Configuring Tenants

Owned by Rumena Zlatkova (Deactivated)
Last updated: Dec 20, 2023 by Bala Harish A(AC)
3 min read

Tenant Essentials

The concept of the tenant relates only to Gateway, not to Swarm Storage. Within a cluster, a tenant is the primary entity for dividing and controlling both access and resources. These are the critical features:

  • Ownership: Each tenant owns one or more Swarm storage domains.

  • Access control: Tenants can define separate identity management systems so the users and groups within them are separated from those in other tenants.

  • Delegation: Tenant administrators can create and access storage domains on behalf of the tenant and they can delegate management duties for the storage domains they create.

  • No content: The tenant does not itself store end-user data; it is only a container for meta information about the tenant, users, and storage domains.

Tenant Usage - The Storage Used chart displays the current size of the storage footprint used by all tenants, inclusive of all versions, replicas, and erasure-coded segments when viewing all tenants in a Swarm instance. The Bandwidth Used chart displays the total bandwidth (both bytes in and bytes out) used by each tenant over a rolling 30-day window. See https://perifery.atlassian.net/wiki/spaces/public/pages/2443820644.

When opening up a tenant, a reports the usage at the very top, along with the total domain count: 

Dynamic Filtering: All columns are sortable either ascending or descending with a default sort on the tenant name. Narrow the listing by entering a string in the Filter box, which filters by Name if a large number of tenants exist:

Note

The default system-managed SYSTEM TENANT always displays at the start or end of the list and not in alphabetical order.

Delete Tenant

The Delete command deletes the tenant and all domains, including the buckets and uploaded contents.

Warning: This command cannot be undone, so proceed with caution.

Tenant Provisioning Steps

These are the typical steps when provisioning a tenant. Details for performing these steps are documented later in this guide.

  1. Create the tenant.

  2. Optionally,

    1. Assign ownership of the tenant.

    2. Configure the tenant's identity management system.

    3. Configure the tenant's access control policy.

    4. Configure the tenant's quota.

  3. Create one storage domain within the tenant to be used by the tenant's owner or primary user.

  4. Assign ownership of the storage domain to the tenant's owner or primary user.

  5. Provide a login URL for the storage domain to the tenant's owner or primary user.

The format of the login URL is described in https://perifery.atlassian.net/wiki/spaces/public/pages/2443817464.

Important

The user must have a starting storage domain to log in to the Content UI when delegating tenant authority to a user.

Tenant Properties

Owner

Every tenant must have an owner, who has access to and ultimate authority over it. As a root admin, create a tenant for another to manage, as a tenant admin can create a domain for another to manage.

Change the owner when creating a context for someone else to manage. One does not want to own or be responsible for managing the data in the tenant when creating a tenant for a client.

Quotas

Quotas can be set to determine how much storage and/or network bandwidth the tenant is permitted to consume.  

See https://perifery.atlassian.net/wiki/spaces/public/pages/2443818631.

Identity Management

The IDSYS objects define the identity management systems controlling the tenant's users:

  • User and group information

  • The authentication system

See  and .

Permissions

Permissions are determined by the access control policy, which are the rules granting (or denying) users and groups the ability to perform specific actions.

See and .

Tokens

See .

© DataCore Software Corporation. · https://www.datacore.com · All rights reserved.