[#713] Update docs
Mention new accesscontrol cache parameters in changelog and configs. Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
parent
3d31c2ab4a
commit
1a21e6e6e8
4 changed files with 36 additions and 12 deletions
13
CHANGELOG.md
13
CHANGELOG.md
|
@ -4,6 +4,19 @@ This document outlines major changes between releases.
|
||||||
|
|
||||||
## [Unreleased]
|
## [Unreleased]
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
- Unrestricted access to not owned objects via cache (#713)
|
||||||
|
|
||||||
|
### Updating from v0.24.0
|
||||||
|
New config parameters were added. Make sure the default parameters are appropriate for you.
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
cache:
|
||||||
|
accesscontrol:
|
||||||
|
lifetime: 1m
|
||||||
|
size: 100000
|
||||||
|
```
|
||||||
|
|
||||||
## [0.24.0] - 2022-09-14
|
## [0.24.0] - 2022-09-14
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
|
@ -84,6 +84,9 @@ S3_GW_CACHE_SYSTEM_SIZE=100000
|
||||||
# Cache which stores access box with tokens by its address
|
# Cache which stores access box with tokens by its address
|
||||||
S3_GW_CACHE_ACCESSBOX_LIFETIME=10m
|
S3_GW_CACHE_ACCESSBOX_LIFETIME=10m
|
||||||
S3_GW_CACHE_ACCESSBOX_SIZE=100
|
S3_GW_CACHE_ACCESSBOX_SIZE=100
|
||||||
|
# Cache which stores owner to cache operation mapping
|
||||||
|
S3_GW_CACHE_ACCESSCONTROL_LIFETIME=1m
|
||||||
|
S3_GW_CACHE_ACCESSCONTROL_SIZE=100000
|
||||||
|
|
||||||
# NATS
|
# NATS
|
||||||
S3_GW_NATS_ENABLED=true
|
S3_GW_NATS_ENABLED=true
|
||||||
|
|
|
@ -89,14 +89,18 @@ cache:
|
||||||
buckets:
|
buckets:
|
||||||
lifetime: 1m
|
lifetime: 1m
|
||||||
size: 500
|
size: 500
|
||||||
# Cache for system objects in a bucket: bucket settings, notification configuration etc
|
# Cache for system objects in a bucket: bucket settings, notification configuration etc
|
||||||
system:
|
system:
|
||||||
lifetime: 2m
|
lifetime: 2m
|
||||||
size: 1000
|
size: 1000
|
||||||
# Cache which stores access box with tokens by its address
|
# Cache which stores access box with tokens by its address
|
||||||
accessbox:
|
accessbox:
|
||||||
lifetime: 5m
|
lifetime: 5m
|
||||||
size: 10
|
size: 10
|
||||||
|
# Cache which stores owner to cache operation mapping
|
||||||
|
accesscontrol:
|
||||||
|
lifetime: 1m
|
||||||
|
size: 100000
|
||||||
|
|
||||||
nats:
|
nats:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
@ -118,8 +122,8 @@ cors:
|
||||||
|
|
||||||
# Parameters of requests to NeoFS
|
# Parameters of requests to NeoFS
|
||||||
neofs:
|
neofs:
|
||||||
# Number of the object copies to consider PUT to NeoFS successful.
|
# Number of the object copies to consider PUT to NeoFS successful.
|
||||||
# `0` means that object will be processed according to the container's placement policy
|
# `0` means that object will be processed according to the container's placement policy
|
||||||
set_copies_number: 0
|
set_copies_number: 0
|
||||||
|
|
||||||
# List of allowed AccessKeyID prefixes
|
# List of allowed AccessKeyID prefixes
|
||||||
|
|
|
@ -311,16 +311,20 @@ cache:
|
||||||
accessbox:
|
accessbox:
|
||||||
lifetime: 5m
|
lifetime: 5m
|
||||||
size: 10
|
size: 10
|
||||||
|
accesscontrol:
|
||||||
|
lifetime: 1m
|
||||||
|
size: 100000
|
||||||
```
|
```
|
||||||
|
|
||||||
| Parameter | Type | Default value | Description |
|
| Parameter | Type | Default value | Description |
|
||||||
|-------------|-----------------------------------|-----------------------------------|----------------------------------------------------------------------------------------|
|
|-----------------|-----------------------------------|-----------------------------------|----------------------------------------------------------------------------------------|
|
||||||
| `objects` | [Cache config](#cache-subsection) | `lifetime: 5m`<br>`size: 1000000` | Cache for objects (NeoFS headers). |
|
| `objects` | [Cache config](#cache-subsection) | `lifetime: 5m`<br>`size: 1000000` | Cache for objects (NeoFS headers). |
|
||||||
| `list` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 100000` | Cache which keeps lists of objects in buckets. |
|
| `list` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 100000` | Cache which keeps lists of objects in buckets. |
|
||||||
| `names` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 10000` | Cache which contains mapping of nice name to object addresses. |
|
| `names` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 10000` | Cache which contains mapping of nice name to object addresses. |
|
||||||
| `buckets` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 1000` | Cache which contains mapping of bucket name to bucket info. |
|
| `buckets` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 1000` | Cache which contains mapping of bucket name to bucket info. |
|
||||||
| `system` | [Cache config](#cache-subsection) | `lifetime: 5m`<br>`size: 10000` | Cache for system objects in a bucket: bucket settings, notification configuration etc. |
|
| `system` | [Cache config](#cache-subsection) | `lifetime: 5m`<br>`size: 10000` | Cache for system objects in a bucket: bucket settings, notification configuration etc. |
|
||||||
| `accessbox` | [Cache config](#cache-subsection) | `lifetime: 10m`<br>`size: 100` | Cache which stores access box with tokens by its address. |
|
| `accessbox` | [Cache config](#cache-subsection) | `lifetime: 10m`<br>`size: 100` | Cache which stores access box with tokens by its address. |
|
||||||
|
| `accesscontrol` | [Cache config](#cache-subsection) | `lifetime: 1m`<br>`size: 100000` | Cache which stores owner to cache operation mapping. |
|
||||||
|
|
||||||
#### `cache` subsection
|
#### `cache` subsection
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue