Multitenancy

Notes before installation

Oplon Global Distributed Gateway Multitenancy allows you to use the platform by sharing resources with multiple tenants while maintaining a separation of the configurations that can be taken into action. The model is designed to manage multiple tenants with the ability to group them into Resource Groups in order to manage multiple users in aggregate form.

Oplon Global Distributed Gateway it is a product intended for mission critical environments therefore only staff who have completed the course and passed the exam are authorized to certify the installation and maintenance of the products in operation. All certified persons are provided with a certificate of participation in the courses and passing the exam Oplon.

Preparing to install

To get the Oplon Global Distributed Gateway Multitenancy feature, simply download through the website www.oplon.net. You can unlock Oplon Global Distributed Gateway Multitenancy by purchasing your use licenses at any time.

The system is completely backward-compatible with previous versions and user settings from previous versions.

Tenant and Resource Group

Multitenancy applies by assigning a specific Tenant to the modules. If the form does not have a Tenant, only users with "root" enabled can access and administer it.

To start using the Multitenancy feature, start with the creation of the Tenants through the appropriate choice on the system bar:

image1

After you have counted tenants, you must create resource groups that can aggregate multiple Tenants.

By being resource groups, the items that are assigned to users, you can generate hierarchies of users who can use certain sets of resources.

Let's take an example. Suppose we have 4 Tenants: CloudUS, CloudEMEA, ColocationOregon, ColocationItaly.

Users who need access to these Tenants will have different types of management visibility and will be able to administer only a few competent Tenants. For example, cloud users will only be able to manage cloud forms, EMEA users will only manage Tenant EMEA, or some users will only be able to manage their own form.

Resource groups are used to create these management hierarchies. The following is an example of tenant aggregation in different Resource groups.

Example of Resource groups:

Name:Tenants:
Colocations propertyColocationOregon, New
ColocationItaly property
Clouds, NewCloudUS, California
CloudEMEA, California
U.sColocationOregon, New
CloudUS, California
EmeaColocationItaly property
CloudEMEA, California
ColocationOregon, NewColocationOregon, New
ColocationItaly propertyColocationItaly property
CloudUS, CaliforniaCloudUS, California
CloudEMEA, CaliforniaCloudEMEA, California

With these Resource groups it is clear that we can assign individual users to administer only modules in the Cloud, or only modules in Colocation, or modules in US or EMEA or, to other users, only specific modules.

image2 image3

Associate a tenant with forms

After creating the Tenants and Resource Groups, you will proceed to associate the forms with a Tenant. All modules in the suite can be associated with a Tenant.

To associate a form with a Tenant go to the form management:

image4

Modules -> Choose a form -> Edit -> General start parameter, and in the Tenant field, choose the Tenant to which we want to assign the form.

Attention: If the module is running, it will restart when it is saved. Make sure you don't create any disruptions.

Try Resource Groups from user with privilege root

From a user with root privilege, you can verify the correct Resource groups settings by selecting the Resource groups you want to impersonate from the System bar.

Once selected, you will only be able to access the modules that relate to the Tenants of the Resource Groups. You can return to managing all modules by choosing All resources

image5

Associate a Resource Groups with a User

To associate a Resource groups with a user is sufficient from the action bar go into user management

image6

If the installation is new there will only be the user named at the first setup which is the root user by definition.

image7

With the [-] button, we're going to sign a new user who can only work in US modules.

image8

At the end of the header, the new user will be assigned the Membership Resource group.

image9

Using forms by a user with Resource group

A user who has been associated with a resource group will only manage the modules that belong to the tenants of their Resource group.

Here's what's visible from a root user with no membership of a Resource Group:

image10

And what is visible by a user with EMEA Resource Group

image11

All common parts will no longer be visible or no longer editable, such as node variances...

User with privilege root without Resource Group assignment:

image12

User with EMEA Resource Group:

image13

But even some features, such as creating virtual addresses, will not be possible for a user with a Respource Group:

User with privilege root without Resource Group assignment:

image14

User with EMEA Resource Group:

image15