Run only one MinIO server for multi-tenancy #14137
-
Is your feature request related to a problem? Please describe. Describe the solution you'd like Describe alternatives you've considered Additional context |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 3 replies
-
The use-case is very similar to why you would run multiple virtual machines on the same hardware, It provides isolation for data that doesn't need to share the same namespace. It provides the best security and also the flexibility of managing multiple customers on the same hardware. MinIO is used in this fashion as well in many customer deployments. |
Beta Was this translation helpful? Give feedback.
-
I would also argue that MinIO is using term "multi-tenancy" incorrectly on its documentation because it is actually using "multi-instance" model. However, it is very easy to enable real multi-tenancy to single MinIO instance by utilizing S3 policies. Example, you might create policy like this: {
"Version": "2012-10-17",
"Statement": [
{
"Action": "s3:*",
"Effect": "Allow",
"Resource": "arn:aws:s3:::tenant1-*"
}
]
} Which allow users to do any operations for buckets which name starts with "tenant1-". Alternatively you can use model where there is just one bucket per tenant and use one more level in folder structure. |
Beta Was this translation helpful? Give feedback.
The use-case is very similar to why you would run multiple virtual machines on the same hardware, It provides isolation for data that doesn't need to share the same namespace.
It provides the best security and also the flexibility of managing multiple customers on the same hardware. MinIO is used in this fashion as well in many customer deployments.