-
Notifications
You must be signed in to change notification settings - Fork 7
Use_case_Multitenancy
Kafka has some basic support for multitenancy, but it's not adequate for many multitenant use cases because topic names, group ids, transaction ids etc. are not properly namespaced. Specifically, two tenants cannot each have their own topic with a given name. Similarly for group ids, transaction ids etc.
The proxy can intercept all RPCs which contain names and enforce that those sent by/to tenant A are prefixed with A_, and those sent by/to tenant B are prefixed with B_, thus avoiding collisions.
Adding prefixes eats into the limited number of characters (249) in a topic's name.
In practice this unlikely to be a problem, however, as only one or two characters are needed, assuming we can map tenants to a small number of characters (how many tenants need to share the same cluster? 62²=3844 – [a-zA-Z0-9]{2} – seems like a lot).
This could be done in multiple ways:
- SNI
- Using listeners-per tenant -- probably doesn't scale very well
- Via authentication