Technical Leads, Developers

OutcomeHow to use external object storage
Created date




This decision has been migrated to the Technical Council's Decision Log as part of a consolidation effort.  See:  DR-000026 - S3/MinIO

Decision of the TC on 2021-08-18:

  • The S3 API is the protocol for external (non-Postgres) object storage in FOLIO and standard environment variables/configuration of an S3 server on a per module basis.
  • The module implementation of object storage must conform to the FOLIO standards for tenant separation
    • The recommended standards will be referenced/pointed out by the tech leads.
      • e.g. how tenant separation should be handled, etc.
      • Jakub Skoczen will raise the topic with the tech leads
  • Should the min.io client library be the recommended client as object storage choice agnostic library, but modules could also choose the native S3 implementation?
    • Yes.
  • Should teams be allowed to store binary data in Postgres?  In some cases (amount of data is small, etc.)?
    • Yes.  If external object storage (not Postgres) is required, it must be S3.
    • Regardless of which is used, tenant separation still must be done. (x3)

Request of the Security Group on 2021-08-20:

  • Binary files must be stored with strict tenant and module separation.
  • A FOLIO MinIO security guide for developers and sysops must be published and reviewed by the security team before more modules start using it.
    • e.g. Including guidance for how to do the tenant/module separation.
    • The tech leads group will discuss this as noted during the TC meeting (see TC 2021-08-18 Meeting notes).