Multi-tenancy refers to the ability to deploy functional pipelines and processing in a way as isolated as possible the ones from each other. The typical example is a cybersecurity platform, deployed as a Saas managed platform and processing data from various different customers (i.e. tenants).
Multi-tenancy is just like security. It makes no sense to start without, and to (hope to) easily bring it later on.
That is the reason why we designed the punch with multi-tenancy mechanism from the ground. Should you not need it, you will then deal with only a single tenant.
Multi-tenancy is illustrated next :
When you start a project using the punch, you first decide what applications and services you want to share versus the ones that require a physical isolation.
In some cases everything is shared, each tenant is then only logically separated. This is performed in each platform component : kafka topics, elasticsearch indexes, object storage pools, configuration folders, admin and user accounts, Kibana servers, etc.
Everything is per tenant except one file : the one describing the platform structure used to deploy the platform (Refer to platform). Only a super administrator is allowed to alter the platform itself.