Multitenancy architecture

The multitenancy architecture uses a database-per-tenant model, a robust tenant identification mechanism, and secure sharing of backend services to achieve strict data isolation and operational efficiency.

The HCL Universal Orchestrator multitenancy architecture serves multiple tenants from a single product deployment. It ensures strict data isolation for each tenant while using shared, centralized components for operational efficiency.

Tenant identification

To process a request, the system maps it to a specific tenant. The system identifies the tenant from the baseDomainName value given under the ingress section in the values.yaml file.

If the system cannot identify a tenant, or if the identified tenant does not exist, it returns a 404 Not Found error.

Data partitioning model

The architecture uses a hybrid data model that separates tenant-specific data from shared common resources.

Tenant-specific data

Most data, including workflows, security items, and API keys, belongs to a specific tenant. To enforce strict data isolation, the architecture uses a database-per-tenant model. Each tenant has a dedicated database encrypted with a unique encryption key. This design prevents cross-tenant data access, even at the storage layer.

Shared resources

For efficiency, certain backend services are shared across all tenants.

  • Kafka: Message topics are shared. When producing a message for a specific tenant, the system prepends the tenant ID to the message payload. When consuming a message, the system extracts the tenant ID to ensure it performs processing logic within the correct tenant context. Per-tenant encryption prevents cross-tenant data leakage; a user from one tenant cannot decrypt messages intended for another.
  • Common database: A separate, common database stores non-tenant-specific data. This database is used for internal system operations, such as the timer_task and timer_history_task collections.
Component architecture

The primary components of HCL Universal Orchestrator operate as follows in a multitenant deployment:

  • HCL Universal Orchestrator microservices: Shared microservices process workflows and requests for all tenants.

  • Tenant Manager: A dedicated microservice handles all administrative and lifecycle operations for tenants, such as creation, deactivation, and deletion.

  • Cloud Executor: A multitenant-aware component runs tasks for multiple tenants concurrently without requiring separate configurations.