MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-10 14:09:48 -05:00
Code Issues Packages Projects Releases Wiki Activity

Final changes to config sub-system (#8600)

Browse Source 
- Introduces changes such as certain types of
  errors that can be ignored or which need to 
  go into safe mode.
- Update help text as per the review
This commit is contained in:
Harshavardhana
2019-12-04 15:32:37 -08:00
committed by kannappanr
parent 794eb54da8
commit c9940d8c3f
65 changed files with 605 additions and 1033 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/config/README.md
View File

@@ -74,9 +74,9 @@ minio server /data
| Field | Type | Description |
|:-------------------------------|:---------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| ``storageclass`` | | Set storage class for configurable data and parity, as per object basis. |
| ``storageclass standard=EC:4`` | _string_ | Value for standard storage class. It should be in the format `EC:Parity`, for example to set 4 disk parity for standard storage class objects, set this field to `EC:4`. |
| ``storageclass rrs=EC:2`` | _string_ | Value for reduced redundancy storage class. It should be in the format `EC:Parity`, for example to set 3 disk parity for reduced redundancy storage class objects, set this field to `EC:3`. |
| ``storage_class`` | | Set storage class for configurable data and parity, as per object basis. |
| ``storage_class standard=EC:4`` | _string_ | Value for standard storage class. It should be in the format `EC:Parity`, for example to set 4 disk parity for standard storage class objects, set this field to `EC:4`. |
| ``storage_class rrs=EC:2`` | _string_ | Value for reduced redundancy storage class. It should be in the format `EC:Parity`, for example to set 3 disk parity for reduced redundancy storage class objects, set this field to `EC:3`. |
By default, parity for objects with standard storage class is set to `N/2`, and parity for objects with reduced redundancy storage class objects is set to `2`. Read more about storage class support in MinIO server [here](https://github.com/minio/minio/blob/master/docs/erasure/storage-class/README.md).

340
docs/config/config.sample.json
View File

@@ -1,340 +0,0 @@
{
"cache": {
"_": {
"drives": "",
"exclude": "",
"expiry": "90",
"quota": "80",
"state": "off"
}
},
"compression": {
"_": {
"extensions": ".txt,.log,.csv,.json,.tar,.xml,.bin",
"mime_types": "text/*,application/json,application/xml",
"state": "off"
}
},
"identity_ldap": {
"_": {
"group_name_attribute": "",
"group_search_base_dn": "",
"group_search_filter": "",
"server_addr": "",
"state": "off",
"sts_expiry": "",
"username_format": ""
}
},
"identity_openid": {
"_": {
"config_url": "http://localhost:8080/auth/realms/demo/.well-known/openid-configuration",
"state": "on"
}
},
"kms_vault": {
"_": {
"auth_approle_id": "",
"auth_approle_secret": "",
"auth_type": "",
"capath": "",
"endpoint": "",
"key_name": "",
"key_version": "0",
"namespace": "",
"state": "off"
}
},
"logger_http": {
"1": {
"auth_token": "",
"endpoint": "",
"state": "off"
},
"_": {
"auth_token": "",
"endpoint": "",
"state": "off"
}
},
"logger_http_audit": {
"_": {
"auth_token": "",
"endpoint": "",
"state": "off"
}
},
"notify_amqp": {
"1": {
"auto_deleted": "off",
"delivery_mode": "0",
"durable": "off",
"exchange": "",
"exchange_type": "",
"internal": "off",
"mandatory": "off",
"no_wait": "off",
"queue_dir": "",
"queue_limit": "0",
"routing_key": "",
"state": "off",
"url": ""
},
"_": {
"auto_deleted": "off",
"delivery_mode": "0",
"durable": "off",
"exchange": "",
"exchange_type": "",
"internal": "off",
"mandatory": "off",
"no_wait": "off",
"queue_dir": "",
"queue_limit": "0",
"routing_key": "",
"state": "off",
"url": ""
}
},
"notify_elasticsearch": {
"1": {
"format": "namespace",
"index": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"url": ""
},
"_": {
"format": "namespace",
"index": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"url": ""
}
},
"notify_kafka": {
"1": {
"brokers": "",
"queue_dir": "",
"queue_limit": "0",
"sasl_enable": "off",
"sasl_password": "",
"sasl_username": "",
"state": "off",
"tls_client_auth": "0",
"tls_enable": "off",
"tls_skip_verify": "off",
"topic": ""
},
"_": {
"brokers": "",
"queue_dir": "",
"queue_limit": "0",
"sasl_enable": "off",
"sasl_password": "",
"sasl_username": "",
"state": "off",
"tls_client_auth": "0",
"tls_enable": "off",
"tls_skip_verify": "off",
"topic": ""
}
},
"notify_mqtt": {
"1": {
"broker": "",
"keep_alive_interval": "0s",
"password": "",
"qos": "0",
"queue_dir": "",
"queue_limit": "0",
"reconnect_interval": "0s",
"state": "off",
"topic": "",
"username": ""
},
"_": {
"broker": "",
"keep_alive_interval": "0s",
"password": "",
"qos": "0",
"queue_dir": "",
"queue_limit": "0",
"reconnect_interval": "0s",
"state": "off",
"topic": "",
"username": ""
}
},
"notify_mysql": {
"1": {
"database": "",
"dsn_string": "",
"format": "namespace",
"host": "",
"password": "",
"port": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"table": "",
"username": ""
},
"_": {
"database": "",
"dsn_string": "",
"format": "namespace",
"host": "",
"password": "",
"port": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"table": "",
"username": ""
}
},
"notify_nats": {
"1": {
"address": "",
"password": "",
"ping_interval": "0",
"queue_dir": "",
"queue_limit": "0",
"secure": "off",
"state": "off",
"streaming_async": "off",
"streaming_cluster_id": "",
"streaming_enable": "off",
"streaming_max_pub_acks_in_flight": "0",
"subject": "",
"token": "",
"username": ""
},
"_": {
"address": "",
"password": "",
"ping_interval": "0",
"queue_dir": "",
"queue_limit": "0",
"secure": "off",
"state": "off",
"streaming_async": "off",
"streaming_cluster_id": "",
"streaming_enable": "off",
"streaming_max_pub_acks_in_flight": "0",
"subject": "",
"token": "",
"username": ""
}
},
"notify_nsq": {
"1": {
"nsqd_address": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"tls_enable": "off",
"tls_skip_verify": "off",
"topic": ""
},
"_": {
"nsqd_address": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"tls_enable": "off",
"tls_skip_verify": "off",
"topic": ""
}
},
"notify_postgres": {
"1": {
"connection_string": "",
"database": "",
"format": "namespace",
"host": "",
"password": "",
"port": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"table": "",
"username": ""
},
"_": {
"connection_string": "",
"database": "",
"format": "namespace",
"host": "",
"password": "",
"port": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off",
"table": "",
"username": ""
}
},
"notify_redis": {
"1": {
"address": "",
"format": "namespace",
"key": "",
"password": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off"
},
"_": {
"address": "",
"format": "namespace",
"key": "",
"password": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off"
}
},
"notify_webhook": {
"1": {
"endpoint": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off"
},
"_": {
"auth_token": "",
"endpoint": "",
"queue_dir": "",
"queue_limit": "0",
"state": "off"
}
},
"policy_opa": {
"_": {
"auth_token": "",
"state": "off",
"url": ""
}
},
"region": {
"_": {
"name": "us-east-1"
}
},
"storageclass": {
"_": {
"rrs": "",
"standard": "",
"state": "off"
}
},
"worm": {
"_": {
"state": "off"
}
}
}

2
docs/erasure/storage-class/README.md
View File

@@ -62,14 +62,12 @@ Default value for `REDUCED_REDUNDANCY` storage class is `2`.
The format to set storage class environment variables is as follows
`MINIO_STORAGE_CLASS_STATE=on`
`MINIO_STORAGE_CLASS_STANDARD=EC:parity`
`MINIO_STORAGE_CLASS_RRS=EC:parity`
For example, set `MINIO_STORAGE_CLASS_RRS` parity 2 and `MINIO_STORAGE_CLASS_STANDARD` parity 3
```sh
export MINIO_STORAGE_CLASS_STATE=on
export MINIO_STORAGE_CLASS_STANDARD=EC:3
export MINIO_STORAGE_CLASS_RRS=EC:2
```

1
docs/gateway/s3.md
View File

@@ -76,7 +76,6 @@ and "c" for sse-c encryption. More than one encryption option can be set, delimi
```sh
export MINIO_GATEWAY_SSE="s3;c"
export MINIO_KMS_VAULT_STATE=on
export MINIO_KMS_VAULT_APPROLE_ID=9b56cc08-8258-45d5-24a3-679876769126
export MINIO_KMS_VAULT_APPROLE_SECRET=4e30c52f-13e4-a6f5-0763-d50e8cb4321f
export MINIO_KMS_VAULT_ENDPOINT=https://vault-endpoint-ip:8200

1
docs/kms/README.md
View File

@@ -171,7 +171,6 @@ The AppRole ID, AppRole Secret Id, Vault endpoint and Vault key name can now be
You'll need the Vault endpoint, AppRole ID, AppRole SecretID and encryption key-ring name defined in step 2.1.2
```
export MINIO_KMS_VAULT_STATE=on
export MINIO_KMS_VAULT_APPROLE_ID=8c03926c-6c51-7a1d-cf7d-62e48ab8d6d7
export MINIO_KMS_VAULT_APPROLE_SECRET=edd8738c-6efe-c226-74f9-ef5b66e119d7
export MINIO_KMS_VAULT_ENDPOINT=http://vault-endpoint-ip:8200

4
docs/logging/README.md
View File

@@ -28,7 +28,7 @@ NOTE: `http://endpoint:port/path` is a placeholder value to indicate the URL for
MinIO also honors environment variable for HTTP target logging as shown below, this setting will override the endpoint settings in the MinIO server config.
```
export MINIO_LOGGER_WEBHOOK_STATE_target1="on"
export MINIO_LOGGER_WEBHOOK_ENABLE_target1="on"
export MINIO_LOGGER_WEBHOOK_AUTH_TOKEN_target1="token"
export MINIO_LOGGER_WEBHOOK_ENDPOINT_target1=http://localhost:8080/minio/logs
minio server /mnt/data
@@ -50,7 +50,7 @@ NOTE: `http://endpoint:port/path` is a placeholder value to indicate the URL for
MinIO also honors environment variable for HTTP target Audit logging as shown below, this setting will override the endpoint settings in the MinIO server config.
```
export MINIO_AUDIT_WEBHOOK_STATE_target1="on"
export MINIO_AUDIT_WEBHOOK_ENABLE_target1="on"
export MINIO_AUDIT_WEBHOOK_AUTH_TOKEN_target1="token"
export MINIO_AUDIT_WEBHOOK_ENDPOINT_target1=http://localhost:8080/minio/logs
minio server /mnt/data

2
docs/sts/README.md
View File

@@ -34,7 +34,6 @@ Make sure we have followed the previous step and configured each software indepe
```
export MINIO_ACCESS_KEY=minio
export MINIO_SECRET_KEY=minio123
export MINIO_IDENTITY_OPENID_STATE="on"
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration
export MINIO_IDENTITY_OPENID_CLIENT_ID="843351d4-1080-11ea-aa20-271ecba3924a"
minio server /mnt/data
@@ -48,7 +47,6 @@ Make sure we have followed the previous step and configured each software indepe
```
export MINIO_ACCESS_KEY=aws_access_key
export MINIO_SECRET_KEY=aws_secret_key
export MINIO_IDENTITY_OPENID_STATE="on"
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration
export MINIO_IDENTITY_OPENID_CLIENT_ID="843351d4-1080-11ea-aa20-271ecba3924a"
export MINIO_ETCD_ENDPOINTS=http://localhost:2379

3
docs/sts/client-grants.md
View File

@@ -93,14 +93,13 @@ http://minio.cluster:9000?Action=AssumeRoleWithClientGrants&DurationSeconds=3600
```
export MINIO_ACCESS_KEY=minio
export MINIO_SECRET_KEY=minio123
export MINIO_IDENTITY_OPENID_STATE="on"
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration
export MINIO_IDENTITY_OPENID_CLIENT_ID="7a243d56-1081-11ea-b1b9-0bad8bed6ca0"
export MINIO_POLICY_OPA_URL=http://localhost:8181/v1/data/httpapi/authz
minio server /mnt/export
mc admin config get myminio identity_openid
identity_openid config_url="https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration"
identity_openid config_url="https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration"
mc admin config get myminio policy_opa
policy_opa url="http://localhost:8181/v1/data/httpapi/authz" auth_token=

4
docs/sts/ldap.md
View File

@@ -42,7 +42,6 @@ LDAP is configured via the following environment variables:
| Variable | Required? | Purpose |
|----------------------------------------------|-------------------------|-------------------------------------------------------------------------|
| **MINIO_IDENTITY_LDAP_STATE** | **YES** | Enable or disable ldap identity |
| **MINIO_IDENTITY_LDAP_SERVER_ADDR** | **YES** | AD/LDAP server address |
| **MINIO_IDENTITY_LDAP_USERNAME_FORMAT** | **YES** | Format of full username DN |
| **MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN** | **NO** | Base DN in AD/LDAP hierarchy to use in search requests |
@@ -57,7 +56,6 @@ Please note that MinIO will only access the AD/LDAP server over TLS. If a self-s
An example setup for development or experimentation:
``` shell
export MINIO_IDENTITY_LDAP_STATE="on"
export MINIO_IDENTITY_LDAP_SERVER_ADDR=myldapserver.com:636
export MINIO_IDENTITY_LDAP_USERNAME_FORMAT="uid={username},cn=accounts,dc=myldapserver,dc=com"
export MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN="dc=myldapserver,dc=com"
@@ -111,7 +109,6 @@ The group search filter looks like `(&(objectclass=group)(member={usernamedn}))`
Thus the key configuration parameters look like:
```
MINIO_IDENTITY_LDAP_STATE="on"
MINIO_IDENTITY_LDAP_SERVER_ADDR='my.ldap-active-dir-server.com:636'
MINIO_IDENTITY_LDAP_USERNAME_FORMAT='cn={username},cn=users,dc=minioad,dc=local'
MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN='dc=minioad,dc=local'
@@ -218,7 +215,6 @@ http://minio.cluster:9000?Action=AssumeRoleWithLDAPIdentity&LDAPUsername=foouser
```
$ export MINIO_ACCESS_KEY=minio
$ export MINIO_SECRET_KEY=minio123
$ export MINIO_IDENTITY_LDAP_STATE="on"
$ export MINIO_IDENTITY_LDAP_SERVER_ADDR='my.ldap-active-dir-server.com:636'
$ export MINIO_IDENTITY_LDAP_USERNAME_FORMAT='cn={username},cn=users,dc=minioad,dc=local'
$ export MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN='dc=minioad,dc=local'

1
docs/sts/web-identity.md
View File

@@ -93,7 +93,6 @@ http://minio.cluster:9000?Action=AssumeRoleWithWebIdentity&DurationSeconds=3600&
```
export MINIO_ACCESS_KEY=minio
export MINIO_SECRET_KEY=minio123
export MINIO_IDENTITY_OPENID_STATE="on"
export MINIO_IDENTITY_OPENID_CLIENT_ID="843351d4-1080-11ea-aa20-271ecba3924a"
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://accounts.google.com/.well-known/openid-configuration
minio server /mnt/export

1
docs/sts/wso2.md
View File

@@ -69,7 +69,6 @@ Using the above `access_token` we can perform an STS request to MinIO to get tem
### 5. Setup MinIO with OpenID configuration URL
MinIO server expects environment variable for OpenID configuration url as `MINIO_IDENTITY_OPENID_CONFIG_URL`, this environment variable takes a single entry.
```
export MINIO_IDENTITY_OPENID_STATE="on"
export MINIO_IDENTITY_OPENID_CONFIG_URL=https://localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration
export MINIO_IDENTITY_OPENID_CLIENT_ID="843351d4-1080-11ea-aa20-271ecba3924a"
minio server /mnt/data