New Tenants#
Background#
In order to understand how clients are provisioned, you will need to understand how Helm charts work. The platform uses a Helm chart, Landlord, to provision tenants.
The Landlord Helm chart gets provisioned by landlord-setup in cluster-bootstrap.
Provisioning Tenants#
Requests for new tenants should come in through the IT Common Platform service catalog item in ServiceNow.
Important: By convention tenant names should have the department or college
abbreviation prefixed. For example, es-tenant or nis-tenant. If the requestor
did not prefix the tenant name, be sure to communicate with them that the name
will be updated to follow this convention.
Create the tenant repository#
- Browse to the Gitlab tenant group and create a new project by clicking on the "New Project" button in the top right.
- Click on Create blank project
- Project name: the name of the new tenant
- Project Description: the RITM number from the ServiceNow request
- Visibility Level: Internal
- Click on "Create project"
Make note of the URL to the Gitlab repo.
Once the project is created, select Project Information -> Members. Invite the tenant requestor (see ServiceNow ticket) as a Maintainer of the repository.
Add the tenant to the cluster#
To add a tenant to the cluster, you will need to edit the appropriate file in the it-common-platform-landlord repository.
| Cluster | Environment | File |
|---|---|---|
| AWS | production | prod/tenant-config-0.yaml |
| AWS | pre-production/test | TBD |
| AWS | develop | This cluster is reserved for the Platform Team. Do not provision tenants here. |
| On-Premise | production | TBD; Due to limited resources, tenants in this cluster require approval. |
| On-Premise | pre-production/test | pprd/tenant-config-0.yaml |
| On-Premise | develop | This cluster is reserved for the Platform Team. Do not provision tenants here. |
Note that these files are effectively Helm values files. To understand the impact of a particular setting, read the chart templates.
Create a branch (e.g. RITM0082285/es-cashiering-dvlp) and edit the correct file.
If this is the first tenant for this department, you will need to add a nodePool
for the department by adding to the nodePools section of the file near the top.
Example:
Note that there are cost implications based on the instanceType specified. If you
are specifying an instanceType other than t3a.*, make sure you understand how
it will impact cost. To learn more about available instance types, read
the AWS documentation
Add the tenant to the tenants section of the file.
Example:
es-cashiering-dvlp:
nodePool: es
operatorEdGroup: dpt.es.app.common-platform.cashiering-dvlp
rbac:
- group: dpt.es.app.common-platform.cashiering-dvlp
logging:
splunkIndex: vt_it-es
flux:
branch: main
branch: main directive tells FluxCD to look at the main branch rather than the master branch.
Commit, push and submit a merge request to another team member. The reviewer will review and merge your request.
Once merged, the namespace will be provisioned in the cluster. You should be
able to confirm this by authenticating to the cluster and issuing command
kubectl get namespaces.
Note: Confirm with customer that the rbac ed group has mw-gateway added as a viewer?
Communicate#
Update the ServiceNow request item letting the requestor know that their tenant has been provisioned and provide the URL for the tenant Git repository you created above.
Example:
IT Common Platform tenant TENANT-NAME has been created.
You may begin adding resources to your tenant by creating manifests
in this Git repository: REPO-URL
You can read more about the platform here: https://docs.platform.it.vt.edu/
You can view the status of your tenant here: https://headlamp.prod.aws.itcp.cloud.vt.edu/
To report a problem or incident, submit a ticket through the help desk: https://4help.vt.edu/sp?id=ask_4help
If you are on Slack, you may also post general questions to #it-common-platform-help.