Configuring Organizations

This chapter includes the following sections:

Organizations in a Multitenancy Environment

Multi-tenancy allows you to divide the large physical infrastructure of an Cisco UCS domain into logical entities known as organizations. As a result, you can achieve a logical isolation between organizations without providing a dedicated physical infrastructure for each organization.

You can assign unique resources to each tenant through the related organization in the multi-tenant environment. These resources can include different policies, pools, and quality of service definitions. You can also implement locales to assign or restrict user privileges and roles by organization, if you do not want all users to have access to all organizations.

If you set up a multi-tenant environment, all organizations are hierarchical. The top-level organization is always root. The policies and pools that you create in root are system-wide and are available to all organizations in the system. However, any policies and pools created in other organizations are only available to organizations that are above it in the same hierarchy. For example, if a system has organizations named Finance and HR that are not in the same hierarchy, Finance cannot use any policies in the HR organization, and HR cannot access any policies in the Finance organization. However, both Finance and HR can use policies and pools in the root organization.

If you create organizations in a mult-itenant environment, you can also set up one or more of the following for each organization or for a sub-organization in the same hierarchy:

  • Resource pools

  • Policies

  • Service profiles

  • Service profile templates

The root organization is always the top level organization.

Hierarchical Name Resolution in a Multi-Tenancy Environment

In a multi-tenant environment, Cisco UCS uses the hierarchy of an organization to resolve the names of policies and resource pools. When Cisco UCS Manager searches for details of a policy or a resource assigned to a pool, the following occurs:

  1. Cisco UCS Manager checks for policies and pools with the specified name within the organization assigned to the service profile or policy.

  2. If a policy is found or an available resource is inside a pool, Cisco UCS Manager uses that policy or resource. If the pool does not have any available resources at the local level, Cisco UCS Manager moves up in the hierarchy to the parent organization and searches for a pool with the same name. Cisco UCS Manager repeats this step until the search reaches the root organization.

  3. If the search reaches the root organization and has not found an available resource or policy, Cisco UCS Manager returns to the local organization and begins to search for a default policy or available resource in the default pool.

  4. If an applicable default policy or available resource in a default pool is found, Cisco UCS Manager uses that policy or resource. If the pool does not have any available resources, Cisco UCS Manager moves up in the hierarchy to the parent organization and searches for a default pool. Cisco UCS Manager repeats this step until the search reaches the root organization.

  5. If Cisco UCS Manager cannot find an applicable policy or available resource in the hierarchy, it returns an allocation error.

Example: Server Pool Name Resolution in a Single-Level Hierarchy

In this example, all organizations are at the same level below the root organization. For example, a service provider creates separate organizations for each customer. In this configuration, organizations only have access to the policies and resource pools assigned to that organization and to the root organization.

In this example, a service profile in the XYZcustomer organization is configured to use servers from the XYZcustomer server pool. When resource pools and policies are assigned to the service profile, the following occurs:

  1. Cisco UCS Manager checks for an available server in the XYZcustomer server pool.

  2. If the XYZcustomer server pool has an available server, Cisco UCS Manager associates that server with the service profile and discontinues the search. If the pool does not have an available server, Cisco UCS Manager checks the root organization for a server pool with the same name.

  3. If the root organization includes an XYZcustomer server pool and that pool has an available server, Cisco UCS Manager associates that server with the service profile and discontinues the search. If the pool does not have an available server, Cisco UCS Manager returns to the XYZcustomer organization to check the default server pool.

  4. If the default pool in the XYZcustomer organization has an available server, Cisco UCS Manager associates that server with the service profile and discontinues the search. If the default pool does not have an available server, Cisco UCS Manager checks the default server pool in the root organization.

  5. If the default server pool in the root organization has an available server, Cisco UCS Manager associates that server with the service profile and discontinues the search. If the default pool does not have an available server, Cisco UCS Manager returns an allocation error.

Example: Server Pool Name Resolution in a Multi-Level Hierarchy

In this example, each organization includes at least one suborganization. For example, a company could create organizations for each major division in the company and for subdivisions of those divisions. In this configuration, each organization has access to its local policies and resource pools and to the resource pools in the parent hierarchy.

In this example, the Finance organization includes two sub-organizations, AccountsPayable and AccountsReceivable. A service profile in the AccountsPayable organization is configured to use servers from the AP server pool. When resource pools and policies are assigned to the service profile, the following occurs:

  1. Cisco UCS Manager checks for an available server in the AP server pool defined in the service profile.

  2. If the AP server pool has an available server, Cisco UCS Manager associates that server with the service profile and discontinues the search. If the pool does not have an available server, Cisco UCS Manager moves one level up the hierarchy and checks the Finance organization for a pool with the same name.

  3. If the Finance organization includes a pool with the same name and that pool has an available server, Cisco UCS Manager associates that server with the service profile and discontinues the search. If the pool does not have an available server, Cisco UCS Manager moves one level up in the hierarchy and checks the root organization for a pool with the same name.

  4. If the root organization includes a pool with the same name and that pool has an available server, Cisco UCS Manager associates that server with the service profile and discontinues the search. If the pool does not have an available server, Cisco UCS Manager returns to the AccountsPayable organization to check the default server pool.

  5. If the default pool in the AccountsPayable organization has an available server, Cisco UCS Manager associates that server with the service profile and discontinues the search. If the default pool does not have an available server, Cisco UCS Manager moves one level up in the hierarchy and checks the default server pool in the Finance organization.

  6. If the default pool in the Finance organization has an available server, Cisco UCS Manager associates that server with the service profile and discontinues the search. If the default pool does not have an available server, Cisco UCS Manager moves one level up in the hierarchy and checks the default server pool in the root organization.

  7. If the default server pool in the root organization has an available server, Cisco UCS Manager associates that server with the service profile and discontinues the search. If the default pool does not have an available server, Cisco UCS Manager returns an allocation error.

Configuring an Organization Under the Root Organization

Procedure
     Command or ActionPurpose
    Step 1UCS-A# scope org /  

    Enters the root organization mode.

     
    Step 2UCS-A /org # create org org-name  

    Creates the specified organization under the root organization and enters organization mode for the specified organization.

    Note   

    When you move from one organization mode to another, the command prompt does not change.

     
    Step 3UCS-A /org # commit-buffer  

    Commits the transaction to the system configuration.

     

    The following example creates an organization named Finance under the root organization and commits the transaction:

    UCS-A# scope org /
    UCS-A /org # create org Finance
    UCS-A /org* # commit-buffer
    UCS-A /org # 
    

    Configuring an Organization Under an Organization that is not Root

    Procedure
       Command or ActionPurpose
      Step 1UCS-A# scope org /  

      Enters the root organization mode.

       
      Step 2UCS-A /org # scope org org-name  

      Enters organization mode for the specified organization.

      Note   

      When you move from one organization mode to another, the command prompt does not change.

       
      Step 3UCS-A /org # create org org-name  

      Creates the specified organization under the previously configured non-root organization and enters organization mode for the specified organization.

       
      Step 4UCS-A /org # commit-buffer  

      Commits the transaction to the system configuration.

       

      The following example creates an organization named Finance under the NorthAmerica organization and commits the transaction:

      UCS-A# scope org /
      UCS-A /org # scope org NorthAmerica
      UCS-A /org # create org Finance
      UCS-A /org* # commit-buffer
      UCS-A /org # 
      

      Deleting an Organization

      Procedure
         Command or ActionPurpose
        Step 1UCS-A# scope org /  

        Enters the root organization mode.

         
        Step 2UCS-A /org # delete org org-name  

        Deletes the specified organization.

         
        Step 3UCS-A /org # commit-buffer  

        Commits the transaction to the system configuration.

         

        The following example deletes the organization under the root organization named Finance and commits the transaction:

        UCS-A# scope org /
        UCS-A /org # delete org Finance
        UCS-A /org* # commit-buffer
        UCS-A /org #