Private Apps in the Public Cloud

DevconTLV March 2016 Conference, Tuesday, March 22, 2016, 10:10

In the current technical world, SaaS providers have plenty to help them out: from public clouds, to containers. From microservices architectures, to limitless scaling potential. But when you need to deploy multiple singe-tenant applications that use these, how do you manage to share resources while keeping sensitive data apart? In this presentation I'll talk about how we did it at ironSource.
In this talk I’ll focus on how we quickly discovered growing pains when scaling up a single-tenant SaaS to multiple customers at ironSource.
On the one hand we wanted to make use of shared resources (be it code, containers or physical resources) as much as possible; on the other hand, we promised customers a single-tenant application, and so needed to segregate sensitive data.
We needed a solution that would allow us segregated data, across multiple datacenters while remaining cost-conscious regarding resource usage. And, of course, the system would need to be balanced between self-managing itself and requiring manual intervention for unlocking secure data.
In the end we built a mashup of segregated secure data stores on (as much as possible) shared architecture at AWS using some great emerging (and some more time tested) open source technologies, including Chef, Consul and Vault.

Issac Goldstand

Issac Goldstand

Principal Architect


"Issac has been involved in the Web community for over 15 years. With a strong background in the Apache Web Server internals, and optimizing web applications, Issac continues to churn out highly optimized web applications in a variety of languages and servers, as well as mentoring teams of programmers to be as passionate about writing great software as he is.

Today Issac is married with three kids, and is focused on architecting and mentoring high-tech teams across a diverse range of languages and disciplines."

Other Presentations at DevconTLV March 2016

Open Accessibilty Menu