forked from TrueCloudLab/frostfs-s3-gw
[#713] Update docs
Mention new accesscontrol cache parameters in changelog and configs. Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
parent
3d31c2ab4a
commit
1a21e6e6e8
4 changed files with 36 additions and 12 deletions
13
CHANGELOG.md
13
CHANGELOG.md
|
@ -4,6 +4,19 @@ This document outlines major changes between releases.
|
|||
|
||||
## [Unreleased]
|
||||
|
||||
### Fixed
|
||||
- Unrestricted access to not owned objects via cache (#713)
|
||||
|
||||
### Updating from v0.24.0
|
||||
New config parameters were added. Make sure the default parameters are appropriate for you.
|
||||
|
||||
```yaml
|
||||
cache:
|
||||
accesscontrol:
|
||||
lifetime: 1m
|
||||
size: 100000
|
||||
```
|
||||
|
||||
## [0.24.0] - 2022-09-14
|
||||
|
||||
### Added
|
||||
|
|
|
@ -84,6 +84,9 @@ S3_GW_CACHE_SYSTEM_SIZE=100000
|
|||
# Cache which stores access box with tokens by its address
|
||||
S3_GW_CACHE_ACCESSBOX_LIFETIME=10m
|
||||
S3_GW_CACHE_ACCESSBOX_SIZE=100
|
||||
# Cache which stores owner to cache operation mapping
|
||||
S3_GW_CACHE_ACCESSCONTROL_LIFETIME=1m
|
||||
S3_GW_CACHE_ACCESSCONTROL_SIZE=100000
|
||||
|
||||
# NATS
|
||||
S3_GW_NATS_ENABLED=true
|
||||
|
|
|
@ -89,14 +89,18 @@ cache:
|
|||
buckets:
|
||||
lifetime: 1m
|
||||
size: 500
|
||||
# Cache for system objects in a bucket: bucket settings, notification configuration etc
|
||||
# Cache for system objects in a bucket: bucket settings, notification configuration etc
|
||||
system:
|
||||
lifetime: 2m
|
||||
size: 1000
|
||||
# Cache which stores access box with tokens by its address
|
||||
# Cache which stores access box with tokens by its address
|
||||
accessbox:
|
||||
lifetime: 5m
|
||||
size: 10
|
||||
# Cache which stores owner to cache operation mapping
|
||||
accesscontrol:
|
||||
lifetime: 1m
|
||||
size: 100000
|
||||
|
||||
nats:
|
||||
enabled: true
|
||||
|
@ -118,8 +122,8 @@ cors:
|
|||
|
||||
# Parameters of requests to NeoFS
|
||||
neofs:
|
||||
# Number of the object copies to consider PUT to NeoFS successful.
|
||||
# `0` means that object will be processed according to the container's placement policy
|
||||
# Number of the object copies to consider PUT to NeoFS successful.
|
||||
# `0` means that object will be processed according to the container's placement policy
|
||||
set_copies_number: 0
|
||||
|
||||
# List of allowed AccessKeyID prefixes
|
||||
|
|
|
@ -311,16 +311,20 @@ cache:
|
|||
accessbox:
|
||||
lifetime: 5m
|
||||
size: 10
|
||||
accesscontrol:
|
||||
lifetime: 1m
|
||||
size: 100000
|
||||
```
|
||||
|
||||
| Parameter | Type | Default value | Description |
|
||||
|-------------|-----------------------------------|-----------------------------------|----------------------------------------------------------------------------------------|
|
||||
| `objects` | [Cache config](#cache-subsection) | `lifetime: 5m`<br>`size: 1000000` | Cache for objects (NeoFS headers). |
|
||||
| `list` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 100000` | Cache which keeps lists of objects in buckets. |
|
||||
| `names` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 10000` | Cache which contains mapping of nice name to object addresses. |
|
||||
| `buckets` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 1000` | Cache which contains mapping of bucket name to bucket info. |
|
||||
| `system` | [Cache config](#cache-subsection) | `lifetime: 5m`<br>`size: 10000` | Cache for system objects in a bucket: bucket settings, notification configuration etc. |
|
||||
| `accessbox` | [Cache config](#cache-subsection) | `lifetime: 10m`<br>`size: 100` | Cache which stores access box with tokens by its address. |
|
||||
| Parameter | Type | Default value | Description |
|
||||
|-----------------|-----------------------------------|-----------------------------------|----------------------------------------------------------------------------------------|
|
||||
| `objects` | [Cache config](#cache-subsection) | `lifetime: 5m`<br>`size: 1000000` | Cache for objects (NeoFS headers). |
|
||||
| `list` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 100000` | Cache which keeps lists of objects in buckets. |
|
||||
| `names` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 10000` | Cache which contains mapping of nice name to object addresses. |
|
||||
| `buckets` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 1000` | Cache which contains mapping of bucket name to bucket info. |
|
||||
| `system` | [Cache config](#cache-subsection) | `lifetime: 5m`<br>`size: 10000` | Cache for system objects in a bucket: bucket settings, notification configuration etc. |
|
||||
| `accessbox` | [Cache config](#cache-subsection) | `lifetime: 10m`<br>`size: 100` | Cache which stores access box with tokens by its address. |
|
||||
| `accesscontrol` | [Cache config](#cache-subsection) | `lifetime: 1m`<br>`size: 100000` | Cache which stores owner to cache operation mapping. |
|
||||
|
||||
#### `cache` subsection
|
||||
|
||||
|
|
Loading…
Reference in a new issue