[#713] Update docs

Mention new accesscontrol cache parameters in changelog and configs.

Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
Denis Kirillov 2022-10-03 17:36:09 +03:00 committed by Alex Vanin
parent 3d31c2ab4a
commit 1a21e6e6e8
4 changed files with 36 additions and 12 deletions

View file

@ -4,6 +4,19 @@ This document outlines major changes between releases.
## [Unreleased]
### Fixed
- Unrestricted access to not owned objects via cache (#713)
### Updating from v0.24.0
New config parameters were added. Make sure the default parameters are appropriate for you.
```yaml
cache:
accesscontrol:
lifetime: 1m
size: 100000
```
## [0.24.0] - 2022-09-14
### Added

View file

@ -84,6 +84,9 @@ S3_GW_CACHE_SYSTEM_SIZE=100000
# Cache which stores access box with tokens by its address
S3_GW_CACHE_ACCESSBOX_LIFETIME=10m
S3_GW_CACHE_ACCESSBOX_SIZE=100
# Cache which stores owner to cache operation mapping
S3_GW_CACHE_ACCESSCONTROL_LIFETIME=1m
S3_GW_CACHE_ACCESSCONTROL_SIZE=100000
# NATS
S3_GW_NATS_ENABLED=true

View file

@ -89,14 +89,18 @@ cache:
buckets:
lifetime: 1m
size: 500
# Cache for system objects in a bucket: bucket settings, notification configuration etc
# Cache for system objects in a bucket: bucket settings, notification configuration etc
system:
lifetime: 2m
size: 1000
# Cache which stores access box with tokens by its address
# Cache which stores access box with tokens by its address
accessbox:
lifetime: 5m
size: 10
# Cache which stores owner to cache operation mapping
accesscontrol:
lifetime: 1m
size: 100000
nats:
enabled: true
@ -118,8 +122,8 @@ cors:
# Parameters of requests to NeoFS
neofs:
# Number of the object copies to consider PUT to NeoFS successful.
# `0` means that object will be processed according to the container's placement policy
# Number of the object copies to consider PUT to NeoFS successful.
# `0` means that object will be processed according to the container's placement policy
set_copies_number: 0
# List of allowed AccessKeyID prefixes

View file

@ -311,16 +311,20 @@ cache:
accessbox:
lifetime: 5m
size: 10
accesscontrol:
lifetime: 1m
size: 100000
```
| Parameter | Type | Default value | Description |
|-------------|-----------------------------------|-----------------------------------|----------------------------------------------------------------------------------------|
| `objects` | [Cache config](#cache-subsection) | `lifetime: 5m`<br>`size: 1000000` | Cache for objects (NeoFS headers). |
| `list` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 100000` | Cache which keeps lists of objects in buckets. |
| `names` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 10000` | Cache which contains mapping of nice name to object addresses. |
| `buckets` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 1000` | Cache which contains mapping of bucket name to bucket info. |
| `system` | [Cache config](#cache-subsection) | `lifetime: 5m`<br>`size: 10000` | Cache for system objects in a bucket: bucket settings, notification configuration etc. |
| `accessbox` | [Cache config](#cache-subsection) | `lifetime: 10m`<br>`size: 100` | Cache which stores access box with tokens by its address. |
| Parameter | Type | Default value | Description |
|-----------------|-----------------------------------|-----------------------------------|----------------------------------------------------------------------------------------|
| `objects` | [Cache config](#cache-subsection) | `lifetime: 5m`<br>`size: 1000000` | Cache for objects (NeoFS headers). |
| `list` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 100000` | Cache which keeps lists of objects in buckets. |
| `names` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 10000` | Cache which contains mapping of nice name to object addresses. |
| `buckets` | [Cache config](#cache-subsection) | `lifetime: 60s`<br>`size: 1000` | Cache which contains mapping of bucket name to bucket info. |
| `system` | [Cache config](#cache-subsection) | `lifetime: 5m`<br>`size: 10000` | Cache for system objects in a bucket: bucket settings, notification configuration etc. |
| `accessbox` | [Cache config](#cache-subsection) | `lifetime: 10m`<br>`size: 100` | Cache which stores access box with tokens by its address. |
| `accesscontrol` | [Cache config](#cache-subsection) | `lifetime: 1m`<br>`size: 100000` | Cache which stores owner to cache operation mapping. |
#### `cache` subsection