-
Notifications
You must be signed in to change notification settings - Fork 503
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add documentation for dynamic configuration of tenancy in Dashboards #3694
Conversation
Signed-off-by: cwillum <[email protected]>
Signed-off-by: cwillum <[email protected]>
Signed-off-by: cwillum <[email protected]>
Signed-off-by: cwillum <[email protected]>
Signed-off-by: cwillum <[email protected]>
Signed-off-by: cwillum <[email protected]>
* Finally, once the feature has been enabled and used in a test cluster, the feature cannot be disabled for the cluster. Disabling the feature once it has been used to work with tenants and saved objects can result in the loss of saved objects and have an impact on tenant-to-tenant functionality. | ||
* Finally, once the feature has been enabled and used in a test cluster, the feature cannot be disabled for the cluster. Disabling the feature once it has been used to work with tenants and saved objects can result in the loss of saved objects and can have an impact on tenant-to-tenant functionality. | ||
|
||
While aggregate view is enabled, a loss of saved objects and impact to tenant-to-tenant functionality can also occur when the larger multi-tenancy feature is disabled. This includes disabling multi-tenancy in the security `config.yml` file settings or by using dynamic configuration. Keep this in mind before enabling aggregate view for your test cluster. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@RyanL1997 I don't think there will be a loss of saved objects with respect to Aggregation view feature when multi-tenancy is disabled. Can you confirm?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@abhivka7 @RyanL1997 I understood that some changes needed to be made so that aggregate view was compatible with dynamic configuration. The result of those changes was that disabling multi-tenancy would also disable the aggregate view feature. And once both were disabled, it made the last bullet above a concern:
"Finally, once the feature has been enabled and used in a test cluster, the feature cannot be disabled for the cluster. ..."
Let's clarify this so I can make changes to the warning note if necessary. Thanks.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@cwillum Basically aggregation view is only shown when multitenancy is enabled. If we disable multitenancy then there is no point in showing aggregation view. So aggregation view as a feature in itself can not be disabled once it has been enabled. But it still needs multitenancy to be enabled as a pre-requisite.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @abhivka7 and @cwillum . I will just move some of our conversation over here for references:
- This potential risk / known limitation existed since the launch of the aggregation view feature, referencing to the previous documentation here (https://opensearch.org/docs/latest/security/multi-tenancy/mt-agg-view/#known-limitations):
Finally, once the feature has been enabled and used in a test cluster, the feature cannot be disabled for the cluster. Disabling the feature once it has been used to work with tenants and saved objects can result in the loss of saved objects and have an impact on tenant-to-tenant functionality.
- According to the new feature of Dynamically Configurable Multi-tenancy, it didn't change any previous technical design of both aggregation view feature and tenancy feature. However, it does change some accessibility of multi-tenancy configuration. That's reason of @cwillum is helping us to summarizing and emphasizing some specific details of these potential user behaviors, so that we can warn user about the above risks even with a non-production environment
All in all, big thanks to both of you for the follow-ups. I think we have sorted everything clear.
Signed-off-by: cwillum <[email protected]>
Signed-off-by: cwillum <[email protected]>
Signed-off-by: cwillum <[email protected]>
Signed-off-by: cwillum <[email protected]>
Signed-off-by: cwillum <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @cwillum, thanks for putting this together! Your summary of these potential behaviors is clear and accurate.
@@ -36,7 +36,7 @@ In this first experimental phase of development, there are some limitations that | |||
|
|||
* The feature can only be used in a new cluster. At this time, the feature is not suported by clusters already in use. | |||
* Also, the feature should be used only in a test environment, not in production. | |||
* Finally, once the feature has been enabled and used in a test cluster, the feature cannot be disabled for the cluster. Disabling the feature once it has been used to work with tenants and saved objects can result in the loss of saved objects and have an impact on tenant-to-tenant functionality. | |||
* Finally, once the feature has been enabled and used in a test cluster, the feature cannot be disabled for the cluster. Disabling the feature once it has been used to work with tenants and saved objects can result in the loss of saved objects and can have an impact on tenant-to-tenant functionality. This can occur when disabling the feature in any one of three ways: disabling the aggregate view feature with the [feature flag]({{site.url}}{{site.baseurl}}/security/multi-tenancy/mt-agg-view/#enabling-aggregate-view-for-saved-objects/); disabling multi-tenancy with the traditional [multi-tenancy configuration]({{site.url}}{{site.baseurl}}/security/multi-tenancy/multi-tenancy-config/) setting; or disabling multi-tenancy with [dynamic configuration]({{site.url}}{{site.baseurl}}/security/multi-tenancy/dynamic-config/) settings. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is correct! Thanks for summarizing this up! @cwillum
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, Chris, with a couple of suggestions. Thanks!
|
||
# Dynamic configuration in OpenSearch Dashboards | ||
|
||
Dynamic configuration of multi-tenancy in OpenSearch Dashboards provides options to make common settings for tenancy without having to make changes to the configuration YAML files on each node and then restart the cluster. You can take advantage of this functionality by using the Dashboards interface or the REST API. The following list includes description of the options currently covered by dynamic configuration: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we avoid making this into a feature by calling out the functionality? For example, "You can dynamically configure your multi-tenancy settings in OpenSearch Dashboards without making changes to the configuration YAML files on each note and then restarting the cluster."
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see your point. But I don't want to lead out a new section with "You can...". How about ...
"Multi-tenancy includes dynamic configuration options in OpenSearch Dashboards so you can make common settings for tenancy without having to make changes to the configuration YAML files on each node and then restart the cluster."
I've revised the sentence like so.
Signed-off-by: cwillum <[email protected]>
Signed-off-by: cwillum <[email protected]>
Signed-off-by: cwillum <[email protected]>
Signed-off-by: cwillum <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@cwillum Please see my comments and changes and let me know if you have any questions. Thanks!
Signed-off-by: cwillum <[email protected]>
Signed-off-by: cwillum <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the quick review.
…3694) * fix#2562 start for dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 start for dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> --------- Signed-off-by: cwillum <[email protected]>
…3694) * fix#2562 start for dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 start for dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> --------- Signed-off-by: cwillum <[email protected]>
…pensearch-project#3694) * fix#2562 start for dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 start for dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> * fix#2562 dynamic config Signed-off-by: cwillum <[email protected]> --------- Signed-off-by: cwillum <[email protected]>
Description
This adds documentation for dynamic configuration of certain tenancy features including enabling or disabling tenancy, disabling or enabling private tenants, and setting the default tenant for all users. The documentation also includes new APIs that provide another option for configuring the same dynamic settings.
Issues Resolved
Fixes #2562
Checklist
For more information on following Developer Certificate of Origin and signing off your commits, please check here.