Deploy BMC Helix IT Operations Management in a multitenant environment


You can deploy BMC Helix IT Operations Management on multiple tenants. The product uses a robust Role-based Access Control (RBAC) model and the data of one tenant in BMC Helix Platform is not available to other tenants that are hosted on the platform. The tenant administrator can view data of the customer in the tenant for logging purposes.

Benefit

Deploying the product on multiple tenants can help in reducing the overall infrastructure requirements for multiple BMC Helix IT Operations Management deployments.

 

Scenario 1: Service providers with multiple customers sharing one BMC Helix Platform

A service provider organization wants to install BMC Helix IT Operations Managementfor three of their customers. A system administrator creates a shared cluster to host the production environments on the same BMC Helix Platform services. The administrator uses the tctl utily and creates three BMC Helix Platform tenants: Tenant 1, Tenant 2, and Tenant 3. The administrator then installs BMC Helix IT Operations Management for each tenant by using the deployment pipelines.

Data segregation and access are enforced. Data for each tenant in the BMC Helix Platform is not visible to other tenants. The logging data stored in Elasticsearch can be filtered by the tenant, but is not segregated.
This configuration is suitable where customers of the service provider do not have access to the Kubernetes administration functions.

The following image shows the BMC Helix IT Service Management installation on a multitenant BMC Helix Platform:

Scenario1.png

 

Scenario 2: Non-production systems sharing one BMC Helix Platform

An organization wants to install BMC Helix IT Operations Management for in-house development and testing. A system administrator creates a cluster to host the development and QA environments that use the same BMC Helix Platform services. The administrator uses the tctl utility and creates two BMC Helix Platform tenants: Dev Tenant and QA Tenant. The administrator then installs BMC Helix IT Operations Management for the Dev Tenant and the QA Tenant by using deployment pipelines.
The following image shows a shared development and QA cluster:

Scenario2.png

Frequently Asked Questions

Does BMC Helix IT Operations Management (ITOM) On-Prem support multitenancy?

Yes, BMC Helix IT Operations Management (ITOM) on-premises allows multiple users (multitenancy) at the platform level. However, BMC Helix Operations Management (BHOM) does not support this feature by default. To keep data separate for each tenant, you need to set up a separate BHOM instance for each one.

Can I use a single Discovery Appliance for multiple tenants?

No. Each tenant needs its own Discovery Appliance for data separation and independent BHOM deployments. For example:
Tenant 1 → Discovery Appliance 1
Tenant 2 → Discovery Appliance 2

How do I configure BHOM for multiple tenants?

Perform these steps:

​​​1. Set up and initialize the K8s/OpenShift cluster.

2. Deploy Discovery Appliances:
    a. Deploy the Discovery Appliance 1 for the initial BMC Helix Operations Management (BHOM) tenant.  
    b. Deploy the Discovery Appliance 2 for the second tenant.

3. Deploy Helix Platform by using the deployment manager script.

4. Deploy BHOM by using Discovery Appliance 1 and the deployment manager script.

5. Install the tctl CLI and configure it for the deployed cluster/environment.

6. Update the smart-graph-tenant-config ConfigMap with Discovery Appliance 2 details.

7. Set Up BHOM Tenant 2:
    Use the tctl CLI to set up BHOM tenant 2 with Discovery Appliance 2.

Can I offboard a tenant in ITOM On-Prem?

We do not support tenant offboarding. After a tenant is onboarded, it stays active until someone manually decommissions it through infrastructure changes.

Can I manage multiple BHOM tenants with Helix Portal?

Yes. You can manage multiple BHOM tenants through the Helix Portal, even though each instance is deployed separately.

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*