Multi-Tenancy in HP Matrix Operating Environment Infrastructure Orchestration

14
Provider Administrator can see all the compute resources assigned to an organization; however the structure of the
organization’s Server Pool is not visible.
An organization has its own Maintenance Pool which holds compute resources that have been withdrawn from use.
The Organization Administrator can move servers in and out of the Maintenance pool.
All the nodes of a cluster should be kept at the Service Provider level or be assigned to the same organization; this is
not enforced by IO.
The sharing of networks between organizations is not prevented by IO; it is a Service Provider policy issue. The
Service Provider Administrator has the ability to assign a network to just one or multiple organizations. Since they can
be shared by organizations, an in-use network can be un-assigned from an organization. Any existing services are
unaffected but organization users may no longer create services that use the network. Note that if the Service Provider
policy forbids network sharing then any services using the network must be deleted before the network is re-assigned
to another organization.
The sharing of storage infrastructure (SAN fabrics, storage arrays) is a Service Provider policy issue and is not
prevented by Matrix. The Service Provider Administrator should determine the appropriate amount of storage
separation or sharing required by organizations. In some environments, there could be strict separation with different
arrays allocated to each organization. In other environments, organizations may share an array but require use of
separate storage pools or SPM storage templates (perhaps with different custom prefixes for the storage volumes
created through on-demand provisioning). Another alternative is the complete sharing of the storage infrastructure,
with organizational separation enforced through IO templates (referencing specific SPM storage templates or storage
tags) and compute resources (and any storage volume belongs to only one organization at any point in time and
Matrix scrubs the disks on service deletion so volumes are clean for re-use). If separation at a storage level is
required, storage tags can be used, with each organization having a unique tag, separate SPM storage templates
can be defined for each organization, or SPM storage templates can be shared, but organizations use different
storage pools to provision storage from those templates.
Through use of the HP Storage Provisioning Manager (bundled with the Matrix Operating Environment), the storage
administrator can apply tags to arrays, storage pools, or pre-provisioned volumes. SPM supports the definition of
storage templates, and the storage architect or administrator can define organization-specific storage templates with
requirements to only fulfill from appropriate storage (indicated via tags or placed in appropriate SPM security groups
accessible to the organization). When defining a service template, the Service Provider Architect can browse the SPM
templates and make an appropriate selection, choosing the organization-specific storage template appropriate to
each organization-specific service template. If such storage separation is not required, the Service Provider Architect
can have a common service template which is consumed by various organizations (and each would have distinct
storage volumes drawn from common pools without needing explicit tagging). Since 7.0, storage pool entries can be
auto-generated by Matrix infrastructure orchestration from the service template logical disk information, or storage
pool entries can be manually defined (including appropriate tags and optionally fulfilling through SPM). Version 7.1
required several manual steps in SPM to define appropriate security groups for the organizations and determine
resource sharing or separation. Since version 7.2, the SPM security group structure has been altered to make multi-
tenancy configuration easier by removing some manual steps. All versions, including 7.3, require the definition of the
security groups for the organizations and appropriate placement of templates and resources to achieve desired
sharing or separation based on Service Provider policies.
NOTE: Full details of how to configure SPM for multi-tenancy in are in the “Multi-tenancy considerations” section of
Faster storage provisioning in the HP Matrix Operating Environment: use of the HP Storage Provisioning Manager
storage catalog with controlled storage operations white paper which is available at
http://www.hp.com/go/matrixoe/docs
.