Why Unleash loves private instances
TL;DR
- Unleash started as a self-hosted, open-source side project.
- Single tenant private instances made sense as a natural extension of open source.
- From that decision came a lot of what makes Unleash unique in the feature management space.
Unleash: From side hobby to hosted solutions
“We didn’t intend to commercialize at first. I really didn’t want to set up a multi-tenant solution if I didn’t have to. Plus the fact that we were open source was already a huge part of our identity.”
This is Ivar Østhus, CTO of Unleash and one of its cofounders. He built Unleash as a side hobby. He didn’t anticipate that Unleash would grow into the company it is today.
“Our first paid customer requested that we host them,” Ivar shares. “I looked at it as a one-time thing. It made a lot of sense to just set them up in a private instance.”
It wasn’t a one-time thing. Or a three-time thing, for that matter. Unleash kept growing its cloud offering, and each new customer was given a single tenant private instance.
“Eventually we had a lot of customers that we managed manually, and it was at that point we had to decide whether to move on to a multi-tenant solution that could support all customers in a single application,” Ivar says
By then, Unleash was already seeing huge benefits with offering a single-tenant hosted solution.
Private instances mean security, flexibility, and…well, privacy
“The main benefit of private instances is obviously security, but it’s also about flexibility and privacy.” says Ivar. “If you tell us to host your instance in the US, we can. We’ll host it in our US cluster and it won’t be in Europe.”
In other words, private instances allowed Unleash to offer true data residency. Ivar knew that a multi-tenant hosted solution would be more limiting.
“With multi-tenant, you don’t know where the data goes. You don’t know where it’s housed,” Ivar says.
Privacy is in fact a huge benefit. Unleash’s approach to building private instances plays a huge part in it.
“We didn’t build single tenancy into the software itself, but in the infra layer instead,” says Ivar. ”It basically means we can run separate instances of Unleash with unique configurations per customer.”
Unleash customers also benefit from how we use Kubernetes to run applications in Docker containers: We use a separate namespace for each customer. This means a single customer can never access another customer’s data.
“Every customer has their own database,”says Ivar. “It’s not technically possible to access the secrets of another customer.”
Kubernetes brings with it a number of security features.
“The industry trusts Kubernetes,” Ivar says. “We do too. It’s the de facto standard of how you run applications today. With Kubernetes, it’s pretty much impossible to break out of a container.”
Unleash also discovered a unique scalability that comes with private instances.
“If a customer uses beyond their committed resources, we can add resource limits or increase capacity at the customer level,” says Ivar. “We don’t have to apply it to the whole platform.”
What this means is that, as a customer hosted by Unleash, you can trust that another customer’s usage won’t affect your own.
“We’re able to measure the performance–and in general, the SLI– per customer,” Ivar shares. “We have objectives per customer, not across customers. So we can figure out pretty quickly why a single customer might have a lower quality experience.”
Shifting from outdated technology to a future way of hosting
“If we had started Unleash just a few years earlier, we would not have been able to scale private instances like we have,” says Ivar.
This is because platforms like Kubernetes empowers Unleash to efficiently sandbox customers. And as managed Kubernetes matures, this sandboxing becomes easier and easier to run.
“This significantly brought down the cost of choosing single tenant private instances over multi-tenant solutions,” says Ivar. “It changed the calculus, especially when you bring in all the benefits of single tenancy.”
In this way, single tenant private instances have shifted from an outdated way of doing things, to the future.
“Ten years ago it would have been nonsensical to choose single tenant,” says Ivar. “It would have been seen as a step backwards.”
A focus on private instances is not for everybody, particularly for B2C companies.
“While we can do more today, there is obviously a cap on how many customers we can do this with,” Ivar says. “We’re nowhere near that limit, and newer technologies could make this even more scalable over time. But for a B2C company with millions of tenants, private instances probably wouldn’t make sense just yet.”
Private instances will likely be unique to Unleash for a while
“In theory, if we wanted to shift to multi-tenancy at some point, I don’t imagine we’d encounter many hurdles,” says Ivar. “You can’t say the same going in the other direction.”
This is because Unleash scales per customer. Moving to a multi-tenant solution would only consist of a simple migration.
Multi-tenant solutions don’t have it so easy. “They would basically need to re-architect everything,” says Ivar. “This is especially true with a shift to microservices. They don’t easily migrate and require special, individualized attention.”
There are obviously unique reasons why the switch from multi- to single tenant solutions would be complex, but the main gist is that multi-tenant solutions are just not built for the switch.
In the end, for Ivar, it’s all about simplicity.
“I really love what you can unlock by thinking in simple terms,” says Ivar. “For the customer, it’s just an app. It’s not rocket science.
Simplicity is something that tends to resonate with developers, who habitually work with very complex systems. As a developer, Ivar is familiar with this mindset.
“We’re very good at making stuff complex, and making microservices on huge platforms where everything needs to be perfect,” says Ivar. “And we can be proud of complex systems that nobody understands.”
Private instances are a way to solve that inclination. “This is especially true with how Unleash has moved tenancy to the infra layer,” says Ivar.
In other words, by using an infra layer for our private instances, aspects of Unleash like security, performance, privacy, and hosting flexibility remain baked in the Unleash infrastructure.
“This means we don’t have to reconsider those needs for every change we make to Unleash’s core application,” says Ivar.
As a result, the Unleash experience not only is a lot less complex, but can easily adjust to whatever a user needs.
“What we’ve managed to do is make something simple, scalable,” Ivar says.