Become the best software developer you can be
…
continue reading
Innehåll tillhandahållet av Allen Underwood, Michael Outlaw, Joe Zack, Allen Underwood, Michael Outlaw, and Joe Zack. Allt poddinnehåll inklusive avsnitt, grafik och podcastbeskrivningar laddas upp och tillhandahålls direkt av Allen Underwood, Michael Outlaw, Joe Zack, Allen Underwood, Michael Outlaw, and Joe Zack eller deras podcastplattformspartner. Om du tror att någon använder ditt upphovsrättsskyddade verk utan din tillåtelse kan du följa processen som beskrivs här https://sv.player.fm/legal.
Liknande {CodingBlocks}.NET
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
A podcast about web design and development.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
The American healthcare system is one of the most innovative in the world. But it’s also riddled with complex challenges, such as access to affordable medications, inefficiency and administrative burdens, and communication barriers between providers. There’s clearly a better way—and at Surescripts, we have a unique sightline into what that may be. In this series, host Melanie Marcus, Chief Marketing Officer of Surescripts, sits down with today’s most inspiring and innovative leaders in healt ...
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Player FM - Podcast-app
Gå offline med appen Player FM !
Gå offline med appen Player FM !
))
Things to Know when Considering Multi-Tenant or Multi-Threaded Applications
Manage episode 437762262 series 2013945
Innehåll tillhandahållet av Allen Underwood, Michael Outlaw, Joe Zack, Allen Underwood, Michael Outlaw, and Joe Zack. Allt poddinnehåll inklusive avsnitt, grafik och podcastbeskrivningar laddas upp och tillhandahålls direkt av Allen Underwood, Michael Outlaw, Joe Zack, Allen Underwood, Michael Outlaw, and Joe Zack eller deras podcastplattformspartner. Om du tror att någon använder ditt upphovsrättsskyddade verk utan din tillåtelse kan du följa processen som beskrivs här https://sv.player.fm/legal.
It’s time to talk about the types of things you should consider when diving into multi-tenant applications and things to be especially aware of if you attempt to make things faster by going multi-threaded at the same time. Join us as Allen continues is non-winning / non-losing streak, JZ is taken out by a storm, and Outlaw continues to ignore the notes for the intro to the show…
News
Reviews
- Spotify – Colum Ferry
Upcoming Events
- Atlanta Dev Con
September 7th, 2024
https://www.atldevcon.com/ - DevFest Central Florida on September 28th, 2024
https://devfestflorida.com/
Episode
- Single vs multi-tenanted applications and multi-threaded programming
- Be very careful about sharing state when doing anything in multi-threaded AND multi-tenanted applications
What are some important things to consider when writing multi-tenanted applications – per Claude
As mentioned in the episode, Claude’s answers seem to be very database heavy
- Data isolation: Ensure that each tenant’s data is securely separated and inaccessible to other tenants.
- Authentication and authorization: Implement robust systems to verify tenant identity and control access to resources.
- Scalability: Design the architecture to handle growth in both the number of tenants and data volume per tenant.
- Performance: Optimize database queries and resource allocation to maintain speed as tenant count increases.
- Customization: Allow for tenant-specific configurations and features without compromising the core codebase.
- Monitoring and logging: Implement comprehensive logging and monitoring to track usage, errors, and performance per tenant.
- Maintenance and updates: Design the system to allow for updates and maintenance with minimal disruption to tenants.
- Data backup and recovery: Implement tenant-specific backup and recovery processes.
- Compliance and data regulations: Ensure the system can meet various regulatory requirements that may differ by tenant.
- Tenant onboarding and offboarding: Create efficient processes for adding new tenants and removing old ones.
- Good feature flagging support?
- Tracing / OpenTelemetry
Can you elaborate on the data isolation?
Data isolation is crucial in multi-tenant systems to prevent unauthorized access and ensure data privacy. Here are some key strategies to ensure data isolation:
- Separate databases
- Use a separate database for each tenant
- Pros: Strong isolation, easier compliance
- Cons: Higher maintenance, potentially higher costs
- Use a separate database for each tenant
- Shared database with separate schemas
- Each tenant gets their own schema within a shared database
- Pros: Good isolation, more cost-effective than separate databases
- Cons: Requires careful access control, potential for errors
- Each tenant gets their own schema within a shared database
- Shared schema with tenant ID
- Use a single schema but include a tenant ID column in each table
- Pros: Most cost-effective, easiest to maintain
- Cons: Highest risk of data leaks, requires vigilant query filtering
- Use a single schema but include a tenant ID column in each table
- Row-level security
- Implement database-level security policies to restrict access based on tenant ID
- Particularly useful with shared schema approach
- Encryption
- Encrypt sensitive data, potentially using tenant-specific keys
- Adds an extra layer of protection even if other measures fail
- Connection pooling
- Use separate connection pools for each tenant to prevent session mixups
- Query filtering
- Always include tenant ID in queries, preferably at the database level
- Use ORMs or query builders that automatically add tenant filters
- API and application-level checks
- Validate tenant ID in all API calls and application logic
- Implement middleware to enforce tenant-specific access
Resources / Mentions
- Salable Postgres product – Citus
https://www.citusdata.com/ - Envelope encryption if you’re wanting to use tenant specific keys for multi-tenanted encryption – one approach is envelope encryption
https://en.wikipedia.org/wiki/Hybrid_cryptosystem#Envelope_encryption
https://cloud.google.com/kms/docs/envelope-encryption - OWASP multi-tenant or “Cloud Tenant” Isolation
https://owasp.org/www-project-cloud-tenant-isolation/ - C#’s Parallel.ForEach method – the easy way to do parallel processing in C#
https://learn.microsoft.com/en-us/dotnet/api/system.threading.tasks.parallel.foreach?view=net-8.0 - Can’t remember why we linked episode 11, but here it is!
https://www.codingblocks.net/podcast/episode-11-design-patterns-part-1-you-create-me/
Tips of the Week
- Speculative fix? If you’re not sure that your fix is going to work, or you can’t reproduce the problem then consider over-communicating it and keeping artifacts such as screenshots of what you attempted.
- It’s useful for communication, but also for looking back when and if you start second guessing yourself.
- Shapez 2 is a cool refactoring, automation, and puzzle game. It’s similar to Factorio, but with a heavier emphasis on refactoring and puzzles.
https://store.steampowered.com/app/2162800/shapez_2/
- Kotlin – measureTimeMillis
https://kotlinlang.org/api/latest/jvm/stdlib/kotlin.system/measure-time-millis.html - Google skills – learn and get certified in Google Cloud https://www.cloudskillsboost.google
- Pay for a year’s worth of training for $299 and get $200 towards a certification – over $1,500 value https://www.cloudskillsboost.google/payments/new https://www.cloudskillsboost.google/subscriptions
- Pay for a year’s worth of training for $299 and get $200 towards a certification – over $1,500 value https://www.cloudskillsboost.google/payments/new https://www.cloudskillsboost.google/subscriptions
- From Ivan Kuchin – Dasel – like JQ except it does JSON, YAML, TOML, XML and CSV with zero runtime dependencies
https://github.com/TomWright/dasel - Google Cloud products in 4 words or less
https://cloud.google.com/blog/topics/developers-practitioners/back-popular-demand-google-cloud-products-4-words-or-less-2022-edition
https://googlecloudcheatsheet.withgoogle.com/
73 episoder
Dela
Manage episode 437762262 series 2013945
Innehåll tillhandahållet av Allen Underwood, Michael Outlaw, Joe Zack, Allen Underwood, Michael Outlaw, and Joe Zack. Allt poddinnehåll inklusive avsnitt, grafik och podcastbeskrivningar laddas upp och tillhandahålls direkt av Allen Underwood, Michael Outlaw, Joe Zack, Allen Underwood, Michael Outlaw, and Joe Zack eller deras podcastplattformspartner. Om du tror att någon använder ditt upphovsrättsskyddade verk utan din tillåtelse kan du följa processen som beskrivs här https://sv.player.fm/legal.
It’s time to talk about the types of things you should consider when diving into multi-tenant applications and things to be especially aware of if you attempt to make things faster by going multi-threaded at the same time. Join us as Allen continues is non-winning / non-losing streak, JZ is taken out by a storm, and Outlaw continues to ignore the notes for the intro to the show…
News
Reviews
- Spotify – Colum Ferry
Upcoming Events
- Atlanta Dev Con
September 7th, 2024
https://www.atldevcon.com/ - DevFest Central Florida on September 28th, 2024
https://devfestflorida.com/
Episode
- Single vs multi-tenanted applications and multi-threaded programming
- Be very careful about sharing state when doing anything in multi-threaded AND multi-tenanted applications
What are some important things to consider when writing multi-tenanted applications – per Claude
As mentioned in the episode, Claude’s answers seem to be very database heavy
- Data isolation: Ensure that each tenant’s data is securely separated and inaccessible to other tenants.
- Authentication and authorization: Implement robust systems to verify tenant identity and control access to resources.
- Scalability: Design the architecture to handle growth in both the number of tenants and data volume per tenant.
- Performance: Optimize database queries and resource allocation to maintain speed as tenant count increases.
- Customization: Allow for tenant-specific configurations and features without compromising the core codebase.
- Monitoring and logging: Implement comprehensive logging and monitoring to track usage, errors, and performance per tenant.
- Maintenance and updates: Design the system to allow for updates and maintenance with minimal disruption to tenants.
- Data backup and recovery: Implement tenant-specific backup and recovery processes.
- Compliance and data regulations: Ensure the system can meet various regulatory requirements that may differ by tenant.
- Tenant onboarding and offboarding: Create efficient processes for adding new tenants and removing old ones.
- Good feature flagging support?
- Tracing / OpenTelemetry
Can you elaborate on the data isolation?
Data isolation is crucial in multi-tenant systems to prevent unauthorized access and ensure data privacy. Here are some key strategies to ensure data isolation:
- Separate databases
- Use a separate database for each tenant
- Pros: Strong isolation, easier compliance
- Cons: Higher maintenance, potentially higher costs
- Use a separate database for each tenant
- Shared database with separate schemas
- Each tenant gets their own schema within a shared database
- Pros: Good isolation, more cost-effective than separate databases
- Cons: Requires careful access control, potential for errors
- Each tenant gets their own schema within a shared database
- Shared schema with tenant ID
- Use a single schema but include a tenant ID column in each table
- Pros: Most cost-effective, easiest to maintain
- Cons: Highest risk of data leaks, requires vigilant query filtering
- Use a single schema but include a tenant ID column in each table
- Row-level security
- Implement database-level security policies to restrict access based on tenant ID
- Particularly useful with shared schema approach
- Encryption
- Encrypt sensitive data, potentially using tenant-specific keys
- Adds an extra layer of protection even if other measures fail
- Connection pooling
- Use separate connection pools for each tenant to prevent session mixups
- Query filtering
- Always include tenant ID in queries, preferably at the database level
- Use ORMs or query builders that automatically add tenant filters
- API and application-level checks
- Validate tenant ID in all API calls and application logic
- Implement middleware to enforce tenant-specific access
Resources / Mentions
- Salable Postgres product – Citus
https://www.citusdata.com/ - Envelope encryption if you’re wanting to use tenant specific keys for multi-tenanted encryption – one approach is envelope encryption
https://en.wikipedia.org/wiki/Hybrid_cryptosystem#Envelope_encryption
https://cloud.google.com/kms/docs/envelope-encryption - OWASP multi-tenant or “Cloud Tenant” Isolation
https://owasp.org/www-project-cloud-tenant-isolation/ - C#’s Parallel.ForEach method – the easy way to do parallel processing in C#
https://learn.microsoft.com/en-us/dotnet/api/system.threading.tasks.parallel.foreach?view=net-8.0 - Can’t remember why we linked episode 11, but here it is!
https://www.codingblocks.net/podcast/episode-11-design-patterns-part-1-you-create-me/
Tips of the Week
- Speculative fix? If you’re not sure that your fix is going to work, or you can’t reproduce the problem then consider over-communicating it and keeping artifacts such as screenshots of what you attempted.
- It’s useful for communication, but also for looking back when and if you start second guessing yourself.
- Shapez 2 is a cool refactoring, automation, and puzzle game. It’s similar to Factorio, but with a heavier emphasis on refactoring and puzzles.
https://store.steampowered.com/app/2162800/shapez_2/ - Kotlin – measureTimeMillis
https://kotlinlang.org/api/latest/jvm/stdlib/kotlin.system/measure-time-millis.html - Google skills – learn and get certified in Google Cloud https://www.cloudskillsboost.google
- Pay for a year’s worth of training for $299 and get $200 towards a certification – over $1,500 value https://www.cloudskillsboost.google/payments/new https://www.cloudskillsboost.google/subscriptions
- Pay for a year’s worth of training for $299 and get $200 towards a certification – over $1,500 value https://www.cloudskillsboost.google/payments/new https://www.cloudskillsboost.google/subscriptions
- From Ivan Kuchin – Dasel – like JQ except it does JSON, YAML, TOML, XML and CSV with zero runtime dependencies
https://github.com/TomWright/dasel - Google Cloud products in 4 words or less
https://cloud.google.com/blog/topics/developers-practitioners/back-popular-demand-google-cloud-products-4-words-or-less-2022-edition
https://googlecloudcheatsheet.withgoogle.com/
73 episoder
Alla avsnitt
×
Välkommen till Player FM
Player FM scannar webben för högkvalitativa podcasts för dig att njuta av nu direkt. Den är den bästa podcast-appen och den fungerar med Android, Iphone och webben. Bli medlem för att synka prenumerationer mellan enheter.
Liknande {CodingBlocks}.NET
Become the best software developer you can be
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
A podcast about web design and development.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
The American healthcare system is one of the most innovative in the world. But it’s also riddled with complex challenges, such as access to affordable medications, inefficiency and administrative burdens, and communication barriers between providers. There’s clearly a better way—and at Surescripts, we have a unique sightline into what that may be. In this series, host Melanie Marcus, Chief Marketing Officer of Surescripts, sits down with today’s most inspiring and innovative leaders in healt ...
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Player FM - Podcast-app
Gå offline med appen Player FM !
Gå offline med appen Player FM !
