4 Tenancy Management

A tenancy is an environment where users create and manage cloud resources in order to build and configure virtualized workloads. At least one tenancy must be created. All the tenancies in the environment are collectively referred to as the Compute Enclave. However, tenancy management is a responsibility of the appliance administrator. Tenancies are created from the Service Enclave and subsequently handed over to the initial user in the tenancy: the primary tenancy administrator.

Technical background information about enclaves, tenancies and administrator roles can be found in the Oracle Private Cloud Appliance Concepts Guide. Refer to the section "Enclaves and Interfaces" in the chapter Architecture and Design.

Creating a New Tenancy

An infrastructure administrator sets up a tenancy from the Service Enclave and provides access details to the primary tenancy administrator. Then the tenancy administrator can start configuring additional user accounts and cloud resources in the Compute Enclave.

Using the Service Web UI

1. In the navigation menu, click Tenancies.

2. In the top-right corner of the Tenancies page, click Create Tenancy.

   The Create Tenancy window appears.

3. Fill out the tenancy details:

   • Name: Enter a name for the new tenancy.

   • Description: Optionally, enter a description for the new tenancy.

   • Service Namespace: Set a unique namespace for all resources created within this tenancy.

   • Authentication Credentials: Set a user name and password for the primary tenancy administrator.

     This account must be used to log in to the tenancy for the first time. The tenancy administrator sets up additional user accounts, defines compartments, policies and other resources, and generally configures the cloud environment so that users can start deploying their required resources.

4. Click Save Changes to create the new tenancy.

   The new tenancy is displayed in the Tenancies list.

Using the Service CLI

1. Create a new tenancy with the create Tenant command.

   The name, namespace and admin account credentials are required parameters; a description is optional.

   Syntax (entered on a single line):

   create Tenant 
   name=<tenancy_name> 
   serviceNamespace=<tenancy_namespace> 
   description=<tenancy_description> 
   adminUserName=<tenancy_admin_user_name> 
   adminPassword=<tenancy_admin_password> 
   confirmPassword=<tenancy_admin_password>

   Example:

   PCA-ADMIN> create Tenant name=myTestTenancy serviceNamespace=test description="A tenancy for testing purposes" \
   adminUserName=testadmin adminPassword=************ confirmPassword=************
   Command: create Tenant name=myTestTenancy serviceNamespace=test description="A tenancy for testing purposes" adminUserName=testadmin adminPassword=***** confirmPassword=*****
   Status: Success
   Time: 2021-09-08 08:54:44,778 UTC
   JobId: a0ee398f-5d44-4b3f-8b9c-e5a9692c36a4
   Data:
     id:ocid1.tenancy.....<uniqueID>  name:myTestTenancy

2. Use the job ID to check the status of your command.

   PCA-ADMIN> show Job id=a0ee398f-5d44-4b3f-8b9c-e5a9692c36a4
   Command: show Job id=a0ee398f-5d44-4b3f-8b9c-e5a9692c36a4
   Status: Success
   Time: 2021-09-08 08:55:11,125 UTC
   Data:
     Id = a0ee398f-5d44-4b3f-8b9c-e5a9692c36a4
     Type = Job
     AssociatedObj = id:ocid1.tenancy.AK00661530.scasg01.jrgyo2w39riz38jhzredwz7s4zglm4slu6m6u37ok4odx5vfszak00090146  type:Tenant  name:myTestTenancy
     AssociatedObj Type = Tenant
     AssociatedObj Id = ocid1.tenancy.AK00661530.scasg01.jrgyo2w39riz38jhzredwz7s4zglm4slu6m6u37ok4odx5vfszak00090146
     Done = true
     Name = CREATE_TYPE
     Run State = Succeeded
     Transcript = null2021-09-08 08:54:44.753 : Created job CREATE_TYPE
   
     Username = admin

3. Verify that the new tenancy was created correctly. Use the list and show commands to display the tenancy information.

   PCA-ADMIN> list Tenant
   Command: list Tenant
   Status: Success
   Time: 2021-09-08 08:55:44,669 UTC
   Data:
     id                                                                                              name
     --                                                                                              ----
     ocid1.tenancy.AK00661530.scasg01.r9l0nzgsm3vvtd6ugyrbx8em0pqogxp0x524yi7z3h1dztk6fuak00090146   myTenancy1
     ocid1.tenancy.AK00661530.scasg01.iyalhgadxg2d71ej6qx8fs8n9v0dey8wqd7firgs6djbontjvcak00090146   myTenancy2
     ocid1.tenancy.AK00661530.scasg01.9ax6fcf0bhe7an2b0m90e2t5uojkmfd1e47mkvye59e1u46ly6ak00090146   myTenancy3
     ocid1.tenancy.AK00661530.scasg01.g7or03paq3k6j9hixsahhp6fh4ta4ntjz8x5yispcix5xeviu9ak00090146   myTestTenancy
   
   PCA-ADMIN> show Tenant name=myTestTenancy
   Command: show Tenant name=myTestTenancy
   Status: Success
   Time: 2021-09-08 08:56:09,484 UTC
   Data:
     Id = ocid1.tenancy.AK00661530.scasg01.jrgyo2w39riz38jhzredwz7s4zglm4slu6m6u37ok4odx5vfszak00090146
     Type = Tenant
     Name = myTestTenancy
     Description = A tenancy for testing purposes
     Service Namespace = test

4. Provide the Compute Web UI URL, tenancy name, user name and password to the primary tenancy administrator. The tenancy is now ready for use.

   The tenancy administrator sets up additional user accounts, defines compartments, policies and other resources, and generally configures the cloud environment so that users can start deploying their required resources.

Modifying the Configuration of a Tenancy

The only tenancy property that an administrator can modify at this time is the description.

• Service Web UI: Open the tenancy detail page and click Edit.

• Service CLI: Use the command edit Tenant name=<tenancy_name> description=<tenancy_description>

Deleting a Tenancy

Make sure that tenancy users have removed all their resources. The tenancy can only be deleted if it is empty.

Using the Service Web UI

1. In the navigation menu, click Tenancies.

2. In the tenancies table, click the name of the tenancy you want to delete.

   The tenancy detail page is displayed.

3. In the top-right corner of the tenancy detail page, click Delete. Confirm the operation when prompted.

Using the Service CLI

1. Look up the name and ID of the tenancy you want to delete.

   PCA-ADMIN> list Tenant
   Command: list Tenant
   Status: Success
   Time: 2021-09-08 11:08:17,042 UTC
   Data:
     id                                                                                              name
     --                                                                                              ----
     ocid1.tenancy.AK00661530.scasg01.r9l0nzgsm3vvtd6ugyrbx8em0pqogxp0x524yi7z3h1dztk6fuak00090146   myTenancy1
     ocid1.tenancy.AK00661530.scasg01.iyalhgadxg2d71ej6qx8fs8n9v0dey8wqd7firgs6djbontjvcak00090146   myTenancy2
     ocid1.tenancy.AK00661530.scasg01.9ax6fcf0bhe7an2b0m90e2t5uojkmfd1e47mkvye59e1u46ly6ak00090146   myTenancy3
     ocid1.tenancy.AK00661530.scasg01.g7or03paq3k6j9hixsahhp6fh4ta4ntjz8x5yispcix5xeviu9ak00090146   myTestTenancy

2. To delete the tenancy, use the delete Tenant command followed by the tenancy name or ID.

   PCA-ADMIN> delete Tenant name=myTestTenancy
   Command: delete Tenant name=myTestTenancy
   Status: Running
   Time: 2021-09-08 11:10:00,288 UTC
   JobId: 92b84ac2-1f2c-41d7-980e-d7549957ef93

3. Verify that the deleted tenancy is no longer displayed in the tenancy list.

   PCA-ADMIN> list Tenant
   Command: list Tenant
   Status: Success
   Time: 2021-09-08 11:11:20,358 UTC
   Data:
     id                                                                                              name
     --                                                                                              ----
     ocid1.tenancy.AK00661530.scasg01.r9l0nzgsm3vvtd6ugyrbx8em0pqogxp0x524yi7z3h1dztk6fuak00090146   myTenancy1
     ocid1.tenancy.AK00661530.scasg01.iyalhgadxg2d71ej6qx8fs8n9v0dey8wqd7firgs6djbontjvcak00090146   myTenancy2
     ocid1.tenancy.AK00661530.scasg01.9ax6fcf0bhe7an2b0m90e2t5uojkmfd1e47mkvye59e1u46ly6ak00090146   myTenancy3