Investigation for Loki Multi Tenancy

[Rotfuks]

Motivation

Logs tend to have sensitive information in them - especially when we want to cover customer workloads this might include endusers gdpr relevant data. For this we have to make sure there is a basic data isolation in Loki and we can control who sees which set of logs based on a specific tenant. But how can we do that? 

Todo

• [ ] Create a PoC based on our concept meeting in https://docs.google.com/document/d/1MIaAXQQODf6FdnO40uPiMElhCyb9p5EiZNKekIy0c0c/edit
• [ ] Document the learnings of the PoC in the concept doc
• [ ] Present your learnings to the team
• [ ] Move the final concept for multi-tenancy into an RFC

Hint: There was previous work on this topic in https://github.com/giantswarm/giantswarm/issues/29750

Outcome

• We know how we can implement Loki Multi-Tenancy
• We have follow up stories to implement it

[QuentinBisson]

POC was done manually and is currently running on golem

[QuentinBisson]

Answers to the questions have been set in the doc, I still need to create a bigger architecture diagram to present it to the team