Add etcd part of config support, add noColor/json support (#8439)

- Add color/json mode support for get/help commands
- Support ENV help for all sub-systems
- Add support for etcd as part of config

cmd/config/cache/lookup.go

@@ -75,11 +75,13 @@ func LookupConfig(kvs config.KVS) (Config, error) {
 	if err != nil {
 		return cfg, err
 	}
-	if !stateBool {
-		return cfg, nil
-	}
 
 	drives := env.Get(EnvCacheDrives, kvs.Get(Drives))
+	if stateBool {
+		if len(drives) == 0 {
+			return cfg, config.Error("'drives' key cannot be empty if you wish to enable caching")
+		}
+	}
 	if len(drives) == 0 {
 		return cfg, nil
 	}

cmd/config/compress/legacy.go

@@ -38,7 +38,7 @@ func SetCompressionConfig(s config.Config, cfg Config) {
 			return config.StateOff
 		}(),
 		config.Comment: "Settings for Compression, after migrating config",
-		Extensions:     strings.Join(cfg.Extensions, ","),
-		MimeTypes:      strings.Join(cfg.MimeTypes, ","),
+		Extensions:     strings.Join(cfg.Extensions, config.ValueSeparator),
+		MimeTypes:      strings.Join(cfg.MimeTypes, config.ValueSeparator),
 	}
 }

cmd/config/config.go

@@ -23,7 +23,6 @@ import (
 
 	"github.com/minio/minio-go/pkg/set"
 	"github.com/minio/minio/pkg/auth"
-	"github.com/minio/minio/pkg/color"
 	"github.com/minio/minio/pkg/env"
 )
 
@@ -36,7 +35,7 @@ func (e Error) Error() string {
 
 // Default keys
 const (
-	Default = "_"
+	Default = `_`
 	State   = "state"
 	Comment = "comment"
 
@@ -58,6 +57,7 @@ const (
 	WormSubSys            = "worm"
 	CacheSubSys           = "cache"
 	RegionSubSys          = "region"
+	EtcdSubSys            = "etcd"
 	StorageClassSubSys    = "storageclass"
 	CompressionSubSys     = "compression"
 	KmsVaultSubSys        = "kms_vault"
@@ -88,6 +88,7 @@ var SubSystems = set.CreateStringSet([]string{
 	CredentialsSubSys,
 	WormSubSys,
 	RegionSubSys,
+	EtcdSubSys,
 	CacheSubSys,
 	StorageClassSubSys,
 	CompressionSubSys,
@@ -114,6 +115,7 @@ var SubSystemsSingleTargets = set.CreateStringSet([]string{
 	CredentialsSubSys,
 	WormSubSys,
 	RegionSubSys,
+	EtcdSubSys,
 	CacheSubSys,
 	StorageClassSubSys,
 	CompressionSubSys,
@@ -132,6 +134,10 @@ const (
 	KvNewline          = "\n"
 	KvDoubleQuote      = `"`
 	KvSingleQuote      = `'`
+
+	// Env prefix used for all envs in MinIO
+	EnvPrefix        = "MINIO_"
+	EnvWordDelimiter = `_`
 )
 
 // KVS - is a shorthand for some wrapper functions
@@ -141,10 +147,6 @@ type KVS map[string]string
 func (kvs KVS) String() string {
 	var s strings.Builder
 	for k, v := range kvs {
-		if k == Comment {
-			// Skip the comment, comment will be printed elsewhere.
-			continue
-		}
 		s.WriteString(k)
 		s.WriteString(KvSeparator)
 		s.WriteString(KvDoubleQuote)
@@ -167,20 +169,7 @@ func (c Config) String() string {
 	var s strings.Builder
 	for k, v := range c {
 		for target, kv := range v {
-			c, ok := kv[Comment]
-			if ok {
-				// For multiple comments split it correctly.
-				for _, c1 := range strings.Split(c, KvNewline) {
-					if c1 == "" {
-						continue
-					}
-					s.WriteString(color.YellowBold(KvComment))
-					s.WriteString(KvSpaceSeparator)
-					s.WriteString(color.BlueBold(strings.TrimSpace(c1)))
-					s.WriteString(KvNewline)
-				}
-			}
-			s.WriteString(color.CyanBold(k))
+			s.WriteString(k)
 			if target != Default {
 				s.WriteString(SubSystemSeparator)
 				s.WriteString(target)
@@ -307,7 +296,7 @@ func (c Config) GetKVS(s string) (map[string]KVS, error) {
 		}
 		kvs[inputs[0]], ok = c[subSystemValue[0]][subSystemValue[1]]
 		if !ok {
-			err := fmt.Sprintf("sub-system target '%s' doesn't exist, proceed to create a new one", s)
+			err := fmt.Sprintf("sub-system target '%s' doesn't exist", s)
 			return nil, Error(err)
 		}
 		return kvs, nil
@@ -377,7 +366,7 @@ func (c Config) Clone() Config {
 }
 
 // SetKVS - set specific key values per sub-system.
-func (c Config) SetKVS(s string, comment string, defaultKVS map[string]KVS) error {
+func (c Config) SetKVS(s string, defaultKVS map[string]KVS) error {
 	if len(s) == 0 {
 		return Error("input arguments cannot be empty")
 	}
@@ -422,27 +411,18 @@ func (c Config) SetKVS(s string, comment string, defaultKVS map[string]KVS) erro
 		kvs[kv[0]] = sanitizeValue(kv[1])
 	}
 
+	tgt := Default
 	if len(subSystemValue) == 2 {
-		_, ok := c[subSystemValue[0]][subSystemValue[1]]
-		if !ok {
-			c[subSystemValue[0]][subSystemValue[1]] = defaultKVS[subSystemValue[0]]
-			// Add a comment since its a new target, this comment may be
-			// overridden if client supplied it.
-			if comment == "" {
-				comment = fmt.Sprintf("Settings for sub-system target %s:%s",
-					subSystemValue[0], subSystemValue[1])
-			}
-			c[subSystemValue[0]][subSystemValue[1]][Comment] = comment
-		}
+		tgt = subSystemValue[1]
+	}
+	_, ok := c[subSystemValue[0]][tgt]
+	if !ok {
+		c[subSystemValue[0]][tgt] = defaultKVS[subSystemValue[0]]
+		comment := fmt.Sprintf("Settings for sub-system target %s:%s", subSystemValue[0], tgt)
+		c[subSystemValue[0]][tgt][Comment] = comment
 	}
 
-	var commentKv bool
 	for k, v := range kvs {
-		if k == Comment {
-			// Set this to true to indicate comment was
-			// supplied by client and is going to be preserved.
-			commentKv = true
-		}
 		if len(subSystemValue) == 2 {
 			c[subSystemValue[0]][subSystemValue[1]][k] = v
 		} else {
@@ -450,15 +430,5 @@ func (c Config) SetKVS(s string, comment string, defaultKVS map[string]KVS) erro
 		}
 	}
 
-	// if client didn't supply the comment try to preserve
-	// the comment if any we found while parsing the incoming
-	// stream, if not preserve the default.
-	if !commentKv && comment != "" {
-		if len(subSystemValue) == 2 {
-			c[subSystemValue[0]][subSystemValue[1]][Comment] = comment
-		} else {
-			c[subSystemValue[0]][Default][Comment] = comment
-		}
-	}
 	return nil
 }

cmd/config/errors.go

@@ -18,12 +18,6 @@ package config
 
 // UI errors
 var (
-	ErrInvalidConfig = newErrFn(
-		"Invalid value found in the configuration file",
-		"Please ensure a valid value in the configuration file",
-		"For more details, refer to https://docs.min.io/docs/minio-server-configuration-guide",
-	)
-
 	ErrInvalidBrowserValue = newErrFn(
 		"Invalid browser value",
 		"Please check the passed value",

cmd/config/etcd/etcd.go

@@ -36,61 +36,100 @@ const (
 
 // etcd environment values
 const (
+	Endpoints     = "endpoints"
+	CoreDNSPath   = "coredns_path"
+	ClientCert    = "client_cert"
+	ClientCertKey = "client_cert_key"
+
+	EnvEtcdState         = "MINIO_ETCD_STATE"
 	EnvEtcdEndpoints     = "MINIO_ETCD_ENDPOINTS"
+	EnvEtcdCoreDNSPath   = "MINIO_ETCD_COREDNS_PATH"
 	EnvEtcdClientCert    = "MINIO_ETCD_CLIENT_CERT"
 	EnvEtcdClientCertKey = "MINIO_ETCD_CLIENT_CERT_KEY"
 )
 
-// New - Initialize new etcd client
-func New(rootCAs *x509.CertPool) (*clientv3.Client, error) {
-	envEndpoints := env.Get(EnvEtcdEndpoints, "")
-	if envEndpoints == "" {
-		// etcd is not configured, nothing to do.
+// DefaultKVS - default KV settings for etcd.
+var (
+	DefaultKVS = config.KVS{
+		config.State:   config.StateOff,
+		config.Comment: "This is a default etcd configuration",
+		Endpoints:      "",
+		CoreDNSPath:    "/skydns",
+		ClientCert:     "",
+		ClientCertKey:  "",
+	}
+)
+
+// Config - server etcd config.
+type Config struct {
+	Enabled     bool   `json:"enabled"`
+	CoreDNSPath string `json:"coreDNSPath"`
+	clientv3.Config
+}
+
+// New - initialize new etcd client.
+func New(cfg Config) (*clientv3.Client, error) {
+	if !cfg.Enabled {
 		return nil, nil
 	}
+	return clientv3.New(cfg.Config)
+}
 
-	etcdEndpoints := strings.Split(envEndpoints, config.ValueSeparator)
+// LookupConfig - Initialize new etcd config.
+func LookupConfig(kv config.KVS, rootCAs *x509.CertPool) (Config, error) {
+	cfg := Config{}
+	if err := config.CheckValidKeys(config.EtcdSubSys, kv, DefaultKVS); err != nil {
+		return cfg, err
+	}
+
+	stateBool, err := config.ParseBool(env.Get(EnvEtcdState, kv.Get(config.State)))
+	if err != nil {
+		return cfg, err
+	}
+
+	endpoints := env.Get(EnvEtcdEndpoints, kv.Get(Endpoints))
+	if stateBool && len(endpoints) == 0 {
+		return cfg, config.Error("'endpoints' key cannot be empty if you wish to enable etcd")
+	}
+
+	if len(endpoints) == 0 {
+		return cfg, nil
+	}
+
+	cfg.Enabled = true
+	etcdEndpoints := strings.Split(endpoints, config.ValueSeparator)
 
 	var etcdSecure bool
 	for _, endpoint := range etcdEndpoints {
+		if endpoint == "" {
+			continue
+		}
 		u, err := xnet.ParseURL(endpoint)
 		if err != nil {
-			return nil, err
+			return cfg, err
 		}
 		// If one of the endpoint is https, we will use https directly.
 		etcdSecure = etcdSecure || u.Scheme == "https"
 	}
 
-	var err error
-	var etcdClnt *clientv3.Client
+	cfg.DialTimeout = defaultDialTimeout
+	cfg.DialKeepAliveTime = defaultDialKeepAlive
+	cfg.Endpoints = etcdEndpoints
+	cfg.CoreDNSPath = env.Get(EnvEtcdCoreDNSPath, kv.Get(CoreDNSPath))
 	if etcdSecure {
+		cfg.TLS = &tls.Config{
+			RootCAs: rootCAs,
+		}
 		// This is only to support client side certificate authentication
 		// https://coreos.com/etcd/docs/latest/op-guide/security.html
-		etcdClientCertFile, ok1 := env.Lookup(EnvEtcdClientCert)
-		etcdClientCertKey, ok2 := env.Lookup(EnvEtcdClientCertKey)
-		var getClientCertificate func(*tls.CertificateRequestInfo) (*tls.Certificate, error)
-		if ok1 && ok2 {
-			getClientCertificate = func(unused *tls.CertificateRequestInfo) (*tls.Certificate, error) {
-				cert, terr := tls.LoadX509KeyPair(etcdClientCertFile, etcdClientCertKey)
-				return &cert, terr
+		etcdClientCertFile := env.Get(EnvEtcdClientCert, kv.Get(ClientCert))
+		etcdClientCertKey := env.Get(EnvEtcdClientCertKey, kv.Get(ClientCertKey))
+		if etcdClientCertFile != "" && etcdClientCertKey != "" {
+			cfg.TLS.GetClientCertificate = func(unused *tls.CertificateRequestInfo) (*tls.Certificate, error) {
+				cert, err := tls.LoadX509KeyPair(etcdClientCertFile, etcdClientCertKey)
+				return &cert, err
 			}
 		}
-
-		etcdClnt, err = clientv3.New(clientv3.Config{
-			Endpoints:         etcdEndpoints,
-			DialTimeout:       defaultDialTimeout,
-			DialKeepAliveTime: defaultDialKeepAlive,
-			TLS: &tls.Config{
-				RootCAs:              rootCAs,
-				GetClientCertificate: getClientCertificate,
-			},
-		})
-	} else {
-		etcdClnt, err = clientv3.New(clientv3.Config{
-			Endpoints:         etcdEndpoints,
-			DialTimeout:       defaultDialTimeout,
-			DialKeepAliveTime: defaultDialKeepAlive,
-		})
 	}
-	return etcdClnt, err
+	return cfg, nil
 }

cmd/config/etcd/help.go

@@ -0,0 +1,31 @@
+/*
+ * MinIO Cloud Storage, (C) 2019 MinIO, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package etcd
+
+import "github.com/minio/minio/cmd/config"
+
+// etcd config documented in default config
+var (
+	Help = config.HelpKV{
+		Endpoints:      `(required) Comma separated list of etcd endpoints eg: "http://localhost:2379"`,
+		CoreDNSPath:    `(optional) CoreDNS etcd path location to populate DNS srv records eg: "/skydns"`,
+		ClientCert:     `(optional) Etcd client cert for mTLS authentication`,
+		ClientCertKey:  `(optional) Etcd client cert key for mTLS authentication`,
+		config.State:   "Indicates if etcd config is on or off",
+		config.Comment: "A comment to describe the etcd settings",
+	}
+)

cmd/config/help.go

@@ -16,32 +16,10 @@
 
 package config
 
-import (
-	"text/template"
-
-	"github.com/minio/minio/pkg/color"
-)
-
 // HelpKV - implements help messages for keys
 // with value as description of the keys.
 type HelpKV map[string]string
 
-// Help template used by all sub-systems
-const Help = `{{colorBlueBold "Key"}}{{"\t"}}{{colorBlueBold "Description"}}
-{{colorYellowBold "----"}}{{"\t"}}{{colorYellowBold "----"}}
-{{range $key, $value := .}}{{colorCyanBold $key}}{{ "\t" }}{{$value}}
-{{end}}`
-
-var funcMap = template.FuncMap{
-	"colorBlueBold":   color.BlueBold,
-	"colorYellowBold": color.YellowBold,
-	"colorCyanBold":   color.CyanBold,
-	"colorGreenBold":  color.GreenBold,
-}
-
-// HelpTemplate - captures config help template
-var HelpTemplate = template.Must(template.New("config-help").Funcs(funcMap).Parse(Help))
-
 // Region and Worm help is documented in default config
 var (
 	RegionHelp = HelpKV{

cmd/config/identity/ldap/config.go

@@ -117,10 +117,12 @@ func Lookup(kvs config.KVS, rootCAs *x509.CertPool) (l Config, err error) {
 	if err != nil {
 		return l, err
 	}
-	if !stateBool {
-		return l, nil
-	}
 	ldapServer := env.Get(EnvServerAddr, kvs.Get(ServerAddr))
+	if stateBool {
+		if ldapServer == "" {
+			return l, config.Error("'serveraddr' cannot be empty if you wish to enable AD/LDAP support")
+		}
+	}
 	if ldapServer == "" {
 		return l, nil
 	}

cmd/config/identity/openid/jwt.go

@@ -207,6 +207,7 @@ const (
 	ConfigURL   = "config_url"
 	ClaimPrefix = "claim_prefix"
 
+	EnvIdentityOpenIDState       = "MINIO_IDENTITY_OPENID_STATE"
 	EnvIdentityOpenIDJWKSURL     = "MINIO_IDENTITY_OPENID_JWKS_URL"
 	EnvIdentityOpenIDURL         = "MINIO_IDENTITY_OPENID_CONFIG_URL"
 	EnvIdentityOpenIDClaimPrefix = "MINIO_IDENTITY_OPENID_CLAIM_PREFIX"
@@ -271,20 +272,10 @@ func LookupConfig(kv config.KVS, transport *http.Transport, closeRespFn func(io.
 		return c, err
 	}
 
-	stateBool, err := config.ParseBool(kv.Get(config.State))
+	stateBool, err := config.ParseBool(env.Get(EnvIdentityOpenIDState, kv.Get(config.State)))
 	if err != nil {
 		return c, err
 	}
-	if !stateBool {
-		return c, nil
-	}
-
-	c = Config{
-		ClaimPrefix: env.Get(EnvIdentityOpenIDClaimPrefix, kv.Get(ClaimPrefix)),
-		publicKeys:  make(map[string]crypto.PublicKey),
-		transport:   transport,
-		closeRespFn: closeRespFn,
-	}
 
 	jwksURL := env.Get(EnvIamJwksURL, "") // Legacy
 	if jwksURL == "" {
@@ -306,15 +297,31 @@ func LookupConfig(kv config.KVS, transport *http.Transport, closeRespFn func(io.
 		// Fallback to discovery document jwksURL
 		jwksURL = c.DiscoveryDoc.JwksURI
 	}
-	if jwksURL != "" {
-		c.JWKS.URL, err = xnet.ParseURL(jwksURL)
-		if err != nil {
-			return c, err
-		}
-		if err = c.PopulatePublicKey(); err != nil {
-			return c, err
+
+	if stateBool {
+		// This check is needed to ensure that empty Jwks urls are not allowed.
+		if jwksURL == "" {
+			return c, config.Error("'config_url' must be set to a proper OpenID discovery document URL")
 		}
 	}
+	if jwksURL == "" {
+		return c, nil
+	}
+
+	c = Config{
+		ClaimPrefix: env.Get(EnvIdentityOpenIDClaimPrefix, kv.Get(ClaimPrefix)),
+		publicKeys:  make(map[string]crypto.PublicKey),
+		transport:   transport,
+		closeRespFn: closeRespFn,
+	}
+
+	c.JWKS.URL, err = xnet.ParseURL(jwksURL)
+	if err != nil {
+		return c, err
+	}
+	if err = c.PopulatePublicKey(); err != nil {
+		return c, err
+	}
 	return c, nil
 }
 

cmd/config/notify/legacy.go

@@ -27,7 +27,7 @@ func SetNotifyKafka(s config.Config, kName string, cfg target.KafkaArgs) error {
 			for _, broker := range cfg.Brokers {
 				brokers = append(brokers, broker.String())
 			}
-			return strings.Join(brokers, ",")
+			return strings.Join(brokers, config.ValueSeparator)
 		}(),
 		config.Comment:            "Settings for Kafka notification, after migrating config",
 		target.KafkaTopic:         cfg.Topic,

cmd/config/storageclass/storage-class.go

@@ -224,8 +224,13 @@ func LookupConfig(kvs config.KVS, drivesPerSet int) (cfg Config, err error) {
 	if err != nil {
 		return cfg, err
 	}
-	if !stateBool {
-		return cfg, nil
+	if stateBool {
+		if ssc := env.Get(StandardEnv, kvs.Get(ClassStandard)); ssc == "" {
+			return cfg, config.Error("'standard' key cannot be empty if you wish to enable storage class")
+		}
+		if rrsc := env.Get(RRSEnv, kvs.Get(ClassRRS)); rrsc == "" {
+			return cfg, config.Error("'rrs' key cannot be empty if you wish to enable storage class")
+		}
 	}
 
 	// Check for environment variables and parse into storageClass struct