IMPORTANT
This feature is in alpha, collectively denoted by the API versioning strategy associated with TAPMS and other operators represented herein.
Users should expect breaking changes in the API across CSM releases as the feature set gains operational exposure and enhancements are introduced, ultimately leading to more stable API version series (for example, beta, and then stable).
While we do not anticipate that users will experience issues with pre-stable APIs, additional care should be taken to validate desired functionality in test environments prior to use in production.
IMPORTANT
This feature is intended for soft multi-tenancy use cases at this time.
Soft multi-tenancy is defined as tenants that are hospitable, analogous to business units (as opposed to different companies), and the tenants are not considered to have malicious intent.
The HNC is a Kubernetes component that extends the capabilities of namespaces. See Cray HNC Manager for specifics of how to configure the HNC for CSM deployments, or the Kubernetes Documentation for general information on the HNC.
tapms
is the primary Kubernetes Operator for the multi-tenancy solution.
Creating and modifying a tenant is accomplished by creating a Tenant
custom resource, which is managed and reconciled by tapms
.
See TAPMS Overview for details on this Kubernetes Operator.
The Slurm operator can be used to deploy the Slurm workload manager within a tenant. See Slurm Operator for details.
The tapms
operator can create a Cray Vault transit engine for the tenant.
Creating a transit engine is accomplished by enabling the feature in the Tenant
custom resource, which is managed and reconciled by tapms
.
See the Vault Overview for details.
In addition to the TenantHooks
defined in the Tenant
custom resource, global hooks that apply to all tenants can be defined by using Global Tenant Hooks outside the tenant definition.
Below are common activities performed by an infrastructure administrator for managing a tenant’s lifecycle.
See Create a Tenant for how to create a tenant using the Tenant
custom resource definition (CRD) which is managed by tapms
.
See Modify a Tenant for how to modify a tenant after initial creation. Tenants can be modified to add/remove xnames
from the tenant, as well as additions/deletions to the childNamespaces
list.
See Remove a Tenant for how to remove a tenant when it is no longer needed.
For information on how to configure a user to perform tenant administration functions, see Tenant Administrator Configuration.
Users configured as Tenant Administrators
can view xname
assignments (and other settings of the tapms
custom resource) for one or more tenants.
See the Example Workflow for and end-to-end example of tenant setup, including setting up slurm
.