): • Immediate – Creates new storage partition for each object of the table instance – Allocation performed for each tenant/group • Delayed or None – Will not allocate any storage – Allows non-default area assignment 38 © 2011 Progress Software Corporation. All rights reserved. Adding indexes to existing tables Activate at creation • Index wide, not tenant specific • Can be slow to activate immediately (off-line) Index activate online proutil <db> -C idxactivate <index-name> [ tenant <name> | group <name> ] • Concurrent for different tables of same tenant • Concurrent for same or different table between tenants R-code dependencies • Existing static queries maintain but don’t use newly activated index • Tenant “mixed” activation with updated r-code – Index name is inactive and cannot be referenced. (995) 39 © 2011 Progress Software Corporation. All rights reserved. 40 © 2011 Progress Software Corporation. All rights reserved. Various Data Definition Files Flexibility with compatibility Data dump files (.d) • Output directory change only: <tenant>/<table>.d Binary dump files (.bd) • File name format change only • <table>_<#>T_<tenant>.bd[n] <table>.bd[n] becomes: OR <table>_<#>G_<group>.bd[n] • customer_5T_HomeDepot.bd1 OR state_2G_itemGroup.bd1 Bulkload file definition (.fd) • No change Data definition files (.df) ADD TABLE “Customer” MULTITENANT yes AREA "Customer/Order Area” 41 © 2011 Progress Software Corporation. All rights reserved. Maintenance Utilities Area and object utilities now support tenant/group keyword proutil <db> -C dbanalys [ area <area> ] [ shared | tenant <name> | group <name> ] • Set/display create/toss limits • Index rebuild • Index move/table move • Index fix • Binary dump/load • Index compact • Index check • Index activate Database wide utilities remain unchanged 42 • Roll forward • Auditing • Truncate bi • Increase startup parameters to • Backup/restore • Move schema © 2011 Progress Software Corporation. All rights reserved. Analysis Tools Report By Tenant/Group dbutil <db> -C dbanalys area <area> [ tenant <name> | group <name> ] RECORD BLOCK SUMMARY FOR SHARED OBJECTS: -Record Size (B)Table Records Size Min Max Mean PUB.state 51 1.8K 31 42 36 ---------------------------------Subtotals: 51 1.8K 31 42 36 RECORD BLOCK SUMMARY FOR GROUP HD_ItemGroup: -14 -Record Size (B)Table Records Size Min Max Mean PUB.item 51 2.2K 37 49 44 ----------------------------------Subtotals: 51 2.2K 37 49 44 RECORD BLOCK SUMMARY FOR TENANT HomeDepot_NH1: 1 -Record Size (B)Table Records Size Min Max Mean PUB.customer 4 280.0B 64 73 70 PUB.order 9 312.0B 34 35 34 PUB.order-line 31 1.0K 33 34 33 --------------------------------Subtotals: 44 593.0K 33 73 46 43 © 2011 Progress Software Corporation. All rights reserved. Promon: Tenant Identity, Sorting And Filtering M. Modify Defaults • S. Sort user lists : by user Id OR tenant Id • T. Tenant filter for user lists : one OR range User Control: by user number Usr:Ten 0:0 5:2 6:1 7:0 Name richb u2@t2 u1@t1 richb User Control: by tenant Id Usr:Ten 0:0 7:0 6:1 5:2 Type BROK SELF/ABL SELF/ABL SELF/ABL Name richb richb u1@t1 u2@t2 Currently Connected Tenants Tenant Id 0 1 2 44 © 2011 Progress Software Corporation. All rights reserved. Name User Count Default t1 t2 3 1 1 Type BROK SELF/ABL SELF/ABL SELF/ABL 45 © 2011 Progress Software Corporation. All rights reserved. Summary Administration Architecture Create tenant related stuff • Self provisioning API Various utility usage Multi-tenant Configuration Tool demo 46 © 2011 Progress Software Corporation. All rights reserved. ? Questions 47 © 2011 Progress Software Corporation. All rights reserved. 48 © 2011 Progress Software Corporation. All rights reserved. Sept. 19 – 22, 2011 Boston Westin Waterfront Hotel and Boston Convention & Exhibition Center