June 30, 2017
Delivering BaaS and DRaaS with Multi-Tenancy – Overview
A powerful component of the best VMware backup solutions that scale with today’s business needs is the ability to enable multi-tenancy. Multi-tenancy may be needed by organizations to compartmentalize business units, branch offices, departments, customers or any other entity needed by the core business. Additionally, it allows Managed Service Providers (MSPs) or other Backup-as-a-Service or DR-as-a-Service shops to provide Backup and DR services to clients. NAKIVO Backup & Replication provides a fully scalable and powerful multi-tenancy solution that allows up to 1000 isolated tenants to share the same instance of NAKIVO Backup & Replication. In the multi-tenant configuration, each tenant can access their own environment through a self-service portal that enables them to perform all data protection tasks as well as any recovery operations. Each tenant, however, functions as their own isolated unit that is unable to see any other environments or jobs of other tenants. In the first part of the multi-tenant series, we will look at an overview of NAKIVO Backup & Replication multi-tenancy. We will take a look at the requirements and how the Multi-Tenant configuration is enabled.
As mentioned above, each tenant has access to manage their own data protection services, so each tenant will have a configuration specific to their environment including having at least one transporter assigned to their environment as well as configuring a backup repository. The first thing we need to do to access the Multi-tenant configuration of NAKIVO Backup & Replication is run the multi-tenancy install of the Director. In this post, we will take a look at the Multi-tenant installation process as well as how to perform the initial configuration of our tenants in the Multi-Tenant configuration.
NAKIVO Backup & Replication Multi-Tenant Installation
The Multi-Tenant installation can be run on a Windows installation or a Linux installation. ***Note*** The all in one NAKIVO Backup & Replication OVA appliance doesn’t include the option for multi-tenant installation. For the purposes of the walkthrough, we will run the installation on a Windows Server 2012 R2 server.
However, just a quick run through of a Linux Installation involves the following first few steps to enable Multi-tenant mode:
- Upload the installer file to the machine on which you want to install NAKIVO Backup & Replication in the binary transfer mode.
- Log in to the Linux machine and allow the execution of the installer file. For example: chmod +x NAKIVO_Backup_&_Replication_TRIAL.sh
- Execute the installer file with root privileges. For example: sudo ./NAKIVO_Backup_&_Replication_TRIAL.sh
- Review the license agreement (press Space to go to the next page of the agreement). If you agree to the terms of the license agreement, press "Y" and then press Enter.
- Type “M” to install the Director in Multi-tenant mode and press Enter.
Going back to the Windows installation - when you begin the installation of the Full solution, make sure you change the Installation type to Multi-tenant solution.
If you click the Options link, you will see the Installation path as well as the transporter port. If you need to make adjustments to either setting, you can do that here. Click the Install button.
The installation will begin.
After finishing, you will be prompted whether you want to open the web interface.
When taken to the web interface, the first thing that we see that is a bit different from the normal installation is that we are notified that we are working with the multi-tenant deployment. We are directed to create our tenants and then run through the initial configuration.
Once we close out of the informational page above, we can begin to create our tenants. Click the Create New Tenant button to get started provisioning the first tenant.
In the Create a new tenant screen, we have the expected bits of information to populate including the Tenant name, sockets allowed, email, contact phone, username, password, guest access, etc.
As you can see below, we have created two tenants – Tenant1 and Tenant2 for the lab.
At this stage, we have created our tenants, however, we haven’t configured any of the required components for each tenant such as the inventory, transporter, or backup repository. At this point if the tenant admin logs into the NAKIVO Backup & Replication appliance, the following notice is presented – Your service is not configured.
To configure the basic requirements for a tenant, login as the global admin, click Tenants >> “tenantname” >> and you will be presented with the normal configuration of NAKIVO Backup & Replication when setting up a new environment. The wizard includes provisioning Inventory, Transporters, and Repositories.
Walkthrough the creation of components for a tenant
First, we need to configure the inventory for the tenant. Here we are pointing to a VMware vSphere vCenter environment.
After adding the environment, we see it listed.
Next, we add a Transporter for the tenant. ***Note*** A best practice in working with Transporters for multi-tenant configurations is to have the transporters preconfigured for each tenant so it is available during the configuration phase of the components for each tenant.
Finally, we can either add an existing repository or we can create a new backup repository. Below, we are provisioning a new backup repository for the tenant.
NAKIVO Backup & Replication Multi-Tenant Licensing
The licensing for each tenant in the NAKIVO Backup & Replication Multi-Tenant configuration is taken care of with the License Delegation feature that is present in the Multi-Tenant configuration. The way this works is the Master Admin (tenant manager) installs the global multi-socket license and then delegates the number of licensed sockets that a particular tenant can consume. This is done via the tenant configuration for each tenant. There is no limitation on how the various licensed sockets can be divided up between tenants. For example, if we had a 10 socket license, Tenant1 could have (2) socket licenses, Tenant2 could have (4) socket licenses, and we could have (4) left over for future tenants. We can also reallocate more licenses to any particular tenant at any time if their needs change.
As shown below, in the tenant configuration, you have the sockets allocated setting. This can be changed on the fly.
The NAKIVO Backup & Replication Multi-tenant configuration is a powerful way to either segment business units and organizational data protection needs or for MSPs to enable Backup-as-a-Service or DR-as-a-Service functionality for multiple tenants. In this overview post, we have seen the functionality is easily implemented via the Multi-Tenant install mode on either the Windows or Linux full installations. Setup requires that each tenant environment is setup autonomously and acts as a standalone configuration. We want to make sure to provision and have at least one Transporter available for each tenant during the initial configuration. Providing licensing for each tenant is easily configurable as well and the licensed sockets for each tenant can be changed at any time. In the next post, we will take a closer look at delivering the Backup-as-a-Service functionality in the multi-tenant configuration.