Merge pull request #109 from stakater/docs1

added explanation and benefits
stakater · Apr 15, 2024 · f4b0c06 · f4b0c06
2 parents 1b2c389 + 802c6f8
commit f4b0c06
Show file tree

Hide file tree

Showing 3 changed files with 64 additions and 0 deletions.
diff --git a/content/explanation/why-ns-from-tenant-cr.md b/content/explanation/why-ns-from-tenant-cr.md
@@ -0,0 +1,15 @@
+# Advantages of managing Namespaces from Tenant CR
+
+* **Granular Control**: Tenant CRs provide fine-grained control over namespace management, allowing for precise configuration of access control, isolation, user management, and security policies specific to each namespace.
+
+* **Centralized Management**: By utilizing Tenant CRs, namespace creation and management can be centralized, simplifying administrative tasks and ensuring consistent enforcement of policies across all namespaces.
+
+* **Automated Prefix Model**: Tenant CRs support an automated prefix model for namespace creation, streamlining the addition of common prefixes like "dev" or "stage" to make namespaces unique for each tenant. This automation reduces manual effort and maintains naming convention consistency.
+
+* **Efficient Label Management**: With Tenant CRs, labels and annotations across namespaces can be managed centrally, improving operational efficiency and providing better visibility into the environment.
+
+* **Simplified GitOps**: Tenant CRs streamline GitOps practices by enabling the management of multiple namespaces from a single point. This integration simplifies deployment workflows and reduces the need to navigate through multiple repositories or folders for namespace-related changes.
+
+* **Namespace provisioning for AppProjects**: Automated distribution of namespaces into their respective AppProjects.
+
+[Creating Namespaces from Tenant CR](../tutorials/tenant/creating-namespaces.md)
diff --git a/content/index.md b/content/index.md
@@ -125,3 +125,51 @@ With Multi Tenant Operator teams can share a single cluster with multiple teams,
 ## Native Experience
 
 Multi Tenant Operator provides multi-tenancy with a native Kubernetes experience without introducing additional management layers, plugins, or customized binaries.
+
+## Benefits and Value Propositions
+
+### Platform Administrator
+
+* **Efficient Resource Utilization**: Through MTO, the platform administrator can efficiently control quotas, enabling the sharing of an OpenShift cluster with multiple tenants, thereby maximizing resource utilization and reducing operational overhead.
+
+* **Centralized Management**: With MTO, the administrator can configure and manage tenants and their sandboxes centrally, minimizing efforts and ensuring consistent configurations.
+
+* **Streamlined RBAC Configuration**: MTO simplifies RBAC configuration by providing a "least privilege" mindset and automatically updating rules, reducing errors and manual efforts.
+
+* **Integration with External Identity Management**: MTO seamlessly integrates with external identity management systems, allowing administrators to leverage existing groups for maintaining tenant membership.
+
+* **Enhanced Security with Vault Multitenancy**: Through MTO, the permission model extends to both HashiCorp Vault and ArgoCD, empowering administrators to manage RBAC in both systems seamlessly. This ensures tenant users can securely manage their own secrets in Vault and maintain control over their deployments with ArgoCD.
+
+### DevOps Engineer
+
+* **Simplified RBAC Configuration**: MTO abstracts RBAC configuration complexities, allowing DevOps engineers to focus on writing pipelines and deploying applications without worrying about access control.
+
+* **Integrated ArgoCD Multitenancy**: MTO extends the permission model to ArgoCD, simplifying RBAC management for tenants, thus reducing overhead in managing deployments.
+
+* **Resource Management**: MTO enables defining Resource Quotas at the tenant scope, ensuring that dev teams can self-serve namespaces within allocated resources, promoting autonomy and agility.
+
+* **Efficient Namespace Provisioning with Templates**: MTO allows defining templates for namespaces, enabling engineers to provision namespaces with preloaded configurations, reducing setup time and ensuring consistency.
+
+* **GitOps-Ready Configuration**: MTO is fully configurable using Custom Resources, making it compatible with GitOps practices, thus facilitating seamless automation and version-controlled configurations.
+
+### Developer
+
+* **Self-Service Namespace Provisioning**: With MTO, developers can safely provision namespaces for themselves and their teams, promoting agility and reducing dependency on platform administrators.
+
+* **Prepopulated Development Environments**: MTO's templating mechanism enables automatic prepopulation of namespaces with resources such as network policies or Helm charts, providing developers with ready-to-use development environments.
+
+* **Native Kubernetes Experience**: Developers can work with MTO without the need for additional management layers or customized binaries, ensuring a seamless and familiar Kubernetes experience.
+
+* **Cross-Namespace Resource Distribution**: MTO supports cloning of secrets and configmaps across namespaces, allowing developers to access resources easily while maintaining isolation between tenants.
+
+* **Self-Managing Secrets in Vault Integration**: Leveraging MTO's capabilities, tenants enabled with Vault integration gain independent access to designated secrets paths tailored to their permissions. This empowers individual members to interact autonomously with Vault, ensuring seamless utilization of sensitive information without any cross-tenant interference or dependency.
+
+### Platform Owner
+
+* **Efficient Resource Management**: MTO enables efficient resource management by allowing multiple tenants to share a single cluster, reducing operational and management efforts, and preventing Kubernetes cluster sprawl.
+
+* **Cost Management with Showback**: MTO's showback functionality enables accurate tracking of resource usage by each tenant or namespace, facilitating cost monitoring, optimization, and fair billing.
+
+* **Streamlined Administration with MTO Console**: The MTO Console provides a comprehensive interface for managing multi-tenant environments, simplifying administrative tasks, and offering insights into tenant-related resources.
+
+* **Hibernation for Resource Optimization**: MTO can downscale deployments and stateful sets in a tenant's namespace based on defined sleep schedules, optimizing resource utilization and reducing costs during off-peak hours.
diff --git a/theme_override/mkdocs.yml b/theme_override/mkdocs.yml
@@ -56,6 +56,7 @@ nav:
       - explanation/auth.md
       - explanation/why-argocd-multi-tenancy.md
       - explanation/logs-metrics.md
+      - explanation/why-ns-from-tenant-cr.md
     - faq.md
     - changelog.md
     - eula.md