Really love the work you’re doing. We’re working on multi-tenant support for our application (org1.domain.com, org2, org3 etc) and I have a few ideas I’d be keen to run past everyone before we investment development dollars.
I am very new to this to please point out any mistakes I make!
Dynamically connecting to different org’s mongo db by parsing subdomain
Thank you for posting the topic here for further discussion!
As you’re aware, this has been an in-demand, yet thorny and difficult engineering undertaking since the beginning of our project. History of which is more or less documented on this long running issue:
Behind the scene, we have seen no less than 3+ attempts (some heavily funded) using the documented approaches that had resulted in either:
abandonment
perhaps a code fork (public/private) that satisfied the participant’s particular requirements, but not “good enough” for upstream merge because it did not solve the general problem
Our learning during these 3+ years of community attempts and feedback has been:
a) the mizzao partitioner approach is likely not the solution as devoted groups have attempted and abandoned; this is especially relevant as we continue to remove the dependency of our code on the Meteor framework moving forward
b) the general PARTITIONING and SECURED ISOLATION BETWEEN TENANTS problem is extremely difficult to solve at the Javascript App level (it has no prior art!), and yet ultimately a HARD REQUIREMENT for the solution to be generally acceptable (for any specific set of requirements - some intermediate level of secured partitioning might be acceptable)
FWIW - In order to move on with multi-tenant in production (see our cloud offerings if you are interested), we ourselves have leveraged the industry wide movement of adopting orchestrations of lightweight containers to achieve a level of secured isolation between tenants that is acceptable to our own requirements.
Having shared that, we remain continually hopeful (with receptive open mind) of innovative solutions from our community.
We successfully enabled multi-tenant for our purposes. The key that allows us to do that is ignoring the secured isolation between tenants rule (as our app is for consumers, there is no need for this)
For others out there, to recreate this:
Parse subdomain
Store it in Sessions variable in Meteor client (to use in other parts of the app), also add it as a customField in both Rooms and Users
Implement a new find() function for Rooms and Users that intercepts a query and adds in the subdomain filter
We needed server side user session tracking (like Sessions but for the server) so we know which subdomain to use for each call. We saved this.connection.id, subdomain and userId down.
Do some cosmetic changes in the front end to filter by subdomain (e.g. stuff like RoomList)
Apart from the isolation point, are there any vulnerabilities that you can see?
Hi,
Really interesting feature !
But could your feature about managing several domain be independent of multi-tenant ?
I mean that I have a similar use case, but not on same rules. I would prefer to manage only one MongoDB (with sharded option) for all tenant and/or I would like at least to be able to access to the same RocketChat instance from several domains. All domaines have several organization on the same domain, and tenant are defined from a user property that identify his organization current context. And the last point is that a user can be on several organization.