Managing organizations, spaces, domains, and regions
Spaces, users, domains, and quota
The organization is the key grouping concept in IBM Bluemix. Each organization is composed of several elements.
Spaces provide a mechanism to collect related applications, services, and users. Every organization contains at least one space. All applications and services are associated with a single space.
Users participate in organizations and have varying capabilities based on their assigned roles. Users can be members of multiple organizations and can be changed from one organization to another through the Bluemix dashboard. Users might have different roles in different spaces in an organization.
Domains provide the base component of a route on the Internet for the organization. An application route is composed of both a host name that defaults to the application name plus the domain name. Creating a custom domain for an organization requires that the user register the domain name with the public DNS registry, configure the custom domain on Bluemix using the CLI or Web UI, and mapping requests to the domain through a CNAME to the desired Bluemix region secure endpoint.
Quota defines resource limits for the organization. Quota represents and controls the number of services and the amount of memory available for Cloud Foundry applications in all spaces of the organization.
Users are assigned roles at the Bluemix account, organization, and space level. At the account level, there is an account owner and account members. At the organization level, there are manager, billing manager, and auditor roles. At the space level there are manager, developer, and auditor roles.
Users with the manager or developer space role can access the VCAP_SERVICES environment variable for an application within the space. Users with the Auditor role can’t access VCAP_SERVICES.
A Bluemix region is a defined geographical territory where applications are deployed. Regions allow applications to be deployed closer to customers to reduce application latency or to localize application data to address security and privacy concerns. When deploying apps in multiple regions, if one region goes down, the apps that are in the other regions continue to run.