[#742] Update docs

Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
Denis Kirillov 2022-11-09 14:53:26 +03:00 committed by Alex Vanin
parent dd4f66712c
commit 5265afe213
3 changed files with 34 additions and 14 deletions

View file

@ -13,6 +13,9 @@ This document outlines major changes between releases.
- Timeout for individual operations in streaming RPC (#740) - Timeout for individual operations in streaming RPC (#740)
- Reload policies on SIGHUP (#747) - Reload policies on SIGHUP (#747)
### Added
- Multiple server listeners (#742)
### Changed ### Changed
- Placement policy configuration (#568) - Placement policy configuration (#568)
@ -27,9 +30,15 @@ placement_policy:
Make sure you update the config accordingly: Make sure you update the config accordingly:
If you configure application using environment variables change: If you configure application using environment variables change:
* `S3_GW_DEFAULT_POLICY` -> `S3_GW_PLACEMENT_POLICY_DEFAULT_POLICY` * `S3_GW_DEFAULT_POLICY` -> `S3_GW_PLACEMENT_POLICY_DEFAULT_POLICY`
* `S3_GW_LISTEN_ADDRESS` -> `S3_GW_SERVER_0_ADDRESS`
* `S3_GW_TLS_CERT_FILE` -> `S3_GW_SERVER_0_TLS_CERT_FILE` (and set `S3_GW_SERVER_0_TLS_ENABLED=true`)
* `S3_GW_TLS_KEY_FILE` -> `S3_GW_SERVER_0_TLS_KEY_FILE` (and set `S3_GW_SERVER_0_TLS_ENABLED=true`)
If you configure application using `.yaml` file change: If you configure application using `.yaml` file change:
* `defaul_policy` -> `placement_policy.default` * `defaul_policy` -> `placement_policy.default`
* `listen_address` -> `server.0.address`
* `tls.cert_file` -> `server.0.tls.cert_file` (and set `server.0.tls.enabled: true`)
* `tls.key_file` -> `server.0.tls.key_file` (and set `server.0.tls.enabled: true`)
## [0.25.0] - 2022-10-31 ## [0.25.0] - 2022-10-31

View file

@ -223,7 +223,7 @@ func newSettings() *viper.Viper {
flags.Int(cfgMaxClientsCount, defaultMaxClientsCount, "set max-clients count") flags.Int(cfgMaxClientsCount, defaultMaxClientsCount, "set max-clients count")
flags.Duration(cfgMaxClientsDeadline, defaultMaxClientsDeadline, "set max-clients deadline") flags.Duration(cfgMaxClientsDeadline, defaultMaxClientsDeadline, "set max-clients deadline")
flags.String(cmdListenAddress, "0.0.0.0:8080", "set address to listen") flags.String(cmdListenAddress, "0.0.0.0:8080", "set the main address to listen")
flags.String(cfgTLSCertFile, "", "TLS certificate file to use") flags.String(cfgTLSCertFile, "", "TLS certificate file to use")
flags.String(cfgTLSKeyFile, "", "TLS key file to use") flags.String(cfgTLSKeyFile, "", "TLS key file to use")

View file

@ -62,6 +62,8 @@ $ neofs-s3-gw --listen_address 192.168.130.130:443 \
--tls.key_file=key.pem --tls.cert_file=cert.pem --tls.key_file=key.pem --tls.cert_file=cert.pem
``` ```
Using these flag you can configure only one address. To set multiple addresses use yaml config.
### RPC endpoint and resolving of bucket names ### RPC endpoint and resolving of bucket names
To set RPC endpoint specify a value of parameter `-r` or `--rpc_endpoint`. The parameter is **required if** another To set RPC endpoint specify a value of parameter `-r` or `--rpc_endpoint`. The parameter is **required if** another
@ -95,7 +97,7 @@ $ neofs-s3-gw --healthcheck_timeout 15s --connect_timeout 1m --rebalance_interva
### Monitoring and metrics ### Monitoring and metrics
Pprof and Prometheus are integrated into the gateway. To enable them, use `--pprof` and `--metrics` flags or Pprof and Prometheus are integrated into the gateway. To enable them, use `--pprof` and `--metrics` flags or
`S3_GW_PPROF`/`S3_GW_METRICS` environment variables. `S3_GW_PPROF_ENABLED`/`S3_GW_PROMETHEUS_ENABLED` environment variables.
## YAML file and environment variables ## YAML file and environment variables
@ -155,7 +157,7 @@ There are some custom types used for brevity:
| `wallet` | [Wallet configuration](#wallet-section) | | `wallet` | [Wallet configuration](#wallet-section) |
| `peers` | [Nodes configuration](#peers-section) | | `peers` | [Nodes configuration](#peers-section) |
| `placement_policy` | [Placement policy configuration](#placement_policy-section) | | `placement_policy` | [Placement policy configuration](#placement_policy-section) |
| `tls` | [TLS configuration](#tls-section) | | `server` | [Server configuration](#server-section) |
| `logger` | [Logger configuration](#logger-section) | | `logger` | [Logger configuration](#logger-section) |
| `tree` | [Tree configuration](#tree-section) | | `tree` | [Tree configuration](#tree-section) |
| `cache` | [Cache configuration](#cache-section) | | `cache` | [Cache configuration](#cache-section) |
@ -168,8 +170,6 @@ There are some custom types used for brevity:
### General section ### General section
```yaml ```yaml
listen_address: 0.0.0.0:8084
listen_domains: listen_domains:
- s3dev.neofs.devenv - s3dev.neofs.devenv
- s3dev2.neofs.devenv - s3dev2.neofs.devenv
@ -195,7 +195,6 @@ allowed_access_key_id_prefixes:
| Parameter | Type | SIGHUP reload | Default value | Description | | Parameter | Type | SIGHUP reload | Default value | Description |
|----------------------------------|------------|---------------|----------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |----------------------------------|------------|---------------|----------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `listen_address` | `string` | | `0.0.0.0:8080` | The address that the gateway is listening on. |
| `listen_domains` | `[]string` | | | Domains to be able to use virtual-hosted-style access to bucket. | | `listen_domains` | `[]string` | | | Domains to be able to use virtual-hosted-style access to bucket. |
| `rpc_endpoint` | `string` | yes | | The address of the RPC host to which the gateway connects to resolve bucket names (required to use the `nns` resolver). | | `rpc_endpoint` | `string` | yes | | The address of the RPC host to which the gateway connects to resolve bucket names (required to use the `nns` resolver). |
| `resolve_order` | `[]string` | yes | `[dns]` | Order of bucket name resolvers to use. Available resolvers: `dns`, `nns`. | | | `resolve_order` | `[]string` | yes | `[dns]` | Order of bucket name resolvers to use. Available resolvers: `dns`, `nns`. | |
@ -281,18 +280,30 @@ File for `region_mapping` must contain something like this:
**Note:** on SIGHUP reload policies will be updated only if both parameters are valid. **Note:** on SIGHUP reload policies will be updated only if both parameters are valid.
So if you change `default` to some valid value and set invalid path in `region_mapping` the `default` value won't be changed. So if you change `default` to some valid value and set invalid path in `region_mapping` the `default` value won't be changed.
### `tls` section ### `server` section
You can specify several listeners for server. For example, for `http` and `https`.
```yaml ```yaml
tls: server:
- address: 0.0.0.0:8080
tls:
enabled: false
cert_file: /path/to/cert cert_file: /path/to/cert
key_file: /path/to/key key_file: /path/to/key
- address: 0.0.0.0:8081
tls:
enabled: true
cert_file: /path/to/another/cert
key_file: /path/to/another/key
``` ```
| Parameter | Type | SIGHUP reload | Default value | Description | | Parameter | Type | SIGHUP reload | Default value | Description |
|-------------|----------|---------------|---------------|------------------------------| |-----------------|----------|---------------|----------------|-----------------------------------------------|
| `cert_file` | `string` | yes | | Path to the TLS certificate. | | `address` | `string` | | `0.0.0.0:8080` | The address that the gateway is listening on. |
| `key_file` | `string` | yes | | Path to the key. | | `tls.enabled` | `bool` | | false | Enable TLS or not. |
| `tls.cert_file` | `string` | yes | | Path to the TLS certificate. |
| `tls.key_file` | `string` | yes | | Path to the key. |
### `logger` section ### `logger` section