Multi-Tenancy Has Layers: Peeling the Kubernetes Onion One Question at a Time

The word is out: your IT leadership has decided that your organization needs a multi-tenant platform, and it is your task to design it.

As a platform architect, you must gather the requirements from the business and tenants to map them into reliable boundaries across the multiple layers of a Kubernetes platform: From obvious ones like compute and network to often overlooked ones such as control plane's components, supporting cluster services, and tooling.

While multi-tenancy models are highly dependent on the level of trust among tenants, they are often constrained by the costs associated with providing hard isolation boundaries.

In this talk, we will explore soft and hard boundaries at each layer by formulating the questions that you should ask all relevant stakeholders. We will do so while discussing the effects that noisy neighbors may cause when there are no boundaries in place, and the risks associated with boundary breaches in environments with no trust between tenants.