Home

Multi-Tenancy and Cluster Federation

Overview

For large-scale enterprise deployments, Alluxio provides advanced features for multi-tenancy, cluster federation, and unified management. This allows multiple teams and business units to share data infrastructure securely and efficiently, while simplifying administrative overhead. This document outlines a reference architecture and feature set to enable secure, isolated, and manageable deployment of Alluxio clusters in a multi-tenant environment.

This diagram illustrates the architecture featuring an API Gateway that centrally handles authentication and authorization across multiple Alluxio clusters. Users authenticate through the Management Console or Auth Server to obtain tokens, which the API Gateway validates before routing requests to appropriate cluster coordinators. The gateway integrates a Policy Engine (OPA) for access control decisions and supports both targeted cluster requests and multicast operations. The Management Console provides a centralized dashboard for monitoring and managing all clusters through this gateway interface.

Key Features

Authentication and Authorization

  • Supports integration with enterprise identity providers (e.g., OKTA).

  • Authenticated users receive secure tokens (JWT), which are passed with each request.

  • Fine-grained access control is enforced by a policy engine (e.g., Open Policy Agent - OPA), which evaluates each request against customizable rules.

Multi-Tenancy and Isolation

Alluxio enforces isolation between tenants to ensure security and prevent interference.

  • Authentication: Users are authenticated against an enterprise identity provider (like Okta) to receive a secure JSON Web Token (JWT).

  • Authorization: Every request sent with a JWT is evaluated by a policy engine (like OPA) against fine-grained policies written in Rego. This controls which users can access which resources and perform which actions.

  • Cache Isolation: Each tenant can have its own cache configurations, including quotas, TTLs, and eviction policies, ensuring that one tenant's workload does not negatively impact another's.

Cluster Federation

For organizations with multiple Alluxio clusters (e.g., across different regions or environments), federation simplifies management. The Management Console provides a single pane of glass for:

  • Cross-cluster monitoring and metrics.

  • Centralized license management.

  • Executing operations across multiple clusters simultaneously.

This ensures that scaling to tens or hundreds of clusters remains manageable.

Example Workflow: Updating a Cache Policy

Here is a step-by-step example of how a user would update a cache TTL for a specific tenant:

  1. Authentication: The user logs into the Management Console, which redirects them to Okta for authentication. Upon success, Okta issues a JWT.

  2. Request Submission: The user uses the console to submit a request to change the cache TTL. The request, containing the JWT, is sent to the API Gateway.

  3. Authorization: The API Gateway validates the JWT and queries the OPA Policy Engine to check if the user has permission to modify cache settings for the target tenant.

  4. Execution: If the request is authorized, the API Gateway forwards the command to the coordinator of the relevant Alluxio cluster. The cluster then applies the new TTL policy.

Operations

Authentication

Authentication will initially be handled through OKTA. Upon user login and identity verification, OKTA generates a JSON Web Token (JWT) for the API gateway. The JWT is an encoded JSON object that includes user-defined claims, which can be used to associate the user with specific roles or group identifiers.

Authorization

Authorization ensures that users can only access resources they’re permitted to. The system uses Open Policy Agent (OPA) as the policy engine to enforce access control. OPA supports a declarative language called Rego for writing fine-grained, context-aware policies. Policies are configured in OPA, which exposes a decision API to evaluate whether requests should be allowed.

Multi-Tenancy

User Roles Access Control provides a way to manage user access and permissions within the Alluxio system. It allows for the creation of different user roles, each with specific access levels and permissions, ensuring that users can only access the resources they are authorized to.

Cluster Federation

Please refer to the Multi AZ High Availability section for details on how to set up and manage Alluxio clusters in a multi-AZ environment.

Licensing Management

For a large number of clusters, centralized license enforcement and propagation are supported. Please refer to License for more details.

Last updated