Administrator Guide
About Multitenancy
Multitenancy enables a single physical FluidFS cluster to be partitioned into several separate service entities (tenants) and manage each
one individually. FluidFS supports up to 100 tenants. When multitenancy is enabled, the user interface is optimized and includes the tenants
view.
Network connections – Each tenant utilizes exclusive IP addresses (virtual IPs). Users who have access to the tenant’s VIP can only see
that tenant’s NFS exports, SMB shares, and so on.
Authentication and user repositories – Each tenant utilizes its own authentication and user repositories. Each tenant can dene and use
the following settings:
• DNS conguration – The DNS conguration of the default tenant serves the cluster services (such as NTP).
• Active Directory – Each tenant can join a dierent Active Directory. Two tenants can also join the same Active Directory (with separate
tenant computer objects in Active Directory).
• LDAP or NIS
• Local users and groups
• User mapping
Reusing of same name in dierent tenants – Multitenancy supports using the same SMB share name and the same local user or group
name.
Volume Replication – Administrators can dene between which tenants volume replication is allowed.
Managing tenants – FluidFS v6 added a new type of administrator called tenant administrators. A tenant administrator has the ability to:
• See (but not update) all of the general cluster settings
• Manage tenants they have been granted Tenant Administrator access to, including all the NAS volumes that belong to those tenants
• Receive email events that are relevant to the entire cluster and to the tenants they have been granted Tenant Administrator access to,
such as power-down events
Using Multitenancy With Existing Features
Multitenancy interoperates with the following existing FluidFS features:
Antivirus – SMB shares are isolated to their tenant. If any shares have antivirus enabled, they utilize the virus scanners that are dened at
the clusterwide level.
File Access Notications – File access notications are set at a clusterwide level in FluidFS. If multitenancy is in use, only one tenant can
utilize the external audit server feature. Separation of le access notications between dierent tenants requires multiple FluidFS clusters.
Alternatively, you can use SACL auditing, which is separated between tenants for le access notications.
NDMP Backup – You can back up any of the volumes using any of the VIPs (or physical controller IPs), regardless of multitenancy.
Separation of NDMP between dierent tenants requires multiple FluidFS clusters.
Replication and Disaster Recovery – The cluster administrator has the ability to create a partner relationship between the tenants on the
source system and the tenants on the remote system.
406
FluidFS Administration