[
https://issues.apache.org/jira/browse/DISPATCH-1585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17072650#comment-17072650
]
Ulf Lilleengen commented on DISPATCH-1585:
--
Lets say you have a service suporting multiple tenants, but a single tenant can
have applications running in 2 separate networks (but they belong to the same
'tenant', i.e. they have the same addresses), so the client applications
connect to the router via 2 different hosts, lets say internal.example.com and
public.example.com. Today, I would need to model it this way (omitting the
broker connector and unneeded details):
{code:java}
[
["listener", { "host": "0.0.0.0", "port": 56721, "authenticatePeer": false,
"saslMechanisms": "ANONYMOUS", "multiTenant": true }],
["policy", {"enableVhostPolicy": true, "defaultVhost": "$default" }],
["vhost", { "hostname": "internal.example.com", "allowUnknownUser": true,
// ... }],
["address", { "waypoint": true, "prefix": "internal.example.com/foo" }],
["autoLink", { "address": "internal.example.com/foo", "direction": "out",
"connection": "broker", "externalAddress": "t1/foo" }],
["autoLink", { "address": "internal.example.com/foo", "direction": "in",
"connection": "broker", "externalAddress": "t1/foo" }],
["vhost", { "hostname": "public.example.com", "allowUnknownUser": true, //
... }],
["address", { "waypoint": true, "prefix": "public.example.com/foo" }],
["autoLink", { "address": "public.example.com/foo", "direction": "out",
"connection": "broker", "externalAddress": "t1/foo" }],
["autoLink", { "address": "public.example.com/foo", "direction": "in",
"connection": "broker", "externalAddress": "t1/foo" }],
]
{code}
So, for every host to expose for this tenant, a lot of configuration is needed.
There is only one address in this example, but when you have 10k addresses, its
starting to be a lot of work reconfiguring the router just to expose on a new
host.
So, what would be very useful for this case is to have some way to specify a
mapping from virtual host to the prefix matched for addresses. I.e
{code:java}
[
["listener", { "host": "0.0.0.0", "port": 56721, "authenticatePeer": false,
"saslMechanisms": "ANONYMOUS", "multiTenant": true }],
["policy", {"enableVhostPolicy": true, "defaultVhost": "$default" }],
// List of hostnames that this vhost should apply to, and a prefix that
hostnames should be replaced with when doing routing.
["vhost", { "hostnames": ["internal.example.com", "public.example.com"],
"prefix": "tenant1", "allowUnknownUser": true, // ... }],
["address", { "waypoint": true, "prefix": "tenant1/foo" }],
["autoLink", { "address": "tenant1/foo", "direction": "out", "connection":
"broker", "externalAddress": "t1/foo" }],
["autoLink", { "address": "tenant1/foo", "direction": "in", "connection":
"broker", "externalAddress": "t1/foo" }],
]{code}
This means the amount of configuration to change would be a lot less if you
have many addresses. There are probably better ways to model this than my
example, but hopefully it shows the reason for raising this issue.
> Allow specifying address/source/target to be used for a multitenant listener
>
>
> Key: DISPATCH-1585
> URL: https://issues.apache.org/jira/browse/DISPATCH-1585
> Project: Qpid Dispatch
> Issue Type: Wish
>Reporter: Ulf Lilleengen
>Priority: Major
>
> At present, a multitenant router listener will prefix addresses with the
> hostname in the AMQP Open. However, given a configuration where it is
> desirable to expose a router address space for multiple DNS names, any
> address, linkRoute and autoLink configuration will need to be duplicated for
> each DNS name. This complicates router configuration significantly.
>
> Instead, having a way to specify which prefix to apply for a multitenant
> listener would allow reusing the same address, autoLink and linkRoute
> configuration for multiple listeners.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
-
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
