All Products
Search

This Product

    PolarDB:Multi-tenant management

    Document Center

    PolarDB:Multi-tenant management

    Last Updated:Jan 24, 2025

    PolarDB for MySQL provides the multi-tenant mode. The multi-tenant mode allows multiple tenants to share computing and storage resources within the same cluster while ensuring data isolation and resource isolation between different tenants. Each tenant can access only their own data. This mode prevents resource contention and ensures stable business operations.

    How it works

    image
    Note

    The system tenant, regular tenant A, and regular tenant B each have a DB_1 database and a user_1 user. Although these databases and users share the same name, they are distinct and independent of each other.

    Terms

    Tenant: The tenant concept is introduced to support a multi-tenant architecture within a database cluster and serves as a hierarchical layer between the cluster and the database or user level. Tenants are classified into two types: system tenant and regular tenant.

    • System tenant: designed to accommodate users in the original mode. By default, pre-existing databases and users in a cluster belong to the system tenant. When a user of the system tenant connects to the cluster, the user can access the databases of all tenants if the user has the required database permissions.

    • Regular tenant: Regular tenants are created under the system tenant. Databases and users among regular tenants are completely isolated and cannot access each other. Regular tenants also cannot access the databases of the system tenant. In the context of CPU resource scheduling, regular tenants are classified into exclusive tenants and shared tenants based on the value of the min_cpu parameter.

      • Exclusive tenant: The value of the min_cpu parameter is greater than 0. The system ensures that exclusive tenants always have CPU resources that are not less than the value of the min_cpu parameter.

      • Shared tenant: The value of the min_cpu parameter is 0.

      You can change the value of the min_cpu parameter to change the tenant type between exclusive and shared.

    Resource configuration: defines the resources that a tenant can use. This concept is introduced to manage resource isolation and allocation among tenants. Only CPU resources are supported for isolation and scheduling.

    Prerequisites

    To enable the multi-tenant mode, your cluster must meet the following requirements:

    The Database Engine parameter is set to MySQL 8.0.2or later. The Database Edition parameter is set to Enterprise Edition. The Edition parameter is set to Cluster Edition. The nodes in the cluster have the same specifications.

    Note

    The multi-tenant mode is in canary release. If you want to use the feature, you can join the DingTalk group 59535005981 to obtain technical support. After you enable the feature, you must restart the cluster for the feature to take effect.

    Precautions

    • You cannot synchronize data by using binlogs in multi-tenant mode.

    • You cannot partially revoke user permissions in multi-tenant mode.

    Quick start

    1. Enable the standalone multi-tenant mode on the cluster.

      Note

      The multi-tenant mode is in canary release. If you want to use the feature, you can join the DingTalk group 59535005981 to obtain technical support. After you enable the feature, you must restart the cluster for the feature to take effect.

    2. Use the privileged account to connect to the cluster.

    3. Create resource configurations r1 and r2. 

      CREATE resource_config r1 min_cpu 1 max_cpu 2;
CREATE resource_config r2 min_cpu 1 max_cpu 4;
      Note

      • Configure the min_cpu and max_cpu parameters based on the node specifications of your cluster.

      • Make sure that the value of the min_cpu parameter of each tenant does not exceed the number of CPU cores of the cluster node specifications minus 1. You must reserve at least one CPU core for the system tenant. Otherwise, tenants may fail to be bound to the resource configurations.

    4. Create tenants tn1 and tn2. When you create a tenant, bind one of the preceding resource configurations to the tenant. 

      CREATE tenant tn1 resource_config r1;
CREATE tenant tn2 resource_config r2;
      Note

      Make sure that the sum of the values of the min_cpu parameter in the resource configurations of all tenants does not exceed the number of CPU cores of the cluster node specifications minus 1.

    5. Create users u1 and u2 and databases db1 and db2. 

      -- Create user u1 in tenant tn1.
CREATE USER 'u1@tn1' IDENTIFIED BY 'password';

-- Create database db1 in tenant tn1.
CREATE DATABASE `db1@tn1`;

-- Create user u2 in tenant tn2.
CREATE USER 'u2@tn2' IDENTIFIED BY 'password';

-- Create database db2 in tenant tn2.
CREATE DATABASE `db2@tn2`;
      Note

      If you use the privileged account to create a user and a database, you must add the @ tenant name suffix to the username or database name.

    6. Grant permissions to users u1 and u2. 

      -- Grant permissions on tenant tn1 to user u1. 
GRANT ALL PRIVILEGES ON `%@tn1`.* TO 'u1@tn1'@'%' WITH GRANT OPTION;

-- Grant permissions on tenant tn2 to user u2. 
GRANT ALL PRIVILEGES ON `%@tn2`.* TO 'u1@tn2'@'%' WITH GRANT OPTION;

    7. You can use users u1@tn1 and u2@tn2 to verify data and resource isolation between the tenants tn1 and tn2.

    8. (Optional) View the tenants, users, and databases that you created.

      • Tenants: Use the privileged account to connect to the cluster and then execute the SELECT statement to view information about tenants. Example:

        SELECT * FROM mysql.tenants;

      • Users: Log on to the PolarDB console. Find the cluster on the Clusters page. Go to the Settings and Management > Accounts page of the cluster to view information about the created users.

        • Account names that do not have a tenant name appended after an @ symbol are the users of the system tenant.

        • Account names that include a tenant name appended after an @ symbol are are the users of the corresponding tenant.

      • Databases: Log on to the PolarDB console. Find the cluster on the Clusters page. Go to the Settings and Management > Databases page of the cluster to view information about the databases.

        • Database names that do not have a tenant name appended after an @ symbol are the databases of the system tenant.

        • Database names that include a tenant name appended after an @ symbol are the databases of the corresponding tenant.

    Features

    Enable the standalone multi-tenant mode

    Note

    The multi-tenant mode is in canary release. If you want to use the feature, you can join the DingTalk group 59535005981 to obtain technical support. After you enable the feature, you must restart the cluster for the feature to take effect.

    Enable data isolation

    To enable the data isolation feature, set the enable_multi_tenant parameter to ON.

    Enable resource isolation

    To enable the resource isolation feature, first enable the data isolation feature. Set the enable_multi_tenant, thread_pool_multi_tenant_enabled, and thread_pool_enabled parameters to ON. Make sure that the value of the thread_pool_size parameter matches the number of CPU cores of the cluster node specifications.

    • View node specifications

      Go to the Basic Information page of the cluster in the PolarDB console. In the Database Nodes section, you can view the node specifications of the cluster.

      image

    • Configure parameters

      • enable_multi_tenant and thread_pool_multi_tenant_enabled parameters: Contact Technical Support to set the parameters to ON.

      • thread_pool_enabled and thread_pool_size parameters: Log on to the PolarDB console. Find the cluster on the Clusters page. Go to the Configuration and Management > Parameters page to modify the parameters. For more information, see Configure cluster and node parameters.

    Manage resources

    A PolarDB for MySQL cluster in standalone multi-tenant mode supports only the isolation of CPU resources. When you create a resource configuration, specify CPU resource limits for the configuration by using the min_cpu and max_cpu parameters. If a tenant is bound to a resource configuration, the resource configuration limits the CPU resources available to the user connections of the tenant.

    Create a resource configuration

    Use the privileged account to connect to the cluster, and then execute the CREATE statement to create a resource configuration.

    Syntax

    CREATE resource_config <resource_config_name> min_cpu <min_cpu> max_cpu <min_cpu>;

    Example

    CREATE resource_config r1 min_cpu 0 max_cpu 1;
CREATE resource_config r2 min_cpu 1 max_cpu 4;
    Note

    • Configure the min_cpu and max_cpu parameters based on the node specifications of your cluster.

    • When you create a resource configuration, the system does not check the resource configuration against the cluster node specifications. This check occurs only if a tenant is bound to the resource configuration.

    • Make sure that the value of the min_cpu parameter of each tenant does not exceed the number of CPU cores of the cluster node specifications minus 1. You must reserve at least one CPU core for the system tenant. Otherwise, tenants may fail to be bound to the resource configurations.

    • The resources available for the users of the system tenant are the total CPU resources minus the CPU resources allocated to exclusive tenants.

    View resource configurations

    Use the privileged account to connect to the cluster and then execute the SELECT statement to view information about the resource configurations.

    Example

    SELECT * FROM mysql.tenant_resource_config;
    +----------------------+-------------------------+-------------------------+
| resource_config_name | resource_config_min_cpu | resource_config_max_cpu |
+----------------------+-------------------------+-------------------------+
| r1                   |                       0 |                       1 |
| r2                   |                       1 |                       4 |
+----------------------+-------------------------+-------------------------+

    Modify a resource configuration

    Use the privileged account to connect to the cluster and then execute the ALTER statement to modify a resource configuration.

    Syntax

    ALTER resource_config <resource_config_name> min_cpu <min_cpu> max_cpu <min_cpu>;

    Example

    ALTER resource_config r2 min_cpu 1 max_cpu 2;
    Note

    • You cannot update a resource configuration that is being used by a tenant.

    • Configure the min_cpu and max_cpu parameters based on the node specifications of your cluster.

    • When you create a resource configuration, the system does not check the resource configuration against the cluster node specifications. This check occurs only if a tenant is bound to the resource configuration.

    • Make sure that the value of the min_cpu parameter of each tenant does not exceed the number of CPU cores of the cluster node specifications minus 1. You must reserve at least one CPU core for the system tenant. Otherwise, tenants may fail to be bound to the resource configurations.

    • The resources available for the users of the system tenant are the total CPU resources minus the CPU resources allocated to exclusive tenants.

    Delete a resource configuration

    Use the privileged account to connect to the cluster and then execute the DROP statement to delete a resource configuration.

    Syntax

    DROP resource_config <resource_config_name>;

    Example

    DROP resource_config r1;
    Note

    You cannot delete a resource configuration that is being used by a tenant.

    Manage tenants

    Tenants are classified into two types: system tenant and regular tenant. The system tenant is designed to accommodate users in the original mode and does not require or involve management operations. This section describes how to manage regular tenants.

    Create a tenant

    Use the privileged account to connect to the cluster, and then execute the CREATE statement to create a tenant.

    Syntax

    CREATE tenant <tenant_name> resource_config <resource_config_name>;

    Example

    CREATE tenant tn1 resource_config r1;
    Note

    • The tenant name can be up to 10 characters in length and can contain uppercase letters, lowercase letters, digits, and underscores (_).

    • Make sure that the sum of the values of the min_cpu parameter in the resource configurations of all tenants does not exceed the number of CPU cores of the cluster node specifications minus 1.

    View tenants

    Use the privileged account to connect to the cluster and then execute the SELECT statement to view information about tenants.

    Example

    SELECT * FROM mysql.tenants;
    +-------------+----------------------+
| tenant_name | resource_config_name |
+-------------+----------------------+
| tn1         | r1                   |
+-------------+----------------------+

    Modify a tenant

    Use the privileged account to connect to the cluster and then execute the ALTER statement to modify the information of a tenant.

    Syntax

    ALTER tenant <tenant_name> resource_config <resource_config_name>;

    Example

    ALTER tenant tn1 resource_config r2;
    Note

    • The tenant name can be up to 10 characters in length and can contain uppercase letters, lowercase letters, digits, and underscores (_).

    • Make sure that the sum of the values of the min_cpu parameter in the resource configurations of all tenants does not exceed the number of CPU cores of the cluster node specifications minus 1.

    Delete a tenant

    Use the privileged account to connect to the cluster, and then execute the DROP statement to delete a tenant.

    Syntax

    DROP tenant <tenant_name>;

    Example

    DROP tenant tn1;
    Note

    • Before you delete a tenant, make sure that the databases of the tenant are deleted. Otherwise, the tenant cannot be deleted.

    • When you delete a tenant, all users of the tenant are automatically deleted. Proceed with caution when you delete a tenant.

    Manage users

    Users are divided into two types: users of the system tenant and users of regular tenants. Users of the system tenant are users in the original mode. For information about how to manage users of the system tenant, see Account management. This section describes how to manage the users of regular tenants.

    You can perform the corresponding management operations in the system tenant or regular tenants.

    Note

    • To create or delete a user in the system tenant, you must specify the user in the 'User name@Tenant name' format.

    • In standalone multi-tenant mode, the usernames can be up to 20 characters in length and can contain only uppercase letters, lowercase letters, digits, and underscores (_).

    • You cannot create the following users in a tenant:

      • replicator

      • root

      • mysql.infoschema

      • mysql.session

      • mysql.sys

      • aurora

      • aliyun_root

    • The users of a tenant cannot have the permissions on the __recycle_bin__, mysql, performance_schema, or sys database.

    System tenant

    You can use the privileged account in the system tenant to create and delete the users of a regular tenant.

    Create a user

    Use the privileged account to connect to the cluster and then execute the CREATE statement to create a user in a regular tenant.

    Syntax

    CREATE USER <user_name>@<tenant_name> [IDENTIFIED BY <password>];

    Example

    -- without a password
CREATE USER 'u1@tn1';
    -- with a password
CREATE USER 'u1@tn1' IDENTIFIED BY 'password';

    Remove a user

    Use the privileged account to connect to the cluster and then execute the DROP statement to remove a user from a regular tenant.

    Syntax

    DROP USER <user_name>@<tenant_name>;

    Example

    DROP USER 'u1@tn1';

    Grant permissions to a user

    Use the privileged account to connect to the cluster and grant permissions to a user of a regular tenant.

    • Grant permissions on a tenant to a user. After you grant the permissions on a tenant to a user, the user can access all databases of the tenant.

      Example: Grant permissions on tenant tn1 to user u1. 

      GRANT ALL PRIVILEGES ON `%@tn1`.* to 'u1@tn1'@'%' WITH GRANT OPTION;

    • Grant CREATE USER permissions. After you grant the CREATE USER permissions on a user, the user can create other users in the current tenant.

      Example: Grant CREATE USER permissions to user u1. 

      GRANT CREATE USER ON *.* TO 'u1@tn1'@'%';

    • View the permissions of a user.

      Example: View the permissions of user u1. 

      SHOW GRANTS FOR 'u1@tn1';
      +---------------------------------------------------------------------+
| Grants for u1@tn1@%                                                 |
+---------------------------------------------------------------------+
| GRANT CREATE USER ON *.* TO `u1@tn1`@`%`                            |
| GRANT ALL PRIVILEGES ON `%@tn1`.* TO `u1@tn1`@`%` WITH GRANT OPTION |
+---------------------------------------------------------------------+

    Regular tenant

    You can create and delete users in a regular tenant by using another user from the same tenant. Before you perform this operation, make sure that the user that you are logged on with has the CREATE USER permissions. For information about how to grant the permissions, see the Manage users > System tenant > Grant permissions to a user section of this topic.

    Create a user

    Use a user of the tenant to connect to the cluster and then execute the CREATE statement to create a user in the tenant. For information about how to create a user in a tenant, see the Manager users > System tenant > Create a user section of this topic.

    Syntax

    CREATE USER <user_name> [IDENTIFIED BY <password>];

    Example

    -- without password
CREATE USER 'u2';
    -- with a password
CREATE USER 'u2' IDENTIFIED BY 'password';

    Remove a user

    Use a user of the tenant to connect to the cluster and then execute the DROP statement to remove a user from the tenant.

    Syntax

    DROP USER <user_name>;

    Example

    DROP USER 'u2';

    Grant permissions to a user

    Use a user of the tenant to connect to the cluster and then grant permissions to another user of the current tenant.

    • Grant global permissions to a user of the current tenant.

      Syntax

      GRANT SELECT ON *.* TO <user_name>

      Example

      GRANT SELECT ON *.* TO 'u2';

    • Grant database permissions to a user of the current tenant.

      Syntax

      GRANT SELECT ON <database_name>.* TO <user_name>

      Example

      GRANT SELECT ON db.* TO 'u2';
    Note

    • You cannot grant database-specific permissions and global permissions in multi-tenant mode at the same time. If you grant the preceding permissions in multi-tenant mode at the same time, the permissions may fail to be correctly identified. We recommend that you grant only one type of permission: global permissions or database-specific permissions.

    • For information about how to view the permissions of a user, see the System tenant > Grant permissions to a user section of this topic.

    Connect to a database

    When you use a client to connect to a database, you must specify the user in the username@tenant name format. After the connection is established, the user is subject to the resource limits of the tenant.

    Syntax

    mysql -h <host> -P <port> -u <user_name>@<tenant_name> -p

    Example

    mysql -h pc... -P 3306 -u u1@tn1 -p
Enter password:

    Manage databases

    Databases are divided into the databases of the system tenant and the databases of regular tenants. Databases of the system tenant are databases in the original mode. For information about how to manage databases of the system tenant, see Database management. This section describes how to manage the databases of regular tenants.

    You can perform the corresponding management operations in the system tenant or regular tenants.

    Note

    • To create or delete a database in the system tenant, specify the database in the 'Database name@Tenant name' format.

    • In standalone multi-tenant mode, the database names are up to 50 characters in length and can contain only uppercase letters, lowercase letters, digits, and underscores (_).

    • You cannot create the following databases in a tenant:

      • information_schema

      • performance_schema

      • mysql

      • sys

      • __recycle_bin__

      • query_rewrite

    • If you create a database such as dbms_ccl, dbms_outln, and dbms_consensus in a tenant, the users of the tenant cannot call built-in stored procedures in the databases. In this case, you can use the CALL dbms_admin.show_native_procedure(); statement to view all built-in stored procedures in the database.

    • If the name of a database in a tenant is the same as the schema_name in the built-in stored procedure, you cannot call the built-in stored procedure of the database.

    System tenant

    To create or remove a database from a regular tenant in the system tenant, use the privileged account to connect to the cluster.

    Create a database

    Use the privileged account to connect to the cluster and then execute the CREATE statement to create a database in a regular tenant.

    Syntax

    CREATE DATABASE <database_name>@<tenant_name>;

    Example

    CREATE DATABASE `db1@tn1`;

    Remove a database

    Use the privileged account to connect to the cluster and then execute the DROP statement to remove a database from a regular tenant.

    Syntax

    DROP DATABASE <database_name>@<tenant_name>;

    Example

    DROP DATABASE `db1@tn1`;

    Regular tenant

    You can create and delete databases within a regular tenant by using a user from the same tenant. Before you perform this operation, make sure that the user that you are logged on with has global permissions. For information about how to grant global permissions to a user, see the Manager users > System tenant > Grant permissions to a user section of this topic.

    Create a database

    Use a user of a tenant to connect to the cluster and then execute the CREATE statement to create a database for the current tenant. For information about how to create a user in a tenant, see the Manager users > System tenant > Create a user section of this topic.

    Syntax

    CREATE DATABASE <database_name>;

    Example

    CREATE DATABASE `db2`;

    Remove a database

    Use a user of a tenant to connect to the cluster and then execute the DROP statement to remove a database from the current tenant.

    Syntax

    DROP DATABASE <database_name>;

    Example

    DROP DATABASE `db2`;

    View the binding relationships between thread groups and tenants

    1. Use the privileged account to connect to the cluster, and then execute the following SQL statement to view the binding relationships between the thread groups and the tenants:

      SELECT * FROM information_schema.thread_pool_status;

    2. Sample output:

      When multi-tenant resource isolation is enabled, the TENANT_NAME column displays the tenant that exclusively uses the thread group. If the TENANT_NAME column of a thread group is empty, the thread group is shared by multiple tenants.

      TENANT_NAME: the name of the tenant that exclusively uses the thread group. 

      +----+--------------+---------------------+----------------------+-------------------+----------------+-------------+
| ID | THREAD_COUNT | ACTIVE_THREAD_COUNT | WAITING_THREAD_COUNT | DUMP_THREAD_COUNT |      ...       | TENANT_NAME |
+----+--------------+---------------------+----------------------+-------------------+----------------+-------------+
|  0 |            2 |                   0 |                    0 |                 0 |      ...       |             |
|  1 |            2 |                   1 |                    0 |                 0 |      ...       | tn1         |
|  2 |            4 |                   0 |                    0 |                 1 |      ...       |             |
|  3 |            2 |                   0 |                    0 |                 0 |      ...       |             |
|  4 |            3 |                   0 |                    0 |                 1 |      ...       |             |
+----+--------------+---------------------+----------------------+-------------------+----------------+-------------+

    View audit logs

    In the multi-tenant mode, audit logs record the databases and users involved in each operation.

    For example, the SQL queries performed by user u1 of tenant t2 on database db3 are recorded in the audit log. The database column is displayed as db3@t2, and the user column is displayed as u1@t2.