Managing multi-tenancy

Multi-tenancy provides the ability to instantiate different organizations within one entity. For example, an organization could have two separate divisions called OrgTraders and OrgInsurance, respectively. The OrgTraders division is not allowed to see the DQ Check results of the OrgInsurance division, making it critical that these organizations remain separate in Collibra DQ. With multi-tenancy, you can segregate these organizations into two separate tenants within the overarching Collibra DQ web application to protect the activity of one organization from the other.

Prerequisites

  • DNS entry for owl web server IP.
  • DNS entry for multiTenantSchemaHub.

Prerequisites for URL-based tenancy: tenant.host

  • DNS entry for each tenant.
  • DNS entry for every tenant you want to create (the example below is called "automation").

Note Each of the records above point to the same IP address.

Enabling multi-tenancy

  • Standalone
  • Kubernetes

Note If you are upgrading your version of Collibra DQ, go to Standalone Upgrade.

  1. Make sure the web application has started up one time and that you have successfully logged into it with the default credentials.
  2. Stop all the components using the ./owlmanage.sh stop command.
  3. Modify the owl-env.sh file to include the following parameters:
    • export multiTenantSchemaHub=owlhub: This is a new schema that will get created on owlweb start (note the name of the TenantSchemaHub can be changed to the desired name at setup time).
    • export MULTITENANTMODE=TRUE: This enables multi-tenancy mode.
    • export URLBASEDMULTITENANTMODE=TRUE/FALSE
      • TRUE (default): This value means that you are using the tenant name as a sub-domain (see prerequisites).
      • FALSE: This value means you will let Collibra DQ manage tenants via sessions/tokens.
  4. If using agents as part of the DQ operation, modify the owl.properties file to include the following:
    • spring.agent.datasource.url=jdbc:postgresql://cdh-edge-dan.us-east4-c.c.owl-hadoop-cdh.internal:5432/postgres**?currentSchema=owlhub** (matching the name of the schema set on step 3-1 above).
    • jdbc:postgresql://cdh-edge-dan.us-east4-c.c.owl-hadoop-cdh.internal:5432/postgres**?currentSchema=owlhub** (matching the name of the schema set on step 3-1 above).
  5. Once the settings have been configured for multi-tenancy, start up the owlweb host first, using ./owlmanage.sh start=owlweb command.
  6. Start up the agents, using the ./owlmanage.sh start=owlagent command.

Note To use multi-tenancy when URLBASEDMULTITENANTMODE=TRUE, make sure there are DNS entries to the tenant endpoints.

You can enable multi-tenancy in the web ConfigMap for Kubernetes. The high-level setup for Kubernetes is virtually the same as standalone deployments. Where you add or modify properties in owl-env.sh for standalone deployments, you add the properties to the ConfigMap for Kubernetes deployments.

If you are using Helm charts, you can customize and modify configuration files to suit the needs of different environments. The Helm charts define all sets of properties.

The following is an example of the type of configurations you might see when running the Helm chart to deploy Kubernetes. These configurations are located in the values.yaml file.

Copy 
flyway: false
server_port: 9005
server_port_2: 9001
multitenant_mode: false
multitenant_schema_hub: owlhub
url_based_multitenantmode: false
owl_base: /opt
owl_agent_id: 0
install_path: /opt/owl
spark_home: /opt/spark

For more information about using Helm charts, go to Collibra DQ Helm chart in Installing Collibra Data Quality & Observability on Self-hosted Kubernetes.

Adding, editing, and deleting a tenant

Regardless of the need for isolated environments, Collibra DQ supports dynamically created tenants, as part of the DQ web application. You can add, edit, or delete a tenant on the Tenant Management page.

Steps

  1. Sign into Collibra DQ.

  2. Click Sign in as Tenant Manager, which appears below the Forgot your password? link.

  3. On the Tenant Manager login page, enter the following credentials:
    • Username: mtadmin
    • Password: mtadmin123

  4. Click Log in.
    The Tenant Management page opens, where you can add, edit, and delete your tenants.

  5. To add a new tenant, click the + Add Tenant button in the top-right corner of the Tenant Management window.
    The Add a New Tenant modal appears.

  6. Enter the following information:
    • Tenant Name: Name for the tenant.
    • Tenant Display Name: Tenant name that displays in the Tenant Management page.
    • Description: Description for the tenant.
    • Username: Username you use when you login to the tenant.
    • Password: Password you use when you login to the tenant.
  7. To enable the tenant, select the Enable box.
  8. Click Save.
    The new tenant displays on the Tenant Management page.
  9. To edit a tenant, select the tenant from the Tenant Management page and click the More icon icon next to the Login button.
  10. Select Edit from the dropdown.
    The Edit Tenant modal appears.

  11. Make the desired changes and click Save.
  12. To delete a tenant, click the More icon icon and select Delete.

Signing into a tenant

You can select a tenant from a dropdown list on the main Collibra DQ login page.

Note For more information about adding, editing, and deleting tenants, go to Adding, editing, and deleting a tenant.

Steps

  1. Sign into Collibra DQ.

  2. Enter your username and password credentials.
  3. Select your tenant from the Select Tenant dropdown list.

    Note All enabled tenants will display in the Select Tenant drop down list. Access to tenants are handled by the administrator(s) within each tenant individually.

  4. Click Sign in.

    Note If you haven't registered as a Collibra DQ user, click the Register link, which displays under the Sign in as Tenant Manager link and complete the registration form.