From a3b2dfbff3a5dae3802c8cbda73c131060d623a1 Mon Sep 17 00:00:00 2001 From: Evgeniy Kulikov Date: Tue, 1 Dec 2020 11:02:00 +0300 Subject: [PATCH] Add S3 Gate Signed-off-by: Evgeniy Kulikov --- .env | 4 +++ .services | 1 + services/s3_gate/.env | 1 + services/s3_gate/.hosts | 1 + services/s3_gate/.s3.env | 21 ++++++++++++++ services/s3_gate/docker-compose.yml | 43 +++++++++++++++++++++++++++++ services/s3_gate/hcs.pub.key | 1 + services/s3_gate/hcs.sec.key | 1 + services/s3_gate/tls.crt | 22 +++++++++++++++ services/s3_gate/tls.key | 27 ++++++++++++++++++ services/s3_gate/user.key | 1 + 11 files changed, 123 insertions(+) create mode 120000 services/s3_gate/.env create mode 100644 services/s3_gate/.hosts create mode 100644 services/s3_gate/.s3.env create mode 100644 services/s3_gate/docker-compose.yml create mode 100644 services/s3_gate/hcs.pub.key create mode 100644 services/s3_gate/hcs.sec.key create mode 100644 services/s3_gate/tls.crt create mode 100644 services/s3_gate/tls.key create mode 100644 services/s3_gate/user.key diff --git a/.env b/.env index 6192ee4..6b7e1cc 100644 --- a/.env +++ b/.env @@ -20,3 +20,7 @@ NODE_IMAGE=nspccdev/neofs-storage # HTTP Gate HTTP_GW_VERSION=0.12.0-rc.3 HTTP_GW_IMAGE=nspccdev/neofs-http-gate + +# S3 Gate +S3_GW_VERSION=0.12.0-rc.2 +S3_GW_IMAGE=nspccdev/neofs-s3-gate diff --git a/.services b/.services index 1fc4e3f..d17d5c8 100644 --- a/.services +++ b/.services @@ -6,3 +6,4 @@ morph_chain ir storage http_gate +s3_gate diff --git a/services/s3_gate/.env b/services/s3_gate/.env new file mode 120000 index 0000000..c7360fb --- /dev/null +++ b/services/s3_gate/.env @@ -0,0 +1 @@ +../../.env \ No newline at end of file diff --git a/services/s3_gate/.hosts b/services/s3_gate/.hosts new file mode 100644 index 0000000..556c3c8 --- /dev/null +++ b/services/s3_gate/.hosts @@ -0,0 +1 @@ +IPV4_PREFIX.82 s3.LOCAL_DOMAIN diff --git a/services/s3_gate/.s3.env b/services/s3_gate/.s3.env new file mode 100644 index 0000000..84cfa59 --- /dev/null +++ b/services/s3_gate/.s3.env @@ -0,0 +1,21 @@ +S3_GW_REBALANCE_TIMER = 15s +S3_GW_REQUEST_TIMEOUT = 15s +S3_GW_CONNECT_TIMEOUT = 30s + +S3_GW_KEEPALIVE_PERMIT_WITHOUT_STREAM = true +S3_GW_KEEPALIVE_TIME = 10s +S3_GW_KEEPALIVE_TIMEOUT = 10s + +S3_GW_LOGGER_FORMAT = console +S3_GW_LOGGER_LEVEL = debug +S3_GW_LOGGER_NO_DISCLAIMER = true +S3_GW_LOGGER_SAMPLING_INITIAL = 1000 +S3_GW_LOGGER_SAMPLING_THEREAFTER = 1000 +S3_GW_LOGGER_TRACE_LEVEL = panic + +S3_GW_MAX_CLIENTS_COUNT = 100 +S3_GW_MAX_CLIENTS_DEADLINE = 30s + +S3_GW_METRICS = false +S3_GW_PPROF = false +S3_GW_VERBOSE = false diff --git a/services/s3_gate/docker-compose.yml b/services/s3_gate/docker-compose.yml new file mode 100644 index 0000000..628066f --- /dev/null +++ b/services/s3_gate/docker-compose.yml @@ -0,0 +1,43 @@ +--- + +version: "2.4" +services: + http_gate: + image: ${S3_GW_IMAGE}:${S3_GW_VERSION} + domainname: ${LOCAL_DOMAIN} + hostname: s3_gate + container_name: s3_gate + restart: on-failure + networks: + s3_gate_int: + internet: + ipv4_address: ${IPV4_PREFIX}.82 + volumes: + - ./user.key:/user.key + - ./hcs.pub.key:/hcs.pub.key + - ./hcs.sec.key:/hcs.sec.key + - ./tls.key:/tls.key + - ./tls.crt:/tls.crt + - ./../../vendor/hosts:/etc/hosts + stop_signal: SIGKILL + env_file: [ ".env", ".s3.env" ] + environment: + - S3_GW_AUTH-KEY=/hcs.sec.key + - S3_GW_NEOFS-KEY=/user.key + - S3_GW_TLS_KEY_FILE=/tls.key + - S3_GW_TLS_CERT_FILE=/tls.crt + - S3_GW_LISTEN_ADDRESS=s3.${LOCAL_DOMAIN}:8080 + - S3_GW_PEERS_0_ADDRESS=s01.${LOCAL_DOMAIN}:8080 + - S3_GW_PEERS_0_WEIGHT=0.2 + - S3_GW_PEERS_1_ADDRESS=s02.${LOCAL_DOMAIN}:8080 + - S3_GW_PEERS_1_WEIGHT=0.2 + - S3_GW_PEERS_2_ADDRESS=s03.${LOCAL_DOMAIN}:8080 + - S3_GW_PEERS_2_WEIGHT=0.2 + - S3_GW_PEERS_3_ADDRESS=s04.${LOCAL_DOMAIN}:8080 + - S3_GW_PEERS_3_WEIGHT=0.2 + +networks: + s3_gate_int: + internet: + external: + name: basenet_internet diff --git a/services/s3_gate/hcs.pub.key b/services/s3_gate/hcs.pub.key new file mode 100644 index 0000000..d286f7b --- /dev/null +++ b/services/s3_gate/hcs.pub.key @@ -0,0 +1 @@ +d#BA\Eϼ-^r=n * \ No newline at end of file diff --git a/services/s3_gate/hcs.sec.key b/services/s3_gate/hcs.sec.key new file mode 100644 index 0000000..a579c54 --- /dev/null +++ b/services/s3_gate/hcs.sec.key @@ -0,0 +1 @@ + 1&,Яn-Ù0 \ No newline at end of file diff --git a/services/s3_gate/tls.crt b/services/s3_gate/tls.crt new file mode 100644 index 0000000..c286881 --- /dev/null +++ b/services/s3_gate/tls.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDpDCCAowCCQDXZEH0aQRqFzANBgkqhkiG9w0BAQsFADCBkzELMAkGA1UEBhMC +UlUxFjAUBgNVBAgMDVN0LlBldGVyc2J1cmcxGTAXBgNVBAcMEFNhaW50IFBldGVy +c2J1cmcxDjAMBgNVBAoMBU5TUENDMREwDwYDVQQLDAhOZW8gU1BDQzERMA8GA1UE +AwwIbnNwY2MucnUxGzAZBgkqhkiG9w0BCQEWDG9wc0Buc3BjYy5ydTAeFw0yMDA3 +MTMxNTQyMzZaFw0zMDA3MTExNTQyMzZaMIGTMQswCQYDVQQGEwJSVTEWMBQGA1UE +CAwNU3QuUGV0ZXJzYnVyZzEZMBcGA1UEBwwQU2FpbnQgUGV0ZXJzYnVyZzEOMAwG +A1UECgwFTlNQQ0MxETAPBgNVBAsMCE5lbyBTUENDMREwDwYDVQQDDAhuc3BjYy5y +dTEbMBkGCSqGSIb3DQEJARYMb3BzQG5zcGNjLnJ1MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAwqo2l4fS0U6wZCLh7VjQn1LXN8pZlVaA62C+g1SwoWV2 +Q5qM8FDihWj3UBO3F+6vUVJl8N5S0JroxxU6L48Wmshei145SLSl/F28tsk7Bbuz +NOchonlelW77Xr6l7cDJBWUWGkDoq6a/S6w6jjCGhZq+X0gyS5nZ4HTouVNv2oFK +eeJGtueLsS4zoVovrHdLSYdZH9/yC+E1WVCzQB+vdUF/vJLTuULgqncLV0sELmRl ++xsnnAV/REJswtCmKgrmAv9pMebBw5EEgROTGazdToWdD5X44xTlHjUb1bMuF9tL +YtUMdLxXceXZFhYhiTBO7ev9awKaNYslbxh+goJo1wIDAQABMA0GCSqGSIb3DQEB +CwUAA4IBAQBDEGhAyOtfsNwbZ0oZIw06e0JXCmri+8jsn5Ly/yHU0+ecHgMA5AAQ +AG2QRpZZtZCtD/Cj4i6nSTWbRhS0FgqY998p5Lnh/AXTZHBx0t3LKJupN59CIjCK +1eMEfQChoAZg66oO/obAFkq72gj8gpagMY9vFNVcszmse3FWrvlKmO1TwTEh+CzM +7wbmiL/ujm0lIf44pp0U4qYFcSimSDqbwOfeDPif9lMinzylDxMfaAKBHBHPj5Vt +fX8dgf6MIqyz51u/2G0gHfXMDxXec8huYKt2EtPyavh6kFxxGvcA15m6seJTcu+h +6WzeQFa2NBg7Z3ai4DiPXirNtcHWeqxK +-----END CERTIFICATE----- diff --git a/services/s3_gate/tls.key b/services/s3_gate/tls.key new file mode 100644 index 0000000..bd29be5 --- /dev/null +++ b/services/s3_gate/tls.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAwqo2l4fS0U6wZCLh7VjQn1LXN8pZlVaA62C+g1SwoWV2Q5qM +8FDihWj3UBO3F+6vUVJl8N5S0JroxxU6L48Wmshei145SLSl/F28tsk7BbuzNOch +onlelW77Xr6l7cDJBWUWGkDoq6a/S6w6jjCGhZq+X0gyS5nZ4HTouVNv2oFKeeJG +tueLsS4zoVovrHdLSYdZH9/yC+E1WVCzQB+vdUF/vJLTuULgqncLV0sELmRl+xsn +nAV/REJswtCmKgrmAv9pMebBw5EEgROTGazdToWdD5X44xTlHjUb1bMuF9tLYtUM +dLxXceXZFhYhiTBO7ev9awKaNYslbxh+goJo1wIDAQABAoIBAEIp3mJEjPgNOdDf +NlEYpdfxLStOQIKMo0bdXAOBToOc28SAjDTGGSflFGIIQWwF+Vq3meRzfExgyouY +AG3XwYQcZF4USX4XwG71YUXzQXdiY7ewc3Mos2gxD4kVXYpgwzJtOET2GN72zwAm +asSXY7GXdesmu8mMYkxzEAKlhFgMj+bGE/4QQUBKG9ylGIdo07zmU6rAsVhnwQTb +LE3cf+AxCeTVA7OsJCUUR4S9qsgXUN1WeaV8LNg0lYx8UTu1xlbrpSjx7B4eYy6J +FGJWuT9b3X+cBLcGk3BzheUAfqBG2UFDxUCt0grqmmTBkB850MtCDhffhPjxxrD7 +KrwAcpECgYEA6HApn2VtWI/tDYCbNix6yxeqq73fO3ng6yFry1u7EYvl8hJXBgR4 +b6kAVc3y/9pZO/5D23dHl1PQtnU5401/j6dQrb8A2TMqZ1vA8XIdIMjOiVjZtYMF +nXzmf78PEbw9jWlDVARJdAwkJeuDI4/HVvgiDAh3zxx5F8uDVP16/r8CgYEA1mXS +9owfLIPtPSxyMJoGU0jP7OP+HVwlKkXpvg7uBtINKSDW4UU4rnpIGW5MohR3ACWO +ReFliOnGA5FXBp9GzkbJ+wIYovPIsGuBdxSsBlPY1S0yPlo30hr7E6cK3B3EuxDg +SkbJcWp2EwXYEIyEcopbVUTTlBO3wmBFgm/Ps+kCgYA/+Kar9OlMR4hRgAS3uzQs +cx4I2F/46YlKjU8yj9ODd8JYhk2nHVHcQWITO3RWkEyg41DftQtiDbJSlR7SfUDP +U5gzyW69WISiH7GRgfucS0f0qxx4BVBlULvLitTl5631HnRmSivBIZpNSW01O1v8 +hpwwPaBjww1czCkgGgdg1wKBgQCkaSdTW/bX+z9lpvzWWnc5TN/uSJRpTW1Osphh +4C8WWeQvwvglfiDOZAWAQv5PWKQ9H4+v9P4Y9TSdLcpv0JrKuqxPabcc1xfyei6o +89hLbecc6vDZsfOWkowx8Oo6DDX+Qh3Nt+TorXxocBXV8vvqnkEV7ZbWuhwz2gHT +2gyMaQKBgEE7rNzm8Q03IqQ08eYaRw8gWz8EpLeVebrGqtoH9AR5cd4OeTeZAEqc +iPehXctke2pUgS47XgG98G7Yg3E9UuOYM+H2nzQCoT7jrM0dZrVGZ0ty7z1a8QGe +UrjaAC/cyIGdszhf0Rf3qA7450nit9Txh+ilLiumgnUezl+eJXyI +-----END RSA PRIVATE KEY----- diff --git a/services/s3_gate/user.key b/services/s3_gate/user.key new file mode 100644 index 0000000..ba2021b --- /dev/null +++ b/services/s3_gate/user.key @@ -0,0 +1 @@ +?ܳv/l \ No newline at end of file