This is an automated email from the ASF dual-hosted git repository. sijie pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/pulsar.wiki.git
The following commit(s) were added to refs/heads/master by this push: new 76f8033 Created PIP 51: Tenant policy support (markdown) 76f8033 is described below commit 76f80330aab02a408042354a79a61c468a2175f4 Author: Sijie Guo <guosi...@gmail.com> AuthorDate: Mon Dec 2 17:45:14 2019 -0800 Created PIP 51: Tenant policy support (markdown) --- PIP-51:-Tenant-policy-support.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/PIP-51:-Tenant-policy-support.md b/PIP-51:-Tenant-policy-support.md new file mode 100644 index 0000000..61e687e --- /dev/null +++ b/PIP-51:-Tenant-policy-support.md @@ -0,0 +1,19 @@ +- Status: Draft +- Author: Alexandre DUVAL +- Pull request: +- Mailing list discussion: https://lists.apache.org/thread.html/a937326861b8e49fdb9fc8982010f41fb978a88311ebeb0f24bb695f@%3Cdev.pulsar.apache.org%3E +- Release: + +## Motivation + +Pulsar quotas, retentions and other policies are defined on namespaces level and only enforced at topic level. It would be great to have global policies on tenant level which can be overriden if policies are lower in namespaces level. + +The main goal is to provide a tenant for external users and a the way to define namespaces and so on with tenant level policies defined by the tenant provider. + +## Proposed changes + +The tenant's adminRoles property would be used to define the tenant's level policies. Then we will need to add a tenant userRoles which should be able to create namespaces and everything in the tenant that does not exceed the tenants level policies. + +Then the namespaces policies should inherit from tenant policies with a global verifier for all namespaces to not exceed tenant policies. + +It wouldn't be too difficult for retention and storage part. We would have to just check periodically on the already supplied brokers load report and get the overall namespace/tenant quota. If quotas exceed, then block producers only (not sure delete exceeded data because of the async block part is a good idea). \ No newline at end of file