Enabling multi-tenancy

Multi-tenancy provides the ability to instantiate different organizations within one entity. For example, an organization could have two separate divisions called OrgTraders and OrgInsurance, respectively. The OrgTraders division is not allowed to see the DQ Check results of the OrgInsurance division, making it critical that these organizations remain separate in Collibra DQ. With multi-tenancy, you can segregate these organizations into two separate tenants within the overarching Collibra DQ web application to protect the activity of one organization from the other.

After establishing the multi-tenant environment, use the Tenant Manager application to manage the tenants. For more information, go to Using Tenant Manager. Note that the Tenant Manager application is available only after enabling multi-tenancy.

Prerequisites

Non-URL-based tenancy

  • DNS entry for owl web server IP.
  • DNS entry for multiTenantSchemaHub.

URL-based tenancy: tenant.host

  • DNS entry for each tenant.
  • DNS entry for every tenant you want to create (the example below is called "automation").

Note Each of the records above point to the same IP address.

Steps

  • Standalone
  • Kubernetes

Note If you are upgrading your version of Collibra DQ, go to Upgrade Data Quality & Observability Classic.

  1. Make sure the web application has started up one time and that you have successfully logged into it with the default credentials.
  2. Stop all the components using the ./owlmanage.sh stop command.
  3. Modify the owl-env.sh file to include the following parameters:
    • export multiTenantSchemaHub=owlhub: This is a new schema that will get created on owlweb start (note the name of the TenantSchemaHub can be changed to the desired name at setup time).
    • export MULTITENANTMODE=TRUE: This enables multi-tenancy mode.
    • export URLBASEDMULTITENANTMODE=TRUE/FALSE
      • TRUE (default): This value means that you are using the tenant name as a sub-domain (see prerequisites).
      • FALSE: This value means you will let Collibra DQ manage tenants via sessions/tokens.
  4. If using agents as part of the DQ operation, modify the owl.properties file to include the following:
    • spring.agent.datasource.url=jdbc:postgresql://cdh-edge-dan.us-east4-c.c.owl-hadoop-cdh.internal:5432/postgres**?currentSchema=owlhub** (matching the name of the schema set on step 3-1 above).
    • jdbc:postgresql://cdh-edge-dan.us-east4-c.c.owl-hadoop-cdh.internal:5432/postgres**?currentSchema=owlhub** (matching the name of the schema set on step 3-1 above).
  5. Once the settings have been configured for multi-tenancy, start up the owlweb host first, using ./owlmanage.sh start=owlweb command.
  6. Start up the agents, using the ./owlmanage.sh start=owlagent command.

Note To use multi-tenancy when URLBASEDMULTITENANTMODE=TRUE, make sure there are DNS entries to the tenant endpoints.

You can enable multi-tenancy in the web ConfigMap for Kubernetes. The high-level setup for Kubernetes is virtually the same as standalone deployments. Where you add or modify properties in owl-env.sh for standalone deployments, you add the properties to the ConfigMap for Kubernetes deployments.

If you are using Helm charts, you can customize and modify configuration files to suit the needs of different environments. The Helm charts define all sets of properties.

The following is an example of the type of configurations you might see when running the Helm chart to deploy Kubernetes. These configurations are located in the values.yaml file.

Copy 
flyway: false
server_port: 9005
server_port_2: 9001
multitenant_mode: false
multitenant_schema_hub: owlhub
url_based_multitenantmode: false
owl_base: /opt
owl_agent_id: 0
install_path: /opt/owl
spark_home: /opt/spark

For more information about using Helm charts, go to Collibra DQ Helm chart in Installing Data Quality & Observability Classic on self-hosted Kubernetes.

What's next

Using Tenant Manager

Configuring SSO for Tenant Manager