Software Defined Cloud – Platforms and Tenants

Microsoft has contributed to the TM Forum Digital Ecosystem Reference Architecture (DERA) project some proven approaches to cloud architecture and management developed and battle tested during the evolution of Azure to a global, hyper-scale, software defined cloud.

The TM Forum defines a Digital Ecosystem Platform (DEP) as a platform that provides the necessary common reusable services to support one or more digital ecosystems.  Microsoft Azure is a reference implementation.  Azure Media Services is an example Digital Ecosystem.

A Digital Ecosystem Platform, like Azure, consists of several distinct layers in two distinct domains: Tenants and Platforms. The Platform Domain consists of up to three layers but not all implementations have all three. For instance, Microsoft Azure started with Platform Services over Physical Infrastructure adding Infrastructure Services later. Amazon Web Services (AWS) has been more focused on Infrastructures Services. If one considers a "Cloud MVNO" model or a syndication model, it is possible to conceive of a platform that has only management functions without actually owning any of the other cloud platform layers.

An important concept is the separation of Tenant Lifecycle Management from Platform Lifecycle Management. This abstraction is emphasized by the dotted blue line in the figure below. APIs crossing the blue line allow tenants to communicate to the platform their performance envelope requirements. The Platform, in turn, can gather and publish configuration state, service assurance metrics, usage and billing information via other APIs. This approach is different than the original concepts put forward by ETSI NFV MANO initiative but is core to leveraging the lessons learned by the hyper-scale cloud service providers. Microsoft has proven this approach scales.        


Tenant Domain - Tenants are applications hosted on Platforms. Unlike an application on a dedicated hardware stack, cloud tenants follow software architecture best practices designed to optimize operations on multi-tenant cloud platforms. IT Workloads, Digital Services and 5G EPC Virtual Network Functions are all examples of tenants in this architecture. Key features of the Tenant Domain include:

  • Applications and SaaS - Tenants are First Party and Third Party Applications that by definition are created and managed independently of the platform itself. Tenant applications should be architected to take optimal advantage of multi-tenant cloud platforms. Tenants that require only Infrastructure Services present different requirements than Tenants consuming Platform Services. Tenants define the runtime environment required and associated SLAs requested from the platform domain but do not actually managed platform resources in any sense.  Tenants could be traditional IT Workloads - essentially any type of IT application including BSS and OSS applications.  Tenants could also be newer Network Workloads including Virtual Network Functions (VNFs).
  • Tenants as Platforms - There can be a recursive nature to the concept of Tenants and Platforms. It is extremely useful to be able to architect software independently of platform and infrastructure management requirements. However, once some tenant applications become deployed they often function in the role of platform services or platforms themselves.  For instance, the platform may offer a native 1st party codec plus access to a 3rd party partner codec. The 3rd party codec starts off as a tenant application but is consumed as if it were part of a Media Platform.  A complex application might be deployed on a cloud platform.  To the platform the application is a tenant.  However, to users the application being hosted becomes the platform.

It is thus important to maintain the correct Point of View:

  • Application Architecture - Focused on building software that operates efficiently on a multi-tenant cloud without having to explicitly manage the cloud services or infrastructure layers of the platform.
  • Platform Management - Focused on the management of platform and infrastructure services associated with the Digital Ecosystem Platform supporting a range of tenants or ecosystems. 
  • Platform Domain - Platforms are the core enabler of a Digital Ecosystem. The platform domain provides all the of the common reusable services and functions that applications associated with an ecosystem would need to function. 

As depicted in the added box in the figure below, most of the supporting services as defined by the TM Forum Digital Services Reference Architecture (DSRA) are located in the Management and Supporting Services box.  At Microsoft this includes all of the capabilities provided by the internal Microsoft Commerce Platform.

The cloud platform also provides its own automated resource management capabilities. Hardware is assimilated into inventory becoming managed by Automatic Resource Providers for Compute, Storage and Networking resources.  Underlay management becomes mainly one of maintaining state. 

Everything else becomes software defined primarily at Layer 3 into Software Defined Tenant Overlays.  Resources are then assigned in accordance with configured policies, rules and SLAs that enable the platform to manage itself with speed, agility and efficiency.  Virtual Infrastructure Management (VIM) is the responsibility of the Platform not the Tenant.

Having implemented this approach, Azure is able to automate the deployment, operation and retrieval of more than 100,000 Virtual Network Functions every day. Operating at hyper-scale, Azure automates the load balancing of the load balancers.  

Tenant software must be architected to run in an optimal fashion on multi-tenant clouds. Container technology provides a mechanism to gracefully mitigate this requirement.  Tenants must be able to communicate their requirements to platforms.  Ultimately, any tenant should be able to run on any cloud platform and any cloud platform should be able to support any tenant. 

The cloud platform is thus like a "fly-by-wire" high performance fighter plane. The pilot (Tenant) makes inputs to the stick (API) while a flight control computer (Cloud Fabric Manager / Resource Providers) make thousands of adjustments to flight control systems each sec far beyond the capacity of the pilot to even understand.

Key features of the Platform Domain include:

  1. Platform Services including PaaS - This layer contains several sub-categories of services.
    • First Party Services (provided by the platform service provider) are Tenant Services that behave as platform services and are offered natively by the Platform Domain service provider.  Examples are Codec, Data Analytics Service, Messaging handling / routing services etc. 
    • Third Party Services (provided by partners and incorporated into the Platform Services layer) are Tenant Services that behave as platform services but are provided by third party partners of the platform provider. These can be alternatives to the 1st party services or supplemental additional service offerings. 
    • Ecosystem Support Services - This layer hosts and exposes most of the services previously described in the TM Forum Digital Services Reference Architecture (DSRA).  Similar to the concept of BSS and OSS, these include services that enable the platform to function as a core enabling element to digital ecosystems such as Identity Management, Profile Management plus other essential services associated with commerce such as Customer/Partner on-boarding, Catalog Services, Provisioning / Configuration Services and Usage / Billing Services.   
  2. Infrastructure Services including IaaS - This layer consists of services that provide compute, storage and networking infrastructure. Examples include providing VMs in various standard configurations, VPN or MPLS infrastructures and storage infrastructures.
  3. Physical (Bare Metal) - Any physical datacenter offering platform and/or infrastructure cloud services would have physical hardware. Physical hardware Lifecycle Management is a task normally found in the Platform Domain and is not typically associated with the Tenant Domain.   

The platform is not synonymous with the datacenter.  With a Software Defined Cloud approach, the Digital Ecosystem Platform can live in one datacenter or can span multiple datacenters. The Software Defined Cloud enables the rapid assembly of cloud resources into Tenant Overlays and Service Chains.

Some new IOT scenarios require very low latency and high bandwidth right out to IOT devices at the edge of the network.  In these cases, small micro-datacenters will be needed to host certain 5G EPC functions as part of a Network Function Virtualization architecture.  These micro-datacenters may need to be within 50-100kms of the edge IOT devices in order to support required latencies of 1-2 milliseconds.

The proposed approach facilitates this by enabling software defined tenant overlays that leverage the hyper-scale cloud datacenters for their strengths and mobile edge micro-datacenters for their low latency.

Digital Services and Virtual Network Functions are treated in exactly the same way extending from the backend hyper-scale cloud all the way out to the Mobile Edge Micro-datacenters.  This permits a true convergence of IT Workloads and Network Loads to deliver the best possible user experience in the most efficient manner.



Skip to main content