undefined | Better HN

0 pointsmooreds3y ago0 comments

You can do this with containers, or, if the price point is right, with VMs for even more isolation.

There are levels of multi-tenancy:

* logical multi-tenancy, where isolation is enforced in code and the database (every table has a 'tenant id' key)

* container level multi-tenancy, where you run separate containers and possibly in different namespaces

* virtual machine multi-tenancy, where there are different VMs for each tenant and you can use network isolation as well (NACLs, security groups)

* hardware isolation, similar to virtual machine, but you use separate hardware. Hard to scale this with software, though using something like Equinix metal might work: https://www.equinix.com/products/digital-infrastructure-serv...

These each have different tradeoffs in upgradeability, operations cost and isolation.

0 comments

mooredsOP3y ago

j / k navigate · click thread line to collapse

0 pointsmooreds3y ago0 comments

You can do this with containers, or, if the price point is right, with VMs for even more isolation.

There are levels of multi-tenancy:

* logical multi-tenancy, where isolation is enforced in code and the database (every table has a 'tenant id' key)

* container level multi-tenancy, where you run separate containers and possibly in different namespaces

* virtual machine multi-tenancy, where there are different VMs for each tenant and you can use network isolation as well (NACLs, security groups)

These each have different tradeoffs in upgradeability, operations cost and isolation.