From 5686a7e273194c47e92ff284951e9dbd521bf465 Mon Sep 17 00:00:00 2001 From: Harshavardhana Date: Wed, 3 Jun 2020 13:18:54 -0700 Subject: [PATCH] fix NAS gateway support for policy/notification (#9765) Fixes #9764 --- cmd/bucket-metadata-sys.go | 32 ++++++++++++++++++++++++---- cmd/bucket-policy.go | 7 ------ cmd/fs-v1.go | 39 ++++++++++++++++++++++++++++++++++ cmd/gateway-unsupported.go | 30 -------------------------- cmd/gateway/nas/gateway-nas.go | 11 ---------- cmd/object-api-interface.go | 6 +----- cmd/server-main.go | 4 +--- cmd/update.go | 23 +++++++++----------- 8 files changed, 79 insertions(+), 73 deletions(-) diff --git a/cmd/bucket-metadata-sys.go b/cmd/bucket-metadata-sys.go index ba701e82c..55ab43d9f 100644 --- a/cmd/bucket-metadata-sys.go +++ b/cmd/bucket-metadata-sys.go @@ -41,7 +41,7 @@ type BucketMetadataSys struct { // Remove bucket metadata from memory. func (sys *BucketMetadataSys) Remove(bucket string) { - if globalIsGateway && globalGatewayName != "nas" { + if globalIsGateway { return } sys.Lock() @@ -74,9 +74,12 @@ func (sys *BucketMetadataSys) Update(bucket string, configFile string, configDat return errServerNotInitialized } - if globalIsGateway && globalGatewayName != "nas" { + if globalIsGateway { // This code is needed only for gateway implementations. if configFile == bucketPolicyConfig { + if configData == nil { + return objAPI.DeleteBucketPolicy(GlobalContext, bucket) + } config, err := policy.ParseConfig(bytes.NewReader(configData), bucket) if err != nil { return err @@ -195,6 +198,19 @@ func (sys *BucketMetadataSys) GetLifecycleConfig(bucket string) (*lifecycle.Life // GetNotificationConfig returns configured notification config // The returned object may not be modified. func (sys *BucketMetadataSys) GetNotificationConfig(bucket string) (*event.Config, error) { + if globalIsGateway && globalGatewayName == "nas" { + // Only needed in case of NAS gateway. + objAPI := newObjectLayerWithoutSafeModeFn() + if objAPI == nil { + return nil, errServerNotInitialized + } + meta, err := loadBucketMetadata(GlobalContext, objAPI, bucket) + if err != nil { + return nil, err + } + return meta.notificationConfig, nil + } + meta, err := sys.GetConfig(bucket) if err != nil { return nil, err @@ -221,6 +237,14 @@ func (sys *BucketMetadataSys) GetSSEConfig(bucket string) (*bucketsse.BucketSSEC // GetPolicyConfig returns configured bucket policy // The returned object may not be modified. func (sys *BucketMetadataSys) GetPolicyConfig(bucket string) (*policy.Policy, error) { + if globalIsGateway { + objAPI := newObjectLayerWithoutSafeModeFn() + if objAPI == nil { + return nil, errServerNotInitialized + } + return objAPI.GetBucketPolicy(GlobalContext, bucket) + } + meta, err := sys.GetConfig(bucket) if err != nil { if errors.Is(err, errConfigNotFound) { @@ -244,7 +268,7 @@ func (sys *BucketMetadataSys) GetQuotaConfig(bucket string) (*madmin.BucketQuota return meta.quotaConfig, nil } -// GetConfig returns a specific configuration from the bucket metadata. +// GetConfig returns the current bucket metadata // The returned object may not be modified. func (sys *BucketMetadataSys) GetConfig(bucket string) (BucketMetadata, error) { objAPI := newObjectLayerWithoutSafeModeFn() @@ -252,7 +276,7 @@ func (sys *BucketMetadataSys) GetConfig(bucket string) (BucketMetadata, error) { return newBucketMetadata(bucket), errServerNotInitialized } - if globalIsGateway && globalGatewayName != "nas" { + if globalIsGateway { return newBucketMetadata(bucket), NotImplemented{} } diff --git a/cmd/bucket-policy.go b/cmd/bucket-policy.go index f2d2943a9..baec0f42f 100644 --- a/cmd/bucket-policy.go +++ b/cmd/bucket-policy.go @@ -37,13 +37,6 @@ type PolicySys struct{} // Get returns stored bucket policy func (sys *PolicySys) Get(bucket string) (*policy.Policy, error) { - if globalIsGateway { - objAPI := newObjectLayerFn() - if objAPI == nil { - return nil, errServerNotInitialized - } - return objAPI.GetBucketPolicy(GlobalContext, bucket) - } return globalBucketMetadataSys.GetPolicyConfig(bucket) } diff --git a/cmd/fs-v1.go b/cmd/fs-v1.go index 6cb95d4be..234aec94b 100644 --- a/cmd/fs-v1.go +++ b/cmd/fs-v1.go @@ -39,6 +39,7 @@ import ( "github.com/minio/minio/cmd/config" xhttp "github.com/minio/minio/cmd/http" "github.com/minio/minio/cmd/logger" + "github.com/minio/minio/pkg/bucket/policy" "github.com/minio/minio/pkg/color" "github.com/minio/minio/pkg/lock" "github.com/minio/minio/pkg/madmin" @@ -361,6 +362,44 @@ func (fs *FSObjects) MakeBucketWithLocation(ctx context.Context, bucket, locatio return nil } +// GetBucketPolicy - only needed for FS in NAS mode +func (fs *FSObjects) GetBucketPolicy(ctx context.Context, bucket string) (*policy.Policy, error) { + meta, err := loadBucketMetadata(ctx, fs, bucket) + if err != nil { + return nil, BucketPolicyNotFound{Bucket: bucket} + } + if meta.policyConfig == nil { + return nil, BucketPolicyNotFound{Bucket: bucket} + } + return meta.policyConfig, nil +} + +// SetBucketPolicy - only needed for FS in NAS mode +func (fs *FSObjects) SetBucketPolicy(ctx context.Context, bucket string, p *policy.Policy) error { + meta, err := loadBucketMetadata(ctx, fs, bucket) + if err != nil { + return err + } + + configData, err := json.Marshal(p) + if err != nil { + return err + } + meta.PolicyConfigJSON = configData + + return meta.Save(ctx, fs) +} + +// DeleteBucketPolicy - only needed for FS in NAS mode +func (fs *FSObjects) DeleteBucketPolicy(ctx context.Context, bucket string) error { + meta, err := loadBucketMetadata(ctx, fs, bucket) + if err != nil { + return err + } + meta.PolicyConfigJSON = nil + return meta.Save(ctx, fs) +} + // GetBucketInfo - fetch bucket metadata info. func (fs *FSObjects) GetBucketInfo(ctx context.Context, bucket string) (bi BucketInfo, e error) { atomic.AddInt64(&fs.activeIOCount, 1) diff --git a/cmd/gateway-unsupported.go b/cmd/gateway-unsupported.go index 79270a3a6..927a83c89 100644 --- a/cmd/gateway-unsupported.go +++ b/cmd/gateway-unsupported.go @@ -25,7 +25,6 @@ import ( "github.com/minio/minio-go/v6/pkg/tags" bucketsse "github.com/minio/minio/pkg/bucket/encryption" "github.com/minio/minio/pkg/bucket/lifecycle" - objectlock "github.com/minio/minio/pkg/bucket/object/lock" "github.com/minio/minio/pkg/bucket/policy" "github.com/minio/minio/pkg/madmin" @@ -205,35 +204,6 @@ func (a GatewayUnsupported) GetMetrics(ctx context.Context) (*Metrics, error) { return &Metrics{}, NotImplemented{} } -// SetBucketTagging - not implemented -func (a GatewayUnsupported) SetBucketTagging(ctx context.Context, bucket string, t *tags.Tags) error { - logger.LogIf(ctx, NotImplemented{}) - return NotImplemented{} -} - -// GetBucketObjectLockConfig - not implemented -func (a GatewayUnsupported) GetBucketObjectLockConfig(ctx context.Context, bucket string) (*objectlock.Config, error) { - logger.LogIf(ctx, NotImplemented{}) - return nil, NotImplemented{} -} - -// SetBucketObjectLockConfig - not implemented -func (a GatewayUnsupported) SetBucketObjectLockConfig(ctx context.Context, bucket string, _ *objectlock.Config) error { - logger.LogIf(ctx, NotImplemented{}) - return NotImplemented{} -} - -// GetBucketTagging - not implemented -func (a GatewayUnsupported) GetBucketTagging(ctx context.Context, bucket string) (*tags.Tags, error) { - return nil, NotImplemented{} -} - -// DeleteBucketTagging - not implemented. -func (a GatewayUnsupported) DeleteBucketTagging(ctx context.Context, bucket string) error { - logger.LogIf(ctx, NotImplemented{}) - return NotImplemented{} -} - // PutObjectTags - not implemented. func (a GatewayUnsupported) PutObjectTags(ctx context.Context, bucket, object string, tags string) error { logger.LogIf(ctx, NotImplemented{}) diff --git a/cmd/gateway/nas/gateway-nas.go b/cmd/gateway/nas/gateway-nas.go index 6cfcbf20d..e368b9755 100644 --- a/cmd/gateway/nas/gateway-nas.go +++ b/cmd/gateway/nas/gateway-nas.go @@ -22,7 +22,6 @@ import ( "github.com/minio/cli" minio "github.com/minio/minio/cmd" "github.com/minio/minio/pkg/auth" - objectlock "github.com/minio/minio/pkg/bucket/object/lock" ) const ( @@ -122,16 +121,6 @@ type nasObjects struct { minio.ObjectLayer } -// GetBucketObjectLockConfig - not implemented -func (n *nasObjects) GetBucketObjectLockConfig(ctx context.Context, bucket string) (*objectlock.Config, error) { - return nil, minio.NotImplemented{} -} - -// SetBucketObjectLockConfig - not implemented -func (n *nasObjects) SetBucketObjectLockConfig(ctx context.Context, bucket string, _ *objectlock.Config) error { - return minio.NotImplemented{} -} - // IsReady returns whether the layer is ready to take requests. func (n *nasObjects) IsReady(ctx context.Context) bool { si, _ := n.StorageInfo(ctx, false) diff --git a/cmd/object-api-interface.go b/cmd/object-api-interface.go index 13254d6ad..2be7f223d 100644 --- a/cmd/object-api-interface.go +++ b/cmd/object-api-interface.go @@ -114,8 +114,7 @@ type ObjectLayer interface { IsNotificationSupported() bool IsListenBucketSupported() bool IsEncryptionSupported() bool - - // Compression support check. + IsTaggingSupported() bool IsCompressionSupported() bool // Backend related metrics @@ -124,9 +123,6 @@ type ObjectLayer interface { // Check Readiness IsReady(ctx context.Context) bool - // Object Tagging Support check. - IsTaggingSupported() bool - // ObjectTagging operations PutObjectTags(context.Context, string, string, string) error GetObjectTags(context.Context, string, string) (*tags.Tags, error) diff --git a/cmd/server-main.go b/cmd/server-main.go index 815769c13..fafe4fbb9 100644 --- a/cmd/server-main.go +++ b/cmd/server-main.go @@ -429,9 +429,7 @@ func serverMain(ctx *cli.Context) { } // Set system resources to maximum. - if err = setMaxResources(); err != nil { - logger.Info("Unable to set system resources to maximum %s", err) - } + setMaxResources() if globalIsXL { // Init global heal state diff --git a/cmd/update.go b/cmd/update.go index b2e957767..dcf20c148 100644 --- a/cmd/update.go +++ b/cmd/update.go @@ -18,13 +18,12 @@ package cmd import ( "bufio" - "context" "crypto" + "crypto/tls" "encoding/hex" "errors" "fmt" "io/ioutil" - "net" "net/http" "os" "path/filepath" @@ -409,19 +408,15 @@ const updateTimeout = 10 * time.Second func getUpdateTransport(timeout time.Duration) http.RoundTripper { var updateTransport http.RoundTripper = &http.Transport{ - Proxy: http.ProxyFromEnvironment, - DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) { - dialer := &net.Dialer{ - Timeout: timeout, - KeepAlive: timeout, - DualStack: true, - } - return dialer.DialContext(ctx, network, addr) - }, + Proxy: http.ProxyFromEnvironment, + DialContext: xhttp.NewCustomDialContext(timeout, timeout), IdleConnTimeout: timeout, TLSHandshakeTimeout: timeout, ExpectContinueTimeout: timeout, - DisableCompression: true, + TLSClientConfig: &tls.Config{ + RootCAs: globalRootCAs, + }, + DisableCompression: true, } return updateTransport } @@ -502,7 +497,9 @@ func doUpdate(updateURL, sha256Hex, mode string) (err error) { } } - clnt := &http.Client{Transport: getUpdateTransport(30 * time.Second)} + clnt := &http.Client{ + Transport: getUpdateTransport(30 * time.Second), + } req, err := http.NewRequest(http.MethodGet, updateURL, nil) if err != nil { return AdminError{