-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[EPIC] S3 multi-tenancy on tmail-backend #1315
Comments
After analyzing the related code that uses the method For the Tmail-backend module:
We will update the interfaces to include an additional argument, such as a Domain or Tenant. For example: And using MailboxSession to bypass Domain value For the James site (classes from james-project module):We will create new classes specifically for Tmail-backend and use Guice to rebind them:
To reduce effort, we will focus on BlobStore for storing body data. For metadata, we can retain the existing logic and continue using a shared default bucket. |
My idea:
|
UploadRepository implementations may be also needed to override |
I think we should avoid as much as possible (if not entirely) code changes on James side, and I feel like the changes proposed above would enrage the community again. How about implementing a
Then TenancyBlobStoreDAO would reimplement the read and write operations, resolve the bucket name depending if we have a domain or not, resolve the blobId depending if we have a prefix for domain or not, then call the function of the blobStoreDAO with those resolved names. For ssec key derivation, I believe just adding like in here https://github.com/apache/james-project/pull/2493/files#diff-0ba4d3f414a7fb4f8a8843347bf31ee1e51fe6b4a7cfef4b4a878ec7a2e5a311 the
public class TenancyBucketNameResolver {
public static BucketName resolve(BucketName bucketName, Optional<Domain> maybeDomain) {
Preconditions.checkNotNull(bucketName);
return BucketName.of(maybeDomain.map(domain -> domain + "-" + bucketName.asString())
.orElse(bucketName.asString())
}
}
public class TenancyBlobIdResolver {
private final BlobId.Factory blobIdFactory;
@Inject
public TenancyBlobIdResolver(BlobId.Factory blobIdFactory) {
this.blobIdFactory = blobIdFactory;
}
public BlobId resolve(BlobId blobId, Optional<Domain> maybeDomain) {
Preconditions.checkNotNull(blobId);
return blobIdFactory.of(maybeDomain.map(domain -> domain + "-" + blobId.asString())
.orElse(blobId.asString())
}
} We then likely avoid changing code on james side? However I still have some remaining issues that I'm thinking of:
|
My original idea would be to record on James side the mailboxSession onto the reactive context (like for MDC) Then, we simply need to read the context within TMail |
It looks great at first. |
+1 |
no need to care actually with this proposal, the TenancyBlobStoreDAO will do the underlying job |
Of course it's just a proposition of tasks here and we are still in grooming phase, up for discussion:
Explanation of the task list choice:
Feel free to argue :) |
Please stop grooming multi-tenancy and help on operational topics. |
Roger |
After the latest discussions on this topic on the james ML, it seems that multi-tenancy might be more suitable for implementing it on tmail-backend side.
Initial topic on james backlog: linagora/james-project#5263
We need to groom and find a solution how to achieve a similar result on Tmail side in a smart way
The text was updated successfully, but these errors were encountered: