gitlab-com-seaweedfs/seaweedfs
1
0
Fork 0
mirror of https://github.com/seaweedfs/seaweedfs.git synced 2024-01-19 02:48:24 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #2510 from kmlebedev/helm_auditLogConfig

Browse source 
helm add auditLogConfig option
This commit is contained in:
Chris Lu 2021-12-15 11:28:02 -08:00 committed by GitHub
parent bf4d7affc0 761ffdc405
commit c63fff9a10
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 16 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
k8s/helm_charts2/templates/filer-statefulset.yaml
View file

@ -149,6 +149,9 @@ spec:
{{- if .Values.filer.s3.enableAuth }} {{- if .Values.filer.s3.enableAuth }}
-s3.config=/etc/sw/seaweedfs_s3_config \ -s3.config=/etc/sw/seaweedfs_s3_config \
{{- end }} {{- end }}
{{- if .Values.filer.s3.auditLogConfig }}
-s3.auditLogConfig=/etc/sw/filer_s3_auditLogConfig.json \
{{- end }}
{{- end }} {{- end }}
-master={{ range $index := until (.Values.master.replicas | int) }}${SEAWEEDFS_FULLNAME}-master-{{ $index }}.${SEAWEEDFS_FULLNAME}-master:{{ $.Values.master.port }}{{ if lt $index (sub ($.Values.master.replicas | int) 1) }},{{ end }}{{ end }} -master={{ range $index := until (.Values.master.replicas | int) }}${SEAWEEDFS_FULLNAME}-master-{{ $index }}.${SEAWEEDFS_FULLNAME}-master:{{ $.Values.master.port }}{{ if lt $index (sub ($.Values.master.replicas | int) 1) }},{{ end }}{{ end }}
{{- if or (.Values.global.enableSecurity) (.Values.filer.extraVolumeMounts) }} {{- if or (.Values.global.enableSecurity) (.Values.filer.extraVolumeMounts) }}

3
k8s/helm_charts2/templates/s3-deployment.yaml
View file

@ -93,6 +93,9 @@ spec:
{{- if .Values.s3.enableAuth }} {{- if .Values.s3.enableAuth }}
-config=/etc/sw/seaweedfs_s3_config \ -config=/etc/sw/seaweedfs_s3_config \
{{- end }} {{- end }}
{{- if .Values.s3.auditLogConfig }}
-auditLogConfig=/etc/sw/s3_auditLogConfig.json \
{{- end }}
-filer={{ template "seaweedfs.name" . }}-filer-client:{{ .Values.filer.port }} -filer={{ template "seaweedfs.name" . }}-filer-client:{{ .Values.filer.port }}
volumeMounts: volumeMounts:
- name: logs - name: logs

8
k8s/helm_charts2/templates/seaweedfs-s3-secret.yaml
View file

@ -18,4 +18,12 @@ stringData:
read_access_key_id: {{ $access_key_read }} read_access_key_id: {{ $access_key_read }}
read_secret_access_key: {{ $secret_key_read }} read_secret_access_key: {{ $secret_key_read }}
seaweedfs_s3_config: '{"identities":[{"name":"anvAdmin","credentials":[{"accessKey":"{{ $access_key_admin }}","secretKey":"{{ $secret_key_admin }}"}],"actions":["Admin","Read","Write"]},{"name":"anvReadOnly","credentials":[{"accessKey":"{{ $access_key_read }}","secretKey":"{{ $secret_key_read }}"}],"actions":["Read"]}]}' seaweedfs_s3_config: '{"identities":[{"name":"anvAdmin","credentials":[{"accessKey":"{{ $access_key_admin }}","secretKey":"{{ $secret_key_admin }}"}],"actions":["Admin","Read","Write"]},{"name":"anvReadOnly","credentials":[{"accessKey":"{{ $access_key_read }}","secretKey":"{{ $secret_key_read }}"}],"actions":["Read"]}]}'
{{- if .Values.filer.s3.auditLogConfig }}
filer_s3_auditLogConfig.json: |
{{ toJson .Values.filer.s3.auditLogConfig | nindent 4 }}
{{- end }}
{{- if .Values.s3.auditLogConfig }}
s3_auditLogConfig.json: |
{{ toJson .Values.s3.auditLogConfig | nindent 4 }}
{{- end }}
{{- end }} {{- end }}

5
k8s/helm_charts2/values.yaml
View file

@ -273,9 +273,6 @@ filer:
# Limit sub dir listing size (default 100000) # Limit sub dir listing size (default 100000)
dirListLimit: 100000 dirListLimit: 100000
# Turn off directory listing
disableDirListing: false
# Disable http request, only gRpc operations are allowed # Disable http request, only gRpc operations are allowed
disableHttp: false disableHttp: false
@ -378,6 +375,7 @@ filer:
# enable user & permission to s3 (need to inject to all services) # enable user & permission to s3 (need to inject to all services)
enableAuth: false enableAuth: false
skipAuthSecretCreation: false skipAuthSecretCreation: false
auditLogConfig: {}
s3: s3:
enabled: false enabled: false
@ -394,6 +392,7 @@ s3:
# enable user & permission to s3 (need to inject to all services) # enable user & permission to s3 (need to inject to all services)
enableAuth: false enableAuth: false
skipAuthSecretCreation: false skipAuthSecretCreation: false
auditLogConfig: {}
# Suffix of the host name, {bucket}.{domainName} # Suffix of the host name, {bucket}.{domainName}
domainName: "" domainName: ""