mirror of
https://github.com/minio/minio.git
synced 2024-12-24 22:25:54 -05:00
Add config to store subnet license (#13194)
Command to set subnet license: `mc admin config set {alias} subnet license={token}` Signed-off-by: Shireesh Anjal <shireesh@minio.io> Co-authored-by: Harshavardhana <harsha@minio.io>
This commit is contained in:
parent
bcc6359dec
commit
b4364723ef
@ -155,8 +155,8 @@ func minioConfigToConsoleFeatures() {
|
|||||||
}
|
}
|
||||||
os.Setenv("CONSOLE_MINIO_REGION", globalServerRegion)
|
os.Setenv("CONSOLE_MINIO_REGION", globalServerRegion)
|
||||||
os.Setenv("CONSOLE_CERT_PASSWD", env.Get("MINIO_CERT_PASSWD", ""))
|
os.Setenv("CONSOLE_CERT_PASSWD", env.Get("MINIO_CERT_PASSWD", ""))
|
||||||
if globalSubnetLicense != "" {
|
if globalSubnetConfig.License != "" {
|
||||||
os.Setenv("CONSOLE_SUBNET_LICENSE", globalSubnetLicense)
|
os.Setenv("CONSOLE_SUBNET_LICENSE", globalSubnetConfig.License)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -602,8 +602,6 @@ func handleCommonEnvVars() {
|
|||||||
if tiers := env.Get("_MINIO_DEBUG_REMOTE_TIERS_IMMEDIATELY", ""); tiers != "" {
|
if tiers := env.Get("_MINIO_DEBUG_REMOTE_TIERS_IMMEDIATELY", ""); tiers != "" {
|
||||||
globalDebugRemoteTiersImmediately = strings.Split(tiers, ",")
|
globalDebugRemoteTiersImmediately = strings.Split(tiers, ",")
|
||||||
}
|
}
|
||||||
|
|
||||||
globalSubnetLicense = env.Get(config.EnvMinIOSubnetLicense, "")
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func logStartupMessage(msg string) {
|
func logStartupMessage(msg string) {
|
||||||
|
@ -39,6 +39,7 @@ import (
|
|||||||
"github.com/minio/minio/internal/config/policy/opa"
|
"github.com/minio/minio/internal/config/policy/opa"
|
||||||
"github.com/minio/minio/internal/config/scanner"
|
"github.com/minio/minio/internal/config/scanner"
|
||||||
"github.com/minio/minio/internal/config/storageclass"
|
"github.com/minio/minio/internal/config/storageclass"
|
||||||
|
"github.com/minio/minio/internal/config/subnet"
|
||||||
"github.com/minio/minio/internal/crypto"
|
"github.com/minio/minio/internal/crypto"
|
||||||
xhttp "github.com/minio/minio/internal/http"
|
xhttp "github.com/minio/minio/internal/http"
|
||||||
"github.com/minio/minio/internal/kms"
|
"github.com/minio/minio/internal/kms"
|
||||||
@ -65,6 +66,7 @@ func initHelp() {
|
|||||||
config.AuditKafkaSubSys: logger.DefaultAuditKafkaKVS,
|
config.AuditKafkaSubSys: logger.DefaultAuditKafkaKVS,
|
||||||
config.HealSubSys: heal.DefaultKVS,
|
config.HealSubSys: heal.DefaultKVS,
|
||||||
config.ScannerSubSys: scanner.DefaultKVS,
|
config.ScannerSubSys: scanner.DefaultKVS,
|
||||||
|
config.SubnetSubSys: subnet.DefaultKVS,
|
||||||
}
|
}
|
||||||
for k, v := range notify.DefaultNotificationKVS {
|
for k, v := range notify.DefaultNotificationKVS {
|
||||||
kvs[k] = v
|
kvs[k] = v
|
||||||
@ -185,6 +187,12 @@ func initHelp() {
|
|||||||
Description: "publish bucket notifications to Redis datastores",
|
Description: "publish bucket notifications to Redis datastores",
|
||||||
MultipleTargets: true,
|
MultipleTargets: true,
|
||||||
},
|
},
|
||||||
|
config.HelpKV{
|
||||||
|
Key: config.SubnetSubSys,
|
||||||
|
Type: "string",
|
||||||
|
Description: "set subnet config for the cluster e.g. license token",
|
||||||
|
Optional: true,
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
if globalIsErasure {
|
if globalIsErasure {
|
||||||
@ -223,6 +231,7 @@ func initHelp() {
|
|||||||
config.NotifyRedisSubSys: notify.HelpRedis,
|
config.NotifyRedisSubSys: notify.HelpRedis,
|
||||||
config.NotifyWebhookSubSys: notify.HelpWebhook,
|
config.NotifyWebhookSubSys: notify.HelpWebhook,
|
||||||
config.NotifyESSubSys: notify.HelpES,
|
config.NotifyESSubSys: notify.HelpES,
|
||||||
|
config.SubnetSubSys: subnet.HelpLicense,
|
||||||
}
|
}
|
||||||
|
|
||||||
config.RegisterHelpSubSys(helpMap)
|
config.RegisterHelpSubSys(helpMap)
|
||||||
@ -508,6 +517,11 @@ func lookupConfigs(s config.Config, objAPI ObjectLayer) {
|
|||||||
logger.LogIf(ctx, fmt.Errorf("Unable to parse LDAP configuration: %w", err))
|
logger.LogIf(ctx, fmt.Errorf("Unable to parse LDAP configuration: %w", err))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
globalSubnetConfig, err = subnet.LookupConfig(s[config.SubnetSubSys][config.Default])
|
||||||
|
if err != nil {
|
||||||
|
logger.LogIf(ctx, fmt.Errorf("Unable to parse subnet configuration: %w", err))
|
||||||
|
}
|
||||||
|
|
||||||
// Load logger targets based on user's configuration
|
// Load logger targets based on user's configuration
|
||||||
loggerUserAgent := getUserAgent(getMinioMode())
|
loggerUserAgent := getUserAgent(getMinioMode())
|
||||||
|
|
||||||
|
@ -41,6 +41,7 @@ import (
|
|||||||
xtls "github.com/minio/minio/internal/config/identity/tls"
|
xtls "github.com/minio/minio/internal/config/identity/tls"
|
||||||
"github.com/minio/minio/internal/config/policy/opa"
|
"github.com/minio/minio/internal/config/policy/opa"
|
||||||
"github.com/minio/minio/internal/config/storageclass"
|
"github.com/minio/minio/internal/config/storageclass"
|
||||||
|
"github.com/minio/minio/internal/config/subnet"
|
||||||
xhttp "github.com/minio/minio/internal/http"
|
xhttp "github.com/minio/minio/internal/http"
|
||||||
etcd "go.etcd.io/etcd/client/v3"
|
etcd "go.etcd.io/etcd/client/v3"
|
||||||
|
|
||||||
@ -219,8 +220,8 @@ var (
|
|||||||
// The name of this local node, fetched from arguments
|
// The name of this local node, fetched from arguments
|
||||||
globalLocalNodeName string
|
globalLocalNodeName string
|
||||||
|
|
||||||
// The global subnet license
|
// The global subnet config
|
||||||
globalSubnetLicense string
|
globalSubnetConfig subnet.Config
|
||||||
|
|
||||||
globalRemoteEndpoints map[string]Endpoint
|
globalRemoteEndpoints map[string]Endpoint
|
||||||
|
|
||||||
|
@ -58,6 +58,7 @@ const (
|
|||||||
RegionName = "name"
|
RegionName = "name"
|
||||||
AccessKey = "access_key"
|
AccessKey = "access_key"
|
||||||
SecretKey = "secret_key"
|
SecretKey = "secret_key"
|
||||||
|
License = "license"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Top level config constants.
|
// Top level config constants.
|
||||||
@ -79,6 +80,7 @@ const (
|
|||||||
HealSubSys = "heal"
|
HealSubSys = "heal"
|
||||||
ScannerSubSys = "scanner"
|
ScannerSubSys = "scanner"
|
||||||
CrawlerSubSys = "crawler"
|
CrawlerSubSys = "crawler"
|
||||||
|
SubnetSubSys = "subnet"
|
||||||
|
|
||||||
// Add new constants here if you add new fields to config.
|
// Add new constants here if you add new fields to config.
|
||||||
)
|
)
|
||||||
@ -127,6 +129,7 @@ var SubSystems = set.CreateStringSet(
|
|||||||
NotifyPostgresSubSys,
|
NotifyPostgresSubSys,
|
||||||
NotifyRedisSubSys,
|
NotifyRedisSubSys,
|
||||||
NotifyWebhookSubSys,
|
NotifyWebhookSubSys,
|
||||||
|
SubnetSubSys,
|
||||||
)
|
)
|
||||||
|
|
||||||
// SubSystemsDynamic - all sub-systems that have dynamic config.
|
// SubSystemsDynamic - all sub-systems that have dynamic config.
|
||||||
@ -135,6 +138,7 @@ var SubSystemsDynamic = set.CreateStringSet(
|
|||||||
CompressionSubSys,
|
CompressionSubSys,
|
||||||
ScannerSubSys,
|
ScannerSubSys,
|
||||||
HealSubSys,
|
HealSubSys,
|
||||||
|
SubnetSubSys,
|
||||||
)
|
)
|
||||||
|
|
||||||
// SubSystemsSingleTargets - subsystems which only support single target.
|
// SubSystemsSingleTargets - subsystems which only support single target.
|
||||||
|
71
internal/config/subnet/license.go
Normal file
71
internal/config/subnet/license.go
Normal file
@ -0,0 +1,71 @@
|
|||||||
|
// Copyright (c) 2015-2021 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This file is part of MinIO Object Storage stack
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
package subnet
|
||||||
|
|
||||||
|
import (
|
||||||
|
jwtgo "github.com/golang-jwt/jwt"
|
||||||
|
"github.com/minio/minio/internal/config"
|
||||||
|
"github.com/minio/pkg/env"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultKVS - default KV config for subnet settings
|
||||||
|
DefaultKVS = config.KVS{
|
||||||
|
config.KV{
|
||||||
|
Key: config.License,
|
||||||
|
Value: "",
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
// HelpLicense - provides help for license config
|
||||||
|
HelpLicense = config.HelpKVS{
|
||||||
|
config.HelpKV{
|
||||||
|
Key: config.License,
|
||||||
|
Type: "string",
|
||||||
|
Description: "Subnet license token for the cluster",
|
||||||
|
Optional: true,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// Config represents the subnet related configuration
|
||||||
|
type Config struct {
|
||||||
|
// The subnet license token
|
||||||
|
License string `json:"license"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func validateLicenseFormat(lic string) error {
|
||||||
|
if len(lic) == 0 {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Only verifying that the string is a parseable JWT token as of now
|
||||||
|
_, _, err := new(jwtgo.Parser).ParseUnverified(lic, jwtgo.MapClaims{})
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
// LookupConfig - lookup config and override with valid environment settings if any.
|
||||||
|
func LookupConfig(kvs config.KVS) (cfg Config, err error) {
|
||||||
|
if err = config.CheckValidKeys(config.SubnetSubSys, kvs, DefaultKVS); err != nil {
|
||||||
|
return cfg, err
|
||||||
|
}
|
||||||
|
|
||||||
|
cfg.License = env.Get(config.EnvMinIOSubnetLicense, kvs.Get(config.License))
|
||||||
|
|
||||||
|
return cfg, validateLicenseFormat(cfg.License)
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user