Plan organizations

An organization allows you to control access to resources in the system and limit the resources available for use by assigning quotas. A system administrator must plan all organizations in the system for resource assignment.

	The root administrator admin is a member of root organization root.

 

Plan the root organization

The name of the root organization is root, which cannot be edited.

Plan your organization structure

Plan the following information for your organization:

• Relationship between different organizations.

• Resource quotas, AZs, and network segment of each organization.

• Relationship between users and organizations.

• User roles.

Figure-1 Organization structure

 

Organization

An organization is the smallest unit for cloud resource allocation. You can create a multi-level organization structure. The root organization is the parent organization of all level-1 organizations. The administrator of the root organization is a system administrator.

User

A user is one that can log in to the system to manage and use cloud resources. A user must belong to an organization and must be assigned a role for access control.

• Role

Each user must be assigned a role for access control. By default, the system provides the system administrator, organization administrator, and user roles. The system also supports creating custom roles, such as approval administrator. The default roles are as follows:

• System administrator—Manages the private cloud by performing the following operations:

• Create suborganizations and assign compute resources, storage resources, and network access resources to different resource pools to provide services for organizations.

• Plan operations policies such as charging and resource request workflow approvals to meet daily operations requirements.

• Organization administrator—Configures and manages resources in its organization and creates suborganizations.

• User—Requests and uses cloud services in the system as needed.

Multitenant application scenario

A tenant is an organization in this system. Users in the organization can be assigned the system administrator, organization administrator, and user roles for hierarchical management. As shown in the following figure, in a company that has multiple layers of organizations, the IT department manager manages all IT resources in the company, and assigns resources to the R&D department (Org1) and marketing department (Org2) as a system administrator. The R&D administrator creates sub organizations and assigns resources to them. The development, testing, and marketing administrators assign resources to the employees in their respective department as an organization administrator. The employees in these departments can use the resources assigned by their administrator as a common user.