2015-12-07 17:12:47 -05:00
|
|
|
|
/*
|
2019-04-09 14:39:42 -04:00
|
|
|
|
* MinIO Cloud Storage, (C) 2015, 2016, 2017, 2018 MinIO, Inc.
|
2015-12-07 17:12:47 -05:00
|
|
|
|
*
|
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
|
*
|
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
*
|
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
|
* limitations under the License.
|
|
|
|
|
*/
|
|
|
|
|
|
2016-08-18 19:23:42 -04:00
|
|
|
|
package cmd
|
2015-12-07 17:12:47 -05:00
|
|
|
|
|
2016-07-08 23:34:27 -04:00
|
|
|
|
import (
|
2016-11-11 10:18:44 -05:00
|
|
|
|
"crypto/x509"
|
2017-07-12 19:33:21 -04:00
|
|
|
|
"os"
|
2016-09-09 18:33:35 -04:00
|
|
|
|
"time"
|
|
|
|
|
|
2019-05-29 19:35:12 -04:00
|
|
|
|
"github.com/minio/minio-go/v6/pkg/set"
|
2018-05-11 15:02:30 -04:00
|
|
|
|
|
2018-07-12 17:12:40 -04:00
|
|
|
|
etcd "github.com/coreos/etcd/clientv3"
|
2016-11-22 21:18:22 -05:00
|
|
|
|
humanize "github.com/dustin/go-humanize"
|
2019-10-23 01:59:13 -04:00
|
|
|
|
"github.com/minio/minio/cmd/config/cache"
|
|
|
|
|
"github.com/minio/minio/cmd/config/compress"
|
2019-11-25 19:33:34 -05:00
|
|
|
|
"github.com/minio/minio/cmd/config/etcd/dns"
|
2019-10-23 01:59:13 -04:00
|
|
|
|
xldap "github.com/minio/minio/cmd/config/identity/ldap"
|
|
|
|
|
"github.com/minio/minio/cmd/config/identity/openid"
|
|
|
|
|
"github.com/minio/minio/cmd/config/policy/opa"
|
|
|
|
|
"github.com/minio/minio/cmd/config/storageclass"
|
2018-08-17 15:52:14 -04:00
|
|
|
|
"github.com/minio/minio/cmd/crypto"
|
2018-04-21 22:23:54 -04:00
|
|
|
|
xhttp "github.com/minio/minio/cmd/http"
|
2017-10-31 14:54:32 -04:00
|
|
|
|
"github.com/minio/minio/pkg/auth"
|
2018-05-31 15:30:15 -04:00
|
|
|
|
"github.com/minio/minio/pkg/certs"
|
2019-06-27 01:41:12 -04:00
|
|
|
|
"github.com/minio/minio/pkg/pubsub"
|
2016-07-08 23:34:27 -04:00
|
|
|
|
)
|
config/main: Re-write config files - add to new config v3
- New config format.
```
{
"version": "3",
"address": ":9000",
"backend": {
"type": "fs",
"disk": "/path"
},
"credential": {
"accessKey": "WLGDGYAQYIGI833EV05A",
"secretKey": "BYvgJM101sHngl2uzjXS/OBF/aMxAN06JrJ3qJlF"
},
"region": "us-east-1",
"logger": {
"file": {
"enable": false,
"fileName": "",
"level": "error"
},
"syslog": {
"enable": false,
"address": "",
"level": "debug"
},
"console": {
"enable": true,
"level": "fatal"
}
}
}
```
New command lines in lieu of supporting XL.
Minio initialize filesystem backend.
~~~
$ minio init fs <path>
~~~
Minio initialize XL backend.
~~~
$ minio init xl <url1>...<url16>
~~~
For 'fs' backend it starts the server.
~~~
$ minio server
~~~
For 'xl' backend it waits for servers to join.
~~~
$ minio server
... [PROGRESS BAR] of servers connecting
~~~
Now on other servers execute 'join' and they connect.
~~~
....
minio join <url1> -- from <url2> && minio server
minio join <url1> -- from <url3> && minio server
...
...
minio join <url1> -- from <url16> && minio server
~~~
2016-02-12 18:27:10 -05:00
|
|
|
|
|
|
|
|
|
// minio configuration related constants.
|
|
|
|
|
const (
|
2016-10-14 14:15:59 -04:00
|
|
|
|
globalMinioCertExpireWarnDays = time.Hour * 24 * 30 // 30 days.
|
2017-01-18 15:24:34 -05:00
|
|
|
|
|
2018-12-18 19:08:11 -05:00
|
|
|
|
globalMinioDefaultPort = "9000"
|
|
|
|
|
|
2017-06-20 18:01:13 -04:00
|
|
|
|
globalMinioDefaultRegion = ""
|
|
|
|
|
// This is a sha256 output of ``arn:aws:iam::minio:user/admin``,
|
|
|
|
|
// this is kept in present form to be compatible with S3 owner ID
|
|
|
|
|
// requirements -
|
|
|
|
|
//
|
|
|
|
|
// ```
|
|
|
|
|
// The canonical user ID is the Amazon S3–only concept.
|
|
|
|
|
// It is 64-character obfuscated version of the account ID.
|
|
|
|
|
// ```
|
|
|
|
|
// http://docs.aws.amazon.com/AmazonS3/latest/dev/example-walkthroughs-managing-access-example4.html
|
|
|
|
|
globalMinioDefaultOwnerID = "02d6176db174dc93cb1b899f7c6078f08654445fe8cf1b6ce98d8855f66bdbf4"
|
2017-01-18 15:24:34 -05:00
|
|
|
|
globalMinioDefaultStorageClass = "STANDARD"
|
|
|
|
|
globalWindowsOSName = "windows"
|
2017-02-09 01:27:35 -05:00
|
|
|
|
globalNetBSDOSName = "netbsd"
|
2019-10-01 13:42:18 -04:00
|
|
|
|
globalMacOSName = "darwin"
|
2017-03-16 15:21:58 -04:00
|
|
|
|
globalMinioModeFS = "mode-server-fs"
|
|
|
|
|
globalMinioModeXL = "mode-server-xl"
|
|
|
|
|
globalMinioModeDistXL = "mode-server-distributed-xl"
|
2017-10-27 18:07:46 -04:00
|
|
|
|
globalMinioModeGatewayPrefix = "mode-gateway-"
|
2017-09-19 19:08:08 -04:00
|
|
|
|
|
2016-05-09 19:18:56 -04:00
|
|
|
|
// Add new global values here.
|
config/main: Re-write config files - add to new config v3
- New config format.
```
{
"version": "3",
"address": ":9000",
"backend": {
"type": "fs",
"disk": "/path"
},
"credential": {
"accessKey": "WLGDGYAQYIGI833EV05A",
"secretKey": "BYvgJM101sHngl2uzjXS/OBF/aMxAN06JrJ3qJlF"
},
"region": "us-east-1",
"logger": {
"file": {
"enable": false,
"fileName": "",
"level": "error"
},
"syslog": {
"enable": false,
"address": "",
"level": "debug"
},
"console": {
"enable": true,
"level": "fatal"
}
}
}
```
New command lines in lieu of supporting XL.
Minio initialize filesystem backend.
~~~
$ minio init fs <path>
~~~
Minio initialize XL backend.
~~~
$ minio init xl <url1>...<url16>
~~~
For 'fs' backend it starts the server.
~~~
$ minio server
~~~
For 'xl' backend it waits for servers to join.
~~~
$ minio server
... [PROGRESS BAR] of servers connecting
~~~
Now on other servers execute 'join' and they connect.
~~~
....
minio join <url1> -- from <url2> && minio server
minio join <url1> -- from <url3> && minio server
...
...
minio join <url1> -- from <url16> && minio server
~~~
2016-02-12 18:27:10 -05:00
|
|
|
|
)
|
|
|
|
|
|
2016-11-22 23:13:20 -05:00
|
|
|
|
const (
|
|
|
|
|
// Limit fields size (except file) to 1Mib since Policy document
|
|
|
|
|
// can reach that size according to https://aws.amazon.com/articles/1434
|
|
|
|
|
maxFormFieldSize = int64(1 * humanize.MiByte)
|
|
|
|
|
|
2017-02-02 13:45:00 -05:00
|
|
|
|
// Limit memory allocation to store multipart data
|
|
|
|
|
maxFormMemory = int64(5 * humanize.MiByte)
|
|
|
|
|
|
2017-09-07 14:16:45 -04:00
|
|
|
|
// The maximum allowed time difference between the incoming request
|
|
|
|
|
// date and server date during signature verification.
|
|
|
|
|
globalMaxSkewTime = 15 * time.Minute // 15 minutes skew allowed.
|
|
|
|
|
|
2019-01-05 17:16:43 -05:00
|
|
|
|
// GlobalMultipartExpiry - Expiry duration after which the multipart uploads are deemed stale.
|
2019-03-25 16:41:05 -04:00
|
|
|
|
GlobalMultipartExpiry = time.Hour * 24 * 3 // 3 days.
|
2019-01-05 17:16:43 -05:00
|
|
|
|
// GlobalMultipartCleanupInterval - Cleanup interval when the stale multipart cleanup is initiated.
|
|
|
|
|
GlobalMultipartCleanupInterval = time.Hour * 24 // 24 hrs.
|
|
|
|
|
|
2019-07-19 16:20:33 -04:00
|
|
|
|
// GlobalServiceExecutionInterval - Executes the Lifecycle events.
|
|
|
|
|
GlobalServiceExecutionInterval = time.Hour * 24 // 24 hrs.
|
|
|
|
|
|
2018-10-09 17:00:01 -04:00
|
|
|
|
// Refresh interval to update in-memory iam config cache.
|
|
|
|
|
globalRefreshIAMInterval = 5 * time.Minute
|
2018-05-04 14:16:14 -04:00
|
|
|
|
|
|
|
|
|
// Limit of location constraint XML for unauthenticted PUT bucket operations.
|
|
|
|
|
maxLocationConstraintSize = 3 * humanize.MiByte
|
2016-11-22 23:13:20 -05:00
|
|
|
|
)
|
|
|
|
|
|
2018-12-18 19:08:11 -05:00
|
|
|
|
var globalCLIContext = struct {
|
2019-05-08 21:35:40 -04:00
|
|
|
|
JSON, Quiet bool
|
|
|
|
|
Anonymous bool
|
|
|
|
|
Addr string
|
|
|
|
|
StrictS3Compat bool
|
2018-12-18 19:08:11 -05:00
|
|
|
|
}{}
|
|
|
|
|
|
2016-03-24 20:20:49 -04:00
|
|
|
|
var (
|
2018-02-15 20:45:57 -05:00
|
|
|
|
// Indicates set drive count.
|
|
|
|
|
globalXLSetDriveCount int
|
|
|
|
|
|
2017-01-16 20:05:00 -05:00
|
|
|
|
// Indicates if the running minio server is distributed setup.
|
|
|
|
|
globalIsDistXL = false
|
2016-11-28 15:15:36 -05:00
|
|
|
|
|
2017-01-23 03:32:55 -05:00
|
|
|
|
// Indicates if the running minio server is an erasure-code backend.
|
|
|
|
|
globalIsXL = false
|
|
|
|
|
|
2019-06-03 14:06:13 -04:00
|
|
|
|
// Indicates if the running minio is in gateway mode.
|
|
|
|
|
globalIsGateway = false
|
|
|
|
|
|
2019-08-14 14:43:43 -04:00
|
|
|
|
// Name of gateway server, e.g S3, GCS, Azure, etc
|
|
|
|
|
globalGatewayName = ""
|
|
|
|
|
|
2017-02-27 17:59:53 -05:00
|
|
|
|
// This flag is set to 'true' by default
|
2019-10-23 01:59:13 -04:00
|
|
|
|
globalBrowserEnabled = true
|
2017-05-25 00:09:23 -04:00
|
|
|
|
|
2017-12-15 15:33:42 -05:00
|
|
|
|
// This flag is set to 'true' when MINIO_UPDATE env is set to 'off'. Default is false.
|
|
|
|
|
globalInplaceUpdateDisabled = false
|
|
|
|
|
|
2017-04-09 13:44:10 -04:00
|
|
|
|
// This flag is set to 'us-east-1' by default
|
|
|
|
|
globalServerRegion = globalMinioDefaultRegion
|
|
|
|
|
|
2019-04-09 14:39:42 -04:00
|
|
|
|
// MinIO local server address (in `host:port` format)
|
2016-10-12 04:03:50 -04:00
|
|
|
|
globalMinioAddr = ""
|
2019-04-09 14:39:42 -04:00
|
|
|
|
// MinIO default port, can be changed through command line.
|
2018-12-18 19:08:11 -05:00
|
|
|
|
globalMinioPort = globalMinioDefaultPort
|
2016-10-18 15:49:24 -04:00
|
|
|
|
// Holds the host that was passed using --address
|
|
|
|
|
globalMinioHost = ""
|
2016-12-29 06:13:51 -05:00
|
|
|
|
|
2018-08-15 00:41:47 -04:00
|
|
|
|
// globalConfigSys server config system.
|
|
|
|
|
globalConfigSys *ConfigSys
|
|
|
|
|
|
2018-03-15 16:03:41 -04:00
|
|
|
|
globalNotificationSys *NotificationSys
|
2018-04-24 18:53:30 -04:00
|
|
|
|
globalPolicySys *PolicySys
|
2018-10-09 17:00:01 -04:00
|
|
|
|
globalIAMSys *IAMSys
|
2016-10-12 04:03:50 -04:00
|
|
|
|
|
2019-07-19 16:20:33 -04:00
|
|
|
|
globalLifecycleSys *LifecycleSys
|
|
|
|
|
|
2019-10-23 01:59:13 -04:00
|
|
|
|
globalStorageClass storageclass.Config
|
|
|
|
|
globalLDAPConfig xldap.Config
|
|
|
|
|
globalOpenIDConfig openid.Config
|
|
|
|
|
|
2016-11-11 10:18:44 -05:00
|
|
|
|
// CA root certificates, a nil value means system certs pool will be used
|
|
|
|
|
globalRootCAs *x509.CertPool
|
|
|
|
|
|
2017-01-11 16:59:51 -05:00
|
|
|
|
// IsSSL indicates if the server is configured with SSL.
|
|
|
|
|
globalIsSSL bool
|
|
|
|
|
|
2018-05-31 15:30:15 -04:00
|
|
|
|
globalTLSCerts *certs.Certs
|
2017-07-12 19:33:21 -04:00
|
|
|
|
|
2018-04-21 22:23:54 -04:00
|
|
|
|
globalHTTPServer *xhttp.Server
|
2017-07-12 19:33:21 -04:00
|
|
|
|
globalHTTPServerErrorCh = make(chan error)
|
|
|
|
|
globalOSSignalCh = make(chan os.Signal, 1)
|
|
|
|
|
|
2019-06-08 18:54:41 -04:00
|
|
|
|
// global Trace system to send HTTP request/response logs to
|
|
|
|
|
// registered listeners
|
2019-06-27 01:41:12 -04:00
|
|
|
|
globalHTTPTrace = pubsub.New()
|
2017-10-24 22:04:51 -04:00
|
|
|
|
|
2019-12-12 13:01:23 -05:00
|
|
|
|
// global Listen system to send S3 API events to registered listeners
|
|
|
|
|
globalHTTPListen = pubsub.New()
|
|
|
|
|
|
2019-09-03 14:10:48 -04:00
|
|
|
|
// global console system to send console logs to
|
|
|
|
|
// registered listeners
|
|
|
|
|
globalConsoleSys *HTTPConsoleLoggerSys
|
|
|
|
|
|
2019-11-19 20:42:27 -05:00
|
|
|
|
globalEndpoints EndpointZones
|
2017-01-23 03:32:55 -05:00
|
|
|
|
|
2017-02-06 12:29:53 -05:00
|
|
|
|
// Global server's network statistics
|
|
|
|
|
globalConnStats = newConnStats()
|
2017-02-08 03:13:02 -05:00
|
|
|
|
|
2017-02-06 12:29:53 -05:00
|
|
|
|
// Global HTTP request statisitics
|
|
|
|
|
globalHTTPStats = newHTTPStats()
|
|
|
|
|
|
2017-02-08 03:13:02 -05:00
|
|
|
|
// Time when object layer was initialized on start up.
|
|
|
|
|
globalBootTime time.Time
|
|
|
|
|
|
2019-10-30 03:04:39 -04:00
|
|
|
|
globalActiveCred auth.Credentials
|
|
|
|
|
|
2019-11-01 18:53:16 -04:00
|
|
|
|
// Indicates if config is to be encrypted
|
|
|
|
|
globalConfigEncrypted bool
|
|
|
|
|
|
2018-02-02 13:17:13 -05:00
|
|
|
|
globalPublicCerts []*x509.Certificate
|
2017-11-14 19:56:24 -05:00
|
|
|
|
|
2019-02-22 22:18:01 -05:00
|
|
|
|
globalDomainNames []string // Root domains for virtual host style requests
|
2019-04-09 14:39:42 -04:00
|
|
|
|
globalDomainIPs set.StringSet // Root domain IP address(s) for a distributed MinIO deployment
|
2017-08-31 14:29:22 -04:00
|
|
|
|
|
|
|
|
|
globalListingTimeout = newDynamicTimeout( /*30*/ 600*time.Second /*5*/, 600*time.Second) // timeout for listing related ops
|
|
|
|
|
globalObjectTimeout = newDynamicTimeout( /*1*/ 10*time.Minute /*10*/, 600*time.Second) // timeout for Object API related ops
|
|
|
|
|
globalOperationTimeout = newDynamicTimeout(10*time.Minute /*30*/, 600*time.Second) // default timeout for general ops
|
|
|
|
|
globalHealingTimeout = newDynamicTimeout(30*time.Minute /*1*/, 30*time.Minute) // timeout for healing related ops
|
2016-03-24 20:20:49 -04:00
|
|
|
|
|
2018-02-02 21:18:52 -05:00
|
|
|
|
// Is worm enabled
|
2018-03-27 19:44:45 -04:00
|
|
|
|
globalWORMEnabled bool
|
|
|
|
|
|
2019-11-20 16:18:09 -05:00
|
|
|
|
globalBucketObjectLockConfig = newBucketObjectLockConfig()
|
2019-11-12 17:50:18 -05:00
|
|
|
|
|
2018-03-28 17:14:06 -04:00
|
|
|
|
// Disk cache drives
|
2019-10-23 01:59:13 -04:00
|
|
|
|
globalCacheConfig cache.Config
|
2018-02-02 21:18:52 -05:00
|
|
|
|
|
2019-08-23 13:13:22 -04:00
|
|
|
|
// Initialized KMS configuration for disk cache
|
|
|
|
|
globalCacheKMS crypto.KMS
|
2019-10-23 01:59:13 -04:00
|
|
|
|
|
2018-02-02 21:18:52 -05:00
|
|
|
|
// Allocated etcd endpoint for config and bucket DNS.
|
2018-07-12 17:12:40 -04:00
|
|
|
|
globalEtcdClient *etcd.Client
|
2018-02-02 21:18:52 -05:00
|
|
|
|
|
|
|
|
|
// Allocated DNS config wrapper over etcd client.
|
2019-11-25 19:33:34 -05:00
|
|
|
|
globalDNSConfig *dns.CoreDNS
|
2018-03-28 17:14:06 -04:00
|
|
|
|
|
2018-06-04 21:35:41 -04:00
|
|
|
|
// Default usage check interval value.
|
|
|
|
|
globalDefaultUsageCheckInterval = 12 * time.Hour // 12 hours
|
|
|
|
|
// Usage check interval value.
|
|
|
|
|
globalUsageCheckInterval = globalDefaultUsageCheckInterval
|
2018-02-02 21:18:52 -05:00
|
|
|
|
|
2019-01-05 17:16:43 -05:00
|
|
|
|
// GlobalKMS initialized KMS configuration
|
|
|
|
|
GlobalKMS crypto.KMS
|
2018-09-27 23:36:17 -04:00
|
|
|
|
|
2018-12-14 16:35:48 -05:00
|
|
|
|
// Auto-Encryption, if enabled, turns any non-SSE-C request
|
|
|
|
|
// into an SSE-S3 request. If enabled a valid, non-empty KMS
|
|
|
|
|
// configuration must be present.
|
|
|
|
|
globalAutoEncryption bool
|
|
|
|
|
|
2019-09-26 02:08:24 -04:00
|
|
|
|
// Is compression enabled?
|
2019-10-23 01:59:13 -04:00
|
|
|
|
globalCompressConfig compress.Config
|
2018-09-27 23:36:17 -04:00
|
|
|
|
|
|
|
|
|
// Some standard object extensions which we strictly dis-allow for compression.
|
2019-09-26 02:08:24 -04:00
|
|
|
|
standardExcludeCompressExtensions = []string{".gz", ".bz2", ".rar", ".zip", ".7z", ".xz", ".mp4", ".mkv", ".mov"}
|
2018-09-27 23:36:17 -04:00
|
|
|
|
|
|
|
|
|
// Some standard content-types which we strictly dis-allow for compression.
|
|
|
|
|
standardExcludeCompressContentTypes = []string{"video/*", "audio/*", "application/zip", "application/x-gzip", "application/x-zip-compressed", " application/x-compress", "application/x-spoon"}
|
|
|
|
|
|
2018-10-09 17:00:01 -04:00
|
|
|
|
// Authorization validators list.
|
2019-10-04 13:35:33 -04:00
|
|
|
|
globalOpenIDValidators *openid.Validators
|
2018-10-09 17:00:01 -04:00
|
|
|
|
|
|
|
|
|
// OPA policy system.
|
2019-10-23 01:59:13 -04:00
|
|
|
|
globalPolicyOPA *opa.Opa
|
2018-10-09 17:00:01 -04:00
|
|
|
|
|
2018-11-19 17:47:03 -05:00
|
|
|
|
// Deployment ID - unique per deployment
|
|
|
|
|
globalDeploymentID string
|
|
|
|
|
|
2019-01-05 17:16:43 -05:00
|
|
|
|
// GlobalGatewaySSE sse options
|
|
|
|
|
GlobalGatewaySSE gatewaySSE
|
|
|
|
|
|
2019-10-28 13:27:49 -04:00
|
|
|
|
globalAllHealState *allHealState
|
|
|
|
|
|
2019-06-09 01:14:07 -04:00
|
|
|
|
// The always present healing routine ready to heal objects
|
2019-10-28 13:27:49 -04:00
|
|
|
|
globalBackgroundHealRoutine *healRoutine
|
|
|
|
|
globalBackgroundHealState *allHealState
|
2019-06-09 01:14:07 -04:00
|
|
|
|
|
2019-10-31 02:39:09 -04:00
|
|
|
|
// Only enabled when one of the sub-systems fail
|
|
|
|
|
// to initialize, this allows for administrators to
|
|
|
|
|
// fix the system.
|
|
|
|
|
globalSafeMode bool
|
|
|
|
|
|
2018-02-02 21:18:52 -05:00
|
|
|
|
// Add new variable global values here.
|
2016-09-09 18:33:35 -04:00
|
|
|
|
)
|
|
|
|
|
|
2017-05-25 00:09:23 -04:00
|
|
|
|
// Returns minio global information, as a key value map.
|
|
|
|
|
// returned list of global values is not an exhaustive
|
|
|
|
|
// list. Feel free to add new relevant fields.
|
|
|
|
|
func getGlobalInfo() (globalInfo map[string]interface{}) {
|
|
|
|
|
globalInfo = map[string]interface{}{
|
2019-10-23 01:59:13 -04:00
|
|
|
|
"serverRegion": globalServerRegion,
|
2017-05-25 00:09:23 -04:00
|
|
|
|
// Add more relevant global settings here.
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return globalInfo
|
|
|
|
|
}
|