Multitenancy

the single connect multitenancy function can provide multiple and independent applications and functions single connect multitenancy enables an architecture in which a single instance serves multiple customers each customer is called a tenant tenants may be given the ability to customize some parts of the application tenants are logically isolated from each other tenant admins can only manage devices and users that they are allowed to access and can only see the logs related to the permitted devices and users to enable multitenancy navigate to administration > system config man set multitenancy enabled as true save configuration navigate to portal function > function group definition give the function group a name and select the single connect tenant admin function save configuration open the function realm definition tab give the realm a name, select a tenant admin user group and select the function group that you created on step 6 and save restart the netright tomcat service a establish an ssh connection to the single connect ip address as the root user from port 22 b run the systemctl restart netright tomcat command to restart the service tenant connector the tenant connector provides secure remote data center connections to different tenants who want to use single connect’s features, such as preventing password theft and eliminating unsupervised access and need a secure connection between their remote data centers and the central single connect server this section describes how the tenant connector is added and matched with devices to create an openvpn connector adding an openvpn connector tenants who already have an openvpn server in the remote data center or want to use openvpn in their remote data center connections can use this feature navigate to tenant connector open the connector sites tab click the add button, enter the remote site name and description, and click save open the connector nodes tab click the add button and select the openvpn option select the connector site, enter the openvpn credentials, copy the openvpn configuration, and click save adding a built in vpn connector tenants who do not have an openvpn license and want to use single connect’s secure connection can use its built in vpn option in order to set this connection, the connector package must first be installed on a linux server at the remote data center to install the connector node to the remote datacenter download the connector installation package connector install tar gz from the single connect repository extract the files to a centos 7 6 server at the remote datacenter execute the install sh script this script installs all the required packages and configures the connector node log in to the restricted cli and execute the create ssh key command copy the generated ssh rsa key to create a built in vpn connection navigate to tenant connector open the connector sites tab click the add button, enter the remote site name and description, and click save open the connector node tab click the add button and select the built in vpn option select the remote site name, enter the node name, tunnel port, connection port, connector node external ip, the ssh rsa key created during the connector node installation, and click save connector monitoring connectors send heartbeat messages to single connect servers at regular intervals this information can be used to monitor whether the connectors are working properly to check the heartbeat messages navigate to tenant connector open the connector nodes tab click the list view button, select the connector node, and click the heartbeat button adding a device to a connector site in order to access the devices located at remote data centers through the connector, these devices must be associated with the connector sites to associate a device with a connector site navigate to device management > device inventory click the new device discovery button fill out the relevant device information, select the connector site, and save by clicking discover and add