15308555518/ website
1
0
Fork 0
mirror of https://github.com/kubesphere/website.git synced 2025-12-26 00:12:48 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update multi-tenancy-in-kubesphere.md

This commit is contained in:
Rodion Miromind 2021-05-28 10:17:12 +03:00 committed by Big C
parent 94f5d84298
commit d1f4da3b46
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
content/en/docs/access-control-and-account-management/multi-tenancy-in-kubesphere.md
View File

@ -1,5 +1,5 @@
---
title: "Multi-tenancy in KubeSphere"
title: "Kubernetes Multi-tenancy in KubeSphere"
keywords: "Kubernetes, Kubesphere, multi-tenancy"
description: "Understand the multi-tenant architecture in KubeSphere."
linkTitle: "Multi-tenancy in KubeSphere"
@ -12,7 +12,7 @@ The first and foremost challenge is how to define multi-tenancy in an enterprise
## Challenges in Kubernetes Multi-tenancy
Multi-tenancy is a common software architecture. Resources in a multi-tenant environment are shared by multiple users, also known as "tenants", with their respective data isolated from each other. The administrator of a multi-tenant cluster must minimize the damage that a compromised or malicious tenant can do to others and make sure resources are fairly allocated.
Multi-tenancy is a common software architecture. Resources in a multi-tenant environment are shared by multiple users, also known as "tenants", with their respective data isolated from each other. The administrator of a multi-tenant Kubernetes cluster must minimize the damage that a compromised or malicious tenant can do to others and make sure resources are fairly allocated.
No matter how an enterprise multi-tenant system is structured, it always comes with the following two building blocks: logical resource isolation and physical resource isolation.
@ -20,7 +20,7 @@ Logically, resource isolation mainly entails API access control and tenant-based
The isolation of physical resources includes nodes and networks, while it also relates to container runtime security. For example, you can create [NetworkPolicy](../../pluggable-components/network-policy/) resources to control traffic flow and use PodSecurityPolicy objects to control container behavior. [Kata Containers](https://katacontainers.io/) provides a more secure container runtime.
## Multi-tenancy in KubeSphere
## Kubernetes Multi-tenancy in KubeSphere
To solve the issues above, KubeSphere provides a multi-tenant management solution based on Kubernetes.