I recently put together a series of questions to be used in Architecture Design Sessions. This questionnaire is meant for understanding the current application architecture and how it fits in the overall single instance multi tenancy aspects. As mentioned many time, one application does not necessarily need to be "pure" and be 100% single instance multi tenant, but I believe that all deviations from it shouls be (1) a conscious choice (2) justifiable.

This questionnaire should help anyone building or evaluating a SaaS application architecture.

Note: I did not put any score next to the questions... it is not an exam! :)

SaaS ISV Architecture Questionnaire v. 1.0:

General

1. What is your logical architecture? (e.g. presentation/façade/business/data access, services, domains etc.?) A diagram is often best appropriate.

2. What are the scale metrics of your application (# of tenants, #concurrent users, transactions/sec, user response times)?

Customization

3. To what extent is your application meta-data driven? How is the metadata represented? Where is it stored?

4. Can a tenant customize the data model?

If yes,

  1. What can be customized?
  1. Where is the customization stored?
  1. How does the runtime implement the customization?

8. Can a tenant customize the UI?

if yes,

  1. What can be customized?
  1. Where is the customization stored?
  1. How does the runtime implement the customization?

12. Can I tenant customize the workflow?

If yes,

  1. What can be customized?
  1. Where is the customization stored?
  1. How does the runtime implement the customization?

Data

16. Do you collocate tenant data in the same database?

  1. If yes how?
  2. If not why?

19. What is your tenant density per database (how many tenants per database? how many databases per physical server)

20. Do you have any data portioning strategy? Which one

21. Can you “scale out” your data? How?

22. Do you use data stores other than databases? Which ones? (e.g. LDAP, file system, Windows registry)?

23. Do you use connection pooling?

24. Can you restore data for just one tenant? If yes how?

UI

25. How is your application accessed? (e.g. Web, Smart Client, Office)

26. Are you planning to offer additional user interfaces to your application?

27. Do you use AJAX technologies?

28. Do you integrate with Office (Outlook, Excel…)?

29. Do you offer Mobile access to your application?

Web Services

30. Do you offer a Web Service interface to your application?

31. Do you support WS-* protocols?

32. Do you support REST?

33. What product/technology do you use to implement your web services?

Workflow

34. Do you have any process orchestration or workflow capability? If yes, which one?

35. (If yes) What is described as a workflow in the application?

Security

36. How do you authenticate the users?

37. Do you support Single Sign On? How?

38. Do you support WS-* protocol such as WS-Federation?

39. Do you encrypt any of your data or communications? Which? How?

40. Do you centrally control security through policies?

41. Do you have tenant specific security policies?

Deployment

42. What is your deployment topology?

43. What is your provisioning strategy?

44. Can the system be automatically provisioned?

45. Is the provisioning linked to the order entry system?

46. What system and/or tools do you use for runtime management and monitoring?

Management and Maintenance

47. What instrumentation do you have for management and monitoring?

48. How do you manage versioning of your application?

49. Can version vary per each tenant? If yes how? If not why?

Virtualization

50. Do you use virtualization? If yes, where, why?

Integration

51. Can your application be integrated with “in house” / “on premise” software? If yes, how?

52. What are the integration points available in your application?