Re: Extending Org to support multi-level Orgs (i.e. OU)

James Bayer

using separate regions or geographies implies a separate CF installations.
there is no way today to use a single quota across multiple CF

this "no sharing across region boundaries" approach is actually aligned
with how aws manages resource limits, which are almost completely region
specific [1] and do not have an uber-resource limits shared across the
regions except for a few exceptions.

within a single cf installation, you can set sub-quotas at a space level,
which can limit the amount of resources any one space can use within an org.

further down the road, there are discussions around a concept called
'isolation groups' that dieu is going to share a design doc on soon. in
addition to have targeted sets of local capacity for particular tenants,
isolation groups have some potential to address the use case of a remote
set of cf components with capacity that is managed from a centralized cloud
controller. there are many issues to work-out however as how do you handle
network segments and loss of a connection to the control plane or some of
the centralized information and artifacts you may need. we may end up
having to federate some of that 'intended state' information as well as
propagate artifacts like app source code, droplets, docker images,
buildpacks, etc so that there are local copies of assets that originate
from a central source.


On Fri, Sep 11, 2015 at 11:49 AM, Zongwei Sun <Zongwei.Sun(a)>

The following is what they have asked for:
1. Total quotas for their whole ORG;
2. Each Branch has its own quotas;
3. Super users for the ORG can access each Branch.

What we have offered them:
1. Created a separated ORG for each branch;
2. Each separated ORG (for a branch site) has quotas

What are still missing:
1. Uniform ORG for their corporation
2. No way to set quotas for deeper organization units
3. No uniform way distribute or manage resources across their organization


Thank you,

James Bayer

Join { to automatically receive all group messages.