Is it possible to run multiple Jar files on the same server?
I understand that I can use export MB_JETTY_PORT to specify a port to run the jar. Is it possible to specify this as arguments to the jar file, instead of as environment variables?
Or is there any other way to run multiple independent metabase installations on the same server?
Thank you. Metabase is an awesome tool. Totally in love!!!
I’ll have to ask one of our team members with more technical know-how about your specific question, but can I ask you what your use case is? Are you trying to set up multiple Metabase installations as a way to wall off data or dashboards/reports from certain users? I.e., would you need to do this if you had the ability to specify access restrictions to specific dashboards or folders of saved questions?
Thank you for the reply.
Yup, we have 3 to 4 completely segregated departments. All the data in each of these departments needs to be completely walled off - no non-admin user should have access to data outside their department. Is there a better way to do this?
In version 0.20, we introduced some basic data permissions settings that you can apply to your instance. You can create groups of users (e.g., one group for each of your departments, maybe), and give those different groups different levels of access.
Data access can be set at the database, schema/namespace, or table level. So, for example, if you only have one database connected to Metabase, for each user group, you could select the specific tables in that database they should/shouldn’t have access to.
These settings will keep them from seeing saved questions based on tables/databases for which they don’t have access. The only caveat is SQL-based saved questions: currently the only way to set access on those is at the database level, because we don’t parse the SQL and therefore can’t assess which table(s) your SQL questions are utilizing.
In an upcoming release, we will be introducing permissions at either a folder or label level, so you can put saved questions in folders and grant/revoke groups’ access to them that way.
Yes, access controls is definitely a way to do it.
We are still exploring if we can run completely independent installations. The data is of sensitive nature - so keeping it completely walled off has its perks.
Another idea could be to run multiple docker containers and map them to different ports. That should work, right? Though, I would still very much like to stick with JARs, instead of using docker - let me know if you think of any way to do that.
Anyway, thank you so much for your help. Really appreciate and admire your work.
Yeah, our hope and vision is that access controls would be sufficient so that administrators wouldn’t have to bother with managing (and upgrading, etc.) multiple Metabase instances, but I also hear you that if you have very sensitive data, you might not want to leave any possibility for error or leakage.
As far as the technical details for actually running multiple instances, I’ll have to leave that to one of the other Metabase core team members (I’m our user experience design guy).
Glad I could help, and thanks so much for using Metabase!