mirror of
https://github.com/minio/minio.git
synced 2025-01-11 15:03:22 -05:00
Add config to store subnet license (#13194)
Command to set subnet license: `mc admin config set {alias} subnet license={token}` Signed-off-by: Shireesh Anjal <shireesh@minio.io> Co-authored-by: Harshavardhana <harsha@minio.io>
This commit is contained in:
parent
bcc6359dec
commit
b4364723ef
@ -155,8 +155,8 @@ func minioConfigToConsoleFeatures() {
|
||||
}
|
||||
os.Setenv("CONSOLE_MINIO_REGION", globalServerRegion)
|
||||
os.Setenv("CONSOLE_CERT_PASSWD", env.Get("MINIO_CERT_PASSWD", ""))
|
||||
if globalSubnetLicense != "" {
|
||||
os.Setenv("CONSOLE_SUBNET_LICENSE", globalSubnetLicense)
|
||||
if globalSubnetConfig.License != "" {
|
||||
os.Setenv("CONSOLE_SUBNET_LICENSE", globalSubnetConfig.License)
|
||||
}
|
||||
}
|
||||
|
||||
@ -602,8 +602,6 @@ func handleCommonEnvVars() {
|
||||
if tiers := env.Get("_MINIO_DEBUG_REMOTE_TIERS_IMMEDIATELY", ""); tiers != "" {
|
||||
globalDebugRemoteTiersImmediately = strings.Split(tiers, ",")
|
||||
}
|
||||
|
||||
globalSubnetLicense = env.Get(config.EnvMinIOSubnetLicense, "")
|
||||
}
|
||||
|
||||
func logStartupMessage(msg string) {
|
||||
|
@ -39,6 +39,7 @@ import (
|
||||
"github.com/minio/minio/internal/config/policy/opa"
|
||||
"github.com/minio/minio/internal/config/scanner"
|
||||
"github.com/minio/minio/internal/config/storageclass"
|
||||
"github.com/minio/minio/internal/config/subnet"
|
||||
"github.com/minio/minio/internal/crypto"
|
||||
xhttp "github.com/minio/minio/internal/http"
|
||||
"github.com/minio/minio/internal/kms"
|
||||
@ -65,6 +66,7 @@ func initHelp() {
|
||||
config.AuditKafkaSubSys: logger.DefaultAuditKafkaKVS,
|
||||
config.HealSubSys: heal.DefaultKVS,
|
||||
config.ScannerSubSys: scanner.DefaultKVS,
|
||||
config.SubnetSubSys: subnet.DefaultKVS,
|
||||
}
|
||||
for k, v := range notify.DefaultNotificationKVS {
|
||||
kvs[k] = v
|
||||
@ -185,6 +187,12 @@ func initHelp() {
|
||||
Description: "publish bucket notifications to Redis datastores",
|
||||
MultipleTargets: true,
|
||||
},
|
||||
config.HelpKV{
|
||||
Key: config.SubnetSubSys,
|
||||
Type: "string",
|
||||
Description: "set subnet config for the cluster e.g. license token",
|
||||
Optional: true,
|
||||
},
|
||||
}
|
||||
|
||||
if globalIsErasure {
|
||||
@ -223,6 +231,7 @@ func initHelp() {
|
||||
config.NotifyRedisSubSys: notify.HelpRedis,
|
||||
config.NotifyWebhookSubSys: notify.HelpWebhook,
|
||||
config.NotifyESSubSys: notify.HelpES,
|
||||
config.SubnetSubSys: subnet.HelpLicense,
|
||||
}
|
||||
|
||||
config.RegisterHelpSubSys(helpMap)
|
||||
@ -508,6 +517,11 @@ func lookupConfigs(s config.Config, objAPI ObjectLayer) {
|
||||
logger.LogIf(ctx, fmt.Errorf("Unable to parse LDAP configuration: %w", err))
|
||||
}
|
||||
|
||||
globalSubnetConfig, err = subnet.LookupConfig(s[config.SubnetSubSys][config.Default])
|
||||
if err != nil {
|
||||
logger.LogIf(ctx, fmt.Errorf("Unable to parse subnet configuration: %w", err))
|
||||
}
|
||||
|
||||
// Load logger targets based on user's configuration
|
||||
loggerUserAgent := getUserAgent(getMinioMode())
|
||||
|
||||
|
@ -41,6 +41,7 @@ import (
|
||||
xtls "github.com/minio/minio/internal/config/identity/tls"
|
||||
"github.com/minio/minio/internal/config/policy/opa"
|
||||
"github.com/minio/minio/internal/config/storageclass"
|
||||
"github.com/minio/minio/internal/config/subnet"
|
||||
xhttp "github.com/minio/minio/internal/http"
|
||||
etcd "go.etcd.io/etcd/client/v3"
|
||||
|
||||
@ -219,8 +220,8 @@ var (
|
||||
// The name of this local node, fetched from arguments
|
||||
globalLocalNodeName string
|
||||
|
||||
// The global subnet license
|
||||
globalSubnetLicense string
|
||||
// The global subnet config
|
||||
globalSubnetConfig subnet.Config
|
||||
|
||||
globalRemoteEndpoints map[string]Endpoint
|
||||
|
||||
|
@ -58,6 +58,7 @@ const (
|
||||
RegionName = "name"
|
||||
AccessKey = "access_key"
|
||||
SecretKey = "secret_key"
|
||||
License = "license"
|
||||
)
|
||||
|
||||
// Top level config constants.
|
||||
@ -79,6 +80,7 @@ const (
|
||||
HealSubSys = "heal"
|
||||
ScannerSubSys = "scanner"
|
||||
CrawlerSubSys = "crawler"
|
||||
SubnetSubSys = "subnet"
|
||||
|
||||
// Add new constants here if you add new fields to config.
|
||||
)
|
||||
@ -127,6 +129,7 @@ var SubSystems = set.CreateStringSet(
|
||||
NotifyPostgresSubSys,
|
||||
NotifyRedisSubSys,
|
||||
NotifyWebhookSubSys,
|
||||
SubnetSubSys,
|
||||
)
|
||||
|
||||
// SubSystemsDynamic - all sub-systems that have dynamic config.
|
||||
@ -135,6 +138,7 @@ var SubSystemsDynamic = set.CreateStringSet(
|
||||
CompressionSubSys,
|
||||
ScannerSubSys,
|
||||
HealSubSys,
|
||||
SubnetSubSys,
|
||||
)
|
||||
|
||||
// SubSystemsSingleTargets - subsystems which only support single target.
|
||||
|
71
internal/config/subnet/license.go
Normal file
71
internal/config/subnet/license.go
Normal file
@ -0,0 +1,71 @@
|
||||
// Copyright (c) 2015-2021 MinIO, Inc.
|
||||
//
|
||||
// This file is part of MinIO Object Storage stack
|
||||
//
|
||||
// This program is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU Affero General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// This program is distributed in the hope that it will be useful
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU Affero General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU Affero General Public License
|
||||
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
package subnet
|
||||
|
||||
import (
|
||||
jwtgo "github.com/golang-jwt/jwt"
|
||||
"github.com/minio/minio/internal/config"
|
||||
"github.com/minio/pkg/env"
|
||||
)
|
||||
|
||||
var (
|
||||
// DefaultKVS - default KV config for subnet settings
|
||||
DefaultKVS = config.KVS{
|
||||
config.KV{
|
||||
Key: config.License,
|
||||
Value: "",
|
||||
},
|
||||
}
|
||||
|
||||
// HelpLicense - provides help for license config
|
||||
HelpLicense = config.HelpKVS{
|
||||
config.HelpKV{
|
||||
Key: config.License,
|
||||
Type: "string",
|
||||
Description: "Subnet license token for the cluster",
|
||||
Optional: true,
|
||||
},
|
||||
}
|
||||
)
|
||||
|
||||
// Config represents the subnet related configuration
|
||||
type Config struct {
|
||||
// The subnet license token
|
||||
License string `json:"license"`
|
||||
}
|
||||
|
||||
func validateLicenseFormat(lic string) error {
|
||||
if len(lic) == 0 {
|
||||
return nil
|
||||
}
|
||||
|
||||
// Only verifying that the string is a parseable JWT token as of now
|
||||
_, _, err := new(jwtgo.Parser).ParseUnverified(lic, jwtgo.MapClaims{})
|
||||
return err
|
||||
}
|
||||
|
||||
// LookupConfig - lookup config and override with valid environment settings if any.
|
||||
func LookupConfig(kvs config.KVS) (cfg Config, err error) {
|
||||
if err = config.CheckValidKeys(config.SubnetSubSys, kvs, DefaultKVS); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
cfg.License = env.Get(config.EnvMinIOSubnetLicense, kvs.Get(config.License))
|
||||
|
||||
return cfg, validateLicenseFormat(cfg.License)
|
||||
}
|
Loading…
Reference in New Issue
Block a user