Hi @steve
Thank you for posting the topic here for further discussion!
As you’re aware, this has been an in-demand, yet thorny and difficult engineering undertaking since the beginning of our project. History of which is more or less documented on this long running issue:
Behind the scene, we have seen no less than 3+ attempts (some heavily funded) using the documented approaches that had resulted in either:
- abandonment
- perhaps a code fork (public/private) that satisfied the participant’s particular requirements, but not “good enough” for upstream merge because it did not solve the general problem
Our learning during these 3+ years of community attempts and feedback has been:
a) the mizzao partitioner approach is likely not the solution as devoted groups have attempted and abandoned; this is especially relevant as we continue to remove the dependency of our code on the Meteor framework moving forward
b) the general PARTITIONING and SECURED ISOLATION BETWEEN TENANTS problem is extremely difficult to solve at the Javascript App level (it has no prior art!), and yet ultimately a HARD REQUIREMENT for the solution to be generally acceptable (for any specific set of requirements - some intermediate level of secured partitioning might be acceptable)
FWIW - In order to move on with multi-tenant in production (see our cloud offerings if you are interested), we ourselves have leveraged the industry wide movement of adopting orchestrations of lightweight containers to achieve a level of secured isolation between tenants that is acceptable to our own requirements.
Having shared that, we remain continually hopeful (with receptive open mind) of innovative solutions from our community.