top | item 41429088

(no title)

Speaking as a dev with over 12 years of experience in both dev and ops, that has implemented and maintained multiple multi-tenant systems with different levels of multi-tenant isolation (infra, db, schema, table, shared tables).

I dot see the value proposition here. Let's take couple of examples

If I need to have my totally separate infra for each tenant I'm going to go for terraform

If I need separate database on the same db infra, I'm Goin to either have a db initialization script that creates a usable db or clones a template database already present

So why do I need your sdk? To avoid a call to postgres to execute a script or a terraform script?

How does that work with the need for prefilled data?

Maybe I'm missing something, but I do not understand this service.

discuss

lclarkmichalek|1 year ago

Personally, there's no way I'd want a customer initiated operation to trigger something like terraform or mess with DB schemas. On the security side, it would significantly complicate the permissions structure from the application to the database. And on the performance side, I have absolutely no mental model for how operations like that scale, and how trivial of a DoS I'm exposing myself to. At the same time, I love the isolation (mostly operationally, the security & privacy side is also nice) that db-per-customer would bring. If this product helps bridge the gap, then it sounds good to me.

simplyinfinity|1 year ago

Last project I worked on was a mix of on prem software and cloud software.

The cloud counterpart had 600+ mongodb databases split amongst 3 Mongo clusters.

The integration team took usually 2 weeks to setup the on premises software, and the cloud stuff took about a minute. The entire setup for the cloud was a single form that the integration team filled in with data.

The point I'm trying to make, is that if your customers require separate infra, they can wait a bisuness day to be setup. Meanwhile they can play on a sandbox environment.

It's also doable in fully automated fashion, but you will have to have strong identity and payment verifications, to avoid DoS, and in those cases usually contracts fly around.

That's for the b2b side.

For b2c, usually you rely on a single db and filter by column ID or similar, which can easily be abstracted away.

davecyen|1 year ago

you might consider that it's precisely your depth and breadth of experience, which isn't common across most teams, might actually highlight why a solution like Fortress is valuable

Kinrany|1 year ago

A blog post explaining these two common approaches would solve the same problem though

blacksoil|1 year ago

"Speaking as a dev with over 12 years of experience in both dev and ops"

I think you aren't the target market. The target market is probably people who are new to coding or even self-taught indie hackers who aren't too technical but oriented towards building a product as quickly as possible

seanhunter|1 year ago

OK I have been the ultimate decision-maker in a number of SaaS vendor selection situations so I am the target market for people who would build an offering using this. I can tell you that multi-tenant shared anything is pretty much an absolute dealbreaker for me and most people like me. Why?

1) In any financial regulated environment your regulator will usually specifically require this (at least in jurisdictions I'm familiar with). Am I prepared to go to battle with my regulator on behalf of a vendor? Most definitely not.

2) Even if I'm not in that situation, do I trust the vendor to have tech protections that work well enough that my customer data won't leak if there's some sort of problem, leading to a GDPR/data protection nightmare? No. No I don't trust anyone that much. I wouldn't even trust code that I myself had written that much (ie when I have built b2b saas solutions I have insisted on single tenant shared nothing). I've actually used (a demo of) a multi-tenant saas where the vendor has insisted on the security of their multitenant solution and been shown another customer's data on more than one occasion.

3) Even if I did trust the vendor and wasn't in a regulated environment which required single tenant, would I be prepared to go to war with my internal legal counsel over the data protection implications of multitenant? No. I want to keep a good working relationship with them and their life is hard enough as it is. They want single tenant shared nothing that's good enough for me.

4) Even if none of the above applies a lot of big corporates will want the option to host a solution in a cloud subaccount that they own. That's clearly not on the cards with something like this.

Lionga|1 year ago

Maybe it has some great AI web-scraping (what ever that means but it is combining the two of the most parasitic domains together) included.