Mastering SaaS: Key Concepts, Architecture, and Multi‑Tenant Design

Everyone knows what a SaaS system is. This article introduces SaaS from several angles, including cloud service architecture concepts, SaaS characteristics, differences from traditional and internet services, B2B2C models, SaaS classifications, how to SaaS-ify a product, core components, and multi‑tenant designs.

Three concepts of cloud service architecture

Two major features of SaaS systems

Differences between SaaS services, traditional software, and internet applications

B2B2C model

Classification of SaaS systems

How to SaaS-ify

Core components of SaaS products

Multi‑tenant SaaS

1. Cloud Service Architecture Three Concepts

1.1 PaaS (Platform‑as‑a‑Service)

PaaS, sometimes called middleware, allows customers to deploy applications developed with provided languages and tools (e.g., Java, Python, .NET) onto the provider’s cloud infrastructure without managing the underlying network, servers, OS, or storage, while retaining control over the deployed applications and their runtime configuration.

PaaS offers ready‑made development and deployment solutions such as virtual servers and specific operating systems, reducing hardware costs and simplifying application development by providing a common platform, language, protocol, and underlying code.

This open‑source project may be useful: the mall project is a SpringBoot3 + JDK 17 + Vue e‑commerce system (GitHub ★60K), containerized with Docker, supporting multi‑module and microservice architecture, covering catalog, orders, cart, permissions, coupons, members, payments, etc. Boot project: https://github.com/macrozheng/mall Cloud project: https://github.com/macrozheng/mall-swarm Video tutorials: https://www.macrozheng.com/video/ Project demo:

1.2 IaaS (Infrastructure‑as‑a‑Service)

IaaS provides consumers with compute, storage, network, and other basic resources, allowing them to deploy and run any software, including operating systems and applications, while they do not manage the underlying cloud infrastructure.

Users can rent servers, storage, and networking hardware, saving maintenance costs and enabling flexible scaling of applications without purchasing expensive hardware.

1.3 SaaS (Software‑as‑a‑Service)

SaaS delivers applications running on cloud infrastructure that users can access via browsers or other clients on any device, without managing any underlying cloud resources.

Typical examples include Alibaba DingTalk and Tencent WeChat Work, offering a wide range of SaaS tools such as OA, ERP, CRM, etc., covering most enterprise needs.

2. Two Major Features of SaaS Systems

Deployed on the provider’s servers rather than the customer’s own servers.

Subscription model: customers select and combine functionalities, pay for usage, and can be billed by service time.

3. Differences Between SaaS, Traditional Software, and Internet Applications

3.1 SaaS Services

Hosted in the cloud, users subscribe and pay for usage; the software and servers belong to the provider.

3.2 Traditional Software

Sold along with hardware, deployed on the customer’s own servers or designated cloud servers, with revenue generated from software licensing and maintenance services.

3.3 Internet Application Providers

Servers are cloud‑hosted; users register and use the service, with revenue from ads and premium features.

4. B2B2C Model

SaaS as a tenant system must provide registration, purchase, and business entry for end‑users (C‑side) and tenant management, traffic monitoring, and service status dashboards for the B‑side.

5. SaaS System Classification

5.1 Business‑Oriented SaaS

Provides tools and services that directly support customers’ revenue‑generating activities, such as e‑commerce platforms and sales CRM for B2B2C enterprises.

5.2 Efficiency‑Oriented SaaS

Improves productivity with tools like project management or video conferencing, targeting B2B enterprises.

5.3 Hybrid SaaS

Combines business and efficiency features, e.g., enterprise WeChat offering both collaboration and private‑domain management.

6. How to SaaS‑ify a Product

Deploy to the cloud and upgrade performance to support larger user bases.

Refactor user system to support C‑side logins (phone, mini‑program, SMS).

Implement gateway services, rate limiting, and request tampering protection.

Develop tenant management, including basic info, resource binding, and subscription periods.

Adapt the client (usually web) with page permission control based on tenant resources.

Build a website with pricing tables, trial features, and payment flows.

Modify server APIs for tenant‑level data permission control.

7. Core Components of a SaaS Product

Security component – paramount for SaaS.

Data isolation component – ensures tenant data privacy.

Configurable component – allows tenants to customize UI, themes, logos, etc.

Scalable component – supports horizontal scaling via load balancing and containers.

Zero‑downtime upgrade component – enables upgrades without restarting services.

Multi‑tenant component – isolates tenant data while allowing concurrent access.

8. Multi‑Tenant SaaS

8.1 Core Concepts

Tenant – an enterprise or individual customer; data and actions are isolated.

User – an individual within a tenant who logs in with credentials.

Organization – the internal structure of a tenant enterprise.

Employee – a specific staff member within the organization.

Solution – a packaged set of products and services addressing a business problem.

Product capability – features that enable end‑to‑end scenario solutions.

Resource domain – a set of cloud resources running one or more product applications.

Cloud resource – compute, storage, network, or container resources abstracted from cloud providers.

8.2 Three Deployment Models

8.2.1 Vertical Isolation Model

Advantages:

Strong isolation for security‑sensitive customers.

Simple billing based on dedicated resources.

Faults in one tenant do not affect others.

Disadvantages:

Scalability challenges when managing many tenants.

Higher costs due to dedicated environments.

Reduced agility for updates and iterations.

Complex centralized monitoring and management.

8.2.2 Shared Model

Advantages:

Efficient centralized management and faster iteration.

Lower costs through resource sharing and dynamic scaling.

Disadvantages:

Tenant performance interference; requires throttling, degradation, or isolation mechanisms.

Complex tenant‑level billing.

8.2.3 Domain Isolation Model

8.3 Required Capabilities for Multi‑Tenant Systems

Support shared or dedicated cloud resources per tenant.

Ensure data and behavior isolation with fine‑grained permission control.

Enable organization‑based management within a tenant.

Allow product capabilities to run on different cloud resources as needed.

8.4 Multi‑Tenant Architecture Diagram

On GitHub, the microservice project

mall-swarm

(★11K) provides a complete demo, and a 2024 video tutorial (≈26 hours, 59 episodes) covers the latest microservice stack and improves development skills.

For more details, see the video tutorials and project repositories linked above.