frostfs-s3-gw/config/config.env
Alex Vanin 8151753eeb [#60] Use periodic white space XML writer in Complete Multipart Upload
This mechanism is used by Amazon S3 to keep client's
connection alive while object is being constructed from
the upload parts.

Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-03-20 13:34:22 +03:00

134 lines
5.1 KiB
Bash

# Wallet
# Path to wallet
S3_GW_WALLET_PATH=/path/to/wallet.json
# Account address. If omitted default one will be used.
S3_GW_WALLET_ADDRESS=NfgHwwTi3wHAS8aFAN243C5vGbkYDpqLHP
# Passphrase to decrypt wallet.
S3_GW_WALLET_PASSPHRASE=s3
# Nodes
# This configuration makes the gateway use the first node (grpc://s01.frostfs.devenv:8080)
# while it's healthy. Otherwise, gateway uses the second node (grpc://s01.frostfs.devenv:8080)
# for 10% of requests and the third node (grpc://s03.frostfs.devenv:8080) for 90% of requests.
# Until nodes with the same priority level are healthy
# nodes with other priority are not used.
# The lower the value, the higher the priority.
S3_GW_PEERS_0_ADDRESS=grpc://s01.frostfs.devenv:8080
S3_GW_PEERS_0_PRIORITY=1
S3_GW_PEERS_0_WEIGHT=1
S3_GW_PEERS_1_ADDRESS=grpc://s02.frostfs.devenv:8080
S3_GW_PEERS_1_PRIORITY=2
S3_GW_PEERS_1_WEIGHT=0.1
S3_GW_PEERS_2_ADDRESS=grpc://s03.frostfs.devenv:8080
S3_GW_PEERS_2_PRIORITY=2
S3_GW_PEERS_2_WEIGHT=0.9
# Address to listen and TLS
S3_GW_SERVER_0_ADDRESS=0.0.0.0:8080
S3_GW_SERVER_0_TLS_ENABLED=false
S3_GW_SERVER_0_TLS_CERT_FILE=/path/to/tls/cert
S3_GW_SERVER_0_TLS_KEY_FILE=/path/to/tls/key
S3_GW_SERVER_1_ADDRESS=0.0.0.0:8081
S3_GW_SERVER_1_TLS_ENABLED=true
S3_GW_SERVER_1_TLS_CERT_FILE=/path/to/tls/cert
S3_GW_SERVER_1_TLS_KEY_FILE=/path/to/tls/key
# Domains to be able to use virtual-hosted-style access to bucket.
S3_GW_LISTEN_DOMAINS=s3dev.frostfs.devenv
# Config file
S3_GW_CONFIG=/path/to/config/yaml
# Logger
S3_GW_LOGGER_LEVEL=debug
# Endpoint of the tree service. Must be provided. Can be one of the node address (from the `peers` section).
S3_GW_TREE_SERVICE=grpc://s01.frostfs.devenv:8080
# RPC endpoint and order of resolving of bucket names
S3_GW_RPC_ENDPOINT=http://morph-chain.frostfs.devenv:30333/
S3_GW_RESOLVE_ORDER="nns dns"
# Metrics
S3_GW_PPROF_ENABLED=true
S3_GW_PPROF_ADDRESS=localhost:8085
S3_GW_PROMETHEUS_ENABLED=true
S3_GW_PROMETHEUS_ADDRESS=localhost:8086
# Timeout to connect to a node
S3_GW_CONNECT_TIMEOUT=10s
# Timeout for individual operations in streaming RPC.
S3_GW_STREAM_TIMEOUT=10s
# Timeout to check node health during rebalance.
S3_GW_HEALTHCHECK_TIMEOUT=15s
# Interval to check node health
S3_GW_REBALANCE_INTERVAL=60s
# The number of errors on connection after which node is considered as unhealthy
S3_GW_POOL_ERROR_THRESHOLD=100
# Limits for processing of clients' requests
S3_GW_MAX_CLIENTS_COUNT=100
# Deadline after which the gate sends error `RequestTimeout` to a client
S3_GW_MAX_CLIENTS_DEADLINE=30s
# Caching
# Cache for objects
S3_GW_CACHE_OBJECTS_LIFETIME=5m
S3_GW_CACHE_OBJECTS_SIZE=1000000
# Cache which keeps lists of objects in buckets
S3_GW_CACHE_LIST_LIFETIME=1m
S3_GW_CACHE_LIST_SIZE=100000
# Cache which contains mapping of bucket name to bucket info
S3_GW_CACHE_BUCKETS_LIFETIME=1m
S3_GW_CACHE_BUCKETS_SIZE=1000
# Cache which contains mapping of nice name to object addresses
S3_GW_CACHE_NAMES_LIFETIME=1m
S3_GW_CACHE_NAMES_SIZE=10000
# Cache for system objects in a bucket: bucket settings, notification configuration etc
S3_GW_CACHE_SYSTEM_LIFETIME=5m
S3_GW_CACHE_SYSTEM_SIZE=100000
# Cache which stores access box with tokens by its address
S3_GW_CACHE_ACCESSBOX_LIFETIME=10m
S3_GW_CACHE_ACCESSBOX_SIZE=100
# Cache which stores owner to cache operation mapping
S3_GW_CACHE_ACCESSCONTROL_LIFETIME=1m
S3_GW_CACHE_ACCESSCONTROL_SIZE=100000
# NATS
S3_GW_NATS_ENABLED=true
S3_GW_NATS_ENDPOINT=nats://nats.frostfs.devenv:4222
S3_GW_NATS_TIMEOUT=30s
S3_GW_NATS_CERT_FILE=/path/to/cert
S3_GW_NATS_KEY_FILE=/path/to/key
S3_GW_NATS_ROOT_CA=/path/to/ca
# Default policy of placing containers in FrostFS
# If a user sends a request `CreateBucket` and doesn't define policy for placing of a container in FrostFS, the S3 Gateway
# will put the container with default policy. It can be specified via environment variable, e.g.:
S3_GW_PLACEMENT_POLICY_DEFAULT_POLICY="REP 3"
# Region to placement policy mapping json file.
# Path to container policy mapping. The same as '--container-policy' flag for authmate
S3_GW_PLACEMENT_POLICY_REGION_MAPPING=/path/to/container/policy.json
# CORS
# value of Access-Control-Max-Age header if this value is not set in a rule. Has an int type.
S3_GW_CORS_DEFAULT_MAX_AGE=600
# Parameters of requests to FrostFS
# Number of the object copies to consider PUT to FrostFS successful.
# If not set, default value 0 will be used -- it means that object will be processed according to the container's placement policy
S3_GW_FROSTFS_SET_COPIES_NUMBER=0
# List of allowed AccessKeyID prefixes
# If not set, S3 GW will accept all AccessKeyIDs
S3_GW_ALLOWED_ACCESS_KEY_ID_PREFIXES=Ck9BHsgKcnwfCTUSFm6pxhoNS4cBqgN2NQ8zVgPjqZDX 3stjWenX15YwYzczMr88gy3CQr4NYFBQ8P7keGzH5QFn
# List of container NNS zones which are allowed or restricted to resolve with HEAD request
S3_GW_RESOLVE_BUCKET_ALLOW=container
# S3_GW_RESOLVE_BUCKET_DENY=
# Enable using default xml namespace `http://s3.amazonaws.com/doc/2006-03-01/` when parse`CompleteMultipartUpload` xml body.
S3_GW_KLUDGE_USE_DEFAULT_XMLNS_FOR_COMPLETE_MULTIPART=false
# Set timeout between whitespace transmissions during CompleteMultipartUpload processing.
S3_GW_KLUDGE_COMPLETE_MULTIPART_KEEPALIVE=10s