Multi-Tenant Deployments

This example shows installation and configuration of a two-tenant MATRIXX deployment with MATRIXX Engines in four separate namespaces. In this example, two tenants are defined at the level of the domain, and both are configured in one sub-domain, but only one tenant is configured in the other sub-domain.

Note: Unlike other examples, in this example base pricing has been defined at the level of the domain. This means that base pricing is applied to all sub-domains in this domain.

The base.yaml Helm values file is similar to that used in the Topology Operator installation and upgrade examples. Enable multi-tenancy in base.yaml by setting the global.features.multiTenancy property to true:

global:
  features:
    multiTenancy: true

The following is the distribution of MATRIXX components across namespaces in this example:

  • The masters and agents are in namespace matrixx-operators.
  • Engine s1e1 is in namespace matrixx-s1e1.
  • Engine s1e2 is in namespace matrixx-s1e2.
  • Engine s2e1 is in namespace matrixx-s2e1.
  • Engine s2e2 is in namespace matrixx-s2e2.

Create the namespaces and perform installation with the following commands:

kubectl create ns matrixx-operators
kubectl create ns matrixx-s1e1
kubectl create ns matrixx-s1e2
kubectl create ns matrixx-s2e1
kubectl create ns matrixx-s2e2
helm install mtx-s1e1 matrixx/matrixx -n matrixx-s1e1 -f base.yaml -f topology.yaml --version matrixx_version
helm install mtx-s1e2 matrixx/matrixx -n matrixx-s1e2 -f base.yaml -f topology.yaml --version matrixx_version
helm install mtx-s2e1 matrixx/matrixx -n matrixx-s1e1 -f base.yaml -f topology.yaml --version matrixx_version
helm install mtx-s2e2 matrixx/matrixx -n matrixx-s1e2 -f base.yaml -f topology.yaml --version matrixx_version
helm install mtx-operators matrixx/matrixx -n matrixx-operators -f base.yaml -f topology.yaml --version matrixx_version

Define tenants in your topology at the domain level to be referenced at the sub-domain level. Two tenants are defined in the domain, tenant-1 and tenant-2, each with associated pricing:

  • tenant-1 is associated with sub-domains s1 and s2.
  • tenant-2 is associated only with sub-domain s1.
  • tenant-1 subscribers can be created only in sub-domain s2. They can be rehomed to either sub-domain s1 or s2.
  • tenant-2 subscribers can be created in and rehomed to sub-domain s1.
  • Base pricing, tenant-1 pricing, and tenant-2 pricing are loaded on the active engine in sub-domain s1.
  • Base pricing and tenant-1 pricing are loaded on the active engine in sub-domain s2.

The topology.yaml Helm values file includes the following:

engine:
  enabled: true
  
global:
  configurationSources:
    base-pricing-config:
      docker:
        image: base-pricing-sideloader:matrixx_version
    tenant-1-pricing-config:
      docker:
        image: tenant-1-pricing-sideloader:matrixx_version
    tenant-2-pricing-config:
      docker:
        image: tenant-2-pricing-sideloader:matrixx_version
  topology:
    operators:
      master:
        namespace: matrixx-operators
      agents:
      - namespace: matrixx-operators
    domains:
    - pricing:
        configurationSource:
          refName: base-pricing-config
      subdomains:
      - engines:
        - namespace: matrixx-s1e1
        - namespace: matrixx-s1e2
        tenants:
        - id: tenant-1
          create: false
          rehome: true
        - id: tenant-2
          create: true
          rehome: true
      - engines:
        - namespace: matrixx-s2e1
        - namespace: matrixx-s2e2
        tenants:
        - id: tenant-1
          create: true
          rehome: true
      tenants:
      - id: tenant-1
        pricing:
          configurationSource:
            refName: tenant-1-pricing-config
      - id: tenant-2
        pricing:
          configurationSource:
            refName: tenant-2-pricing-config
 
pricing-controller:
  enabled: true

For more information, see the discussion about multi-tenancy configuration properties.