ES | EN
The onesait platform offers multitenant support so that, in a single environment with a single platform instance, each vertical and their respective clients will have the data in independent repositories.
The following diagram shows an example of the use case of the platform in multitenant mode, and how the data would be stored::
...
As you can see, each vertical has an associated configuration database, where the platform elements are stored, while the ontology data (RTDB) for each client is stored in a separate instance. For our example, Carrefour will share the same RTDB instance for Prosumers and motion.
...
EN | ES
| Table of Contents |
|---|
El Soporte Multitenant aparecen en la versión 1.6.0-empirse de plataforma.
Introduction
Multitenant is a principle of software architecture in which a single instance of the application is capable of serving multiple clients or organizations (tenant or instance).
This model differs from architectures with multiple instances where each organization or client has its own installed instance of the application since in a multitenant architecture the application can virtually partition its data and configuration so that each client has a virtual instance adapted to its requirements.
Multitenant Support in Platform
The Multitenant Platform functionality is supported on 2 concepts:
Vertical: it represents a specific product and project. Suppose the deployment of Platform on an organization that offers products in SaaS mode, in that case we could have different verticals deployed on an instance, for example Vertical Smart Home, Vertical Waste Management,...
Tenant: represents a client that the organization serves its products, for example we could offer the Smart Home solution to Carrefour, Leroy Merlin,...
With the support of Onesait Platform with a single platform instance we could serve several verticals and tenants.
The platform capabilities in terms of multi-tenant mode are thus reflected:
Each Vertical has its own ConfigDB, or in other words, each Vertical can create its own platform concepts independently from the rest, that is, its ontologies, APIs, DataFlows, microservices, dashboards,...
Each tenant has its own RealTimeDB: so each tenant's data is stored independently and not mixed.
Users are general to the whole platform instance and can be associated to vertials and tenants.
As we will see later on, the platform manages all this in a transparent way, abstracting the user from the complexities.
In the following diagram, we can see an example of a case of use of the platform in multitenant mode:
...
Multitenant environment configuration
To use the environment in multitenant mode, simply indicate the environment variable MULTITENANCY_ENABLED as 'true' in the Controlpanel and OAuth Server modules:
...
Once enabled, there is a global platform user, with PLATFORM_ADMIN role, in charge of creating the verticals.
Basic Operation
Vertical creation
If you enter with the user platform_admin, you will see a screen with the list of platform verticals:
...
With this user, you can create clients or tenants for the vertical, as well as platform users and assign them to a client.
Creating
...
Tenants of a Vertical
With the user-administrator of the vertical, you can create clientstenants. Go to the menu option ‘Tenant Management’, under the Administration level:
...
If you enter each client/tenant, you can see a list of its users:
...
Adding an existing
...
Tenant to another vertical
For this example, the Carrefour client already exists in the Prosumers vertical, so that, if you want it to also be a Waste customer, you will need to re-use the platform_admin user, and go to the Waste vertical, then to the 'Tenants' tab .
...
Now Carrefour users will be able to access the Prosumers vertical and Waste.
User Creation for a Tenant
To create users and associate them with a tenant, with the administrator of the vertical, the process is the same as always, only this time you will see one more option when creating it: a combo with that vertical’s clients.
Select the one you want to assign and create it:
...
...
| Info |
|---|
Bear in mind that a platform user can only be associated with a single client, although, due to this, |
...
they can access different verticals. |
Considerations when a Client is associated with several verticals
For this example, as Carrefour is associated with Waste and Prosumers, when you access the platform either through the Control Panel or through Oauth2Identity Manager OAuth2, you need to specify the vertical to which we want to access.NOTE:
| Info |
|---|
If you access with device or API tokens, you don’t need to perform any additional action, as the platform univocally relates these tokens with: vertical, client and user. |
...
Control Panel
If you enter through the Control Panel, after entering your password you will be assigned a provisional role with authorization only to choose the vertical you want to access - so you will see a screen with a combo to choose the vertical. Select it and log in:
...
As you have noticed in previous captures, when the platform operates in multitenant mode, the vertical in which you are working is always specified in the upper right bar :
...
...
Identity Manager OAuth 2.0
For Oauth 2, you need to specify an additional “vertical” parameter, with the name of the vertical you want to access. If you do not specify it and your user is associated with several verticals, you will be given a token with a provisional role that will not have any authorization level to operate with.
...
However, if you add the vertical, it will assign you the right role:
...
Considerations on installation
New installation with version 1.6.0-Empire or higher
When a new installation is performed, without data in the ConfigDB, you will need to change the UPDATE_MODE_MULTITENANT environment variable to false. If this variable is not set to false, warning messages will appear.
This variable is intended to do upgrades on environments that already have data, so that existing data are migrated to the master database (users, tokens ...).
Upgrade to version 1.6.0-Empire or higher
If an environment is updated to this version, you will not need to specify anything.
...