Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Multi tenancy support proposal #2495

Closed
wants to merge 1 commit into from
Closed

Multi tenancy support proposal #2495

wants to merge 1 commit into from

Conversation

pmatyjasek-sumo
Copy link
Contributor

Description: <Describe what has changed.
Multi tenancy support proposal:

  • Extend client struct to add ability to store client token.
  • Extract token from incoming request and associate it with resource (traces, metrics).
  • Batch data by token and send those batches after defined time

Testing: < Describe what testing was performed and which tests were added.>
Unit tests

@pmatyjasek-sumo
Multi tenancy support proposal:
6798626 
Extract token from incoming request and associate it with resource (traces, metrics).
Batch data by token and send those batches after defined time

Signed-off-by: Patryk Matyjasek <pmatyjasek@sumologic.com>
@pmatyjasek-sumo
Copy link
Contributor Author

@jpkrohling we've prepared some proposal related to multi tenant support

@pmatyjasek-sumo pmatyjasek-sumo mentioned this pull request Feb 15, 2021
Closed
@jpkrohling
Copy link
Member

Before reviewing this, I would like to ask whether you are familiar with the configauth helper, which will extract and validate bearer tokens, placing the subject and membership information in the context. Looks like some code here overlaps with that one. There's also the routing exporter, which could be used to route each tenant to its own backend if necessary. If you believe that a different multi-tenancy support is needed after reviewing the existing building blocks, please do share the use cases.

@pmatyjasek-sumo
Copy link
Contributor Author

@jpkrohling sure I'll check those and verify if it covers my use case. This one is only a draft proposal.

@bogdandrutu
Copy link
Member

@pmatyjasek-sumo an alternative approach that I think would be good to investigate, is to add these data as ClientData (or a better name) in the pdata messages we propagate on the pipelines. As en entry to the top level pdata.Traces (pdata.Metrics, etc.) OR to every ResourceX (ResourceSpans, ResourceMetrics, etc.). The reason for this is because in the Context there are other entries that we don't necessary want to preserve, example Deadline.

This is just to brainstorm :)

@jpkrohling
Copy link
Member

I like @bogdandrutu's proposal, and I think a good first step is to convert what we have in the configauth to place the incoming auth data in there. Candidate values:

  • token, in case a downstream component needs to obtain an extra field from the JWT
  • subject, with the username
  • membership, with the groups the users belongs to
  • IP, with the client's IP address

@tigrannajaryan
Copy link
Member

@pmatyjasek-sumo an alternative approach that I think would be good to investigate, is to add these data as ClientData (or a better name) in the pdata messages we propagate on the pipelines. As en entry to the top level pdata.Traces (pdata.Metrics, etc.) OR to every ResourceX (ResourceSpans, ResourceMetrics, etc.). The reason for this is because in the Context there are other entries that we don't necessary want to preserve, example Deadline.

This is just to brainstorm :)

I remember we briefly discussed this in the past. I believe the best place is in ResourceX. This way it can travel through most processors without any special effort (except the very special ones like groupbytrace which disassembles the span lists and assembles them in a different combination). If we place it in top-level pdata it will not survive batch processor.

@jpkrohling
Copy link
Member

except the very special ones like groupbytrace which disassembles the span lists and assembles them in a different combination

Great point. We'll need to add a warning to the readme for that processor. If I remember correctly, we create a new resource entirely, which means that we might not need to explicitly remove the client data from the resulting resource.

@pmm-sumo
Copy link
Contributor

pmm-sumo commented Feb 17, 2021
edited
Loading

except the very special ones like groupbytrace which disassembles the span lists and assembles them in a different combination

Great point. We'll need to add a warning to the readme for that processor. If I remember correctly, we create a new resource entirely, which means that we might not need to explicitly remove the client data from the resulting resource.

Or, the batch processor can be made aware of that and group it accordingly (might be handled by an option, as it will get computing extensive and would be required only for specific cases)

@tigrannajaryan
Copy link
Member

@pmatyjasek-sumo Given all the discussions above I think this proposal needs a more detailed design document that shows how it should work end to end. I think we need to see the design and discuss it before we can move forward with the implementation.

@tigrannajaryan tigrannajaryan mentioned this pull request Feb 19, 2021
Closed
@github-actions
Copy link
Contributor

This PR was marked stale due to lack of activity. It will be closed in 7 days.

@github-actions github-actions bot added the Stale label Feb 27, 2021
@tigrannajaryan tigrannajaryan mentioned this pull request Mar 3, 2021
Closed
5 tasks
@bogdandrutu bogdandrutu removed the Stale label Mar 4, 2021
@github-actions
Copy link
Contributor

This PR was marked stale due to lack of activity. It will be closed in 7 days.

@github-actions github-actions bot added the Stale label Mar 12, 2021
@bogdandrutu bogdandrutu removed the Stale label Mar 13, 2021
@github-actions
Copy link
Contributor

This PR was marked stale due to lack of activity. It will be closed in 7 days.

@github-actions github-actions bot added the Stale label Mar 20, 2021
@github-actions
Copy link
Contributor

Closed as inactive. Feel free to reopen if this PR is still being worked on.

@github-actions github-actions bot closed this Mar 28, 2021
@jean
Copy link

jean commented Apr 15, 2021

Is this issue really closed, or is it just stale-bot noise?

@jpkrohling
Copy link
Member

The first and second parts of the original request should be part of #2733. I don't think we have a tracking issue for the last point.

@jean jean mentioned this pull request Apr 15, 2021
Closed
hughesjj added a commit to hughesjj/opentelemetry-collector that referenced this pull request Apr 27, 2023
@hughesjj
Update smart agent to v5.27.2 (open-telemetry#2495)
1c00666
@yurishkuro yurishkuro mentioned this pull request Oct 29, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@pmatyjasek-sumo @jpkrohling @bogdandrutu @tigrannajaryan @pmm-sumo @jean