forked from TrueCloudLab/frostfs-s3-gw
parent
dd4f66712c
commit
5265afe213
3 changed files with 34 additions and 14 deletions
|
@ -13,6 +13,9 @@ This document outlines major changes between releases.
|
||||||
- Timeout for individual operations in streaming RPC (#740)
|
- Timeout for individual operations in streaming RPC (#740)
|
||||||
- Reload policies on SIGHUP (#747)
|
- Reload policies on SIGHUP (#747)
|
||||||
|
|
||||||
|
### Added
|
||||||
|
- Multiple server listeners (#742)
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
- Placement policy configuration (#568)
|
- Placement policy configuration (#568)
|
||||||
|
|
||||||
|
@ -27,9 +30,15 @@ placement_policy:
|
||||||
Make sure you update the config accordingly:
|
Make sure you update the config accordingly:
|
||||||
If you configure application using environment variables change:
|
If you configure application using environment variables change:
|
||||||
* `S3_GW_DEFAULT_POLICY` -> `S3_GW_PLACEMENT_POLICY_DEFAULT_POLICY`
|
* `S3_GW_DEFAULT_POLICY` -> `S3_GW_PLACEMENT_POLICY_DEFAULT_POLICY`
|
||||||
|
* `S3_GW_LISTEN_ADDRESS` -> `S3_GW_SERVER_0_ADDRESS`
|
||||||
|
* `S3_GW_TLS_CERT_FILE` -> `S3_GW_SERVER_0_TLS_CERT_FILE` (and set `S3_GW_SERVER_0_TLS_ENABLED=true`)
|
||||||
|
* `S3_GW_TLS_KEY_FILE` -> `S3_GW_SERVER_0_TLS_KEY_FILE` (and set `S3_GW_SERVER_0_TLS_ENABLED=true`)
|
||||||
|
|
||||||
If you configure application using `.yaml` file change:
|
If you configure application using `.yaml` file change:
|
||||||
* `defaul_policy` -> `placement_policy.default`
|
* `defaul_policy` -> `placement_policy.default`
|
||||||
|
* `listen_address` -> `server.0.address`
|
||||||
|
* `tls.cert_file` -> `server.0.tls.cert_file` (and set `server.0.tls.enabled: true`)
|
||||||
|
* `tls.key_file` -> `server.0.tls.key_file` (and set `server.0.tls.enabled: true`)
|
||||||
|
|
||||||
## [0.25.0] - 2022-10-31
|
## [0.25.0] - 2022-10-31
|
||||||
|
|
||||||
|
|
|
@ -223,7 +223,7 @@ func newSettings() *viper.Viper {
|
||||||
flags.Int(cfgMaxClientsCount, defaultMaxClientsCount, "set max-clients count")
|
flags.Int(cfgMaxClientsCount, defaultMaxClientsCount, "set max-clients count")
|
||||||
flags.Duration(cfgMaxClientsDeadline, defaultMaxClientsDeadline, "set max-clients deadline")
|
flags.Duration(cfgMaxClientsDeadline, defaultMaxClientsDeadline, "set max-clients deadline")
|
||||||
|
|
||||||
flags.String(cmdListenAddress, "0.0.0.0:8080", "set address to listen")
|
flags.String(cmdListenAddress, "0.0.0.0:8080", "set the main address to listen")
|
||||||
flags.String(cfgTLSCertFile, "", "TLS certificate file to use")
|
flags.String(cfgTLSCertFile, "", "TLS certificate file to use")
|
||||||
flags.String(cfgTLSKeyFile, "", "TLS key file to use")
|
flags.String(cfgTLSKeyFile, "", "TLS key file to use")
|
||||||
|
|
||||||
|
|
|
@ -62,6 +62,8 @@ $ neofs-s3-gw --listen_address 192.168.130.130:443 \
|
||||||
--tls.key_file=key.pem --tls.cert_file=cert.pem
|
--tls.key_file=key.pem --tls.cert_file=cert.pem
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Using these flag you can configure only one address. To set multiple addresses use yaml config.
|
||||||
|
|
||||||
### RPC endpoint and resolving of bucket names
|
### RPC endpoint and resolving of bucket names
|
||||||
|
|
||||||
To set RPC endpoint specify a value of parameter `-r` or `--rpc_endpoint`. The parameter is **required if** another
|
To set RPC endpoint specify a value of parameter `-r` or `--rpc_endpoint`. The parameter is **required if** another
|
||||||
|
@ -95,7 +97,7 @@ $ neofs-s3-gw --healthcheck_timeout 15s --connect_timeout 1m --rebalance_interva
|
||||||
### Monitoring and metrics
|
### Monitoring and metrics
|
||||||
|
|
||||||
Pprof and Prometheus are integrated into the gateway. To enable them, use `--pprof` and `--metrics` flags or
|
Pprof and Prometheus are integrated into the gateway. To enable them, use `--pprof` and `--metrics` flags or
|
||||||
`S3_GW_PPROF`/`S3_GW_METRICS` environment variables.
|
`S3_GW_PPROF_ENABLED`/`S3_GW_PROMETHEUS_ENABLED` environment variables.
|
||||||
|
|
||||||
## YAML file and environment variables
|
## YAML file and environment variables
|
||||||
|
|
||||||
|
@ -155,7 +157,7 @@ There are some custom types used for brevity:
|
||||||
| `wallet` | [Wallet configuration](#wallet-section) |
|
| `wallet` | [Wallet configuration](#wallet-section) |
|
||||||
| `peers` | [Nodes configuration](#peers-section) |
|
| `peers` | [Nodes configuration](#peers-section) |
|
||||||
| `placement_policy` | [Placement policy configuration](#placement_policy-section) |
|
| `placement_policy` | [Placement policy configuration](#placement_policy-section) |
|
||||||
| `tls` | [TLS configuration](#tls-section) |
|
| `server` | [Server configuration](#server-section) |
|
||||||
| `logger` | [Logger configuration](#logger-section) |
|
| `logger` | [Logger configuration](#logger-section) |
|
||||||
| `tree` | [Tree configuration](#tree-section) |
|
| `tree` | [Tree configuration](#tree-section) |
|
||||||
| `cache` | [Cache configuration](#cache-section) |
|
| `cache` | [Cache configuration](#cache-section) |
|
||||||
|
@ -168,8 +170,6 @@ There are some custom types used for brevity:
|
||||||
### General section
|
### General section
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
listen_address: 0.0.0.0:8084
|
|
||||||
|
|
||||||
listen_domains:
|
listen_domains:
|
||||||
- s3dev.neofs.devenv
|
- s3dev.neofs.devenv
|
||||||
- s3dev2.neofs.devenv
|
- s3dev2.neofs.devenv
|
||||||
|
@ -195,7 +195,6 @@ allowed_access_key_id_prefixes:
|
||||||
|
|
||||||
| Parameter | Type | SIGHUP reload | Default value | Description |
|
| Parameter | Type | SIGHUP reload | Default value | Description |
|
||||||
|----------------------------------|------------|---------------|----------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
|----------------------------------|------------|---------------|----------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||||
| `listen_address` | `string` | | `0.0.0.0:8080` | The address that the gateway is listening on. |
|
|
||||||
| `listen_domains` | `[]string` | | | Domains to be able to use virtual-hosted-style access to bucket. |
|
| `listen_domains` | `[]string` | | | Domains to be able to use virtual-hosted-style access to bucket. |
|
||||||
| `rpc_endpoint` | `string` | yes | | The address of the RPC host to which the gateway connects to resolve bucket names (required to use the `nns` resolver). |
|
| `rpc_endpoint` | `string` | yes | | The address of the RPC host to which the gateway connects to resolve bucket names (required to use the `nns` resolver). |
|
||||||
| `resolve_order` | `[]string` | yes | `[dns]` | Order of bucket name resolvers to use. Available resolvers: `dns`, `nns`. | |
|
| `resolve_order` | `[]string` | yes | `[dns]` | Order of bucket name resolvers to use. Available resolvers: `dns`, `nns`. | |
|
||||||
|
@ -281,18 +280,30 @@ File for `region_mapping` must contain something like this:
|
||||||
**Note:** on SIGHUP reload policies will be updated only if both parameters are valid.
|
**Note:** on SIGHUP reload policies will be updated only if both parameters are valid.
|
||||||
So if you change `default` to some valid value and set invalid path in `region_mapping` the `default` value won't be changed.
|
So if you change `default` to some valid value and set invalid path in `region_mapping` the `default` value won't be changed.
|
||||||
|
|
||||||
### `tls` section
|
### `server` section
|
||||||
|
|
||||||
|
You can specify several listeners for server. For example, for `http` and `https`.
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
tls:
|
server:
|
||||||
cert_file: /path/to/cert
|
- address: 0.0.0.0:8080
|
||||||
key_file: /path/to/key
|
tls:
|
||||||
|
enabled: false
|
||||||
|
cert_file: /path/to/cert
|
||||||
|
key_file: /path/to/key
|
||||||
|
- address: 0.0.0.0:8081
|
||||||
|
tls:
|
||||||
|
enabled: true
|
||||||
|
cert_file: /path/to/another/cert
|
||||||
|
key_file: /path/to/another/key
|
||||||
```
|
```
|
||||||
|
|
||||||
| Parameter | Type | SIGHUP reload | Default value | Description |
|
| Parameter | Type | SIGHUP reload | Default value | Description |
|
||||||
|-------------|----------|---------------|---------------|------------------------------|
|
|-----------------|----------|---------------|----------------|-----------------------------------------------|
|
||||||
| `cert_file` | `string` | yes | | Path to the TLS certificate. |
|
| `address` | `string` | | `0.0.0.0:8080` | The address that the gateway is listening on. |
|
||||||
| `key_file` | `string` | yes | | Path to the key. |
|
| `tls.enabled` | `bool` | | false | Enable TLS or not. |
|
||||||
|
| `tls.cert_file` | `string` | yes | | Path to the TLS certificate. |
|
||||||
|
| `tls.key_file` | `string` | yes | | Path to the key. |
|
||||||
|
|
||||||
### `logger` section
|
### `logger` section
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue