mirror of
https://github.com/seaweedfs/seaweedfs.git
synced 2024-01-19 02:48:24 +00:00
helm add auditLogConfig option
This commit is contained in:
parent
ab0c6a84bf
commit
761ffdc405
|
@ -149,6 +149,9 @@ spec:
|
||||||
{{- if .Values.filer.s3.enableAuth }}
|
{{- if .Values.filer.s3.enableAuth }}
|
||||||
-s3.config=/etc/sw/seaweedfs_s3_config \
|
-s3.config=/etc/sw/seaweedfs_s3_config \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- if .Values.filer.s3.auditLogConfig }}
|
||||||
|
-s3.auditLogConfig=/etc/sw/filer_s3_auditLogConfig.json \
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
-master={{ range $index := until (.Values.master.replicas | int) }}${SEAWEEDFS_FULLNAME}-master-{{ $index }}.${SEAWEEDFS_FULLNAME}-master:{{ $.Values.master.port }}{{ if lt $index (sub ($.Values.master.replicas | int) 1) }},{{ end }}{{ end }}
|
-master={{ range $index := until (.Values.master.replicas | int) }}${SEAWEEDFS_FULLNAME}-master-{{ $index }}.${SEAWEEDFS_FULLNAME}-master:{{ $.Values.master.port }}{{ if lt $index (sub ($.Values.master.replicas | int) 1) }},{{ end }}{{ end }}
|
||||||
{{- if or (.Values.global.enableSecurity) (.Values.filer.extraVolumeMounts) }}
|
{{- if or (.Values.global.enableSecurity) (.Values.filer.extraVolumeMounts) }}
|
||||||
|
|
|
@ -93,6 +93,9 @@ spec:
|
||||||
{{- if .Values.s3.enableAuth }}
|
{{- if .Values.s3.enableAuth }}
|
||||||
-config=/etc/sw/seaweedfs_s3_config \
|
-config=/etc/sw/seaweedfs_s3_config \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- if .Values.s3.auditLogConfig }}
|
||||||
|
-auditLogConfig=/etc/sw/s3_auditLogConfig.json \
|
||||||
|
{{- end }}
|
||||||
-filer={{ template "seaweedfs.name" . }}-filer-client:{{ .Values.filer.port }}
|
-filer={{ template "seaweedfs.name" . }}-filer-client:{{ .Values.filer.port }}
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: logs
|
- name: logs
|
||||||
|
|
|
@ -18,4 +18,12 @@ stringData:
|
||||||
read_access_key_id: {{ $access_key_read }}
|
read_access_key_id: {{ $access_key_read }}
|
||||||
read_secret_access_key: {{ $secret_key_read }}
|
read_secret_access_key: {{ $secret_key_read }}
|
||||||
seaweedfs_s3_config: '{"identities":[{"name":"anvAdmin","credentials":[{"accessKey":"{{ $access_key_admin }}","secretKey":"{{ $secret_key_admin }}"}],"actions":["Admin","Read","Write"]},{"name":"anvReadOnly","credentials":[{"accessKey":"{{ $access_key_read }}","secretKey":"{{ $secret_key_read }}"}],"actions":["Read"]}]}'
|
seaweedfs_s3_config: '{"identities":[{"name":"anvAdmin","credentials":[{"accessKey":"{{ $access_key_admin }}","secretKey":"{{ $secret_key_admin }}"}],"actions":["Admin","Read","Write"]},{"name":"anvReadOnly","credentials":[{"accessKey":"{{ $access_key_read }}","secretKey":"{{ $secret_key_read }}"}],"actions":["Read"]}]}'
|
||||||
|
{{- if .Values.filer.s3.auditLogConfig }}
|
||||||
|
filer_s3_auditLogConfig.json: |
|
||||||
|
{{ toJson .Values.filer.s3.auditLogConfig | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.s3.auditLogConfig }}
|
||||||
|
s3_auditLogConfig.json: |
|
||||||
|
{{ toJson .Values.s3.auditLogConfig | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
|
@ -273,9 +273,6 @@ filer:
|
||||||
# Limit sub dir listing size (default 100000)
|
# Limit sub dir listing size (default 100000)
|
||||||
dirListLimit: 100000
|
dirListLimit: 100000
|
||||||
|
|
||||||
# Turn off directory listing
|
|
||||||
disableDirListing: false
|
|
||||||
|
|
||||||
# Disable http request, only gRpc operations are allowed
|
# Disable http request, only gRpc operations are allowed
|
||||||
disableHttp: false
|
disableHttp: false
|
||||||
|
|
||||||
|
@ -378,6 +375,7 @@ filer:
|
||||||
# enable user & permission to s3 (need to inject to all services)
|
# enable user & permission to s3 (need to inject to all services)
|
||||||
enableAuth: false
|
enableAuth: false
|
||||||
skipAuthSecretCreation: false
|
skipAuthSecretCreation: false
|
||||||
|
auditLogConfig: {}
|
||||||
|
|
||||||
s3:
|
s3:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
@ -394,6 +392,7 @@ s3:
|
||||||
# enable user & permission to s3 (need to inject to all services)
|
# enable user & permission to s3 (need to inject to all services)
|
||||||
enableAuth: false
|
enableAuth: false
|
||||||
skipAuthSecretCreation: false
|
skipAuthSecretCreation: false
|
||||||
|
auditLogConfig: {}
|
||||||
|
|
||||||
# Suffix of the host name, {bucket}.{domainName}
|
# Suffix of the host name, {bucket}.{domainName}
|
||||||
domainName: ""
|
domainName: ""
|
||||||
|
|
Loading…
Reference in a new issue