frostfs-s3-gw/config/config.yaml

134 lines
3.8 KiB
YAML
Raw Normal View History

# Wallet address, path to the wallet must be set as cli parameter or environment variable
wallet:
path: /path/to/wallet.json # Path to wallet
passphrase: "" # Passphrase to decrypt wallet. If you're using a wallet without a password, place '' here.
address: NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP # Account address. If omitted default one will be used.
# Nodes configuration
# This configuration makes the gateway use the first node (grpc://s01.neofs.devenv:8080)
# while it's healthy. Otherwise, gateway uses the second node (grpc://s01.neofs.devenv:8080)
# for 10% of requests and the third node (grpc://s03.neofs.devenv:8080) for 90% of requests.
# Until nodes with the same priority level are healthy
# nodes with other priority are not used.
# The lower the value, the higher the priority.
peers:
0:
address: node1.neofs:8080
priority: 1
weight: 1
1:
address: node2.neofs:8080
priority: 2
weight: 0.1
2:
address: node3.neofs:8080
priority: 2
weight: 0.9
# Address to listen and TLS
listen_address: 0.0.0.0:8084
tls:
cert_file: /path/to/cert
key_file: /path/to/key
# Domains to be able to use virtual-hosted-style access to bucket.
listen_domains:
- s3dev.neofs.devenv
logger:
level: debug
# Endpoint of the tree service. Must be provided. Can be one of the node address (from the `peers` section).
tree:
service: node1.neofs:8080
# RPC endpoint and order of resolving of bucket names
rpc_endpoint: http://morph-chain.neofs.devenv:30333
resolve_order:
- nns
# Metrics
pprof:
enabled: true
address: localhost:8085
prometheus:
enabled: true
address: localhost:8086
# Timeout to connect to a node
connect_timeout: 10s
# Timeout to check node health during rebalance
healthcheck_timeout: 15s
# Interval to check node health
rebalance_interval: 60s
# The number of errors on connection after which node is considered as unhealthy
pool_error_threshold: 100
# Limits for processing of clients' requests
max_clients_count: 100
# Deadline after which the gate sends error `RequestTimeout` to a client
max_clients_deadline: 30s
# Caching
cache:
# Cache for objects
objects:
lifetime: 300s
size: 150
# Cache which keeps lists of objects in buckets
list:
lifetime: 1m
size: 100
# Cache which contains mapping of nice name to object addresses
names:
lifetime: 1m
size: 1000
# Cache which contains mapping of bucket name to bucket info
buckets:
lifetime: 1m
size: 500
# Cache for system objects in a bucket: bucket settings, notification configuration etc
system:
lifetime: 2m
size: 1000
# Cache which stores access box with tokens by its address
accessbox:
lifetime: 5m
size: 10
# Cache which stores owner to cache operation mapping
accesscontrol:
lifetime: 1m
size: 100000
nats:
enabled: true
endpoint: nats://localhost:4222
timeout: 30s
cert_file: /path/to/cert
key_file: /path/to/key
root_ca: /path/to/ca
# Default policy of placing containers in NeoFS
# If a user sends a request `CreateBucket` and doesn't define policy for placing of a container in NeoFS, the S3 Gateway
# will put the container with default policy. It can be specified via environment variable, e.g.:
default_policy: REP 3
# CORS
# value of Access-Control-Max-Age header if this value is not set in a rule. Has an int type.
cors:
default_max_age: 600
# Parameters of requests to NeoFS
neofs:
# Number of the object copies to consider PUT to NeoFS successful.
# `0` means that object will be processed according to the container's placement policy
set_copies_number: 0
# List of allowed AccessKeyID prefixes
# If the parameter is omitted, S3 GW will accept all AccessKeyIDs
allowed_access_key_id_prefixes:
- Ck9BHsgKcnwfCTUSFm6pxhoNS4cBqgN2NQ8zVgPjqZDX
- 3stjWenX15YwYzczMr88gy3CQr4NYFBQ8P7keGzH5QFn