S3/MinIO
Status | In Progress |
|---|---|
Stakeholders | Technical Leads, Developers |
Outcome | How to use external object storage |
Created date | Aug 20, 2021 |
Owner | @Julian Ladisch |
NOTICE
This decision has been migrated to the Technical Council's Decision Log as part of a consolidation effort. See: DR-000026 - S3/MinIO
Decision of the TC on 2021-08-18:
The S3 API is the protocol for external (non-Postgres) object storage in FOLIO and standard environment variables/configuration of an S3 server on a per module basis.
The module implementation of object storage must conform to the FOLIO standards for tenant separation
The recommended standards will be referenced/pointed out by the tech leads.
e.g. how tenant separation should be handled, etc.
@Jakub Skoczen will raise the topic with the tech leads
Should the min.io client library be the recommended client as object storage choice agnostic library, but modules could also choose the native S3 implementation?
Yes.
Should teams be allowed to store binary data in Postgres? In some cases (amount of data is small, etc.)?
Yes. If external object storage (not Postgres) is required, it must be S3.
Regardless of which is used, tenant separation still must be done. (x3)
Request of the Security Group on 2021-08-20:
Binary files must be stored with strict tenant and module separation.
A FOLIO MinIO security guide for developers and sysops must be published and reviewed by the security team before more modules start using it.
e.g. Including guidance for how to do the tenant/module separation.
The tech leads group will discuss this as noted during the TC meeting (see TC 2021-08-18 Meeting notes).