Expand description
Multi-Tenancy Support for HeliosProxy
This module provides comprehensive multi-tenant isolation for database proxying.
§Features
- Multiple Isolation Strategies: Database, Schema, Row-level, or Branch isolation
- Flexible Tenant Identification: Header, username prefix, JWT, or database name
- Per-Tenant Connection Pools: Dedicated or shared pools with configurable limits
- Query Transformation: Automatic tenant filtering for row-level isolation
- Comprehensive Metrics: Per-tenant query stats, latencies, and costs
§Example
use heliosdb::proxy::multi_tenancy::{
TenantManager, TenantConfig, IsolationStrategy,
IdentificationMethod, RequestContext,
};
// Create tenant manager
let manager = TenantManager::new();
// Register a tenant with schema isolation
let config = TenantConfig::builder()
.id("acme")
.name("Acme Corp")
.schema_isolation("shared_db", "acme")
.max_connections(50)
.qps_limit(1000)
.build();
manager.register_tenant(config);
// Identify tenant from request
let ctx = RequestContext::new()
.with_header("X-Tenant-Id", "acme");
let tenant = manager.identify_tenant(&ctx);§Architecture
┌─────────────────────────────────────────────────┐
│ MULTI-TENANT PROXY │
│ │
│ ┌──────────────────────────────────────────┐ │
│ │ Tenant Identification │ │
│ │ - Header (X-Tenant-Id) │ │
│ │ - Username prefix (tenant.user) │ │
│ │ - JWT claim │ │
│ └──────────────────────────────────────────┘ │
│ │ │
│ ▼ │
│ ┌──────────────────────────────────────────┐ │
│ │ Isolation Strategy │ │
│ │ Database | Schema | Row | Branch │ │
│ └──────────────────────────────────────────┘ │
│ │ │
│ ▼ │
│ ┌──────────────────────────────────────────┐ │
│ │ Per-Tenant Resources │ │
│ │ - Connection pools │ │
│ │ - Rate limits │ │
│ │ - Metrics │ │
│ └──────────────────────────────────────────┘ │
└─────────────────────────────────────────────────┘Re-exports§
pub use config::IdentificationMethod;pub use config::IsolationStrategy;pub use config::MultiTenancyConfig;pub use config::TenantAiConfig;pub use config::TenantConfig;pub use config::TenantConfigBuilder;pub use config::TenantId;pub use config::TenantPermissions;pub use config::TenantPoolConfig;pub use config::TenantRateLimits;pub use identifier::create_identifier;pub use identifier::CompositeIdentifier;pub use identifier::DatabaseNameIdentifier;pub use identifier::HeaderTenantIdentifier;pub use identifier::JwtClaimIdentifier;pub use identifier::RequestContext;pub use identifier::SqlContextIdentifier;pub use identifier::TenantIdentifier;pub use identifier::UsernamePrefixIdentifier;pub use isolation::create_handler;pub use isolation::BranchIsolationHandler;pub use isolation::DatabaseIsolationHandler;pub use isolation::IsolationHandler;pub use isolation::IsolationRouter;pub use isolation::RowIsolationHandler;pub use isolation::RoutingDecision;pub use isolation::SchemaIsolationHandler;pub use isolation::TenantProvisioner;pub use metrics::AggregateMetricsSnapshot;pub use metrics::TenantCostEntry;pub use metrics::TenantCostReport;pub use metrics::TenantCostTracker;pub use metrics::TenantMetrics;pub use metrics::TenantMetricsSnapshot;pub use metrics::TenantStats;pub use pool::AcquireResult;pub use pool::AggregatePoolStats;pub use pool::ConnectionState;pub use pool::PooledConnection;pub use pool::TenantConnectionLease;pub use pool::TenantConnectionPool;pub use pool::TenantPool;pub use pool::TenantPoolStats;pub use transformer::validate_query;pub use transformer::QueryValidation;pub use transformer::TenantQueryTransformer;pub use transformer::TransformResult;
Modules§
- config
- Multi-Tenancy Configuration Types
- identifier
- Tenant Identification Strategies
- isolation
- Tenant Isolation Strategy Implementations
- metrics
- Per-Tenant Metrics Collection
- pool
- Tenant-Aware Connection Pool
- transformer
- Tenant Query Transformer
Structs§
- Tenant
Manager - Central tenant manager
- Tenant
Manager Builder - Builder for TenantManager