7

I’m looking at an implement for multi-tenancy in SQL Server. I'm considering a shared database, shared schema and tenant view filter described here. The only drawback is a fragmented connection pool...

Per http://msdn.microsoft.com/en-au/architecture/aa479086, Tenant View Filter is described as follows:

"SQL views can be used to grant individual tenants access to some of the rows in a given table, while preventing them from accessing other rows.

In SQL, a view is a virtual table defined by the results of a SELECT query. The resulting view can then be queried and used in stored procedures as if it were an actual database table. For example, the following SQL statement creates a view of a table called Employees, which has been filtered so that only the rows belonging to a single tenant are visible:

CREATE VIEW TenantEmployees AS 
SELECT * FROM Employees WHERE TenantID = SUSER_SID()

This statement obtains the security identifier (SID) of the user account accessing the database (which, you'll recall, is an account belonging to the tenant, not the end user) and uses it to determine which rows should be included in the view"

Thinking this through , if we have one database storing say 5,000 different tenants, then the connection pool is completely fragmented and every time a request is sent to the database ADO.NET needs to establish a new connection and authenticate (remember connection pooling works for each unique connection string) and this approach means you have 5,000 connection strings…

How worried should I be about this? Can someone give me some real world examples of how significant an impact the connection pool has on a busy multi-tenant database server (say servicing 100 requests per second)? Can I just throw more hardware at the problem and it goes away?

Thoughts ??

Community
  • 1
  • 1
AIDAN CASEY
  • 319
  • 2
  • 11
  • Are you planning on having each tenant establish their connection to the SQL Server, or are you planning on having an intermediary service (e.g. WCF) where all the requests get routed through? – Alexander Nov 06 '12 at 00:03
  • In short: What the docs describe there is a bad idea... – usr Jan 01 '13 at 22:02

1 Answers1

1

My sugestion will be to develop a solid API over your database. Scalability, modularity, extensibility, accounting will be the main reasons. Few years down the line you may be found swearing at yourself for playing with SUSER_SID(). For instance, consider multiple tenants managed by one account or situations like whitelabels...

Have a data access api, which will take care of authentication. You can still do authorisation on the DB level, but it's a whole different topic then. Have users and perhaps groups and grant them permissions to tenants.

For huge projects nevertheless, you'll still find it better to have a single DB per big player.

I see I did not answer your main question about fragmented connection pool performance, but I'm convinced there are many valid arguments not to go that path nevertheless.

Community
  • 1
  • 1
Robert Cutajar
  • 3,181
  • 1
  • 30
  • 42