Bare Metal Orchestrator supports multi-tenancy and allows creation of multiple tenants, where every tenant can manage their own set of servers, switches, and storage units. A tenant is a group of users who share common access and specific privileges to the software instance, including data, configuration, user management, resources, tenant-individual functionality, and nonfunctional properties.
The following table describes the available tenant roles in Bare Metal Orchestrator and the assigned permissions for each role.
Role | Permissions |
Tenant Admin | Read and write privileges to all tenant-related operations and resources, within the assigned tenant. Can assign more users to the tenant. Can view or describe the assigned tenant. Can view all servers and switches in the pool of unassigned resources and the assigned tenant. Can view all ISO media and firmware media in the default tenant. Can view all sites in the pool of unassigned resources. Can transfer servers and switches from the pool of unassigned resources to the assigned tenant. Can release servers and switches from the assigned tenant to the unassigned resources pool. CAUTION: When a server is returned to the pool of unassigned resources, the baseline-profile is applied. If the Cannot edit servers or switches of other tenants. Cannot create users or any resources such as servers, switches, ISO media, firmware media, and so on. Cannot delete any tenant or resources. |
Tenant Reader | Read-only access to Bare Metal Orchestrator resources, within the assigned tenant. Can view all servers in the global pool and the assigned tenant. Can view all ISO media and firmware media in the global pool. Cannot create, edit, or delete tenants or resources. |
Multi-tenancy allows you to:
- Create, edit, describe, or delete tenants.
- Create users and assign roles.
- Add users to the given tenant.
- Edit or delete users who are associated with the given tenant.
- Request or release a server or a switch from the given tenant.
The high-level flow for creating tenants, assigning servers or switches and users is as follows:
- Create a user. For more information, see Create a user with a user YAML file.
- Create tenants. For more information, see Create tenants.
- Add servers or switches and users to the tenant. For more information, see Edit tenants.