diff --git a/.docker/Dockerfile b/.docker/Dockerfile index dca0b68..8342aba 100644 --- a/.docker/Dockerfile +++ b/.docker/Dockerfile @@ -1,7 +1,7 @@ FROM golang:1.19 as builder ARG BUILD=now -ARG REPO=github.com/nspcc-dev/neofs-s3-gw +ARG REPO=github.com/TrueCloudLab/frostfs-s3-gw ARG VERSION=dev WORKDIR /src @@ -10,12 +10,12 @@ COPY . /src RUN make # Executable image -FROM alpine AS neofs-s3-gw +FROM alpine AS frostfs-s3-gw RUN apk add --no-cache bash ca-certificates WORKDIR / -COPY --from=builder /src/bin/neofs-s3-gw /bin/neofs-s3-gw -COPY --from=builder /src/bin/neofs-s3-authmate /bin/neofs-s3-authmate +COPY --from=builder /src/bin/frostfs-s3-gw /bin/frostfs-s3-gw +COPY --from=builder /src/bin/frostfs-s3-authmate /bin/frostfs-s3-authmate -ENTRYPOINT ["/bin/neofs-s3-gw"] +ENTRYPOINT ["/bin/frostfs-s3-gw"] diff --git a/.docker/Dockerfile.dirty b/.docker/Dockerfile.dirty index 22c0d02..77cd6fa 100644 --- a/.docker/Dockerfile.dirty +++ b/.docker/Dockerfile.dirty @@ -1,9 +1,9 @@ -FROM alpine AS neofs-s3-gw +FROM alpine AS frostfs-s3-gw RUN apk add --no-cache bash ca-certificates WORKDIR / -COPY /bin/neofs-s3-gw /bin/neofs-s3-gw -COPY /bin/neofs-s3-authmate /bin/neofs-s3-authmate +COPY /bin/frostfs-s3-gw /bin/frostfs-s3-gw +COPY /bin/frostfs-s3-authmate /bin/frostfs-s3-authmate -ENTRYPOINT ["/bin/neofs-s3-gw"] +ENTRYPOINT ["/bin/frostfs-s3-gw"] diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 1414545..37417c9 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -* @alexvanin @masterSplinter01 @KirillovDenis +* @alexvanin @KirillovDenis diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index b12d922..9bc2d98 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -3,8 +3,8 @@ First, thank you for contributing! We love and encourage pull requests from everyone. Please follow the guidelines: -- Check the open [issues](https://github.com/nspcc-dev/neofs-s3-gw/issues) and - [pull requests](https://github.com/nspcc-dev/neofs-s3-gw/pulls) for existing +- Check the open [issues](https://github.com/TrueCloudLab/frostfs-s3-gw/issues) and + [pull requests](https://github.com/TrueCloudLab/frostfs-s3-gw/pulls) for existing discussions. - Open an issue first, to discuss a new feature or enhancement. @@ -23,24 +23,24 @@ everyone. Please follow the guidelines: ## Development Workflow -Start by forking the `neofs-s3-gw` repository, make changes in a branch and then +Start by forking the `frostfs-s3-gw` repository, make changes in a branch and then send a pull request. We encourage pull requests to discuss code changes. Here are the steps in details: ### Set up your GitHub Repository -Fork [NeoFS S3 Gateway -upstream](https://github.com/nspcc-dev/neofs-s3-gw/fork) source repository +Fork [FrostFS S3 Gateway +upstream](https://github.com/TrueCloudLab/frostfs-s3-gw/fork) source repository to your own personal repository. Copy the URL of your fork (you will need it for the `git clone` command below). ```sh -$ git clone https://github.com/nspcc-dev/neofs-s3-gw +$ git clone https://github.com/TrueCloudLab/frostfs-s3-gw ``` ### Set up git remote as ``upstream`` ```sh -$ cd neofs-s3-gw -$ git remote add upstream https://github.com/nspcc-dev/neofs-s3-gw +$ cd frostfs-s3-gw +$ git remote add upstream https://github.com/TrueCloudLab/frostfs-s3-gw $ git fetch upstream $ git merge upstream/master ... @@ -107,7 +107,7 @@ contributors". To sign your work, just add a line like this at the end of your commit message: ``` -Signed-off-by: Samii Sakisaka +Signed-off-by: Samii Sakisaka ``` This can be easily done with the `--signoff` option to `git commit`. diff --git a/Makefile b/Makefile index e1347d4..86dba46 100644 --- a/Makefile +++ b/Makefile @@ -8,12 +8,12 @@ LINT_VERSION ?= 1.49.0 BINDIR = bin # Binaries to build -CMDS = $(addprefix neofs-, $(notdir $(wildcard cmd/*))) +CMDS = $(addprefix frostfs-, $(notdir $(wildcard cmd/*))) BINS = $(addprefix $(BINDIR)/, $(CMDS)) # Variables for docker REPO_BASENAME = $(shell basename `go list -m`) -HUB_IMAGE ?= "nspccdev/$(REPO_BASENAME)" +HUB_IMAGE ?= "truecloudlab/$(REPO_BASENAME)" HUB_TAG ?= "$(shell echo ${VERSION} | sed 's/^v//')" .PHONY: all $(BINS) $(BINDIR) dep docker/ test cover format image image-push dirty-image lint docker/lint version clean protoc @@ -33,7 +33,7 @@ $(BINS): sync-tree $(BINDIR) dep CGO_ENABLED=0 \ go build -v -trimpath \ -ldflags "-X $(REPO)/internal/version.Version=$(VERSION)" \ - -o $@ ./cmd/$(subst neofs-,,$(notdir $@)) + -o $@ ./cmd/$(subst frostfs-,,$(notdir $@)) $(BINDIR): @echo "⇒ Ensure dir: $@" @@ -80,7 +80,7 @@ format: # Build clean Docker image image: - @echo "⇒ Build NeoFS S3 Gateway docker image " + @echo "⇒ Build FrostFS S3 Gateway docker image " @docker build \ --build-arg REPO=$(REPO) \ --build-arg VERSION=$(VERSION) \ @@ -95,7 +95,7 @@ image-push: # Build dirty Docker image dirty-image: - @echo "⇒ Build NeoFS S3 Gateway dirty docker image " + @echo "⇒ Build FrostFS S3 Gateway dirty docker image " @docker build \ --build-arg REPO=$(REPO) \ --build-arg VERSION=$(VERSION) \ @@ -135,7 +135,7 @@ protoc: # Package for Debian debpackage: - dch --package neofs-s3-gw \ + dch --package frostfs-s3-gw \ --controlmaint \ --newversion $(PKG_VERSION) \ --distribution $(OS_RELEASE) \ diff --git a/README.md b/README.md index da759f0..8188d10 100644 --- a/README.md +++ b/README.md @@ -1,13 +1,13 @@ -# NeoFS S3 Gateway +# FrostFS S3 Gateway -NeoFS S3 gateway provides API compatible with Amazon S3 cloud storage service. +FrostFS S3 gateway provides API compatible with Amazon S3 cloud storage service. ## Installation -```go get -u github.com/nspcc-dev/neofs-s3-gw``` +```go get -u github.com/TrueCloudLab/frostfs-s3-gw``` Or you can call `make` to build it from the cloned repository (the binary will -end up in `bin/neofs-s3-gw` with authmate helper in `bin/neofs-s3-authmate`). +end up in `bin/frostfs-s3-gw` with authmate helper in `bin/frostfs-s3-authmate`). To build binaries in clean docker environment, call `make docker/all`. Other notable make targets: @@ -22,36 +22,36 @@ version Show current version ``` Or you can also use a [Docker -image](https://hub.docker.com/r/nspccdev/neofs-s3-gw) provided for released +image](https://hub.docker.com/r/truecloudlab/frostfs-s3-gw) provided for released (and occasionally unreleased) versions of gateway (`:latest` points to the latest stable release). ## Execution Minimalistic S3 gateway setup needs: - * NeoFS node(s) address (S3 gateway itself is not a NeoFS node) + * FrostFS node(s) address (S3 gateway itself is not a FrostFS node) Passed via `-p` parameter or via `S3_GW_PEERS__ADDRESS` and `S3_GW_PEERS__WEIGHT` environment variables (gateway supports multiple - NeoFS nodes with weighted load balancing). - * a wallet used to fetch key and communicate with NeoFS nodes + FrostFS nodes with weighted load balancing). + * a wallet used to fetch key and communicate with FrostFS nodes Passed via `--wallet` parameter or `S3_GW_WALLET_PATH` environment variable. These two commands are functionally equivalent, they run the gate with one backend node, some keys and otherwise default settings: ``` -$ neofs-s3-gw -p 192.168.130.72:8080 --wallet wallet.json +$ frostfs-s3-gw -p 192.168.130.72:8080 --wallet wallet.json $ S3_GW_PEERS_0_ADDRESS=192.168.130.72:8080 \ S3_GW_WALLET=wallet.json \ - neofs-s3-gw + frostfs-s3-gw ``` It's also possible to specify uri scheme (grpc or grpcs) when using `-p` or environment variables: ``` -$ neofs-s3-gw -p grpc://192.168.130.72:8080 --wallet wallet.json +$ frostfs-s3-gw -p grpc://192.168.130.72:8080 --wallet wallet.json $ S3_GW_PEERS_0_ADDRESS=grpcs://192.168.130.72:8080 \ S3_GW_WALLET=wallet.json \ - neofs-s3-gw + frostfs-s3-gw ``` ## Domains @@ -60,7 +60,7 @@ By default, s3-gw enable only `path-style access`. To be able to use both: `virtual-hosted-style` and `path-style` access you must configure `listen_domains`: ```shell -$ neofs-s3-gw -p 192.168.130.72:8080 --wallet wallet.json --listen_domains your.first.domain --listen_domains your.second.domain +$ frostfs-s3-gw -p 192.168.130.72:8080 --wallet wallet.json --listen_domains your.first.domain --listen_domains your.second.domain ``` So now you can use (e.g. `HeadBucket`. Make sure DNS is properly configured): @@ -84,8 +84,8 @@ Also, you can configure domains using `.env` variables or `yaml` file. ## Documentation - [Configuration](./docs/configuration.md) -- [NeoFS S3 AuthMate](./docs/authmate.md) -- [NeoFS Tree service](./docs/tree_service.md) +- [FrostFS S3 AuthMate](./docs/authmate.md) +- [FrostFS Tree service](./docs/tree_service.md) - [AWS CLI basic usage](./docs/aws_cli.md) - [AWS S3 API compatibility](./docs/aws_s3_compat.md) - [AWS S3 Compatibility test results](./docs/s3_test_results.md) diff --git a/api/reqinfo.go b/api/reqinfo.go index e66b36b..b57b20a 100644 --- a/api/reqinfo.go +++ b/api/reqinfo.go @@ -45,7 +45,7 @@ type ( // Key used for Get/SetReqInfo. type contextKeyType string -const ctxRequestInfo = contextKeyType("NeoFS-S3-GW") +const ctxRequestInfo = contextKeyType("FrostFS-S3-GW") var ( // De-facto standard header keys. diff --git a/cmd/s3-authmate/main.go b/cmd/s3-authmate/main.go index 86f1bc5..4436df9 100644 --- a/cmd/s3-authmate/main.go +++ b/cmd/s3-authmate/main.go @@ -110,8 +110,8 @@ func prepare() (context.Context, *zap.Logger) { func main() { app := &cli.App{ - Name: "NeoFS S3 Authmate", - Usage: "Helps manage delegated access via gates to data stored in NeoFS network", + Name: "FrostFS S3 Authmate", + Usage: "Helps manage delegated access via gates to data stored in FrostFS network", Version: version.Version, Flags: appFlags(), Commands: appCommands(), diff --git a/cmd/s3-gw/app.go b/cmd/s3-gw/app.go index 02f696a..2989d64 100644 --- a/cmd/s3-gw/app.go +++ b/cmd/s3-gw/app.go @@ -400,7 +400,7 @@ func remove(list []string, element string) []string { // about the stop to the log. func (a *App) Wait() { a.log.Info("application started", - zap.String("name", "neofs-s3-gw"), + zap.String("name", "frostfs-s3-gw"), zap.String("version", version.Version), ) diff --git a/cmd/s3-gw/app_settings.go b/cmd/s3-gw/app_settings.go index 51773fb..9b4fe20 100644 --- a/cmd/s3-gw/app_settings.go +++ b/cmd/s3-gw/app_settings.go @@ -277,7 +277,7 @@ func newSettings() *viper.Viper { switch { case help != nil && *help: - fmt.Printf("NeoFS S3 gateway %s\n", version.Version) + fmt.Printf("FrostFS S3 gateway %s\n", version.Version) flags.PrintDefaults() fmt.Println() @@ -309,7 +309,7 @@ func newSettings() *viper.Viper { os.Exit(0) case versionFlag != nil && *versionFlag: - fmt.Printf("NeoFS S3 Gateway\nVersion: %s\nGoVersion: %s\n", version.Version, runtime.Version()) + fmt.Printf("FrostFS S3 Gateway\nVersion: %s\nGoVersion: %s\n", version.Version, runtime.Version()) os.Exit(0) } diff --git a/debian/changelog b/debian/changelog index 7cb0e2d..186b4ef 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,5 +1,5 @@ -neofs-s3-gw (0.0.0) stable; urgency=medium +forstfs-s3-gw (0.0.0) stable; urgency=medium * Please see CHANGELOG.md - -- NeoSPCC Wed, 24 Aug 2022 18:29:49 +0300 + -- TrueCloudLab Wed, 24 Aug 2022 18:29:49 +0300 diff --git a/debian/control b/debian/control index 2eee1ce..0c5bab7 100644 --- a/debian/control +++ b/debian/control @@ -1,14 +1,14 @@ -Source: neofs-s3-gw +Source: frostfs-s3-gw Section: misc Priority: optional -Maintainer: NeoSPCC +Maintainer: TrueCloudLab Build-Depends: debhelper-compat (= 13), git, devscripts Standards-Version: 4.5.1 -Homepage: https://fs.neo.org/ -Vcs-Git: https://github.com/nspcc-dev/neofs-s3-gw.git -Vcs-Browser: https://github.com/nspcc-dev/neofs-s3-gw +Homepage: http://frostfs.info/ +Vcs-Git: https://github.com/TrueCloudLab/frostfs-s3-gw.git +Vcs-Browser: https://github.com/TrueCloudLab/frostfs-s3-gw -Package: neofs-s3-gw +Package: frostfs-s3-gw Architecture: any Depends: ${misc:Depends} -Description: NeoFS S3 gateway provides API compatible with Amazon S3 cloud storage service. +Description: FrostFS S3 gateway provides API compatible with Amazon S3 cloud storage service. diff --git a/debian/copyright b/debian/copyright index b9b7a64..13871fe 100644 --- a/debian/copyright +++ b/debian/copyright @@ -1,11 +1,13 @@ Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ -Upstream-Name: neofs-s3-gw -Upstream-Contact: tech@nspcc.ru -Source: https://github.com/nspcc-dev/neofs-s3-gw +Upstream-Name: frostfs-s3-gw +Upstream-Contact: tech@frostfs.info +Source: https://github.com/TrueCloudLab/frostfs-s3-gw Files: * -Copyright: 2018-2022 NeoSPCC (@nspcc-dev), contributors of neofs-s3-gw project +Copyright: 2018-2022 NeoSPCC (@nspcc-dev), contributors of neofs-s3-gw project (https://github.com/nspcc-dev/neofs-s3-gw/blob/master/CREDITS.md) + 2022 True Cloud Lab (@TrueCloudLab), contributors of frostfs-s3-gw project + (https://github.com/TrueCloudLab/frostfs-s3-gw/blob/master/CREDITS.md) License: AGPL-3.0-only diff --git a/debian/frostfs-s3-gw.dirs b/debian/frostfs-s3-gw.dirs new file mode 100644 index 0000000..bc6d0fd --- /dev/null +++ b/debian/frostfs-s3-gw.dirs @@ -0,0 +1,2 @@ +etc/frostfs/s3 +var/lib/frostfs/s3 diff --git a/debian/neofs-s3-gw.docs b/debian/frostfs-s3-gw.docs similarity index 100% rename from debian/neofs-s3-gw.docs rename to debian/frostfs-s3-gw.docs diff --git a/debian/neofs-s3-gw.examples b/debian/frostfs-s3-gw.examples similarity index 100% rename from debian/neofs-s3-gw.examples rename to debian/frostfs-s3-gw.examples diff --git a/debian/frostfs-s3-gw.install b/debian/frostfs-s3-gw.install new file mode 100644 index 0000000..7e4b6e1 --- /dev/null +++ b/debian/frostfs-s3-gw.install @@ -0,0 +1,4 @@ +config/config.yaml etc/frostfs/s3 +config/rules.json var/lib/frostfs/s3 +bin/frostfs-s3-gw usr/bin +bin/frostfs-s3-authmate usr/bin diff --git a/debian/neofs-s3-gw.postinst b/debian/frostfs-s3-gw.postinst similarity index 54% rename from debian/neofs-s3-gw.postinst rename to debian/frostfs-s3-gw.postinst index 42b6ff3..82345f6 100644 --- a/debian/neofs-s3-gw.postinst +++ b/debian/frostfs-s3-gw.postinst @@ -1,5 +1,5 @@ #!/bin/sh -# postinst script for neofs-s3-gw +# postinst script for frostfs-s3-gw # # see: dh_installdeb(1) @@ -21,17 +21,17 @@ set -e case "$1" in configure) USERNAME=s3 - id -u neofs-$USERNAME >/dev/null 2>&1 || useradd -s /usr/sbin/nologin -d /var/lib/neofs/s3 --system -M -U -c "NeoFS S3 gateway" neofs-$USERNAME - if ! dpkg-statoverride --list /etc/neofs/$USERNAME >/dev/null; then - chown -f -R root:neofs-$USERNAME /etc/neofs/$USERNAME - chown -f root:neofs-$USERNAME /etc/neofs/$USERNAME/config.yaml || true - chmod -f 0750 /etc/neofs/$USERNAME - chmod -f 0640 /etc/neofs/$USERNAME/config.yaml || true + id -u frostfs-$USERNAME >/dev/null 2>&1 || useradd -s /usr/sbin/nologin -d /var/lib/frostfs/s3 --system -M -U -c "FrostFS S3 gateway" frostfs-$USERNAME + if ! dpkg-statoverride --list /etc/frostfs/$USERNAME >/dev/null; then + chown -f -R root:frostfs-$USERNAME /etc/frostfs/$USERNAME + chown -f root:frostfs-$USERNAME /etc/frostfs/$USERNAME/config.yaml || true + chmod -f 0750 /etc/frostfs/$USERNAME + chmod -f 0640 /etc/frostfs/$USERNAME/config.yaml || true fi - USERDIR=$(getent passwd "neofs-$USERNAME" | cut -d: -f6) - if ! dpkg-statoverride --list neofs-$USERDIR >/dev/null; then - chown -f neofs-$USERNAME: $USERDIR - chown -f neofs-$USERNAME: $USERDIR/rules.json + USERDIR=$(getent passwd "frostfs-$USERNAME" | cut -d: -f6) + if ! dpkg-statoverride --list frostfs-$USERDIR >/dev/null; then + chown -f frostfs-$USERNAME: $USERDIR + chown -f frostfs-$USERNAME: $USERDIR/rules.json fi ;; diff --git a/debian/neofs-s3-gw.postrm b/debian/frostfs-s3-gw.postrm similarity index 92% rename from debian/neofs-s3-gw.postrm rename to debian/frostfs-s3-gw.postrm index 488791d..729f801 100644 --- a/debian/neofs-s3-gw.postrm +++ b/debian/frostfs-s3-gw.postrm @@ -1,5 +1,5 @@ #!/bin/sh -# postrm script for neofs-s3-gw +# postrm script for frostfs-s3-gw # # see: dh_installdeb(1) @@ -21,7 +21,7 @@ set -e case "$1" in purge) - rm -rf /var/lib/neofs/s3 + rm -rf /var/lib/frostfs/s3 ;; remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) diff --git a/debian/neofs-s3-gw.preinst b/debian/frostfs-s3-gw.preinst similarity index 94% rename from debian/neofs-s3-gw.preinst rename to debian/frostfs-s3-gw.preinst index 1dcfc1b..c26a51e 100644 --- a/debian/neofs-s3-gw.preinst +++ b/debian/frostfs-s3-gw.preinst @@ -1,5 +1,5 @@ #!/bin/sh -# preinst script for neofs-s3-gw +# preinst script for frostfs-s3-gw # # see: dh_installdeb(1) diff --git a/debian/neofs-s3-gw.prerm b/debian/frostfs-s3-gw.prerm similarity index 96% rename from debian/neofs-s3-gw.prerm rename to debian/frostfs-s3-gw.prerm index dc142d3..99c4acb 100644 --- a/debian/neofs-s3-gw.prerm +++ b/debian/frostfs-s3-gw.prerm @@ -1,5 +1,5 @@ #!/bin/sh -# prerm script for neofs-s3-gw +# prerm script for frostfs-s3-gw # # see: dh_installdeb(1) diff --git a/debian/frostfs-s3-gw.service b/debian/frostfs-s3-gw.service new file mode 100644 index 0000000..baad2d1 --- /dev/null +++ b/debian/frostfs-s3-gw.service @@ -0,0 +1,16 @@ +[Unit] +Description=FrostFS S3 Gateway +Requires=network.target + +[Service] +Type=simple +ExecStart=/usr/bin/frostfs-s3-gw --config /etc/frostfs/s3/config.yaml +User=frostfs-s3 +Group=frostfs-s3 +WorkingDirectory=/var/lib/frostfs/s3 +Restart=always +RestartSec=5 +PrivateTmp=true + +[Install] +WantedBy=multi-user.target diff --git a/debian/neofs-s3-gw.dirs b/debian/neofs-s3-gw.dirs deleted file mode 100644 index 9f7f6d6..0000000 --- a/debian/neofs-s3-gw.dirs +++ /dev/null @@ -1,2 +0,0 @@ -etc/neofs/s3 -var/lib/neofs/s3 diff --git a/debian/neofs-s3-gw.install b/debian/neofs-s3-gw.install deleted file mode 100644 index 40f0322..0000000 --- a/debian/neofs-s3-gw.install +++ /dev/null @@ -1,4 +0,0 @@ -config/config.yaml etc/neofs/s3 -config/rules.json var/lib/neofs/s3 -bin/neofs-s3-gw usr/bin -bin/neofs-s3-authmate usr/bin diff --git a/debian/neofs-s3-gw.service b/debian/neofs-s3-gw.service deleted file mode 100644 index 2f2626b..0000000 --- a/debian/neofs-s3-gw.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=NeoFS S3 Gateway -Requires=network.target - -[Service] -Type=simple -ExecStart=/usr/bin/neofs-s3-gw --config /etc/neofs/s3/config.yaml -User=neofs-s3 -Group=neofs-s3 -WorkingDirectory=/var/lib/neofs/s3 -Restart=always -RestartSec=5 -PrivateTmp=true - -[Install] -WantedBy=multi-user.target diff --git a/debian/rules b/debian/rules index 1187dd1..fbd95cc 100755 --- a/debian/rules +++ b/debian/rules @@ -2,7 +2,7 @@ # Do not try to strip Go binaries export DEB_BUILD_OPTIONS := nostrip -SERVICE = neofs-s3-gw +SERVICE = frostfs-s3-gw %: dh $@ diff --git a/docs/authmate.md b/docs/authmate.md index f0f6142..730c7ba 100644 --- a/docs/authmate.md +++ b/docs/authmate.md @@ -1,18 +1,18 @@ -# NeoFS S3 AuthMate +# FrostFS S3 AuthMate Authmate is a tool to create gateway AWS credentials. AWS users -are authenticated with access key IDs and secrets, while NeoFS users are +are authenticated with access key IDs and secrets, while FrostFS users are authenticated with key pairs. To complicate things further, we have S3 gateway that usually acts on behalf of some user, but the user doesn't necessarily want to give their keys to the gateway. -To solve this, we use NeoFS bearer tokens that are signed by the owner (NeoFS -"user") and that can implement any kind of policy for NeoFS requests allowed +To solve this, we use FrostFS bearer tokens that are signed by the owner (FrostFS +"user") and that can implement any kind of policy for FrostFS requests allowed to use this token. However, tokens can't be used as AWS credentials directly. Thus, -they're stored on NeoFS as regular objects, and an access key ID is just an +they're stored on FrostFS as regular objects, and an access key ID is just an address of this object while a secret is generated randomly. -Tokens are not stored on NeoFS in plaintext, they're encrypted with a set of +Tokens are not stored on FrostFS in plaintext, they're encrypted with a set of gateway keys. So, in order for a gateway to be able to successfully extract bearer token, the object needs to be stored in a container available for the gateway to read, and it needs to be encrypted with this gateway's key (among others @@ -83,7 +83,7 @@ NhLQpDnerpviUWDF77j5qyjFgavCmasJ4p (simple signature contract): ## Issuance of a secret To issue a secret means to create Bearer and, optionally, Session tokens and -put them as an object into a container on the NeoFS network. +put them as an object into a container on the FrostFS network. ### CLI parameters @@ -91,7 +91,7 @@ put them as an object into a container on the NeoFS network. * `--wallet` is a path to a wallet `.json` file. You can provide a passphrase to decrypt a wallet via environment variable `AUTHMATE_WALLET_PASSPHRASE`, or you will be asked to enter a passphrase interactively. You can also specify an account address to use from a wallet using the `--address` parameter. -* `--peer` is an address of a NeoFS peer to connect to +* `--peer` is an address of a FrostFS peer to connect to * `--gate-public-key` is a public `secp256r1` 33-byte short key of a gate (use flags repeatedly for multiple gates). The tokens are encrypted by a set of gateway keys, so you need to pass them as well. @@ -105,7 +105,7 @@ You can issue a secret using the parameters above only. The tool will E.g.: ```shell -$ neofs-s3-authmate issue-secret --wallet wallet.json \ +$ frostfs-s3-authmate issue-secret --wallet wallet.json \ --peer 192.168.130.71:8080 \ --gate-public-key 0313b1ac3a8076e155a7e797b24f0b650cccad5941ea59d7cfd51a024a8b2a06bf\ --gate-public-key 0317585fa8274f7afdf1fc5f2a2e7bece549d5175c4e5182e37924f30229aef967 @@ -122,7 +122,7 @@ $ neofs-s3-authmate issue-secret --wallet wallet.json \ `access_key_id` and `secret_access_key` are AWS credentials that you can use with any S3 client. -`access_key_id` consists of Base58 encoded containerID(cid) and objectID(oid) stored on the NeoFS network and containing +`access_key_id` consists of Base58 encoded containerID(cid) and objectID(oid) stored on the FrostFS network and containing the secret. Format of `access_key_id`: `%cid0%oid`, where 0(zero) is a delimiter. **Optional parameters:** @@ -141,7 +141,7 @@ Creation of bearer tokens is mandatory. Rules for a bearer token can be set via parameter `--bearer-rules` (json-string and file path allowed): ```shell -$ neofs-s3-authmate issue-secret --wallet wallet.json \ +$ frostfs-s3-authmate issue-secret --wallet wallet.json \ --peer 192.168.130.71:8080 \ --gate-public-key 0313b1ac3a8076e155a7e797b24f0b650cccad5941ea59d7cfd51a024a8b2a06bf \ --bearer-rules bearer-rules.json @@ -195,7 +195,7 @@ If bearer rules are not set, a token will be auto-generated with a value: With a session token, there are 3 options: 1. append `--session-tokens` parameter with your custom rules in json format (as a string or file path). E.g.: ```shell -$ neofs-s3-authmate issue-secret --wallet wallet.json \ +$ frostfs-s3-authmate issue-secret --wallet wallet.json \ --peer 192.168.130.71:8080 \ --gate-public-key 0313b1ac3a8076e155a7e797b24f0b650cccad5941ea59d7cfd51a024a8b2a06bf \ --session-tokens session.json @@ -224,7 +224,7 @@ If `containerID` is `null` or omitted, then session token rule will be applied to all containers. Otherwise, specify `containerID` value in human-redabale format (base58 encoded string). -> **_NB!_** To create buckets in NeoFS it's necessary to have session tokens with `PUT` and `SETEACL` permissions, that's why +> **_NB!_** To create buckets in FrostFS it's necessary to have session tokens with `PUT` and `SETEACL` permissions, that's why the authmate creates a `SETEACL` session token automatically in case when a user specified the token rule with `PUT` and forgot about the rule with `SETEACL`. @@ -235,7 +235,7 @@ in example above) ### Containers policy Rules for mapping of `LocationConstraint` ([aws spec](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html#API_CreateBucket_RequestBody)) -to `PlacementPolicy` ([neofs spec](https://github.com/nspcc-dev/neofs-spec/blob/master/01-arch/02-policy.md)) +to `PlacementPolicy` ([frostfs spec](https://github.com/TrueCloudLab/frostfs-spec/blob/master/01-arch/02-policy.md)) can be set via parameter `--container-policy` (json-string and file path allowed): ```json { @@ -248,12 +248,12 @@ can be set via parameter `--container-policy` (json-string and file path allowed ## Obtainment of a secret access key You can get a secret access key associated with an access key ID by obtaining a -secret stored on the NeoFS network. Here is an example of providing one password (for `wallet.json`) via env variable +secret stored on the FrostFS network. Here is an example of providing one password (for `wallet.json`) via env variable and the other (for `gate-wallet.json`) interactively: ```shell $ AUTHMATE_WALLET_PASSPHRASE=some-pwd \ -neofs-s3-authmate obtain-secret --wallet wallet.json \ +frostfs-s3-authmate obtain-secret --wallet wallet.json \ --peer 192.168.130.71:8080 \ --gate-wallet gate-wallet.json \ --access-key-id 5g933dyLEkXbbAspouhPPTiyLZRg4axBW1axSPD87eVT0AiXsH4AjYy1iTJ4C1WExzjBrSobJsQFWEyKLREe5sQYM @@ -272,7 +272,7 @@ using AWS credentials from `~/.aws/credentials` (you can specify profile using t with the following command: ```shell -$ neofs-s3-authmate generate-presigned-url --endpoint http://localhost:8084 \ +$ frostfs-s3-authmate generate-presigned-url --endpoint http://localhost:8084 \ --method get --bucket presigned --object obj --lifetime 30s { @@ -283,7 +283,7 @@ $ neofs-s3-authmate generate-presigned-url --endpoint http://localhost:8084 \ You can also provide credential explicitly: ```shell -$ neofs-s3-authmate generate-presigned-url --endpoint http://localhost:8084 \ +$ frostfs-s3-authmate generate-presigned-url --endpoint http://localhost:8084 \ --method put --bucket presigned --object obj --lifetime 12h \ --region ru --aws-secret-access-key c2d65ef2980f03f4f495bdebedeeae760496697880d61d106bb9a4e5cd2e0607 \ --aws-access-key-id ETaA2CadPcA7bAkLsML2PbTudXY8uRt2PDjCCwkvRv9s0FDCxWDXYc1SA1vKv8KbyCNsLY2AmAjJ92Vz5rgvsFCy diff --git a/docs/aws_cli.md b/docs/aws_cli.md index cc03f2c..270b1d5 100644 --- a/docs/aws_cli.md +++ b/docs/aws_cli.md @@ -6,7 +6,7 @@ To configure basic settings that the AWS CLI uses to interact with the Gateway, follow the steps below: -1. issue a secret with neofs-s3-authmate tool (see [NeoFS S3 Authmate](./authmate.md)) +1. issue a secret with frostfs-s3-authmate tool (see [FrostFS S3 Authmate](./authmate.md)) 2. execute the command ``` $ aws configure @@ -28,7 +28,7 @@ Default output format [none]: json #### Obtainment of a list of buckets -To view the list of the buckets in the NeoFS node, to which the gateway is connected, enter the following command: +To view the list of the buckets in the FrostFS node, to which the gateway is connected, enter the following command: ``` $ aws s3 ls ``` @@ -72,15 +72,15 @@ $ aws s3api list-objects --bucket %BUCKET_NAME #### Upload of a file -To upload a file into a bucket in the NeoFS network, run the following command: +To upload a file into a bucket in the FrostFS network, run the following command: ``` $ aws s3api put-object --bucket %BUCKET_NAME --key %OBJECT_KEY --body %FILEPATH ``` -where %OBJECT_KEY is the filepath of an object in NeoFS +where %OBJECT_KEY is the filepath of an object in FrostFS #### Upload of a dir -To upload a dir into a bucket in the NeoFS network, run the following command: +To upload a dir into a bucket in the FrostFS network, run the following command: ``` $ aws s3 sync %DIRPATH s3://%BUCKET_NAME @@ -88,7 +88,7 @@ $ aws s3 sync %DIRPATH s3://%BUCKET_NAME #### Download of a file -To download a file from a bucket in the NeoFS Network, execute: +To download a file from a bucket in the FrostFS Network, execute: ``` $ aws s3api get-object --bucket %BUCKET_NAME --key %OBJECT_KEY %OUTFILE ``` diff --git a/docs/configuration.md b/docs/configuration.md index fb2418d..d7ea324 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -19,20 +19,20 @@ basic configuration can be completed with CLI parameters only. 3. [Binding and TLS](#listening-on-address-and-TLS) 4. [RPC endpoint and resolving of bucket names](#rpc-endpoint-and-resolving-of-bucket-names) 5. [Processing of requests](#processing-of-requests) - 6. [Connection to NeoFS](#connection-to-NeoFS) + 6. [Connection to FrostFS](#connection-to-FrostFS) 7. [Monitoring and metrics](#monitoring-and-metrics) 2. [YAML file and environment variables](#yaml-file-and-environment-variables) - 1. [Configuration file](#neofs-s3-gateway-configuration-file) + 1. [Configuration file](#frostfs-s3-gateway-configuration-file) ## CLI parameters ### Nodes and weights -You can specify multiple `-p` options to add more NeoFS nodes; this will make +You can specify multiple `-p` options to add more FrostFS nodes; this will make a gateway spread requests equally among them (using weight 1 for every node): ```shell -$ neofs-s3-gw -p 192.168.130.72:8080 -p 192.168.130.71:8080 +$ frostfs-s3-gw -p 192.168.130.72:8080 -p 192.168.130.71:8080 ``` If you want some specific load distribution proportions, use weights and priorities, they @@ -58,7 +58,7 @@ Example to bind to `192.168.130.130:443` and serve TLS there (keys and nodes are omitted): ```shell -$ neofs-s3-gw --listen_address 192.168.130.130:443 \ +$ frostfs-s3-gw --listen_address 192.168.130.130:443 \ --tls.key_file=key.pem --tls.cert_file=cert.pem ``` @@ -70,7 +70,7 @@ To set RPC endpoint specify a value of parameter `-r` or `--rpc_endpoint`. The p parameter's `--resolve_order` value contains `nns`. ```shell -$ neofs-s3-gw --rpc_endpoint http://morph-chain.neofs.devenv:30333/ --resolve_order nns,dns +$ frostfs-s3-gw --rpc_endpoint http://morph-chain.frostfs.devenv:30333/ --resolve_order nns,dns ``` ### Processing of requests @@ -80,18 +80,18 @@ Maximum number of clients whose requests can be handled by the gateway can be sp `--max_clients_deadline` defines deadline after which the gate sends error `RequestTimeout` to a client. ```shell -$ neofs-s3-gw --max_clients_count 150 --max_clients_deadline 1m +$ frostfs-s3-gw --max_clients_count 150 --max_clients_deadline 1m ``` -### Connection to NeoFS +### Connection to FrostFS -Timeout to connect to NeoFS nodes can be set with `--connect_timeout` +Timeout to connect to FrostFS nodes can be set with `--connect_timeout` and timeout to check node health during rebalance`--healthcheck_timeout`. Also, interval to check node health can be specified by `--rebalance_interval` value. ```shell -$ neofs-s3-gw --healthcheck_timeout 15s --connect_timeout 1m --rebalance_interval 1h +$ frostfs-s3-gw --healthcheck_timeout 15s --connect_timeout 1m --rebalance_interval 1h ``` ### Monitoring and metrics @@ -107,7 +107,7 @@ Examples of environment variables: [env-example](/config/config.env). A path to a configuration file can be specified with `--config` parameter: ```shell -$ neofs-s3-gw --config your-config.yaml +$ frostfs-s3-gw --config your-config.yaml ``` ### Reload on SIGHUP @@ -124,12 +124,12 @@ $ kill -s SIGHUP Example: ```shell -$ ./bin/neofs-s3-gw --config config.yaml &> s3.log & +$ ./bin/frostfs-s3-gw --config config.yaml &> s3.log & [1] 998346 $ cat s3.log # ... -2022-09-30T17:38:22.338+0300 info s3-gw/app.go:371 application started {"name": "neofs-s3-gw", "version": "v0.24.0"} +2022-09-30T17:38:22.338+0300 info s3-gw/app.go:371 application started {"name": "frostfs-s3-gw", "version": "v0.24.0"} # ... $ kill -s SIGHUP 998346 @@ -139,9 +139,9 @@ $ cat s3.log 2022-09-30T17:38:40.909+0300 info s3-gw/app.go:491 SIGHUP config reload completed ``` -### NeoFS S3 Gateway configuration file +### FrostFS S3 Gateway configuration file -This section contains detailed NeoFS S3 Gateway configuration file description +This section contains detailed FrostFS S3 Gateway configuration file description including default config values and some tips to set up configurable values. There are some custom types used for brevity: @@ -165,16 +165,16 @@ There are some custom types used for brevity: | `cors` | [CORS configuration](#cors-section) | | `pprof` | [Pprof configuration](#pprof-section) | | `prometheus` | [Prometheus configuration](#prometheus-section) | -| `neofs` | [Parameters of requests to NeoFS](#neofs-section) | +| `neofs` | [Parameters of requests to FrostFS](#neofs-section) | ### General section ```yaml listen_domains: - - s3dev.neofs.devenv - - s3dev2.neofs.devenv + - s3dev.frostfs.devenv + - s3dev2.frostfs.devenv -rpc_endpoint: http://morph-chain.neofs.devenv:30333 +rpc_endpoint: http://morph-chain.frostfs.devenv:30333 resolve_order: - nns - dns @@ -226,23 +226,23 @@ wallet: ```yaml # Nodes configuration -# This configuration makes the gateway use the first node (node1.neofs:8080) -# while it's healthy. Otherwise, gateway uses the second node (node2.neofs:8080) -# for 10% of requests and the third node (node3.neofs:8080) for 90% of requests. +# This configuration makes the gateway use the first node (node1.frostfs:8080) +# while it's healthy. Otherwise, gateway uses the second node (node2.frostfs:8080) +# for 10% of requests and the third node (node3.frostfs:8080) for 90% of requests. # Until nodes with the same priority level are healthy # nodes with other priority are not used. # The lower the value, the higher the priority. peers: 0: - address: node1.neofs:8080 + address: node1.frostfs:8080 priority: 1 weight: 1 1: - address: node2.neofs:8080 + address: node2.frostfs:8080 priority: 2 weight: 0.1 2: - address: node3.neofs:8080 + address: node3.frostfs:8080 priority: 2 weight: 0.9 ``` @@ -262,10 +262,10 @@ placement_policy: region_mapping: /path/to/mapping/rules.json ``` -| Parameter | Type | SIGHUP reload | Default value | Description | -|------------------|----------|---------------|---------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `default` | `string` | yes | `REP 3` | Default policy of placing containers in NeoFS. If a user sends a request `CreateBucket` and doesn't define policy for placing of a container in NeoFS, the S3 Gateway will put the container with default policy. | -| `region_mapping` | `string` | yes | | Path to file that maps aws `LocationContraint` values to NeoFS placement policy. The similar to `--container-policy` flag in `neofs-s3-authmate` util. | +| Parameter | Type | SIGHUP reload | Default value | Description | +|------------------|----------|---------------|---------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `default` | `string` | yes | `REP 3` | Default policy of placing containers in FrostFS. If a user sends a request `CreateBucket` and doesn't define policy for placing of a container in FrostFS, the S3 Gateway will put the container with default policy. | +| `region_mapping` | `string` | yes | | Path to file that maps aws `LocationContraint` values to FrostFS placement policy. The similar to `--container-policy` flag in `frostfs-s3-authmate` util. | File for `region_mapping` must contain something like this: @@ -320,7 +320,7 @@ logger: ```yaml tree: - service: s01.neofs.devenv:8080 + service: s01.frostfs.devenv:8080 ``` | Parameter | Type | Default value | Description | @@ -356,7 +356,7 @@ cache: | Parameter | Type | Default value | Description | |-----------------|-----------------------------------|-----------------------------------|----------------------------------------------------------------------------------------| -| `objects` | [Cache config](#cache-subsection) | `lifetime: 5m`
`size: 1000000` | Cache for objects (NeoFS headers). | +| `objects` | [Cache config](#cache-subsection) | `lifetime: 5m`
`size: 1000000` | Cache for objects (FrostFS headers). | | `list` | [Cache config](#cache-subsection) | `lifetime: 60s`
`size: 100000` | Cache which keeps lists of objects in buckets. | | `names` | [Cache config](#cache-subsection) | `lifetime: 60s`
`size: 10000` | Cache which contains mapping of nice name to object addresses. | | `buckets` | [Cache config](#cache-subsection) | `lifetime: 60s`
`size: 1000` | Cache which contains mapping of bucket name to bucket info. | @@ -449,14 +449,14 @@ prometheus: # `neofs` section -Contains parameters of requests to NeoFS. +Contains parameters of requests to FrostFS. This value can be overridden with `X-Amz-Meta-Neofs-Copies-Number` header for `PutObject`, `CopyObject`, `CreateMultipartUpload`. ```yaml -neofs: +frostfs: set_copies_number: 0 ``` -| Parameter | Type | Default value | Description | -|---------------------|----------|---------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `set_copies_number` | `uint32` | `0` | Number of the object copies to consider PUT to NeoFS successful.
Default value `0` means that object will be processed according to the container's placement policy | +| Parameter | Type | Default value | Description | +|---------------------|----------|---------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `set_copies_number` | `uint32` | `0` | Number of the object copies to consider PUT to FrostFS successful.
Default value `0` means that object will be processed according to the container's placement policy | diff --git a/docs/s3_test_results.md b/docs/s3_test_results.md index f027971..1bc7eb6 100644 --- a/docs/s3_test_results.md +++ b/docs/s3_test_results.md @@ -1,7 +1,7 @@ # S3 compatibility test results -NeoFS Node: v0.30.0 -NeoFS S3 Gateway: v0.22.0-10-g87f6681 +FrostFS Node: v0.30.0 +FrostFS S3 Gateway: v0.22.0-10-g87f6681 To update this file using tests result, run: diff --git a/docs/tree_service.md b/docs/tree_service.md index 84018d0..f47f8a4 100644 --- a/docs/tree_service.md +++ b/docs/tree_service.md @@ -1,7 +1,7 @@ # Tree service To get objects' metadata and system information, the S3 GW makes requests to the Tree service. -This is a service in NeoFS storage that keeps different information as a tree structure. +This is a service in FrostFS storage that keeps different information as a tree structure. Each node keeps one of the types of data as a set of **key-value pairs**: * Bucket settings: lock configuration and versioning mode @@ -11,7 +11,7 @@ Each node keeps one of the types of data as a set of **key-value pairs**: * Object locking settings * Active multipart upload info -Some data takes up a lot of memory, so we store it in NeoFS nodes as an object with payload. +Some data takes up a lot of memory, so we store it in FrostFS nodes as an object with payload. But we keep these objects' metadata in the Tree service too: * Notification configuration * CORS diff --git a/internal/version/version.go b/internal/version/version.go index 6f3d47a..270768c 100644 --- a/internal/version/version.go +++ b/internal/version/version.go @@ -5,5 +5,5 @@ var ( Version = "dev" // Server contains server identification string. - Server = "NeoFS-S3-GW/" + Version + Server = "FrostFS-S3-GW/" + Version ) diff --git a/syncTree.sh b/syncTree.sh index 35f210f..64f2cd8 100755 --- a/syncTree.sh +++ b/syncTree.sh @@ -6,7 +6,7 @@ REVISION="feaa9eace7098c343598bf08fb50746a1e8d2deb" echo "tree service revision ${REVISION}" -FILES=$(curl -s https://github.com/nspcc-dev/neofs-node/tree/${REVISION}/pkg/services/tree | sed -n "s,.*\"/nspcc-dev/neofs-node/blob/${REVISION}/pkg/services/tree/\(.*\.pb\.go\)\".*,\1,p") +FILES=$(curl -s https://github.com/TrueCloudLab/frostfs-node/tree/${REVISION}/pkg/services/tree | sed -n "s,.*\"/TrueCloudLab/frostfs-node/blob/${REVISION}/pkg/services/tree/\(.*\.pb\.go\)\".*,\1,p") for file in $FILES; do if [[ $file == *"neofs"* ]]; then @@ -15,5 +15,5 @@ for file in $FILES; do else echo "sync '$file' in tree service" fi - curl -s "https://raw.githubusercontent.com/nspcc-dev/neofs-node/${REVISION}/pkg/services/tree/${file}" -o "./internal/neofs/services/tree/${file}" + curl -s "https://raw.githubusercontent.com/TrueCloudLab/frostfs-node/${REVISION}/pkg/services/tree/${file}" -o "./internal/neofs/services/tree/${file}" done