S3/MinIO

Owned by Julian Ladisch
Last updated: Jan 12, 2023 by Radhakrishnan Gopalakrishnan
1 min read
Status

IN PROGRESS

Stakeholders

Technical Leads, Developers

OutcomeHow to use external object storage
Created date

  

Owner

Julian Ladisch

NOTICE

This decision has been migrated to the Technical Council's Decision Log as part of a consolidation effort.  See:  DR-000026 - S3/MinIO


Decision of the TC on 2021-08-18:

  • The S3 API is the protocol for external (non-Postgres) object storage in FOLIO and standard environment variables/configuration of an S3 server on a per module basis.
  • The module implementation of object storage must conform to the FOLIO standards for tenant separation
    • The recommended standards will be referenced/pointed out by the tech leads.
      • e.g. how tenant separation should be handled, etc.
      • Jakub Skoczen will raise the topic with the tech leads
  • Should the min.io client library be the recommended client as object storage choice agnostic library, but modules could also choose the native S3 implementation?
    • Yes.
  • Should teams be allowed to store binary data in Postgres?  In some cases (amount of data is small, etc.)?
    • Yes.  If external object storage (not Postgres) is required, it must be S3.
    • Regardless of which is used, tenant separation still must be done. (x3)

Request of the Security Group on 2021-08-20:

  • Binary files must be stored with strict tenant and module separation.
  • A FOLIO MinIO security guide for developers and sysops must be published and reviewed by the security team before more modules start using it.
    • e.g. Including guidance for how to do the tenant/module separation.
    • The tech leads group will discuss this as noted during the TC meeting (see TC 2021-08-18 Meeting notes).