maxmustermann/minio
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
minio/cmd/config-current.go

810 lines
22 KiB
Go
Raw Normal View History

config/main: Re-write config files - add to new config v3 - New config format. ``` { "version": "3", "address": ":9000", "backend": { "type": "fs", "disk": "/path" }, "credential": { "accessKey": "WLGDGYAQYIGI833EV05A", "secretKey": "BYvgJM101sHngl2uzjXS/OBF/aMxAN06JrJ3qJlF" }, "region": "us-east-1", "logger": { "file": { "enable": false, "fileName": "", "level": "error" }, "syslog": { "enable": false, "address": "", "level": "debug" }, "console": { "enable": true, "level": "fatal" } } } ``` New command lines in lieu of supporting XL. Minio initialize filesystem backend. ~~~ $ minio init fs <path> ~~~ Minio initialize XL backend. ~~~ $ minio init xl <url1>...<url16> ~~~ For 'fs' backend it starts the server. ~~~ $ minio server ~~~ For 'xl' backend it waits for servers to join. ~~~ $ minio server ... [PROGRESS BAR] of servers connecting ~~~ Now on other servers execute 'join' and they connect. ~~~ .... minio join <url1> -- from <url2> && minio server minio join <url1> -- from <url3> && minio server ... ... minio join <url1> -- from <url16> && minio server ~~~
2016-02-13 00:27:10 +01:00
/*
LDAP STS API (#8091) Add LDAP based users-groups system This change adds support to integrate an LDAP server for user authentication. This works via a custom STS API for LDAP. Each user accessing the MinIO who can be authenticated via LDAP receives temporary credentials to access the MinIO server. LDAP is enabled only over TLS. User groups are also supported via LDAP. The administrator may configure an LDAP search query to find the group attribute of a user - this may correspond to any attribute in the LDAP tree (that the user has access to view). One or more groups may be returned by such a query. A group is mapped to an IAM policy in the usual way, and the server enforces a policy corresponding to all the groups and the user's own mapped policy. When LDAP is configured, the internal MinIO users system is disabled.
2019-09-10 01:12:29 +02:00
* MinIO Cloud Storage, (C) 2016-2019 MinIO, Inc.
config/main: Re-write config files - add to new config v3 - New config format. ``` { "version": "3", "address": ":9000", "backend": { "type": "fs", "disk": "/path" }, "credential": { "accessKey": "WLGDGYAQYIGI833EV05A", "secretKey": "BYvgJM101sHngl2uzjXS/OBF/aMxAN06JrJ3qJlF" }, "region": "us-east-1", "logger": { "file": { "enable": false, "fileName": "", "level": "error" }, "syslog": { "enable": false, "address": "", "level": "debug" }, "console": { "enable": true, "level": "fatal" } } } ``` New command lines in lieu of supporting XL. Minio initialize filesystem backend. ~~~ $ minio init fs <path> ~~~ Minio initialize XL backend. ~~~ $ minio init xl <url1>...<url16> ~~~ For 'fs' backend it starts the server. ~~~ $ minio server ~~~ For 'xl' backend it waits for servers to join. ~~~ $ minio server ... [PROGRESS BAR] of servers connecting ~~~ Now on other servers execute 'join' and they connect. ~~~ .... minio join <url1> -- from <url2> && minio server minio join <url1> -- from <url3> && minio server ... ... minio join <url1> -- from <url16> && minio server ~~~
2016-02-13 00:27:10 +01:00
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
server: Move all the top level files into cmd folder. (#2490) This change brings a change which was done for the 'mc' package to allow for clean repo and have a cleaner github drop in experience.
2016-08-19 01:23:42 +02:00
package cmd
config/main: Re-write config files - add to new config v3 - New config format. ``` { "version": "3", "address": ":9000", "backend": { "type": "fs", "disk": "/path" }, "credential": { "accessKey": "WLGDGYAQYIGI833EV05A", "secretKey": "BYvgJM101sHngl2uzjXS/OBF/aMxAN06JrJ3qJlF" }, "region": "us-east-1", "logger": { "file": { "enable": false, "fileName": "", "level": "error" }, "syslog": { "enable": false, "address": "", "level": "debug" }, "console": { "enable": true, "level": "fatal" } } } ``` New command lines in lieu of supporting XL. Minio initialize filesystem backend. ~~~ $ minio init fs <path> ~~~ Minio initialize XL backend. ~~~ $ minio init xl <url1>...<url16> ~~~ For 'fs' backend it starts the server. ~~~ $ minio server ~~~ For 'xl' backend it waits for servers to join. ~~~ $ minio server ... [PROGRESS BAR] of servers connecting ~~~ Now on other servers execute 'join' and they connect. ~~~ .... minio join <url1> -- from <url2> && minio server minio join <url1> -- from <url3> && minio server ... ... minio join <url1> -- from <url16> && minio server ~~~
2016-02-13 00:27:10 +01:00
import (
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
"context"
config: Fix creating new config with wrong version (#3821) Simplify a little config code to avoid making mistake next time.
2017-03-01 18:17:04 +01:00
"errors"
config: Relax browser and region to be empty. (#3912) - If browser field is missing or empty then default to "on". - If region field is empty or missing then default to "us-east-1" (S3 spec behavior)
2017-03-16 19:06:17 +01:00
"fmt"
Add etcd support to support STS on gateway mode (#6531)
2018-10-12 20:32:18 +02:00
"os"
Fix configuration handling bugs: (#5473) * Update the GetConfig admin API to use the latest version of configuration, along with fixes to the corresponding RPCs. * Remove mutex inside the configuration struct, and inside notification struct. * Use global config mutex where needed. * Add `serverConfig.ConfigDiff()` that provides a more granular diff of what is different between two configurations.
2018-01-31 17:15:54 +01:00
"reflect"
config/main: Re-write config files - add to new config v3 - New config format. ``` { "version": "3", "address": ":9000", "backend": { "type": "fs", "disk": "/path" }, "credential": { "accessKey": "WLGDGYAQYIGI833EV05A", "secretKey": "BYvgJM101sHngl2uzjXS/OBF/aMxAN06JrJ3qJlF" }, "region": "us-east-1", "logger": { "file": { "enable": false, "fileName": "", "level": "error" }, "syslog": { "enable": false, "address": "", "level": "debug" }, "console": { "enable": true, "level": "fatal" } } } ``` New command lines in lieu of supporting XL. Minio initialize filesystem backend. ~~~ $ minio init fs <path> ~~~ Minio initialize XL backend. ~~~ $ minio init xl <url1>...<url16> ~~~ For 'fs' backend it starts the server. ~~~ $ minio server ~~~ For 'xl' backend it waits for servers to join. ~~~ $ minio server ... [PROGRESS BAR] of servers connecting ~~~ Now on other servers execute 'join' and they connect. ~~~ .... minio join <url1> -- from <url2> && minio server minio join <url1> -- from <url3> && minio server ... ... minio join <url1> -- from <url16> && minio server ~~~
2016-02-13 00:27:10 +01:00
"sync"
Add support for SSE-S3 server side encryption with vault (#6192) Add support for sse-s3 encryption with vault as KMS. Also refactoring code to make use of headers and functions defined in crypto package and clean up duplicated code.
2018-08-17 21:52:14 +02:00
"github.com/minio/minio/cmd/crypto"
Make sure to drain body upon an error (#7197) Also cleanup redundant code and use it at a common place
2019-02-06 21:07:03 +01:00
xhttp "github.com/minio/minio/cmd/http"
Remove panic() and handle it appropriately (#5807) This is an effort to remove panic from the source. Add a new call called CriticialIf, that calls LogIf and exits. Replace panics with one of CriticalIf, FatalIf and a return of error.
2018-04-20 02:24:43 +02:00
"github.com/minio/minio/cmd/logger"
move credentials as separate package (#5115)
2017-10-31 19:54:32 +01:00
"github.com/minio/minio/pkg/auth"
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
"github.com/minio/minio/pkg/event"
"github.com/minio/minio/pkg/event/target"
Rename iam/validator -> iam/openid and add tests (#8340) Refactor as part of config migration
2019-10-02 00:07:20 +02:00
"github.com/minio/minio/pkg/iam/openid"
Add additional logging for OPA connections (#7982)
2019-07-28 05:03:25 +02:00
iampolicy "github.com/minio/minio/pkg/iam/policy"
Add etcd support to support STS on gateway mode (#6531)
2018-10-12 20:32:18 +02:00
xnet "github.com/minio/minio/pkg/net"
config/main: Re-write config files - add to new config v3 - New config format. ``` { "version": "3", "address": ":9000", "backend": { "type": "fs", "disk": "/path" }, "credential": { "accessKey": "WLGDGYAQYIGI833EV05A", "secretKey": "BYvgJM101sHngl2uzjXS/OBF/aMxAN06JrJ3qJlF" }, "region": "us-east-1", "logger": { "file": { "enable": false, "fileName": "", "level": "error" }, "syslog": { "enable": false, "address": "", "level": "debug" }, "console": { "enable": true, "level": "fatal" } } } ``` New command lines in lieu of supporting XL. Minio initialize filesystem backend. ~~~ $ minio init fs <path> ~~~ Minio initialize XL backend. ~~~ $ minio init xl <url1>...<url16> ~~~ For 'fs' backend it starts the server. ~~~ $ minio server ~~~ For 'xl' backend it waits for servers to join. ~~~ $ minio server ... [PROGRESS BAR] of servers connecting ~~~ Now on other servers execute 'join' and they connect. ~~~ .... minio join <url1> -- from <url2> && minio server minio join <url1> -- from <url3> && minio server ... ... minio join <url1> -- from <url16> && minio server ~~~
2016-02-13 00:27:10 +01:00
)
Simplify the steps to make changes to config.json (#5186) This change introduces following simplified steps to follow during config migration. ``` // Steps to move from version N to version N+1 // 1. Add new struct serverConfigVN+1 in config-versions.go // 2. Set configCurrentVersion to "N+1" // 3. Set serverConfigCurrent to serverConfigVN+1 // 4. Add new migration function (ex. func migrateVNToVN+1()) in config-migrate.go // 5. Call migrateVNToVN+1() from migrateConfig() in config-migrate.go // 6. Make changes in config-current_test.go for any test change ```
2017-11-29 22:12:47 +01:00
// Steps to move from version N to version N+1
// 1. Add new struct serverConfigVN+1 in config-versions.go
update steps to make changes to config.json (#5292)
2017-12-18 06:00:12 +01:00
// 2. Set serverConfigVersion to "N+1"
// 3. Set serverConfig to serverConfigVN+1
Simplify the steps to make changes to config.json (#5186) This change introduces following simplified steps to follow during config migration. ``` // Steps to move from version N to version N+1 // 1. Add new struct serverConfigVN+1 in config-versions.go // 2. Set configCurrentVersion to "N+1" // 3. Set serverConfigCurrent to serverConfigVN+1 // 4. Add new migration function (ex. func migrateVNToVN+1()) in config-migrate.go // 5. Call migrateVNToVN+1() from migrateConfig() in config-migrate.go // 6. Make changes in config-current_test.go for any test change ```
2017-11-29 22:12:47 +01:00
// 4. Add new migration function (ex. func migrateVNToVN+1()) in config-migrate.go
// 5. Call migrateVNToVN+1() from migrateConfig() in config-migrate.go
// 6. Make changes in config-current_test.go for any test change
Support `access` format for database notification targets (#3953) * Add configuration parameter "format" for db targets and perform configuration migration. * Add PostgreSQL `access` format: This causes Minio to append all events to the configured table. Prefix, suffix and event filters continue to be supported for this mode too. * Update documentation for PostgreSQL notification target. * Add MySQL `access` format: It is very similar to the same format for PostgreSQL. * Update MySQL notification documentation.
2017-03-27 20:27:25 +02:00
// Config version
Removed `clientID` from NATS-Streaming Config (#6391) clientID must be a unique `UUID` for each connections. Now, the server generates it, rather considering the config. Removing it as it is non-beneficial right now. Fixes #6364
2018-11-30 06:16:17 +01:00
const serverConfigVersion = "33"
Simplify the steps to make changes to config.json (#5186) This change introduces following simplified steps to follow during config migration. ``` // Steps to move from version N to version N+1 // 1. Add new struct serverConfigVN+1 in config-versions.go // 2. Set configCurrentVersion to "N+1" // 3. Set serverConfigCurrent to serverConfigVN+1 // 4. Add new migration function (ex. func migrateVNToVN+1()) in config-migrate.go // 5. Call migrateVNToVN+1() from migrateConfig() in config-migrate.go // 6. Make changes in config-current_test.go for any test change ```
2017-11-29 22:12:47 +01:00
Removed `clientID` from NATS-Streaming Config (#6391) clientID must be a unique `UUID` for each connections. Now, the server generates it, rather considering the config. Removing it as it is non-beneficial right now. Fixes #6364
2018-11-30 06:16:17 +01:00
type serverConfig = serverConfigV33
Support `access` format for database notification targets (#3953) * Add configuration parameter "format" for db targets and perform configuration migration. * Add PostgreSQL `access` format: This causes Minio to append all events to the configured table. Prefix, suffix and event filters continue to be supported for this mode too. * Update documentation for PostgreSQL notification target. * Add MySQL `access` format: It is very similar to the same format for PostgreSQL. * Update MySQL notification documentation.
2017-03-27 20:27:25 +02:00
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
var (
Simplify the steps to make changes to config.json (#5186) This change introduces following simplified steps to follow during config migration. ``` // Steps to move from version N to version N+1 // 1. Add new struct serverConfigVN+1 in config-versions.go // 2. Set configCurrentVersion to "N+1" // 3. Set serverConfigCurrent to serverConfigVN+1 // 4. Add new migration function (ex. func migrateVNToVN+1()) in config-migrate.go // 5. Call migrateVNToVN+1() from migrateConfig() in config-migrate.go // 6. Make changes in config-current_test.go for any test change ```
2017-11-29 22:12:47 +01:00
// globalServerConfig server config.
globalServerConfig *serverConfig
globalServerConfigMu sync.RWMutex
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
)
// GetVersion get current config version.
Simplify the steps to make changes to config.json (#5186) This change introduces following simplified steps to follow during config migration. ``` // Steps to move from version N to version N+1 // 1. Add new struct serverConfigVN+1 in config-versions.go // 2. Set configCurrentVersion to "N+1" // 3. Set serverConfigCurrent to serverConfigVN+1 // 4. Add new migration function (ex. func migrateVNToVN+1()) in config-migrate.go // 5. Call migrateVNToVN+1() from migrateConfig() in config-migrate.go // 6. Make changes in config-current_test.go for any test change ```
2017-11-29 22:12:47 +01:00
func (s *serverConfig) GetVersion() string {
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
return s.Version
}
config: Avoid stale credentials in memory. (#4466)
2017-08-08 21:14:32 +02:00
// SetRegion set a new region.
Simplify the steps to make changes to config.json (#5186) This change introduces following simplified steps to follow during config migration. ``` // Steps to move from version N to version N+1 // 1. Add new struct serverConfigVN+1 in config-versions.go // 2. Set configCurrentVersion to "N+1" // 3. Set serverConfigCurrent to serverConfigVN+1 // 4. Add new migration function (ex. func migrateVNToVN+1()) in config-migrate.go // 5. Call migrateVNToVN+1() from migrateConfig() in config-migrate.go // 6. Make changes in config-current_test.go for any test change ```
2017-11-29 22:12:47 +01:00
func (s *serverConfig) SetRegion(region string) {
config: Avoid stale credentials in memory. (#4466)
2017-08-08 21:14:32 +02:00
// Save new region.
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
s.Region = region
}
// GetRegion get current region.
Simplify the steps to make changes to config.json (#5186) This change introduces following simplified steps to follow during config migration. ``` // Steps to move from version N to version N+1 // 1. Add new struct serverConfigVN+1 in config-versions.go // 2. Set configCurrentVersion to "N+1" // 3. Set serverConfigCurrent to serverConfigVN+1 // 4. Add new migration function (ex. func migrateVNToVN+1()) in config-migrate.go // 5. Call migrateVNToVN+1() from migrateConfig() in config-migrate.go // 6. Make changes in config-current_test.go for any test change ```
2017-11-29 22:12:47 +01:00
func (s *serverConfig) GetRegion() string {
Merge initConfig logic to ConfigSys (#6312)
2018-08-19 22:57:18 +02:00
if globalIsEnvRegion {
return globalServerRegion
}
if s == nil {
return ""
}
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
return s.Region
}
Remove "logger" field from config.json (#5268) File logging removed as part of improvement to server logging. config.json format updated to version 21. Fixes #5176
2017-12-06 08:18:29 +01:00
// SetCredential sets new credential and returns the previous credential.
Simplify the steps to make changes to config.json (#5186) This change introduces following simplified steps to follow during config migration. ``` // Steps to move from version N to version N+1 // 1. Add new struct serverConfigVN+1 in config-versions.go // 2. Set configCurrentVersion to "N+1" // 3. Set serverConfigCurrent to serverConfigVN+1 // 4. Add new migration function (ex. func migrateVNToVN+1()) in config-migrate.go // 5. Call migrateVNToVN+1() from migrateConfig() in config-migrate.go // 6. Make changes in config-current_test.go for any test change ```
2017-11-29 22:12:47 +01:00
func (s *serverConfig) SetCredential(creds auth.Credentials) (prevCred auth.Credentials) {
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
if creds.IsValid() && globalActiveCred.IsValid() {
globalActiveCred = creds
}
config: Avoid stale credentials in memory. (#4466)
2017-08-08 21:14:32 +02:00
// Save previous credential.
prevCred = s.Credential
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
// Set updated credential.
s.Credential = creds
config: Avoid stale credentials in memory. (#4466)
2017-08-08 21:14:32 +02:00
// Return previous credential.
return prevCred
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
}
// GetCredentials get current credentials.
Simplify the steps to make changes to config.json (#5186) This change introduces following simplified steps to follow during config migration. ``` // Steps to move from version N to version N+1 // 1. Add new struct serverConfigVN+1 in config-versions.go // 2. Set configCurrentVersion to "N+1" // 3. Set serverConfigCurrent to serverConfigVN+1 // 4. Add new migration function (ex. func migrateVNToVN+1()) in config-migrate.go // 5. Call migrateVNToVN+1() from migrateConfig() in config-migrate.go // 6. Make changes in config-current_test.go for any test change ```
2017-11-29 22:12:47 +01:00
func (s *serverConfig) GetCredential() auth.Credentials {
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
if globalActiveCred.IsValid() {
return globalActiveCred
}
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
return s.Credential
}
Persist MINIO_WORM as part of config.json (#6022)
2018-06-07 03:10:51 +02:00
// SetWorm set if worm is enabled.
func (s *serverConfig) SetWorm(b bool) {
// Set the new value.
s.Worm = BoolFlag(b)
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
}
Add x-amz-storage-class support (#5295) This adds configurable data and parity options on a per object basis. To use variable parity - Users can set environment variables to cofigure variable parity - Then add header x-amz-storage-class to putobject requests with relevant storage class values Fixes #4997
2017-12-22 12:28:13 +01:00
func (s *serverConfig) SetStorageClass(standardClass, rrsClass storageClass) {
Refactor storage class parsing for Gateway mode (#5331) This PR updates the behaviour to print relevant error message if storage class is set in config.json for gateway This PR also fixes the case where storage class set via environment variables is not parsed properly into config.json.
2018-01-09 07:26:13 +01:00
s.StorageClass.Standard = standardClass
s.StorageClass.RRS = rrsClass
Add x-amz-storage-class support (#5295) This adds configurable data and parity options on a per object basis. To use variable parity - Users can set environment variables to cofigure variable parity - Then add header x-amz-storage-class to putobject requests with relevant storage class values Fixes #4997
2017-12-22 12:28:13 +01:00
}
simplify storage class validation (#5470) Check if the storage class is set in an non XL setup instead of relying on `globalEndpoints` value. Also converge the checks for both SS and RRS parity configuration. This PR also removes redundant `tt.name` in all test cases, since each testcase doesn't need to be numbered explicitly they are numbered implicitly.
2018-02-01 08:30:07 +01:00
// GetStorageClass reads storage class fields from current config.
Fix config.json parsing to fetch correct storage class (#5327)
2017-12-28 09:49:45 +01:00
// It returns the standard and reduced redundancy storage class struct
Refactor storage class parsing for Gateway mode (#5331) This PR updates the behaviour to print relevant error message if storage class is set in config.json for gateway This PR also fixes the case where storage class set via environment variables is not parsed properly into config.json.
2018-01-09 07:26:13 +01:00
func (s *serverConfig) GetStorageClass() (storageClass, storageClass) {
Merge initConfig logic to ConfigSys (#6312)
2018-08-19 22:57:18 +02:00
if globalIsStorageClass {
return globalStandardStorageClass, globalRRStorageClass
}
if s == nil {
return storageClass{}, storageClass{}
}
Refactor storage class parsing for Gateway mode (#5331) This PR updates the behaviour to print relevant error message if storage class is set in config.json for gateway This PR also fixes the case where storage class set via environment variables is not parsed properly into config.json.
2018-01-09 07:26:13 +01:00
return s.StorageClass.Standard, s.StorageClass.RRS
Add x-amz-storage-class support (#5295) This adds configurable data and parity options on a per object basis. To use variable parity - Users can set environment variables to cofigure variable parity - Then add header x-amz-storage-class to putobject requests with relevant storage class values Fixes #4997
2017-12-22 12:28:13 +01:00
}
Persist MINIO_WORM as part of config.json (#6022)
2018-06-07 03:10:51 +02:00
// GetWorm get current credentials.
func (s *serverConfig) GetWorm() bool {
Fix WORM and BROWSER status calculation (#6360) One typo introduced in a recent commit miscalculates if worm and browser are enabled or not. A simple test is also added to detect this issue in the future if it ever happens again.
2018-08-24 23:36:14 +02:00
if globalIsEnvWORM {
return globalWORMEnabled
Merge initConfig logic to ConfigSys (#6312)
2018-08-19 22:57:18 +02:00
}
if s == nil {
return false
}
Persist MINIO_WORM as part of config.json (#6022)
2018-06-07 03:10:51 +02:00
return bool(s.Worm)
}
Add disk based edge caching support. (#5182) This PR adds disk based edge caching support for minio server. Cache settings can be configured in config.json to take list of disk drives, cache expiry in days and file patterns to exclude from cache or via environment variables MINIO_CACHE_DRIVES, MINIO_CACHE_EXCLUDE and MINIO_CACHE_EXPIRY Design assumes that Atime support is enabled and the list of cache drives is fixed. - Objects are cached on both GET and PUT/POST operations. - Expiry is used as hint to evict older entries from cache, or if 80% of cache capacity is filled. - When object storage backend is down, GET, LIST and HEAD operations fetch object seamlessly from cache. Current Limitations - Bucket policies are not cached, so anonymous operations are not supported in offline mode. - Objects are distributed using deterministic hashing among list of cache drives specified.If one or more drives go offline, or cache drive configuration is altered - performance could degrade to linear lookup. Fixes #4026
2018-03-28 23:14:06 +02:00
// SetCacheConfig sets the current cache config
Add functionality to make cache limit configurable (#5991)
2018-06-25 19:24:12 +02:00
func (s *serverConfig) SetCacheConfig(drives, exclude []string, expiry int, maxuse int) {
Add disk based edge caching support. (#5182) This PR adds disk based edge caching support for minio server. Cache settings can be configured in config.json to take list of disk drives, cache expiry in days and file patterns to exclude from cache or via environment variables MINIO_CACHE_DRIVES, MINIO_CACHE_EXCLUDE and MINIO_CACHE_EXPIRY Design assumes that Atime support is enabled and the list of cache drives is fixed. - Objects are cached on both GET and PUT/POST operations. - Expiry is used as hint to evict older entries from cache, or if 80% of cache capacity is filled. - When object storage backend is down, GET, LIST and HEAD operations fetch object seamlessly from cache. Current Limitations - Bucket policies are not cached, so anonymous operations are not supported in offline mode. - Objects are distributed using deterministic hashing among list of cache drives specified.If one or more drives go offline, or cache drive configuration is altered - performance could degrade to linear lookup. Fixes #4026
2018-03-28 23:14:06 +02:00
s.Cache.Drives = drives
s.Cache.Exclude = exclude
s.Cache.Expiry = expiry
Add functionality to make cache limit configurable (#5991)
2018-06-25 19:24:12 +02:00
s.Cache.MaxUse = maxuse
Add disk based edge caching support. (#5182) This PR adds disk based edge caching support for minio server. Cache settings can be configured in config.json to take list of disk drives, cache expiry in days and file patterns to exclude from cache or via environment variables MINIO_CACHE_DRIVES, MINIO_CACHE_EXCLUDE and MINIO_CACHE_EXPIRY Design assumes that Atime support is enabled and the list of cache drives is fixed. - Objects are cached on both GET and PUT/POST operations. - Expiry is used as hint to evict older entries from cache, or if 80% of cache capacity is filled. - When object storage backend is down, GET, LIST and HEAD operations fetch object seamlessly from cache. Current Limitations - Bucket policies are not cached, so anonymous operations are not supported in offline mode. - Objects are distributed using deterministic hashing among list of cache drives specified.If one or more drives go offline, or cache drive configuration is altered - performance could degrade to linear lookup. Fixes #4026
2018-03-28 23:14:06 +02:00
}
// GetCacheConfig gets the current cache config
func (s *serverConfig) GetCacheConfig() CacheConfig {
Merge initConfig logic to ConfigSys (#6312)
2018-08-19 22:57:18 +02:00
if globalIsDiskCacheEnabled {
return CacheConfig{
Drives: globalCacheDrives,
Exclude: globalCacheExcludes,
Expiry: globalCacheExpiry,
MaxUse: globalCacheMaxUse,
}
}
if s == nil {
return CacheConfig{}
}
Fix backend format for disk-cache - not to use FS format.json (#5732)
2018-03-29 23:38:26 +02:00
return s.Cache
Add disk based edge caching support. (#5182) This PR adds disk based edge caching support for minio server. Cache settings can be configured in config.json to take list of disk drives, cache expiry in days and file patterns to exclude from cache or via environment variables MINIO_CACHE_DRIVES, MINIO_CACHE_EXCLUDE and MINIO_CACHE_EXPIRY Design assumes that Atime support is enabled and the list of cache drives is fixed. - Objects are cached on both GET and PUT/POST operations. - Expiry is used as hint to evict older entries from cache, or if 80% of cache capacity is filled. - When object storage backend is down, GET, LIST and HEAD operations fetch object seamlessly from cache. Current Limitations - Bucket policies are not cached, so anonymous operations are not supported in offline mode. - Objects are distributed using deterministic hashing among list of cache drives specified.If one or more drives go offline, or cache drive configuration is altered - performance could degrade to linear lookup. Fixes #4026
2018-03-28 23:14:06 +02:00
}
Better validation of all config file fields (#6090) Add Validate() to serverConfig to call it at server startup and in Admin SetConfig handler to minimize errors scenario after server restart.
2018-07-18 20:22:29 +02:00
func (s *serverConfig) Validate() error {
Merge initConfig logic to ConfigSys (#6312)
2018-08-19 22:57:18 +02:00
if s == nil {
return nil
}
Better validation of all config file fields (#6090) Add Validate() to serverConfig to call it at server startup and in Admin SetConfig handler to minimize errors scenario after server restart.
2018-07-18 20:22:29 +02:00
if s.Version != serverConfigVersion {
return fmt.Errorf("configuration version mismatch. Expected: %s, Got: %s", serverConfigVersion, s.Version)
}
// Validate credential fields only when
// they are not set via the environment
// Error out if global is env credential is not set and config has invalid credential
if !globalIsEnvCreds && !s.Credential.IsValid() {
return errors.New("invalid credential in config file")
}
// Region: nothing to validate
Deprecate domain, browser as config entries (#6498)
2018-09-20 23:56:32 +02:00
// Worm, Cache and StorageClass values are already validated during json unmarshal
Better validation of all config file fields (#6090) Add Validate() to serverConfig to call it at server startup and in Admin SetConfig handler to minimize errors scenario after server restart.
2018-07-18 20:22:29 +02:00
for _, v := range s.Notify.AMQP {
if err := v.Validate(); err != nil {
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
return fmt.Errorf("amqp: %s", err)
Better validation of all config file fields (#6090) Add Validate() to serverConfig to call it at server startup and in Admin SetConfig handler to minimize errors scenario after server restart.
2018-07-18 20:22:29 +02:00
}
}
for _, v := range s.Notify.Elasticsearch {
if err := v.Validate(); err != nil {
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
return fmt.Errorf("elasticsearch: %s", err)
Better validation of all config file fields (#6090) Add Validate() to serverConfig to call it at server startup and in Admin SetConfig handler to minimize errors scenario after server restart.
2018-07-18 20:22:29 +02:00
}
}
for _, v := range s.Notify.Kafka {
if err := v.Validate(); err != nil {
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
return fmt.Errorf("kafka: %s", err)
Better validation of all config file fields (#6090) Add Validate() to serverConfig to call it at server startup and in Admin SetConfig handler to minimize errors scenario after server restart.
2018-07-18 20:22:29 +02:00
}
}
for _, v := range s.Notify.MQTT {
if err := v.Validate(); err != nil {
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
return fmt.Errorf("mqtt: %s", err)
Better validation of all config file fields (#6090) Add Validate() to serverConfig to call it at server startup and in Admin SetConfig handler to minimize errors scenario after server restart.
2018-07-18 20:22:29 +02:00
}
}
for _, v := range s.Notify.MySQL {
if err := v.Validate(); err != nil {
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
return fmt.Errorf("mysql: %s", err)
Better validation of all config file fields (#6090) Add Validate() to serverConfig to call it at server startup and in Admin SetConfig handler to minimize errors scenario after server restart.
2018-07-18 20:22:29 +02:00
}
}
for _, v := range s.Notify.NATS {
if err := v.Validate(); err != nil {
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
return fmt.Errorf("nats: %s", err)
Better validation of all config file fields (#6090) Add Validate() to serverConfig to call it at server startup and in Admin SetConfig handler to minimize errors scenario after server restart.
2018-07-18 20:22:29 +02:00
}
}
feature: added nsq as broker for events (#6740)
2018-11-07 19:23:13 +01:00
for _, v := range s.Notify.NSQ {
if err := v.Validate(); err != nil {
return fmt.Errorf("nsq: %s", err)
}
}
Better validation of all config file fields (#6090) Add Validate() to serverConfig to call it at server startup and in Admin SetConfig handler to minimize errors scenario after server restart.
2018-07-18 20:22:29 +02:00
for _, v := range s.Notify.PostgreSQL {
if err := v.Validate(); err != nil {
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
return fmt.Errorf("postgreSQL: %s", err)
Better validation of all config file fields (#6090) Add Validate() to serverConfig to call it at server startup and in Admin SetConfig handler to minimize errors scenario after server restart.
2018-07-18 20:22:29 +02:00
}
}
for _, v := range s.Notify.Redis {
if err := v.Validate(); err != nil {
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
return fmt.Errorf("redis: %s", err)
Better validation of all config file fields (#6090) Add Validate() to serverConfig to call it at server startup and in Admin SetConfig handler to minimize errors scenario after server restart.
2018-07-18 20:22:29 +02:00
}
}
for _, v := range s.Notify.Webhook {
if err := v.Validate(); err != nil {
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
return fmt.Errorf("webhook: %s", err)
Better validation of all config file fields (#6090) Add Validate() to serverConfig to call it at server startup and in Admin SetConfig handler to minimize errors scenario after server restart.
2018-07-18 20:22:29 +02:00
}
}
return nil
}
Add object compression support (#6292) Add support for streaming (golang/LZ77/snappy) compression.
2018-09-28 05:36:17 +02:00
// SetCompressionConfig sets the current compression config
func (s *serverConfig) SetCompressionConfig(extensions []string, mimeTypes []string) {
s.Compression.Extensions = extensions
s.Compression.MimeTypes = mimeTypes
s.Compression.Enabled = globalIsCompressionEnabled
}
// GetCompressionConfig gets the current compression config
func (s *serverConfig) GetCompressionConfig() compressionConfig {
return s.Compression
}
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
func (s *serverConfig) loadFromEnvs() {
// If env is set override the credentials from config file.
if globalIsEnvCreds {
s.SetCredential(globalActiveCred)
}
Add functionality to add old buckets to etcd on startup Buckets already present on a Minio server before it joins a bucket federated deployment will now be added to etcd during startup. In case of a bucket name collision, admin is informed via Minio server console message. Added configuration migration for configuration stored in etcd backend. Also, environment variables are updated and ListBucket path style request is no longer forwarded.
2018-04-05 17:18:42 +02:00
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
if globalIsEnvWORM {
s.SetWorm(globalWORMEnabled)
}
if globalIsEnvRegion {
s.SetRegion(globalServerRegion)
}
if globalIsStorageClass {
s.SetStorageClass(globalStandardStorageClass, globalRRStorageClass)
}
Add functionality to add old buckets to etcd on startup Buckets already present on a Minio server before it joins a bucket federated deployment will now be added to etcd during startup. In case of a bucket name collision, admin is informed via Minio server console message. Added configuration migration for configuration stored in etcd backend. Also, environment variables are updated and ListBucket path style request is no longer forwarded.
2018-04-05 17:18:42 +02:00
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
if globalIsDiskCacheEnabled {
s.SetCacheConfig(globalCacheDrives, globalCacheExcludes, globalCacheExpiry, globalCacheMaxUse)
}
Add support for SSE-S3 server side encryption with vault (#6192) Add support for sse-s3 encryption with vault as KMS. Also refactoring code to make use of headers and functions defined in crypto package and clean up duplicated code.
2018-08-17 21:52:14 +02:00
refactor vault configuration and add master-key KMS (#6488) This refactors the vault configuration by moving the vault-related environment variables to `environment.go` (Other ENV should follow in the future to have a central place for adding / handling ENV instead of magic constants and handling across different files) Further this commit adds master-key SSE-S3 support. The operator can specify a SSE-S3 master key using `MINIO_SSE_MASTER_KEY` which will be used as master key to derive and encrypt per-object keys for SSE-S3 requests. This commit is also a pre-condition for SSE-S3 auto-encyption support. Fixes #6329
2018-12-12 07:50:29 +01:00
if err := Environment.LookupKMSConfig(s.KMS); err != nil {
logger.FatalIf(err, "Unable to setup the KMS")
Add support for SSE-S3 server side encryption with vault (#6192) Add support for sse-s3 encryption with vault as KMS. Also refactoring code to make use of headers and functions defined in crypto package and clean up duplicated code.
2018-08-17 21:52:14 +02:00
}
Add object compression support (#6292) Add support for streaming (golang/LZ77/snappy) compression.
2018-09-28 05:36:17 +02:00
if globalIsEnvCompression {
s.SetCompressionConfig(globalCompressExtensions, globalCompressMimeTypes)
}
Add etcd support to support STS on gateway mode (#6531)
2018-10-12 20:32:18 +02:00
if jwksURL, ok := os.LookupEnv("MINIO_IAM_JWKS_URL"); ok {
Fix crash observed in OPA initialization (#7990) Related to #7982, this PR refactors the code such that we validate the OPA or JWKS in a common place. This is also a refactor which is already done in the new config migration change. Attempt to avoid any network I/O during Unmarshal of JSON from disk, instead do it later when updating the in-memory data structure.
2019-07-30 00:58:25 +02:00
u, err := xnet.ParseURL(jwksURL)
if err != nil {
Add additional logging for OPA connections (#7982)
2019-07-28 05:03:25 +02:00
logger.FatalIf(err, "Unable to parse MINIO_IAM_JWKS_URL %s", jwksURL)
Add etcd support to support STS on gateway mode (#6531)
2018-10-12 20:32:18 +02:00
}
Fix crash observed in OPA initialization (#7990) Related to #7982, this PR refactors the code such that we validate the OPA or JWKS in a common place. This is also a refactor which is already done in the new config migration change. Attempt to avoid any network I/O during Unmarshal of JSON from disk, instead do it later when updating the in-memory data structure.
2019-07-30 00:58:25 +02:00
s.OpenID.JWKS.URL = u
Add etcd support to support STS on gateway mode (#6531)
2018-10-12 20:32:18 +02:00
}
if opaURL, ok := os.LookupEnv("MINIO_IAM_OPA_URL"); ok {
Fix crash observed in OPA initialization (#7990) Related to #7982, this PR refactors the code such that we validate the OPA or JWKS in a common place. This is also a refactor which is already done in the new config migration change. Attempt to avoid any network I/O during Unmarshal of JSON from disk, instead do it later when updating the in-memory data structure.
2019-07-30 00:58:25 +02:00
u, err := xnet.ParseURL(opaURL)
if err != nil {
Add additional logging for OPA connections (#7982)
2019-07-28 05:03:25 +02:00
logger.FatalIf(err, "Unable to parse MINIO_IAM_OPA_URL %s", opaURL)
Add etcd support to support STS on gateway mode (#6531)
2018-10-12 20:32:18 +02:00
}
Fix crash observed in OPA initialization (#7990) Related to #7982, this PR refactors the code such that we validate the OPA or JWKS in a common place. This is also a refactor which is already done in the new config migration change. Attempt to avoid any network I/O during Unmarshal of JSON from disk, instead do it later when updating the in-memory data structure.
2019-07-30 00:58:25 +02:00
opaArgs := iampolicy.OpaArgs{
URL: u,
AuthToken: os.Getenv("MINIO_IAM_OPA_AUTHTOKEN"),
Transport: NewCustomHTTPTransport(),
CloseRespFn: xhttp.DrainBody,
}
logger.FatalIf(opaArgs.Validate(), "Unable to reach MINIO_IAM_OPA_URL %s", opaURL)
s.Policy.OPA.URL = opaArgs.URL
s.Policy.OPA.AuthToken = opaArgs.AuthToken
Add etcd support to support STS on gateway mode (#6531)
2018-10-12 20:32:18 +02:00
}
LDAP STS API (#8091) Add LDAP based users-groups system This change adds support to integrate an LDAP server for user authentication. This works via a custom STS API for LDAP. Each user accessing the MinIO who can be authenticated via LDAP receives temporary credentials to access the MinIO server. LDAP is enabled only over TLS. User groups are also supported via LDAP. The administrator may configure an LDAP search query to find the group attribute of a user - this may correspond to any attribute in the LDAP tree (that the user has access to view). One or more groups may be returned by such a query. A group is mapped to an IAM policy in the usual way, and the server enforces a policy corresponding to all the groups and the user's own mapped policy. When LDAP is configured, the internal MinIO users system is disabled.
2019-09-10 01:12:29 +02:00
var err error
s.LDAPServerConfig, err = newLDAPConfigFromEnv()
if err != nil {
logger.FatalIf(err, "Unable to parse LDAP configuration from env")
}
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
}
Add admin get/set config keys API (#6113) This PR adds two new admin APIs in Minio server and madmin package: - GetConfigKeys(keys []string) ([]byte, error) - SetConfigKeys(params map[string]string) (err error) A key is a path in Minio configuration file, (e.g. notify.webhook.1) The user will always send a string value when setting it in the config file, the API will know how to convert the value to the appropriate type. The user is also able to set a raw json. Before setting a new config, Minio will validate all fields and try to connect to notification targets if available.
2018-09-06 17:03:18 +02:00
// TestNotificationTargets tries to establish connections to all notification
// targets when enabled. This is a good way to make sure all configurations
// set by the user can work.
func (s *serverConfig) TestNotificationTargets() error {
for k, v := range s.Notify.AMQP {
if !v.Enable {
continue
}
Enable event persistence in AMQP (#7565)
2019-07-25 20:20:24 +02:00
t, err := target.NewAMQPTarget(k, v, GlobalServiceDoneCh)
Add admin get/set config keys API (#6113) This PR adds two new admin APIs in Minio server and madmin package: - GetConfigKeys(keys []string) ([]byte, error) - SetConfigKeys(params map[string]string) (err error) A key is a path in Minio configuration file, (e.g. notify.webhook.1) The user will always send a string value when setting it in the config file, the API will know how to convert the value to the appropriate type. The user is also able to set a raw json. Before setting a new config, Minio will validate all fields and try to connect to notification targets if available.
2018-09-06 17:03:18 +02:00
if err != nil {
return fmt.Errorf("amqp(%s): %s", k, err.Error())
}
t.Close()
}
for k, v := range s.Notify.Elasticsearch {
if !v.Enable {
continue
}
Enable persistent event store in elasticsearch (#7564)
2019-07-12 04:53:20 +02:00
t, err := target.NewElasticsearchTarget(k, v, GlobalServiceDoneCh)
Add admin get/set config keys API (#6113) This PR adds two new admin APIs in Minio server and madmin package: - GetConfigKeys(keys []string) ([]byte, error) - SetConfigKeys(params map[string]string) (err error) A key is a path in Minio configuration file, (e.g. notify.webhook.1) The user will always send a string value when setting it in the config file, the API will know how to convert the value to the appropriate type. The user is also able to set a raw json. Before setting a new config, Minio will validate all fields and try to connect to notification targets if available.
2018-09-06 17:03:18 +02:00
if err != nil {
return fmt.Errorf("elasticsearch(%s): %s", k, err.Error())
}
t.Close()
}
for k, v := range s.Notify.Kafka {
if !v.Enable {
continue
}
Add rootCAs support to Kafka & MQTT (#8236) Fixes #8211
2019-09-18 20:13:04 +02:00
if v.TLS.Enable {
v.TLS.RootCAs = globalRootCAs
}
Enable event persistence in kafka (#7633)
2019-05-29 22:19:48 +02:00
t, err := target.NewKafkaTarget(k, v, GlobalServiceDoneCh)
Add admin get/set config keys API (#6113) This PR adds two new admin APIs in Minio server and madmin package: - GetConfigKeys(keys []string) ([]byte, error) - SetConfigKeys(params map[string]string) (err error) A key is a path in Minio configuration file, (e.g. notify.webhook.1) The user will always send a string value when setting it in the config file, the API will know how to convert the value to the appropriate type. The user is also able to set a raw json. Before setting a new config, Minio will validate all fields and try to connect to notification targets if available.
2018-09-06 17:03:18 +02:00
if err != nil {
return fmt.Errorf("kafka(%s): %s", k, err.Error())
}
t.Close()
}
for k, v := range s.Notify.MQTT {
if !v.Enable {
continue
}
Add rootCAs support to Kafka & MQTT (#8236) Fixes #8211
2019-09-18 20:13:04 +02:00
v.RootCAs = globalRootCAs
Enhance the event store interface to support channeling (#7343) - Avoids code duplication across the other targets. By having a centralized function call. - Reduce the room for race.
2019-04-10 14:46:01 +02:00
t, err := target.NewMQTTTarget(k, v, GlobalServiceDoneCh)
Add admin get/set config keys API (#6113) This PR adds two new admin APIs in Minio server and madmin package: - GetConfigKeys(keys []string) ([]byte, error) - SetConfigKeys(params map[string]string) (err error) A key is a path in Minio configuration file, (e.g. notify.webhook.1) The user will always send a string value when setting it in the config file, the API will know how to convert the value to the appropriate type. The user is also able to set a raw json. Before setting a new config, Minio will validate all fields and try to connect to notification targets if available.
2018-09-06 17:03:18 +02:00
if err != nil {
return fmt.Errorf("mqtt(%s): %s", k, err.Error())
}
t.Close()
}
for k, v := range s.Notify.MySQL {
if !v.Enable {
continue
}
Enable event persistence in MySQL and PostgreSQL (#7629)
2019-07-24 19:18:29 +02:00
t, err := target.NewMySQLTarget(k, v, GlobalServiceDoneCh)
Add admin get/set config keys API (#6113) This PR adds two new admin APIs in Minio server and madmin package: - GetConfigKeys(keys []string) ([]byte, error) - SetConfigKeys(params map[string]string) (err error) A key is a path in Minio configuration file, (e.g. notify.webhook.1) The user will always send a string value when setting it in the config file, the API will know how to convert the value to the appropriate type. The user is also able to set a raw json. Before setting a new config, Minio will validate all fields and try to connect to notification targets if available.
2018-09-06 17:03:18 +02:00
if err != nil {
return fmt.Errorf("mysql(%s): %s", k, err.Error())
}
t.Close()
}
for k, v := range s.Notify.NATS {
if !v.Enable {
continue
}
Enable event-persistence in NATS and NATS-Streaming (#7612)
2019-07-23 19:37:25 +02:00
t, err := target.NewNATSTarget(k, v, GlobalServiceDoneCh)
Add admin get/set config keys API (#6113) This PR adds two new admin APIs in Minio server and madmin package: - GetConfigKeys(keys []string) ([]byte, error) - SetConfigKeys(params map[string]string) (err error) A key is a path in Minio configuration file, (e.g. notify.webhook.1) The user will always send a string value when setting it in the config file, the API will know how to convert the value to the appropriate type. The user is also able to set a raw json. Before setting a new config, Minio will validate all fields and try to connect to notification targets if available.
2018-09-06 17:03:18 +02:00
if err != nil {
return fmt.Errorf("nats(%s): %s", k, err.Error())
}
t.Close()
}
feature: added nsq as broker for events (#6740)
2018-11-07 19:23:13 +01:00
for k, v := range s.Notify.NSQ {
if !v.Enable {
continue
}
Enable event persistence in NSQ (#7579)
2019-07-12 11:41:57 +02:00
t, err := target.NewNSQTarget(k, v, GlobalServiceDoneCh)
feature: added nsq as broker for events (#6740)
2018-11-07 19:23:13 +01:00
if err != nil {
return fmt.Errorf("nsq(%s): %s", k, err.Error())
}
t.Close()
}
Add admin get/set config keys API (#6113) This PR adds two new admin APIs in Minio server and madmin package: - GetConfigKeys(keys []string) ([]byte, error) - SetConfigKeys(params map[string]string) (err error) A key is a path in Minio configuration file, (e.g. notify.webhook.1) The user will always send a string value when setting it in the config file, the API will know how to convert the value to the appropriate type. The user is also able to set a raw json. Before setting a new config, Minio will validate all fields and try to connect to notification targets if available.
2018-09-06 17:03:18 +02:00
for k, v := range s.Notify.PostgreSQL {
if !v.Enable {
continue
}
Enable event persistence in MySQL and PostgreSQL (#7629)
2019-07-24 19:18:29 +02:00
t, err := target.NewPostgreSQLTarget(k, v, GlobalServiceDoneCh)
Add admin get/set config keys API (#6113) This PR adds two new admin APIs in Minio server and madmin package: - GetConfigKeys(keys []string) ([]byte, error) - SetConfigKeys(params map[string]string) (err error) A key is a path in Minio configuration file, (e.g. notify.webhook.1) The user will always send a string value when setting it in the config file, the API will know how to convert the value to the appropriate type. The user is also able to set a raw json. Before setting a new config, Minio will validate all fields and try to connect to notification targets if available.
2018-09-06 17:03:18 +02:00
if err != nil {
return fmt.Errorf("postgreSQL(%s): %s", k, err.Error())
}
t.Close()
}
for k, v := range s.Notify.Redis {
if !v.Enable {
continue
}
Enable event persistence in Redis (#7601)
2019-07-23 19:22:08 +02:00
t, err := target.NewRedisTarget(k, v, GlobalServiceDoneCh)
Add admin get/set config keys API (#6113) This PR adds two new admin APIs in Minio server and madmin package: - GetConfigKeys(keys []string) ([]byte, error) - SetConfigKeys(params map[string]string) (err error) A key is a path in Minio configuration file, (e.g. notify.webhook.1) The user will always send a string value when setting it in the config file, the API will know how to convert the value to the appropriate type. The user is also able to set a raw json. Before setting a new config, Minio will validate all fields and try to connect to notification targets if available.
2018-09-06 17:03:18 +02:00
if err != nil {
return fmt.Errorf("redis(%s): %s", k, err.Error())
}
t.Close()
}
return nil
}
Fix configuration handling bugs: (#5473) * Update the GetConfig admin API to use the latest version of configuration, along with fixes to the corresponding RPCs. * Remove mutex inside the configuration struct, and inside notification struct. * Use global config mutex where needed. * Add `serverConfig.ConfigDiff()` that provides a more granular diff of what is different between two configurations.
2018-01-31 17:15:54 +01:00
// Returns the string describing a difference with the given
// configuration object. If the given configuration object is
// identical, an empty string is returned.
func (s *serverConfig) ConfigDiff(t *serverConfig) string {
switch {
case t == nil:
return "Given configuration is empty"
case s.Credential != t.Credential:
return "Credential configuration differs"
case s.Region != t.Region:
return "Region configuration differs"
case s.StorageClass != t.StorageClass:
return "StorageClass configuration differs"
Add cache config for configuration comparison (#5812)
2018-04-13 20:15:19 +02:00
case !reflect.DeepEqual(s.Cache, t.Cache):
return "Cache configuration differs"
Add object compression support (#6292) Add support for streaming (golang/LZ77/snappy) compression.
2018-09-28 05:36:17 +02:00
case !reflect.DeepEqual(s.Compression, t.Compression):
return "Compression configuration differs"
Fix configuration handling bugs: (#5473) * Update the GetConfig admin API to use the latest version of configuration, along with fixes to the corresponding RPCs. * Remove mutex inside the configuration struct, and inside notification struct. * Use global config mutex where needed. * Add `serverConfig.ConfigDiff()` that provides a more granular diff of what is different between two configurations.
2018-01-31 17:15:54 +01:00
case !reflect.DeepEqual(s.Notify.AMQP, t.Notify.AMQP):
return "AMQP Notification configuration differs"
case !reflect.DeepEqual(s.Notify.NATS, t.Notify.NATS):
return "NATS Notification configuration differs"
feature: added nsq as broker for events (#6740)
2018-11-07 19:23:13 +01:00
case !reflect.DeepEqual(s.Notify.NSQ, t.Notify.NSQ):
return "NSQ Notification configuration differs"
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
case !reflect.DeepEqual(s.Notify.Elasticsearch, t.Notify.Elasticsearch):
Fix configuration handling bugs: (#5473) * Update the GetConfig admin API to use the latest version of configuration, along with fixes to the corresponding RPCs. * Remove mutex inside the configuration struct, and inside notification struct. * Use global config mutex where needed. * Add `serverConfig.ConfigDiff()` that provides a more granular diff of what is different between two configurations.
2018-01-31 17:15:54 +01:00
return "ElasticSearch Notification configuration differs"
case !reflect.DeepEqual(s.Notify.Redis, t.Notify.Redis):
return "Redis Notification configuration differs"
case !reflect.DeepEqual(s.Notify.PostgreSQL, t.Notify.PostgreSQL):
return "PostgreSQL Notification configuration differs"
case !reflect.DeepEqual(s.Notify.Kafka, t.Notify.Kafka):
return "Kafka Notification configuration differs"
case !reflect.DeepEqual(s.Notify.Webhook, t.Notify.Webhook):
return "Webhook Notification configuration differs"
case !reflect.DeepEqual(s.Notify.MySQL, t.Notify.MySQL):
return "MySQL Notification configuration differs"
case !reflect.DeepEqual(s.Notify.MQTT, t.Notify.MQTT):
return "MQTT Notification configuration differs"
Add new console/http loggers (#6066) - Add console target logging, enabled by default. - Add http target logging, which supports an endpoint with basic authentication (username/password are passed in the endpoint url itself) - HTTP target logging is asynchronous and some logs can be dropped if channel buffer (10000) is full
2018-07-20 00:55:06 +02:00
case !reflect.DeepEqual(s.Logger, t.Logger):
return "Logger configuration differs"
Add support for SSE-S3 server side encryption with vault (#6192) Add support for sse-s3 encryption with vault as KMS. Also refactoring code to make use of headers and functions defined in crypto package and clean up duplicated code.
2018-08-17 21:52:14 +02:00
case !reflect.DeepEqual(s.KMS, t.KMS):
return "KMS configuration differs"
Fix configuration handling bugs: (#5473) * Update the GetConfig admin API to use the latest version of configuration, along with fixes to the corresponding RPCs. * Remove mutex inside the configuration struct, and inside notification struct. * Use global config mutex where needed. * Add `serverConfig.ConfigDiff()` that provides a more granular diff of what is different between two configurations.
2018-01-31 17:15:54 +01:00
case reflect.DeepEqual(s, t):
return ""
default:
// This case will not happen unless this comparison
// function has become stale.
return "Configuration differs"
}
}
Simplify the steps to make changes to config.json (#5186) This change introduces following simplified steps to follow during config migration. ``` // Steps to move from version N to version N+1 // 1. Add new struct serverConfigVN+1 in config-versions.go // 2. Set configCurrentVersion to "N+1" // 3. Set serverConfigCurrent to serverConfigVN+1 // 4. Add new migration function (ex. func migrateVNToVN+1()) in config-migrate.go // 5. Call migrateVNToVN+1() from migrateConfig() in config-migrate.go // 6. Make changes in config-current_test.go for any test change ```
2017-11-29 22:12:47 +01:00
func newServerConfig() *serverConfig {
Remove panic() and handle it appropriately (#5807) This is an effort to remove panic from the source. Add a new call called CriticialIf, that calls LogIf and exits. Replace panics with one of CriticalIf, FatalIf and a return of error.
2018-04-20 02:24:43 +02:00
cred, err := auth.GetNewCredentials()
logger.FatalIf(err, "")
Simplify the steps to make changes to config.json (#5186) This change introduces following simplified steps to follow during config migration. ``` // Steps to move from version N to version N+1 // 1. Add new struct serverConfigVN+1 in config-versions.go // 2. Set configCurrentVersion to "N+1" // 3. Set serverConfigCurrent to serverConfigVN+1 // 4. Add new migration function (ex. func migrateVNToVN+1()) in config-migrate.go // 5. Call migrateVNToVN+1() from migrateConfig() in config-migrate.go // 6. Make changes in config-current_test.go for any test change ```
2017-11-29 22:12:47 +01:00
srvCfg := &serverConfig{
simplify storage class validation (#5470) Check if the storage class is set in an non XL setup instead of relying on `globalEndpoints` value. Also converge the checks for both SS and RRS parity configuration. This PR also removes redundant `tt.name` in all test cases, since each testcase doesn't need to be numbered explicitly they are numbered implicitly.
2018-02-01 08:30:07 +01:00
Version: serverConfigVersion,
Remove panic() and handle it appropriately (#5807) This is an effort to remove panic from the source. Add a new call called CriticialIf, that calls LogIf and exits. Replace panics with one of CriticalIf, FatalIf and a return of error.
2018-04-20 02:24:43 +02:00
Credential: cred,
simplify storage class validation (#5470) Check if the storage class is set in an non XL setup instead of relying on `globalEndpoints` value. Also converge the checks for both SS and RRS parity configuration. This PR also removes redundant `tt.name` in all test cases, since each testcase doesn't need to be numbered explicitly they are numbered implicitly.
2018-02-01 08:30:07 +01:00
Region: globalMinioDefaultRegion,
StorageClass: storageClassConfig{
Standard: storageClass{},
RRS: storageClass{},
},
Add disk based edge caching support. (#5182) This PR adds disk based edge caching support for minio server. Cache settings can be configured in config.json to take list of disk drives, cache expiry in days and file patterns to exclude from cache or via environment variables MINIO_CACHE_DRIVES, MINIO_CACHE_EXCLUDE and MINIO_CACHE_EXPIRY Design assumes that Atime support is enabled and the list of cache drives is fixed. - Objects are cached on both GET and PUT/POST operations. - Expiry is used as hint to evict older entries from cache, or if 80% of cache capacity is filled. - When object storage backend is down, GET, LIST and HEAD operations fetch object seamlessly from cache. Current Limitations - Bucket policies are not cached, so anonymous operations are not supported in offline mode. - Objects are distributed using deterministic hashing among list of cache drives specified.If one or more drives go offline, or cache drive configuration is altered - performance could degrade to linear lookup. Fixes #4026
2018-03-28 23:14:06 +02:00
Cache: CacheConfig{
Drives: []string{},
Exclude: []string{},
Expiry: globalCacheExpiry,
Add functionality to make cache limit configurable (#5991)
2018-06-25 19:24:12 +02:00
MaxUse: globalCacheMaxUse,
Add disk based edge caching support. (#5182) This PR adds disk based edge caching support for minio server. Cache settings can be configured in config.json to take list of disk drives, cache expiry in days and file patterns to exclude from cache or via environment variables MINIO_CACHE_DRIVES, MINIO_CACHE_EXCLUDE and MINIO_CACHE_EXPIRY Design assumes that Atime support is enabled and the list of cache drives is fixed. - Objects are cached on both GET and PUT/POST operations. - Expiry is used as hint to evict older entries from cache, or if 80% of cache capacity is filled. - When object storage backend is down, GET, LIST and HEAD operations fetch object seamlessly from cache. Current Limitations - Bucket policies are not cached, so anonymous operations are not supported in offline mode. - Objects are distributed using deterministic hashing among list of cache drives specified.If one or more drives go offline, or cache drive configuration is altered - performance could degrade to linear lookup. Fixes #4026
2018-03-28 23:14:06 +02:00
},
Add support for SSE-S3 server side encryption with vault (#6192) Add support for sse-s3 encryption with vault as KMS. Also refactoring code to make use of headers and functions defined in crypto package and clean up duplicated code.
2018-08-17 21:52:14 +02:00
KMS: crypto.KMSConfig{},
simplify storage class validation (#5470) Check if the storage class is set in an non XL setup instead of relying on `globalEndpoints` value. Also converge the checks for both SS and RRS parity configuration. This PR also removes redundant `tt.name` in all test cases, since each testcase doesn't need to be numbered explicitly they are numbered implicitly.
2018-02-01 08:30:07 +01:00
Notify: notifier{},
Add object compression support (#6292) Add support for streaming (golang/LZ77/snappy) compression.
2018-09-28 05:36:17 +02:00
Compression: compressionConfig{
Enabled: false,
Extensions: globalCompressExtensions,
MimeTypes: globalCompressMimeTypes,
},
config: Add browser parameter (#3807) browser new parameter receives "on" or "off" parameter which is similar to MINIO_BROWSER
2017-02-27 23:59:53 +01:00
}
browser-flag: wrapped bool type denotes browser on/off flag. (#3963) Statically typed BrowserFlag prevents any arbitrary string value usage. The wrapped bool marshals/unmarshals JSON according to the typed value ie string value "on" represents boolean true and "off" as boolean false.
2017-03-26 21:00:27 +02:00
Honor envs properly for access and secret key. (#3703) Also changes the behavior of `secretKeyHash` which is not necessary to be sent over the network, each node has its own secretKeyHash to validate. Fixes #3696 Partial(fix) #3700 (More changes needed with some code cleanup)
2017-02-07 21:51:43 +01:00
// Make sure to initialize notification configs.
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
srvCfg.Notify.AMQP = make(map[string]target.AMQPArgs)
srvCfg.Notify.AMQP["1"] = target.AMQPArgs{}
srvCfg.Notify.MQTT = make(map[string]target.MQTTArgs)
srvCfg.Notify.MQTT["1"] = target.MQTTArgs{}
srvCfg.Notify.Elasticsearch = make(map[string]target.ElasticsearchArgs)
srvCfg.Notify.Elasticsearch["1"] = target.ElasticsearchArgs{}
srvCfg.Notify.Redis = make(map[string]target.RedisArgs)
srvCfg.Notify.Redis["1"] = target.RedisArgs{}
srvCfg.Notify.NATS = make(map[string]target.NATSArgs)
srvCfg.Notify.NATS["1"] = target.NATSArgs{}
feature: added nsq as broker for events (#6740)
2018-11-07 19:23:13 +01:00
srvCfg.Notify.NSQ = make(map[string]target.NSQArgs)
srvCfg.Notify.NSQ["1"] = target.NSQArgs{}
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
srvCfg.Notify.PostgreSQL = make(map[string]target.PostgreSQLArgs)
srvCfg.Notify.PostgreSQL["1"] = target.PostgreSQLArgs{}
srvCfg.Notify.MySQL = make(map[string]target.MySQLArgs)
srvCfg.Notify.MySQL["1"] = target.MySQLArgs{}
srvCfg.Notify.Kafka = make(map[string]target.KafkaArgs)
srvCfg.Notify.Kafka["1"] = target.KafkaArgs{}
srvCfg.Notify.Webhook = make(map[string]target.WebhookArgs)
srvCfg.Notify.Webhook["1"] = target.WebhookArgs{}
Honor envs properly for access and secret key. (#3703) Also changes the behavior of `secretKeyHash` which is not necessary to be sent over the network, each node has its own secretKeyHash to validate. Fixes #3696 Partial(fix) #3700 (More changes needed with some code cleanup)
2017-02-07 21:51:43 +01:00
Add disk based edge caching support. (#5182) This PR adds disk based edge caching support for minio server. Cache settings can be configured in config.json to take list of disk drives, cache expiry in days and file patterns to exclude from cache or via environment variables MINIO_CACHE_DRIVES, MINIO_CACHE_EXCLUDE and MINIO_CACHE_EXPIRY Design assumes that Atime support is enabled and the list of cache drives is fixed. - Objects are cached on both GET and PUT/POST operations. - Expiry is used as hint to evict older entries from cache, or if 80% of cache capacity is filled. - When object storage backend is down, GET, LIST and HEAD operations fetch object seamlessly from cache. Current Limitations - Bucket policies are not cached, so anonymous operations are not supported in offline mode. - Objects are distributed using deterministic hashing among list of cache drives specified.If one or more drives go offline, or cache drive configuration is altered - performance could degrade to linear lookup. Fixes #4026
2018-03-28 23:14:06 +02:00
srvCfg.Cache.Drives = make([]string, 0)
srvCfg.Cache.Exclude = make([]string, 0)
srvCfg.Cache.Expiry = globalCacheExpiry
Add functionality to make cache limit configurable (#5991)
2018-06-25 19:24:12 +02:00
srvCfg.Cache.MaxUse = globalCacheMaxUse
Add new console/http loggers (#6066) - Add console target logging, enabled by default. - Add http target logging, which supports an endpoint with basic authentication (username/password are passed in the endpoint url itself) - HTTP target logging is asynchronous and some logs can be dropped if channel buffer (10000) is full
2018-07-20 00:55:06 +02:00
// Console logging is on by default
srvCfg.Logger.Console.Enabled = true
// Create an example of HTTP logger
srvCfg.Logger.HTTP = make(map[string]loggerHTTP)
srvCfg.Logger.HTTP["target1"] = loggerHTTP{Endpoint: "https://username:password@example.com/api"}
config: Fix creating new config with wrong version (#3821) Simplify a little config code to avoid making mistake next time.
2017-03-01 18:17:04 +01:00
return srvCfg
}
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
func (s *serverConfig) loadToCachedConfigs() {
if !globalIsEnvCreds {
globalActiveCred = s.GetCredential()
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 03:18:52 +01:00
}
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
if !globalIsEnvWORM {
globalWORMEnabled = s.GetWorm()
config: Fix creating new config with wrong version (#3821) Simplify a little config code to avoid making mistake next time.
2017-03-01 18:17:04 +01:00
}
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
if !globalIsEnvRegion {
globalServerRegion = s.GetRegion()
Persist MINIO_WORM as part of config.json (#6022)
2018-06-07 03:10:51 +02:00
}
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
if !globalIsStorageClass {
globalStandardStorageClass, globalRRStorageClass = s.GetStorageClass()
Virtual host style S3 requests (#5095)
2017-11-15 01:56:24 +01:00
}
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
if !globalIsDiskCacheEnabled {
cacheConf := s.GetCacheConfig()
globalCacheDrives = cacheConf.Drives
globalCacheExcludes = cacheConf.Exclude
globalCacheExpiry = cacheConf.Expiry
globalCacheMaxUse = cacheConf.MaxUse
Add x-amz-storage-class support (#5295) This adds configurable data and parity options on a per object basis. To use variable parity - Users can set environment variables to cofigure variable parity - Then add header x-amz-storage-class to putobject requests with relevant storage class values Fixes #4997
2017-12-22 12:28:13 +01:00
}
refactor vault configuration and add master-key KMS (#6488) This refactors the vault configuration by moving the vault-related environment variables to `environment.go` (Other ENV should follow in the future to have a central place for adding / handling ENV instead of magic constants and handling across different files) Further this commit adds master-key SSE-S3 support. The operator can specify a SSE-S3 master key using `MINIO_SSE_MASTER_KEY` which will be used as master key to derive and encrypt per-object keys for SSE-S3 requests. This commit is also a pre-condition for SSE-S3 auto-encyption support. Fixes #6329
2018-12-12 07:50:29 +01:00
if err := Environment.LookupKMSConfig(s.KMS); err != nil {
Fix crash observed in OPA initialization (#7990) Related to #7982, this PR refactors the code such that we validate the OPA or JWKS in a common place. This is also a refactor which is already done in the new config migration change. Attempt to avoid any network I/O during Unmarshal of JSON from disk, instead do it later when updating the in-memory data structure.
2019-07-30 00:58:25 +02:00
logger.FatalIf(err, "Unable to setup the KMS %s", s.KMS.Vault.Endpoint)
Add support for SSE-S3 server side encryption with vault (#6192) Add support for sse-s3 encryption with vault as KMS. Also refactoring code to make use of headers and functions defined in crypto package and clean up duplicated code.
2018-08-17 21:52:14 +02:00
}
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
Add object compression support (#6292) Add support for streaming (golang/LZ77/snappy) compression.
2018-09-28 05:36:17 +02:00
if !globalIsCompressionEnabled {
compressionConf := s.GetCompressionConfig()
globalCompressExtensions = compressionConf.Extensions
globalCompressMimeTypes = compressionConf.MimeTypes
globalIsCompressionEnabled = compressionConf.Enabled
}
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
Fix crash observed in OPA initialization (#7990) Related to #7982, this PR refactors the code such that we validate the OPA or JWKS in a common place. This is also a refactor which is already done in the new config migration change. Attempt to avoid any network I/O during Unmarshal of JSON from disk, instead do it later when updating the in-memory data structure.
2019-07-30 00:58:25 +02:00
if s.OpenID.JWKS.URL != nil && s.OpenID.JWKS.URL.String() != "" {
logger.FatalIf(s.OpenID.JWKS.PopulatePublicKey(),
"Unable to populate public key from JWKS URL %s", s.OpenID.JWKS.URL)
}
Rename iam/validator -> iam/openid and add tests (#8340) Refactor as part of config migration
2019-10-02 00:07:20 +02:00
globalIAMValidators = getOpenIDValidators(s)
Avoid code which looks at local files when etcd is configured (#7144) This situation happens only in gateway nas which supports etcd based `config.json` to support all FS mode features. The issue was we would try to migrate something which doesn't exist when etcd is configured which leads to inconsistent server configs in memory. This PR fixes this situation by properly loading config after initialization, avoiding backend disk config migration to be done only if etcd is not configured.
2019-01-28 22:31:35 +01:00
if s.Policy.OPA.URL != nil && s.Policy.OPA.URL.String() != "" {
Fix crash observed in OPA initialization (#7990) Related to #7982, this PR refactors the code such that we validate the OPA or JWKS in a common place. This is also a refactor which is already done in the new config migration change. Attempt to avoid any network I/O during Unmarshal of JSON from disk, instead do it later when updating the in-memory data structure.
2019-07-30 00:58:25 +02:00
opaArgs := iampolicy.OpaArgs{
Avoid code which looks at local files when etcd is configured (#7144) This situation happens only in gateway nas which supports etcd based `config.json` to support all FS mode features. The issue was we would try to migrate something which doesn't exist when etcd is configured which leads to inconsistent server configs in memory. This PR fixes this situation by properly loading config after initialization, avoiding backend disk config migration to be done only if etcd is not configured.
2019-01-28 22:31:35 +01:00
URL: s.Policy.OPA.URL,
AuthToken: s.Policy.OPA.AuthToken,
Transport: NewCustomHTTPTransport(),
Make sure to drain body upon an error (#7197) Also cleanup redundant code and use it at a common place
2019-02-06 21:07:03 +01:00
CloseRespFn: xhttp.DrainBody,
Fix crash observed in OPA initialization (#7990) Related to #7982, this PR refactors the code such that we validate the OPA or JWKS in a common place. This is also a refactor which is already done in the new config migration change. Attempt to avoid any network I/O during Unmarshal of JSON from disk, instead do it later when updating the in-memory data structure.
2019-07-30 00:58:25 +02:00
}
logger.FatalIf(opaArgs.Validate(), "Unable to reach OPA URL %s", s.Policy.OPA.URL)
globalPolicyOPA = iampolicy.NewOpa(opaArgs)
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
}
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
}
Add x-amz-storage-class support (#5295) This adds configurable data and parity options on a per object basis. To use variable parity - Users can set environment variables to cofigure variable parity - Then add header x-amz-storage-class to putobject requests with relevant storage class values Fixes #4997
2017-12-22 12:28:13 +01:00
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
// newSrvConfig - initialize a new server config, saves env parameters if
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
// found, otherwise use default parameters
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
func newSrvConfig(objAPI ObjectLayer) error {
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
// Initialize server config.
srvCfg := newServerConfig()
// Override any values from ENVs.
srvCfg.loadFromEnvs()
// Load values to cached global values.
srvCfg.loadToCachedConfigs()
Fix backend format for disk-cache - not to use FS format.json (#5732)
2018-03-29 23:38:26 +02:00
Honor envs properly for access and secret key. (#3703) Also changes the behavior of `secretKeyHash` which is not necessary to be sent over the network, each node has its own secretKeyHash to validate. Fixes #3696 Partial(fix) #3700 (More changes needed with some code cleanup)
2017-02-07 21:51:43 +01:00
// hold the mutex lock before a new config is assigned.
Simplify the steps to make changes to config.json (#5186) This change introduces following simplified steps to follow during config migration. ``` // Steps to move from version N to version N+1 // 1. Add new struct serverConfigVN+1 in config-versions.go // 2. Set configCurrentVersion to "N+1" // 3. Set serverConfigCurrent to serverConfigVN+1 // 4. Add new migration function (ex. func migrateVNToVN+1()) in config-migrate.go // 5. Call migrateVNToVN+1() from migrateConfig() in config-migrate.go // 6. Make changes in config-current_test.go for any test change ```
2017-11-29 22:12:47 +01:00
globalServerConfigMu.Lock()
globalServerConfig = srvCfg
globalServerConfigMu.Unlock()
Honor envs properly for access and secret key. (#3703) Also changes the behavior of `secretKeyHash` which is not necessary to be sent over the network, each node has its own secretKeyHash to validate. Fixes #3696 Partial(fix) #3700 (More changes needed with some code cleanup)
2017-02-07 21:51:43 +01:00
// Save config into file.
Add admin get/set config keys API (#6113) This PR adds two new admin APIs in Minio server and madmin package: - GetConfigKeys(keys []string) ([]byte, error) - SetConfigKeys(params map[string]string) (err error) A key is a path in Minio configuration file, (e.g. notify.webhook.1) The user will always send a string value when setting it in the config file, the API will know how to convert the value to the appropriate type. The user is also able to set a raw json. Before setting a new config, Minio will validate all fields and try to connect to notification targets if available.
2018-09-06 17:03:18 +02:00
return saveServerConfig(context.Background(), objAPI, globalServerConfig)
Honor envs properly for access and secret key. (#3703) Also changes the behavior of `secretKeyHash` which is not necessary to be sent over the network, each node has its own secretKeyHash to validate. Fixes #3696 Partial(fix) #3700 (More changes needed with some code cleanup)
2017-02-07 21:51:43 +01:00
}
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
// getValidConfig - returns valid server configuration
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
func getValidConfig(objAPI ObjectLayer) (*serverConfig, error) {
srvCfg, err := readServerConfig(context.Background(), objAPI)
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 03:18:52 +01:00
if err != nil {
return nil, err
}
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
return srvCfg, srvCfg.Validate()
config/main: Re-write config files - add to new config v3 - New config format. ``` { "version": "3", "address": ":9000", "backend": { "type": "fs", "disk": "/path" }, "credential": { "accessKey": "WLGDGYAQYIGI833EV05A", "secretKey": "BYvgJM101sHngl2uzjXS/OBF/aMxAN06JrJ3qJlF" }, "region": "us-east-1", "logger": { "file": { "enable": false, "fileName": "", "level": "error" }, "syslog": { "enable": false, "address": "", "level": "debug" }, "console": { "enable": true, "level": "fatal" } } } ``` New command lines in lieu of supporting XL. Minio initialize filesystem backend. ~~~ $ minio init fs <path> ~~~ Minio initialize XL backend. ~~~ $ minio init xl <url1>...<url16> ~~~ For 'fs' backend it starts the server. ~~~ $ minio server ~~~ For 'xl' backend it waits for servers to join. ~~~ $ minio server ... [PROGRESS BAR] of servers connecting ~~~ Now on other servers execute 'join' and they connect. ~~~ .... minio join <url1> -- from <url2> && minio server minio join <url1> -- from <url3> && minio server ... ... minio join <url1> -- from <url16> && minio server ~~~
2016-02-13 00:27:10 +01:00
}
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
// loadConfig - loads a new config from disk, overrides params from env
// if found and valid
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
func loadConfig(objAPI ObjectLayer) error {
srvCfg, err := getValidConfig(objAPI)
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
if err != nil {
Enhance fatal errors printing of common issues seen by users (#5878)
2018-05-09 04:04:36 +02:00
return uiErrInvalidConfig(nil).Msg(err.Error())
config: Relax browser and region to be empty. (#3912) - If browser field is missing or empty then default to "on". - If region field is empty or missing then default to "us-east-1" (S3 spec behavior)
2017-03-16 19:06:17 +01:00
}
Use a non member mutex lock for serverConfig access. (#3411) - This is to ensure that the any new config references made to the serverConfig is also backed by a mutex lock. - Otherwise any new config assigment will also replace the member mutex which is currently used for safe access.
2016-12-07 12:41:54 +01:00
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
// Override any values from ENVs.
srvCfg.loadFromEnvs()
config/main: Re-write config files - add to new config v3 - New config format. ``` { "version": "3", "address": ":9000", "backend": { "type": "fs", "disk": "/path" }, "credential": { "accessKey": "WLGDGYAQYIGI833EV05A", "secretKey": "BYvgJM101sHngl2uzjXS/OBF/aMxAN06JrJ3qJlF" }, "region": "us-east-1", "logger": { "file": { "enable": false, "fileName": "", "level": "error" }, "syslog": { "enable": false, "address": "", "level": "debug" }, "console": { "enable": true, "level": "fatal" } } } ``` New command lines in lieu of supporting XL. Minio initialize filesystem backend. ~~~ $ minio init fs <path> ~~~ Minio initialize XL backend. ~~~ $ minio init xl <url1>...<url16> ~~~ For 'fs' backend it starts the server. ~~~ $ minio server ~~~ For 'xl' backend it waits for servers to join. ~~~ $ minio server ... [PROGRESS BAR] of servers connecting ~~~ Now on other servers execute 'join' and they connect. ~~~ .... minio join <url1> -- from <url2> && minio server minio join <url1> -- from <url3> && minio server ... ... minio join <url1> -- from <url16> && minio server ~~~
2016-02-13 00:27:10 +01:00
Migrate config.json from config-dir to backend (#6195) This PR is the first set of changes to move the config to the backend, the changes use the existing `config.json` allows it to be migrated such that we can save it in on backend disks. In future releases, we will slowly migrate out of the current architecture. Fixes #6182
2018-08-15 06:41:47 +02:00
// Load values to cached global values.
srvCfg.loadToCachedConfigs()
Fix backend format for disk-cache - not to use FS format.json (#5732)
2018-03-29 23:38:26 +02:00
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
// hold the mutex lock before a new config is assigned.
Simplify the steps to make changes to config.json (#5186) This change introduces following simplified steps to follow during config migration. ``` // Steps to move from version N to version N+1 // 1. Add new struct serverConfigVN+1 in config-versions.go // 2. Set configCurrentVersion to "N+1" // 3. Set serverConfigCurrent to serverConfigVN+1 // 4. Add new migration function (ex. func migrateVNToVN+1()) in config-migrate.go // 5. Call migrateVNToVN+1() from migrateConfig() in config-migrate.go // 6. Make changes in config-current_test.go for any test change ```
2017-11-29 22:12:47 +01:00
globalServerConfigMu.Lock()
globalServerConfig = srvCfg
globalServerConfigMu.Unlock()
config/main: Re-write config files - add to new config v3 - New config format. ``` { "version": "3", "address": ":9000", "backend": { "type": "fs", "disk": "/path" }, "credential": { "accessKey": "WLGDGYAQYIGI833EV05A", "secretKey": "BYvgJM101sHngl2uzjXS/OBF/aMxAN06JrJ3qJlF" }, "region": "us-east-1", "logger": { "file": { "enable": false, "fileName": "", "level": "error" }, "syslog": { "enable": false, "address": "", "level": "debug" }, "console": { "enable": true, "level": "fatal" } } } ``` New command lines in lieu of supporting XL. Minio initialize filesystem backend. ~~~ $ minio init fs <path> ~~~ Minio initialize XL backend. ~~~ $ minio init xl <url1>...<url16> ~~~ For 'fs' backend it starts the server. ~~~ $ minio server ~~~ For 'xl' backend it waits for servers to join. ~~~ $ minio server ... [PROGRESS BAR] of servers connecting ~~~ Now on other servers execute 'join' and they connect. ~~~ .... minio join <url1> -- from <url2> && minio server minio join <url1> -- from <url3> && minio server ... ... minio join <url1> -- from <url16> && minio server ~~~
2016-02-13 00:27:10 +01:00
fix: use its own lock in serverConfigV17 (#4014) Previously serverConfigV17 used a global lock that made any instance of serverConfigV17 depended on single global serverConfigMu. This patch fixes by having individual lock per instances.
2017-03-31 07:26:24 +02:00
return nil
config/main: Re-write config files - add to new config v3 - New config format. ``` { "version": "3", "address": ":9000", "backend": { "type": "fs", "disk": "/path" }, "credential": { "accessKey": "WLGDGYAQYIGI833EV05A", "secretKey": "BYvgJM101sHngl2uzjXS/OBF/aMxAN06JrJ3qJlF" }, "region": "us-east-1", "logger": { "file": { "enable": false, "fileName": "", "level": "error" }, "syslog": { "enable": false, "address": "", "level": "debug" }, "console": { "enable": true, "level": "fatal" } } } ``` New command lines in lieu of supporting XL. Minio initialize filesystem backend. ~~~ $ minio init fs <path> ~~~ Minio initialize XL backend. ~~~ $ minio init xl <url1>...<url16> ~~~ For 'fs' backend it starts the server. ~~~ $ minio server ~~~ For 'xl' backend it waits for servers to join. ~~~ $ minio server ... [PROGRESS BAR] of servers connecting ~~~ Now on other servers execute 'join' and they connect. ~~~ .... minio join <url1> -- from <url2> && minio server minio join <url1> -- from <url3> && minio server ... ... minio join <url1> -- from <url16> && minio server ~~~
2016-02-13 00:27:10 +01:00
}
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
Rename iam/validator -> iam/openid and add tests (#8340) Refactor as part of config migration
2019-10-02 00:07:20 +02:00
// getOpenIDValidators - returns ValidatorList which contains
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
// enabled providers in server config.
// A new authentication provider is added like below
Rename iam/validator -> iam/openid and add tests (#8340) Refactor as part of config migration
2019-10-02 00:07:20 +02:00
// * Add a new provider in pkg/iam/openid package.
func getOpenIDValidators(config *serverConfig) *openid.Validators {
validators := openid.NewValidators()
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
if config.OpenID.JWKS.URL != nil {
Rename iam/validator -> iam/openid and add tests (#8340) Refactor as part of config migration
2019-10-02 00:07:20 +02:00
validators.Add(openid.NewJWT(config.OpenID.JWKS))
Introduce STS client grants API and OPA policy integration (#6168) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks
2018-10-09 23:00:01 +02:00
}
return validators
}
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
// getNotificationTargets - returns TargetList which contains enabled targets in serverConfig.
// A new notification target is added like below
// * Add a new target in pkg/event/target package.
// * Add newly added target configuration to serverConfig.Notify.<TARGET_NAME>.
// * Handle the configuration in this function to create/add into TargetList.
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
func getNotificationTargets(config *serverConfig) *event.TargetList {
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
targetList := event.NewTargetList()
Check for absence of checksum field and attributes. (#6298) Fixes #6295
2018-08-21 01:58:47 +02:00
if config == nil {
return targetList
}
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
for id, args := range config.Notify.AMQP {
if args.Enable {
Enable event persistence in AMQP (#7565)
2019-07-25 20:20:24 +02:00
newTarget, err := target.NewAMQPTarget(id, args, GlobalServiceDoneCh)
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
if err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
if err = targetList.Add(newTarget); err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
}
}
for id, args := range config.Notify.Elasticsearch {
if args.Enable {
Enable persistent event store in elasticsearch (#7564)
2019-07-12 04:53:20 +02:00
newTarget, err := target.NewElasticsearchTarget(id, args, GlobalServiceDoneCh)
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
if err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
if err = targetList.Add(newTarget); err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
}
}
for id, args := range config.Notify.Kafka {
if args.Enable {
Add rootCAs support to Kafka & MQTT (#8236) Fixes #8211
2019-09-18 20:13:04 +02:00
if args.TLS.Enable {
args.TLS.RootCAs = globalRootCAs
}
Enable event persistence in kafka (#7633)
2019-05-29 22:19:48 +02:00
newTarget, err := target.NewKafkaTarget(id, args, GlobalServiceDoneCh)
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
if err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
if err = targetList.Add(newTarget); err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
}
}
for id, args := range config.Notify.MQTT {
if args.Enable {
Support rootCAs for notification targets (#7108) Add support for RootCAs for notification targets mqtt and webhook
2019-01-20 05:27:18 +01:00
args.RootCAs = globalRootCAs
Enhance the event store interface to support channeling (#7343) - Avoids code duplication across the other targets. By having a centralized function call. - Reduce the room for race.
2019-04-10 14:46:01 +02:00
newTarget, err := target.NewMQTTTarget(id, args, GlobalServiceDoneCh)
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
if err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
if err = targetList.Add(newTarget); err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
}
}
for id, args := range config.Notify.MySQL {
if args.Enable {
Enable event persistence in MySQL and PostgreSQL (#7629)
2019-07-24 19:18:29 +02:00
newTarget, err := target.NewMySQLTarget(id, args, GlobalServiceDoneCh)
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
if err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
if err = targetList.Add(newTarget); err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
}
}
for id, args := range config.Notify.NATS {
if args.Enable {
Enable event-persistence in NATS and NATS-Streaming (#7612)
2019-07-23 19:37:25 +02:00
newTarget, err := target.NewNATSTarget(id, args, GlobalServiceDoneCh)
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
if err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
if err = targetList.Add(newTarget); err != nil {
feature: added nsq as broker for events (#6740)
2018-11-07 19:23:13 +01:00
logger.LogIf(context.Background(), err)
continue
}
}
}
for id, args := range config.Notify.NSQ {
if args.Enable {
Enable event persistence in NSQ (#7579)
2019-07-12 11:41:57 +02:00
newTarget, err := target.NewNSQTarget(id, args, GlobalServiceDoneCh)
feature: added nsq as broker for events (#6740)
2018-11-07 19:23:13 +01:00
if err != nil {
logger.LogIf(context.Background(), err)
continue
}
if err = targetList.Add(newTarget); err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
}
}
for id, args := range config.Notify.PostgreSQL {
if args.Enable {
Enable event persistence in MySQL and PostgreSQL (#7629)
2019-07-24 19:18:29 +02:00
newTarget, err := target.NewPostgreSQLTarget(id, args, GlobalServiceDoneCh)
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
if err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
if err = targetList.Add(newTarget); err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
}
}
for id, args := range config.Notify.Redis {
if args.Enable {
Enable event persistence in Redis (#7601)
2019-07-23 19:22:08 +02:00
newTarget, err := target.NewRedisTarget(id, args, GlobalServiceDoneCh)
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
if err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
if err = targetList.Add(newTarget); err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
}
}
for id, args := range config.Notify.Webhook {
if args.Enable {
Support rootCAs for notification targets (#7108) Add support for RootCAs for notification targets mqtt and webhook
2019-01-20 05:27:18 +01:00
args.RootCAs = globalRootCAs
Enable event persistence in webhook (#7614)
2019-07-05 11:51:41 +02:00
newTarget := target.NewWebhookTarget(id, args, GlobalServiceDoneCh)
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
if err := targetList.Add(newTarget); err != nil {
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
logger.LogIf(context.Background(), err)
continue
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
}
}
Avoid startup abort when a notify target is down (#6126) Minio server was preventing itself to start when any notification target is down and not running. The PR changes the behavior by avoiding startup abort in that case, so the user will still be able to access Minio server using mc admin commands after a restart or set config commands.
2018-07-10 03:50:31 +02:00
return targetList
make notification as separate package (#5294) * Remove old notification files * Add net package * Add event package * Modify minio to take new notification system
2018-03-15 21:03:41 +01:00
}
Reference in a new issue Copy permalink