Consolidate your Kubernetes Storage with Multi-tenancy and Self-service

In this mini-tutorial we'll show you how to use Quobyte's multi-tenancy to connect multiple Kubernetes namespaces or clusters to a single Quobyte cluster.

Sharing storage resources is the best way to reduce cost through better resource utilization, less systems to manage and data sharing - where it makes sense.

Multi-tenancy allows you to completely isolate tenants from each other on the same Quobyte cluster. By default, this isolation is on the logical level. This means that tenants cannot see and access each other's resources. However, you can also add full hardware isolation so that tenants don't share the same drives or servers using the Quobyte Policy Engine.

The Quobyte CSI plugin can direct all persistent volume claims (PVCs) to a single Quobyte tenant or map Kubernetes namespaces onto Quobyte tenants. The first option is the best choice when you have multiple clusters, e.g. one per group, and you want to consolidate the storage for all Kubernetes clusters on one Quobyte cluster.

The alternative of automatically mapping the Kubernetes namespaces onto Quobyte tenants is suitable for situations where you have one or more Kubernetes clusters that are already shared among groups. If enabled, Quobyte maps the name of the Kubernetes namespace to a Quobyte tenant, i.e. there needs to be a corresponding tenant with the exact same spelling in your Quobyte cluster.

Connect Kubernetes Namespaces to Tenants

To get started you need a Kubernetes cluster with the Quobyte CSI plugin and client installed (check out out install tutorial with video), a Quobyte cluster (read more).

Next, we have to tell the Quobyte CSI plugin to map Kubernetes namespaces onto Quobyte tenants: Edit the quobyte-csi-driver/values.yaml file and set

useK8SNamespaceAsTenant: true
If you want to use access keys, you should also set
enableAccessKeys: true

Or if you want to map a whole cluster to a tenant, you leave

useK8SNamespaceAsTenant: false
and add the tenant to the StorageClass.yaml (you can read more about storage classes with Quobyte here):
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: quobyte-storage
provisioner: csi.quobyte.com
allowVolumeExpansion: true
parameters:
  quobyteTenant: "Department A"
  ...
Deploy or install the Quobyte CSI plugin:
helm install quobyte-csi ./quobyte-csi-driver

Assign Users to Tenants

Now you have to map your users to tenants. If you use the internal database in Quobyte you just have to add a tenant membership to the each user:

If you use LDAP you have to map LDAP groups onto Quobyte tenants:

And that's it. When a user creates a PVC in a namespace the Quobyte CSI plugin will create a corresponding Quobyte volume in the tenant matching the namespace.

If you want your users to be able to check their resource utilization or create access keys, they can log into the Quobyte Webconsole:

Are You Ready for Real Software Storage?

Deploy Quobyte on your Kubernetes cluster with our Helm chart and deploy reliable and scalable persistent volumes in minutes.

Learn More

Learn more about Kubernetes with Quobyte

Containers

Quobyte for Kubernetes

Benefits and Features of Quobyte for Kubernetes

Tutorial

Connect Quobyte

How to set up shared file system (ReadWriteMany, RWX) persistent volumes on Kubernetes with Quobyte

Tutorial

Flash and HDD

Combine SSD or NVMe with HDD for cost effective and fast persistent volumes for Kubernetes

Tutorial

Storage Classes

Connect Kubernetes StorageClasses with Quobyte's Policy Engine and give your users options