diff --git a/config/config.yaml b/config/config.yaml deleted file mode 100644 index afd495046..000000000 --- a/config/config.yaml +++ /dev/null @@ -1,157 +0,0 @@ -# Wallet address, path to the wallet must be set as cli parameter or environment variable -wallet: - path: /path/to/wallet.json # Path to wallet - passphrase: "" # Passphrase to decrypt wallet. If you're using a wallet without a password, place '' here. - address: NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP # Account address. If omitted default one will be used. - -# Nodes configuration -# This configuration makes the gateway use the first node (grpc://s01.frostfs.devenv:8080) -# while it's healthy. Otherwise, gateway uses the second node (grpc://s01.frostfs.devenv:8080) -# for 10% of requests and the third node (grpc://s03.frostfs.devenv:8080) for 90% of requests. -# Until nodes with the same priority level are healthy -# nodes with other priority are not used. -# The lower the value, the higher the priority. -peers: - 0: - address: node1.frostfs:8080 - priority: 1 - weight: 1 - 1: - address: node2.frostfs:8080 - priority: 2 - weight: 0.1 - 2: - address: node3.frostfs:8080 - priority: 2 - weight: 0.9 - -server: - - address: 0.0.0.0:8080 - tls: - enabled: false - cert_file: /path/to/cert - key_file: /path/to/key - - address: 0.0.0.0:8081 - tls: - enabled: true - cert_file: /path/to/cert - key_file: /path/to/key - -# Domains to be able to use virtual-hosted-style access to bucket. -listen_domains: - - s3dev.frostfs.devenv - -logger: - level: debug - -# Endpoint of the tree service. Must be provided. Can be one of the node address (from the `peers` section). -tree: - service: node1.frostfs:8080 - -# RPC endpoint and order of resolving of bucket names -rpc_endpoint: http://morph-chain.frostfs.devenv:30333 -resolve_order: - - nns - -# Metrics -pprof: - enabled: false - address: localhost:8085 - -prometheus: - enabled: false - address: localhost:8086 - -# Timeout to connect to a node -connect_timeout: 10s -# Timeout for individual operations in streaming RPC. -stream_timeout: 10s -# Timeout to check node health during rebalance -healthcheck_timeout: 15s -# Interval to check node health -rebalance_interval: 60s -# The number of errors on connection after which node is considered as unhealthy -pool_error_threshold: 100 - - -# Limits for processing of clients' requests -max_clients_count: 100 -# Deadline after which the gate sends error `RequestTimeout` to a client -max_clients_deadline: 30s - -# Caching -cache: - # Cache for objects - objects: - lifetime: 300s - size: 150 - # Cache which keeps lists of objects in buckets - list: - lifetime: 1m - size: 100 - # Cache which contains mapping of nice name to object addresses - names: - lifetime: 1m - size: 1000 - # Cache which contains mapping of bucket name to bucket info - buckets: - lifetime: 1m - size: 500 - # Cache for system objects in a bucket: bucket settings, notification configuration etc - system: - lifetime: 2m - size: 1000 - # Cache which stores access box with tokens by its address - accessbox: - lifetime: 5m - size: 10 - # Cache which stores owner to cache operation mapping - accesscontrol: - lifetime: 1m - size: 100000 - -nats: - enabled: true - endpoint: nats://localhost:4222 - timeout: 30s - cert_file: /path/to/cert - key_file: /path/to/key - root_ca: /path/to/ca - -# Parameters of FrostFS container placement policy -placement_policy: - # Default policy of placing containers in FrostFS - # If a user sends a request `CreateBucket` and doesn't define policy for placing of a container in FrostFS, the S3 Gateway - # will put the container with default policy. - default: REP 3 - # Region to placement policy mapping json file. - # Path to container policy mapping. The same as '--container-policy' flag for authmate - region_mapping: /path/to/container/policy.json - -# CORS -# value of Access-Control-Max-Age header if this value is not set in a rule. Has an int type. -cors: - default_max_age: 600 - -# Parameters of requests to FrostFS -frostfs: - # Number of the object copies to consider PUT to FrostFS successful. - # `0` means that object will be processed according to the container's placement policy - set_copies_number: 0 - -# List of allowed AccessKeyID prefixes -# If the parameter is omitted, S3 GW will accept all AccessKeyIDs -allowed_access_key_id_prefixes: - - Ck9BHsgKcnwfCTUSFm6pxhoNS4cBqgN2NQ8zVgPjqZDX - - 3stjWenX15YwYzczMr88gy3CQr4NYFBQ8P7keGzH5QFn - -resolve_bucket: - allow: - - container - deny: - -kludge: - # Enable using default xml namespace `http://s3.amazonaws.com/doc/2006-03-01/` when parse`CompleteMultipartUpload` xml body. - use_default_xmlns_for_complete_multipart: false - # Set timeout between whitespace transmissions during CompleteMultipartUpload processing. - complete_multipart_keepalive: 10s diff --git a/debian/frostfs-s3-gw.install b/debian/frostfs-s3-gw.install index 7e4b6e1da..d87f93518 100644 --- a/debian/frostfs-s3-gw.install +++ b/debian/frostfs-s3-gw.install @@ -1,4 +1,4 @@ -config/config.yaml etc/frostfs/s3 +config/config.yml etc/frostfs/s3 config/rules.json var/lib/frostfs/s3 bin/frostfs-s3-gw usr/bin bin/frostfs-s3-authmate usr/bin diff --git a/debian/frostfs-s3-gw.postinst b/debian/frostfs-s3-gw.postinst index 117b88273..21acee620 100755 --- a/debian/frostfs-s3-gw.postinst +++ b/debian/frostfs-s3-gw.postinst @@ -24,9 +24,9 @@ case "$1" in id -u frostfs-$USERNAME >/dev/null 2>&1 || useradd -s /usr/sbin/nologin -d /var/lib/frostfs/s3 --system -M -U -c "FrostFS S3 gateway" frostfs-$USERNAME if ! dpkg-statoverride --list /etc/frostfs/$USERNAME >/dev/null; then chown -f -R root:frostfs-$USERNAME /etc/frostfs/$USERNAME - chown -f root:frostfs-$USERNAME /etc/frostfs/$USERNAME/config.yaml || true + chown -f root:frostfs-$USERNAME /etc/frostfs/$USERNAME/config.yml || true chmod -f 0750 /etc/frostfs/$USERNAME - chmod -f 0640 /etc/frostfs/$USERNAME/config.yaml || true + chmod -f 0640 /etc/frostfs/$USERNAME/config.yml || true fi USERDIR=$(getent passwd "frostfs-$USERNAME" | cut -d: -f6) if ! dpkg-statoverride --list frostfs-"$USERDIR" >/dev/null; then diff --git a/debian/frostfs-s3-gw.service b/debian/frostfs-s3-gw.service index baad2d10e..027bb0534 100644 --- a/debian/frostfs-s3-gw.service +++ b/debian/frostfs-s3-gw.service @@ -4,7 +4,7 @@ Requires=network.target [Service] Type=simple -ExecStart=/usr/bin/frostfs-s3-gw --config /etc/frostfs/s3/config.yaml +ExecStart=/usr/bin/frostfs-s3-gw --config /etc/frostfs/s3/config.yml User=frostfs-s3 Group=frostfs-s3 WorkingDirectory=/var/lib/frostfs/s3 diff --git a/docs/configuration.md b/docs/configuration.md index 695109cdb..14bd27248 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -101,13 +101,13 @@ Pprof and Prometheus are integrated into the gateway. To enable them, use `--ppr ## YAML file and environment variables -Example of a YAML configuration file: [yaml-example](/config/config.yaml) +Example of a YAML configuration file: [yaml-example](/config/config.yml) Examples of environment variables: [env-example](/config/config.env). A path to a configuration file can be specified with `--config` parameter: ```shell -$ frostfs-s3-gw --config your-config.yaml +$ frostfs-s3-gw --config your-config.yml ``` ### Multiple configs @@ -118,13 +118,13 @@ You can either provide several files with repeating `--config` flag or provide p Also, you can combine these flags: ```shell -$ frostfs-s3-gw --config ./config/config.yaml --config /your/partial/config.yaml --config-dir ./config/dir +$ frostfs-s3-gw --config ./config/config.yml --config /your/partial/config.yml --config-dir ./config/dir ``` **Note:** next file in `--config` flag overwrites values from the previous one. Files from `--config-dir` directory overwrite values from `--config` files. -So the command above run `frostfs-s3-gw` to listen on `0.0.0.0:8080` address (value from `./config/config.yaml`), -applies parameters from `/your/partial/config.yaml`, +So the command above run `frostfs-s3-gw` to listen on `0.0.0.0:8080` address (value from `./config/config.yml`), +applies parameters from `/your/partial/config.yml`, enable pprof (value from `./config/dir/pprof.yaml`) and prometheus (value from `./config/dir/prometheus.yaml`). ### Reload on SIGHUP @@ -141,7 +141,7 @@ $ kill -s SIGHUP Example: ```shell -$ ./bin/frostfs-s3-gw --config config.yaml &> s3.log & +$ ./bin/frostfs-s3-gw --config config.yml &> s3.log & [1] 998346 $ cat s3.log