I recently put together a series of questions to be used in Architecture Design Sessions. This questionnaire is meant for understanding the current application architecture and how it fits in the overall single instance multi tenancy aspects. As mentioned many time, one application does not necessarily need to be "pure" and be 100% single instance multi tenant, but I believe that all deviations from it shouls be (1) a conscious choice (2) justifiable.
This questionnaire should help anyone building or evaluating a SaaS application architecture.
Note: I did not put any score next to the questions... it is not an exam! :)
1. What is your logical architecture? (e.g. presentation/façade/business/data access, services, domains etc.?) A diagram is often best appropriate.
2. What are the scale metrics of your application (# of tenants, #concurrent users, transactions/sec, user response times)?
3. To what extent is your application meta-data driven? How is the metadata represented? Where is it stored?
4. Can a tenant customize the data model?
8. Can a tenant customize the UI?
12. Can I tenant customize the workflow?
16. Do you collocate tenant data in the same database?
19. What is your tenant density per database (how many tenants per database? how many databases per physical server)
20. Do you have any data portioning strategy? Which one
21. Can you “scale out” your data? How?
22. Do you use data stores other than databases? Which ones? (e.g. LDAP, file system, Windows registry)?
23. Do you use connection pooling?
24. Can you restore data for just one tenant? If yes how?
25. How is your application accessed? (e.g. Web, Smart Client, Office)
26. Are you planning to offer additional user interfaces to your application?
27. Do you use AJAX technologies?
28. Do you integrate with Office (Outlook, Excel…)?
29. Do you offer Mobile access to your application?
30. Do you offer a Web Service interface to your application?
31. Do you support WS-* protocols?
32. Do you support REST?
33. What product/technology do you use to implement your web services?
34. Do you have any process orchestration or workflow capability? If yes, which one?
35. (If yes) What is described as a workflow in the application?
36. How do you authenticate the users?
37. Do you support Single Sign On? How?
38. Do you support WS-* protocol such as WS-Federation?
39. Do you encrypt any of your data or communications? Which? How?
40. Do you centrally control security through policies?
41. Do you have tenant specific security policies?
42. What is your deployment topology?
43. What is your provisioning strategy?
44. Can the system be automatically provisioned?
45. Is the provisioning linked to the order entry system?
46. What system and/or tools do you use for runtime management and monitoring?
47. What instrumentation do you have for management and monitoring?
48. How do you manage versioning of your application?
49. Can version vary per each tenant? If yes how? If not why?
50. Do you use virtualization? If yes, where, why?
51. Can your application be integrated with “in house” / “on premise” software? If yes, how?
52. What are the integration points available in your application?