Documentation ¶
Overview ¶
Package object for the Ceph object store.
Index ¶
- Constants
- Variables
- func Add(mgr manager.Manager, context *clusterd.Context) error
- func BuildDomainName(name, namespace string) string
- func CreatePools(context *Context, clusterSpec *cephv1.ClusterSpec, ...) error
- func DecodeSecret(secret *v1.Secret, keyName string) (string, error)
- func DecodeZoneGroupConfig(data string) (zoneGroupType, error)
- func DeleteObjectBucket(c *Context, bucketName string, purge bool) (int, error)
- func DeleteUser(c *Context, id string, opts ...string) (string, error)
- func EnableUserQuota(c *Context, id string) (string, error)
- func GetBucketsStats(c *Context) (map[string]ObjectBucketStats, error)
- func GetObjectBucketProvisioner(c *clusterd.Context, namespace string) string
- func GetRealmKeyArgs(clusterdContext *clusterd.Context, realmName, namespace string) (string, string, error)
- func GetTlsCaCert(objContext *Context, objectStoreSpec *cephv1.ObjectStoreSpec) ([]byte, error)
- func LinkUser(c *Context, id, bucket string) (string, int, error)
- func ListUserBuckets(c *Context, id string, opts ...string) (string, error)
- func ListUsers(c *Context) ([]string, int, error)
- func RunAdminCommandNoMultisite(c *Context, expectJSON bool, args ...string) (string, error)
- func SetQuotaUserBucketMax(c *Context, id string, max int) (string, error)
- func SetQuotaUserMaxSize(c *Context, id string, maxsize string) (string, error)
- func SetQuotaUserObjectMax(c *Context, id string, maxobjects string) (string, error)
- type BucketPolicy
- type Context
- type ObjectBucket
- type ObjectBucketMetadata
- type ObjectBucketStats
- type ObjectBuckets
- type ObjectUser
- type PolicyStatement
- func (ps *PolicyStatement) Actions(actions ...action) *PolicyStatement
- func (ps *PolicyStatement) Allows() *PolicyStatement
- func (ps *PolicyStatement) Denies() *PolicyStatement
- func (ps *PolicyStatement) EjectPrincipals(users ...string)
- func (ps *PolicyStatement) ForPrincipals(users ...string) *PolicyStatement
- func (ps *PolicyStatement) ForResources(resources ...string) *PolicyStatement
- func (ps *PolicyStatement) ForSubResources(resources ...string) *PolicyStatement
- func (ps *PolicyStatement) WithSID(sid string) *PolicyStatement
- type ReconcileCephObjectStore
- type S3Agent
- func (s *S3Agent) CreateBucket(name string) error
- func (s *S3Agent) CreateBucketNoInfoLogging(name string) error
- func (s *S3Agent) DeleteBucket(name string) (bool, error)
- func (s *S3Agent) DeleteObjectInBucket(bucketname string, key string) (bool, error)
- func (s *S3Agent) GetBucketPolicy(bucket string) (*BucketPolicy, error)
- func (s *S3Agent) GetObjectInBucket(bucketname string, key string) (string, error)
- func (s *S3Agent) PutBucketPolicy(bucket string, policy BucketPolicy) (*s3.PutBucketPolicyOutput, error)
- func (s *S3Agent) PutObjectInBucket(bucketname string, body string, key string, contentType string) (bool, error)
Constants ¶
const ( // AppName is the name Rook uses for the object store's application AppName = "rook-ceph-rgw" AccessKeyName = "access-key" SecretKeyName = "secret-key" )
const ( All action = "s3:*" AbortMultipartUpload action = "s3:AbortMultipartUpload" CreateBucket action = "s3:CreateBucket" DeleteBucketPolicy action = "s3:DeleteBucketPolicy" DeleteBucket action = "s3:DeleteBucket" DeleteBucketWebsite action = "s3:DeleteBucketWebsite" DeleteObject action = "s3:DeleteObject" DeleteObjectVersion action = "s3:DeleteObjectVersion" DeleteReplicationConfiguration action = "s3:DeleteReplicationConfiguration" GetAccelerateConfiguration action = "s3:GetAccelerateConfiguration" GetBucketAcl action = "s3:GetBucketAcl" GetBucketCORS action = "s3:GetBucketCORS" GetBucketLocation action = "s3:GetBucketLocation" GetBucketLogging action = "s3:GetBucketLogging" GetBucketNotification action = "s3:GetBucketNotification" GetBucketPolicy action = "s3:GetBucketPolicy" GetBucketRequestPayment action = "s3:GetBucketRequestPayment" GetBucketTagging action = "s3:GetBucketTagging" GetBucketVersioning action = "s3:GetBucketVersioning" GetBucketWebsite action = "s3:GetBucketWebsite" GetLifecycleConfiguration action = "s3:GetLifecycleConfiguration" GetObjectAcl action = "s3:GetObjectAcl" GetObject action = "s3:GetObject" GetObjectTorrent action = "s3:GetObjectTorrent" GetObjectVersionAcl action = "s3:GetObjectVersionAcl" GetObjectVersion action = "s3:GetObjectVersion" GetObjectVersionTorrent action = "s3:GetObjectVersionTorrent" GetReplicationConfiguration action = "s3:GetReplicationConfiguration" ListAllMyBuckets action = "s3:ListAllMyBuckets" ListBucketMultiPartUploads action = "s3:ListBucketMultiPartUploads" ListBucket action = "s3:ListBucket" ListBucketVersions action = "s3:ListBucketVersions" ListMultipartUploadParts action = "s3:ListMultipartUploadParts" PutAccelerateConfiguration action = "s3:PutAccelerateConfiguration" PutBucketAcl action = "s3:PutBucketAcl" PutBucketCORS action = "s3:PutBucketCORS" PutBucketLogging action = "s3:PutBucketLogging" PutBucketNotification action = "s3:PutBucketNotification" PutBucketPolicy action = "s3:PutBucketPolicy" PutBucketRequestPayment action = "s3:PutBucketRequestPayment" PutBucketTagging action = "s3:PutBucketTagging" PutBucketVersioning action = "s3:PutBucketVersioning" PutBucketWebsite action = "s3:PutBucketWebsite" PutLifecycleConfiguration action = "s3:PutLifecycleConfiguration" PutObjectAcl action = "s3:PutObjectAcl" PutObject action = "s3:PutObject" PutObjectVersionAcl action = "s3:PutObjectVersionAcl" PutReplicationConfiguration action = "s3:PutReplicationConfiguration" RestoreObject action = "s3:RestoreObject" )
const ( RGWErrorNone = iota RGWErrorUnknown RGWErrorNotFound RGWErrorBadData RGWErrorParse ErrorCodeFileExists = 17 )
const (
ServiceServingCertCAFile = "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt"
)
Variables ¶
var AllowedActions = []action{ DeleteObject, DeleteObjectVersion, GetBucketAcl, GetBucketCORS, GetBucketLocation, GetBucketLogging, GetBucketNotification, GetBucketTagging, GetBucketVersioning, GetBucketWebsite, GetObject, GetObjectAcl, GetObjectTorrent, GetObjectVersion, GetObjectVersionAcl, GetObjectVersionTorrent, ListAllMyBuckets, ListBucket, ListBucketMultiPartUploads, ListBucketVersions, ListMultipartUploadParts, PutBucketTagging, PutBucketVersioning, PutBucketWebsite, PutBucketVersioning, PutLifecycleConfiguration, PutObject, PutObjectAcl, PutObjectVersionAcl, PutReplicationConfiguration, RestoreObject, }
AllowedActions is a lenient default list of actions
var (
// An user with system privileges for dashboard service
DashboardUser = "dashboard-admin"
)
Functions ¶
func Add ¶ added in v1.3.0
Add creates a new cephObjectStore Controller and adds it to the Manager. The Manager will set fields on the Controller and Start it when the Manager is Started.
func BuildDomainName ¶ added in v1.4.0
BuildDomainName build the dns name to reach out the service endpoint
func CreatePools ¶ added in v1.4.0
func DecodeSecret ¶ added in v1.4.0
func DecodeZoneGroupConfig ¶ added in v1.4.0
func DeleteObjectBucket ¶ added in v1.4.0
func DeleteUser ¶ added in v1.0.0
DeleteUser deletes the user with the given ID.
func EnableUserQuota ¶ added in v1.4.0
EnableUserQuota will allows to enable quota defined for a user
func GetBucketsStats ¶ added in v1.0.0
func GetBucketsStats(c *Context) (map[string]ObjectBucketStats, error)
func GetObjectBucketProvisioner ¶ added in v1.3.4
GetObjectBucketProvisioner returns the bucket provisioner name appended with operator namespace if OBC is watching on it
func GetRealmKeyArgs ¶ added in v1.4.0
func GetTlsCaCert ¶ added in v1.5.12
func GetTlsCaCert(objContext *Context, objectStoreSpec *cephv1.ObjectStoreSpec) ([]byte, error)
GetTLSCACert fetch cacert for internal RGW requests
func ListUserBuckets ¶ added in v1.5.5
func RunAdminCommandNoMultisite ¶ added in v1.4.0
RunAdminCommandNoMultisite is for running radosgw-admin commands in scenarios where an object-store has not been created yet or for commands on the realm or zonegroup (ex: radosgw-admin zonegroup get) This function times out after a fixed interval if no response is received.
func SetQuotaUserBucketMax ¶ added in v1.1.0
SetQuotaUserBucketMax will set maximum bucket quota for a user
func SetQuotaUserMaxSize ¶ added in v1.4.0
SetQuotaUserMaxSize allows to set maximum size for a user
Types ¶
type BucketPolicy ¶ added in v1.4.0
type BucketPolicy struct { // Id (optional) identifies the bucket policy Id string `json:"Id"` // Version is the version of the BucketPolicy data structure // should always be '2012-10-17' Version string `json:"Version"` Statement []PolicyStatement `json:"Statement"` }
BucketPolicy represents set of policy statements for a single bucket.
func NewBucketPolicy ¶ added in v1.4.0
func NewBucketPolicy(ps ...PolicyStatement) *BucketPolicy
NewBucketPolicy obviously returns a new BucketPolicy. PolicyStatements may be passed in at creation or added after the fact. BucketPolicies should be passed to PutBucketPolicy().
func (*BucketPolicy) DropPolicyStatements ¶ added in v1.4.0
func (bp *BucketPolicy) DropPolicyStatements(sid ...string) *BucketPolicy
func (*BucketPolicy) EjectPrincipals ¶ added in v1.4.0
func (bp *BucketPolicy) EjectPrincipals(users ...string) *BucketPolicy
func (*BucketPolicy) ModifyBucketPolicy ¶ added in v1.4.0
func (bp *BucketPolicy) ModifyBucketPolicy(ps ...PolicyStatement) *BucketPolicy
ModifyBucketPolicy new and old statement SIDs and overwrites on a match. This allows users to Get, modify, and Replace existing statements as well as add new ones.
type Context ¶ added in v1.0.0
type Context struct { Context *clusterd.Context Name string UID string Endpoint string Realm string ZoneGroup string Zone string // contains filtered or unexported fields }
Context holds the context for the object store.
func NewContext ¶ added in v1.0.0
NewContext creates a new object store context.
func NewMultisiteContext ¶ added in v1.4.0
func NewMultisiteContext(context *clusterd.Context, clusterInfo *client.ClusterInfo, store *cephv1.CephObjectStore) (*Context, error)
type ObjectBucket ¶ added in v1.0.0
type ObjectBucket struct { Name string `json:"name"` ObjectBucketMetadata ObjectBucketStats }
func GetBucket ¶ added in v1.0.0
func GetBucket(c *Context, bucket string) (*ObjectBucket, int, error)
func ListBuckets ¶ added in v1.0.0
func ListBuckets(c *Context) ([]ObjectBucket, error)
type ObjectBucketMetadata ¶ added in v1.0.0
type ObjectBucketStats ¶ added in v1.0.0
type ObjectBucketStats struct { Size uint64 `json:"size"` NumberOfObjects uint64 `json:"numberOfObjects"` }
func GetBucketStats ¶ added in v1.0.0
func GetBucketStats(c *Context, bucketName string) (*ObjectBucketStats, bool, error)
type ObjectBuckets ¶ added in v1.0.0
type ObjectBuckets []ObjectBucket
func (ObjectBuckets) Len ¶ added in v1.0.0
func (slice ObjectBuckets) Len() int
func (ObjectBuckets) Less ¶ added in v1.0.0
func (slice ObjectBuckets) Less(i, j int) bool
func (ObjectBuckets) Swap ¶ added in v1.0.0
func (slice ObjectBuckets) Swap(i, j int)
type ObjectUser ¶ added in v1.0.0
type ObjectUser struct { UserID string `json:"userId"` DisplayName *string `json:"displayName"` Email *string `json:"email"` AccessKey *string `json:"accessKey"` SecretKey *string `json:"secretKey"` SystemUser bool `json:"systemuser"` }
An ObjectUser defines the details of an object store user.
func CreateUser ¶ added in v1.0.0
func CreateUser(c *Context, user ObjectUser) (*ObjectUser, int, error)
CreateUser creates a new user with the information given.
func GetUser ¶ added in v1.0.0
func GetUser(c *Context, id string) (*ObjectUser, int, error)
GetUser returns the user with the given ID.
func UpdateUser ¶ added in v1.0.0
func UpdateUser(c *Context, user ObjectUser) (*ObjectUser, int, error)
UpdateUser updates the user whose ID matches the user.
type PolicyStatement ¶ added in v1.4.0
type PolicyStatement struct { // Sid (optional) is the PolicyStatement's unique identifier Sid string `json:"Sid"` // Effect determines whether the Action(s) are 'Allow'ed or 'Deny'ed. Effect effect `json:"Effect"` // Principle is/are the Ceph user names affected by this PolicyStatement // Must be in the format of 'arn:aws:iam:::user/<ceph-user>' Principal map[string][]string `json:"Principal"` // Action is a list of s3:* actions Action []action `json:"Action"` // Resource is the ARN identifier for the S3 resource (bucket) // Must be in the format of 'arn:aws:s3:::<bucket>' Resource []string `json:"Resource"` }
PolicyStatment is the Go representation of a PolicyStatement json struct it defines what Actions that a Principle can or cannot perform on a Resource
func NewPolicyStatement ¶ added in v1.4.0
func NewPolicyStatement() *PolicyStatement
NewPolicyStatement generates a new PolicyStatement. PolicyStatment methods are designed to be chain called with dot notation to allow for easy configuration at creation. This is preferable to a long parameter list.
func (*PolicyStatement) Actions ¶ added in v1.4.0
func (ps *PolicyStatement) Actions(actions ...action) *PolicyStatement
Actions is the set of "s3:*" actions for the PolicyStatement is concerned
func (*PolicyStatement) Allows ¶ added in v1.4.0
func (ps *PolicyStatement) Allows() *PolicyStatement
Allows sets the effect of the PolicyStatement to allow PolicyStatement's Actions
func (*PolicyStatement) Denies ¶ added in v1.4.0
func (ps *PolicyStatement) Denies() *PolicyStatement
Denies sets the effect of the PolicyStatement to deny the PolicyStatement's Actions
func (*PolicyStatement) EjectPrincipals ¶ added in v1.4.0
func (ps *PolicyStatement) EjectPrincipals(users ...string)
func (*PolicyStatement) ForPrincipals ¶ added in v1.4.0
func (ps *PolicyStatement) ForPrincipals(users ...string) *PolicyStatement
ForPrincipals adds users to the PolicyStatement
func (*PolicyStatement) ForResources ¶ added in v1.4.0
func (ps *PolicyStatement) ForResources(resources ...string) *PolicyStatement
ForResources adds resources (buckets) to the PolicyStatement with the appropriate ARN prefix
func (*PolicyStatement) ForSubResources ¶ added in v1.4.0
func (ps *PolicyStatement) ForSubResources(resources ...string) *PolicyStatement
ForSubResources add contents inside the bucket to the PolicyStatement with the appropriate ARN prefix
func (*PolicyStatement) WithSID ¶ added in v1.4.0
func (ps *PolicyStatement) WithSID(sid string) *PolicyStatement
type ReconcileCephObjectStore ¶ added in v1.3.0
type ReconcileCephObjectStore struct {
// contains filtered or unexported fields
}
ReconcileCephObjectStore reconciles a cephObjectStore object
func (*ReconcileCephObjectStore) Reconcile ¶ added in v1.3.0
func (r *ReconcileCephObjectStore) Reconcile(context context.Context, request reconcile.Request) (reconcile.Result, error)
Reconcile reads that state of the cluster for a cephObjectStore object and makes changes based on the state read and what is in the cephObjectStore.Spec The Controller will requeue the Request to be processed again if the returned error is non-nil or Result.Requeue is true, otherwise upon completion it will remove the work from the queue.
type S3Agent ¶ added in v1.4.0
S3Agent wraps the s3.S3 structure to allow for wrapper methods
func NewS3Agent ¶ added in v1.4.0
func (*S3Agent) CreateBucket ¶ added in v1.4.0
CreateBucket creates a bucket with the given name
func (*S3Agent) CreateBucketNoInfoLogging ¶ added in v1.4.0
CreateBucket creates a bucket with the given name
func (*S3Agent) DeleteBucket ¶ added in v1.4.0
DeleteBucket function deletes given bucket using s3 client
func (*S3Agent) DeleteObjectInBucket ¶ added in v1.4.0
DeleteObjectInBucket function deletes given bucket using s3 client
func (*S3Agent) GetBucketPolicy ¶ added in v1.4.0
func (s *S3Agent) GetBucketPolicy(bucket string) (*BucketPolicy, error)
func (*S3Agent) GetObjectInBucket ¶ added in v1.4.0
GetObjectInBucket function retrieves an object from a bucket using s3 client
func (*S3Agent) PutBucketPolicy ¶ added in v1.4.0
func (s *S3Agent) PutBucketPolicy(bucket string, policy BucketPolicy) (*s3.PutBucketPolicyOutput, error)
PutBucketPolicy applies the policy to the bucket
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package objectrealm to manage a rook object realm.
|
Package objectrealm to manage a rook object realm. |
Package objectuser to manage a rook object store user.
|
Package objectuser to manage a rook object store user. |
Package zone to manage a rook object zone.
|
Package zone to manage a rook object zone. |
Package objectzonegroup to manage a rook object zonegroup.
|
Package objectzonegroup to manage a rook object zonegroup. |