New multi-tenancy feature: Domains

Pulp is going to gain the concept of a domain (similar to a namespace) to enable true multi-tenancy. Most all Pulp models except User, Group and Role would gain a foreign key to a domain, and add it to all their uniqueness constraints. See [0] for all models gaining or not gaining a foreign key to a domain. Roles will now be assigned on the global, domain and object level. Since most objects will be apart of a domain, object permissions will be scoped to that domain. Storage will become configurable on the domain level with two different domains being able to store the same artifact twice, each in their own storage bucket. Domains will be isolated from each other and cross-domain object usage will not be allowed. This feature will be opt-in with a new settings flag and should not break existing plugins. However, plugins will be required to make changes if they want to support this feature. Behind the scenes a default domain (named “default”) will be created and added to all current Pulp objects. With this feature disabled objects and actions will be scoped to the default domain with the current API urls staying the same. With the feature enabled all scoped objects & actions will require the domain name in the url.

The current pulpcore & pulp_file implementation of this feature can be found at [1] [2]. Please have a look and leave comments and questions.

[0] Models with Domains - HackMD

1 Like

Are domains supposed to be able to share a storage configuration (e.g. Two domains on local disc storage, two domains in the same cloud object store, …)? I guess they will still be isolated then?

Yes, two domains can share the same storage. They will be stored in their separate directories and it will be up to the storage backend to determine if deduplication is done on the hardware.

1 Like