Multi-tenancy refers to the ability to deploy functional pipelines and processing in a way completely isolated the ones from each other. The typical example is a cybersecurity platform, deployed as a Saas managed platform and processing data from various different customers (i.e. tenants).
Multi-tenancy is just like security. It makes no sense to start without, and to (hope to) easily bring it later on.
That is the reason why we designed the punchplatform with multi-tenancy mechanism from the ground. Should you not need it, you will then deal with only a single tenant.
How does it work ? First a picture:
Multi-tenancy is illustrated next :
When you start a project using the punch, you first decide what services you want to share versus the ones that require a physical isolation.
In some cases everything is shared, each tenant is then only logically separated. This is performed in each platform component : queuing topics, elasticsearch indexes, object storage pools, configuration folders, admin and user accounts, Kibana servers, etc.
Everything is per tenant ... except one file : the one describing the platform structure used to deploy the platform (Refer to platform). Only a super administrator is allowed to alter the platform itself.
Refer to the Tenant Configuration chapter chapter for details about tenant configuration and resources.