Multitenant Use of VMware vRealize Operations as a Service

Service Providers Use cases:

  • Shared multitenant environment with tenant and service provider access 
  • Dedicated environment with tenant access 
  • Shared and/or dedicated environment with no tenant access

Shared Multitenant Environment with Tenant and Service Provider Access 

In this scenario, the service provider operates a centralized vRealize Operations Manager instance to collect all data generated by the resource cluster. Both service provider personnel and tenants will access the same instance of vRealize Operations, and data access will be controlled with RBAC. This scenario allows for easy management and deployment. This approach is especially attractive for service providers who can operate their complete environment within one vRealize Operations Manager environment.

Advantages include the following: 
• Easy to deploy and manage
• No additional data/configuration distribution for dashboards, policies, and so on is needed
• Only one instance to maintain (software updates, management packs, and so on) 

Disadvantages involve the following: 
• Role-based access control requires careful maintenance 
• Objects can only be operated under one policy, removing the ability to limit alert visibility for a customer/tenant
• Sizing can become complex and larger environments could be limited by sizing parameters. A possible workaround is to build instances per larger resource group.

Dedicated Environment with Tenant Access 

This scenario is unrelated to the vRealize Operations Manager multitenant use case that this document is focused on. This scenario is included for comparison reasons. In this scenario, the service provider operates a vRealize Operations Manager instance per dedicated customer. This is usually done when the customer operates its own cluster and vCenter Server within the service provider environment. Access to this environment is primarily focused on the tenant, but might be open for the service provider as well. An extended scenario might be that the service provider also collects data from the customer operated vCenter Server. This approach is commonly used in managed service environments or dedicated public cloud offerings where the customer rents a dedicated hardware stack. 

The advantages are as follows: 
• Easy to deploy and manage 
• Sizing is easy because it can be done per tenant/customer 
• Object policies can be customized to be tenant specific 

Disadvantages include the following: 
• Difficult to get a “big picture” when each customer operates on its own 
• Currently no data federation available for vRealize Operations 
• Service provider must monitor a high number of instances 
• Maintenance (upgrades and so on) requires more resources

Shared and/or Dedicated Environment with No Tenant Access 

In this scenario, the service provider operates a centralized vRealize Operations Manager instance to collect all data generated by the resource cluster. The primary difference from the, Shared Multitenant Environment with Tenant and Service Provider Access is that access is only provided for the service provider. This scenario allows for easy management and deployment. This approach is often used in managed services environments where the service provider focuses on resource optimization. 

The following advantages apply: 
• Easy to deploy and manage 
• No additional data/configuration distribution for dashboards, policies, and so on necessary 
• Only one instance to maintain (software updates, management packs and so on) 
• No complex RBAC necessary 

Disadvantages include the following: 

• Sizing can become complex and larger environments might be limited by sizing parameters. A possible workaround is to build instances per larger resource group.
• No customer/tenant access to vRealize Operations Manager possible.

Categories: Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s