object

package
v1.6.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 20, 2021 License: Apache-2.0 Imports: 52 Imported by: 93

Documentation

Overview

Package object for the Ceph object store.

Index

Constants

View Source
const (

	// AppName is the name Rook uses for the object store's application
	AppName = "rook-ceph-rgw"

	AccessKeyName = "access-key"
	SecretKeyName = "secret-key"
)
View Source
const (
	All                            action = "s3:*"
	AbortMultipartUpload           action = "s3:AbortMultipartUpload"
	CreateBucket                   action = "s3:CreateBucket"
	DeleteBucketPolicy             action = "s3:DeleteBucketPolicy"
	DeleteBucket                   action = "s3:DeleteBucket"
	DeleteBucketWebsite            action = "s3:DeleteBucketWebsite"
	DeleteObject                   action = "s3:DeleteObject"
	DeleteObjectVersion            action = "s3:DeleteObjectVersion"
	DeleteReplicationConfiguration action = "s3:DeleteReplicationConfiguration"
	GetAccelerateConfiguration     action = "s3:GetAccelerateConfiguration"
	GetBucketAcl                   action = "s3:GetBucketAcl"
	GetBucketCORS                  action = "s3:GetBucketCORS"
	GetBucketLocation              action = "s3:GetBucketLocation"
	GetBucketLogging               action = "s3:GetBucketLogging"
	GetBucketNotification          action = "s3:GetBucketNotification"
	GetBucketPolicy                action = "s3:GetBucketPolicy"
	GetBucketRequestPayment        action = "s3:GetBucketRequestPayment"
	GetBucketTagging               action = "s3:GetBucketTagging"
	GetBucketVersioning            action = "s3:GetBucketVersioning"
	GetBucketWebsite               action = "s3:GetBucketWebsite"
	GetLifecycleConfiguration      action = "s3:GetLifecycleConfiguration"
	GetObjectAcl                   action = "s3:GetObjectAcl"
	GetObject                      action = "s3:GetObject"
	GetObjectTorrent               action = "s3:GetObjectTorrent"
	GetObjectVersionAcl            action = "s3:GetObjectVersionAcl"
	GetObjectVersion               action = "s3:GetObjectVersion"
	GetObjectVersionTorrent        action = "s3:GetObjectVersionTorrent"
	GetReplicationConfiguration    action = "s3:GetReplicationConfiguration"
	ListAllMyBuckets               action = "s3:ListAllMyBuckets"
	ListBucketMultiPartUploads     action = "s3:ListBucketMultiPartUploads"
	ListBucket                     action = "s3:ListBucket"
	ListBucketVersions             action = "s3:ListBucketVersions"
	ListMultipartUploadParts       action = "s3:ListMultipartUploadParts"
	PutAccelerateConfiguration     action = "s3:PutAccelerateConfiguration"
	PutBucketAcl                   action = "s3:PutBucketAcl"
	PutBucketCORS                  action = "s3:PutBucketCORS"
	PutBucketLogging               action = "s3:PutBucketLogging"
	PutBucketNotification          action = "s3:PutBucketNotification"
	PutBucketPolicy                action = "s3:PutBucketPolicy"
	PutBucketRequestPayment        action = "s3:PutBucketRequestPayment"
	PutBucketTagging               action = "s3:PutBucketTagging"
	PutBucketVersioning            action = "s3:PutBucketVersioning"
	PutBucketWebsite               action = "s3:PutBucketWebsite"
	PutLifecycleConfiguration      action = "s3:PutLifecycleConfiguration"
	PutObjectAcl                   action = "s3:PutObjectAcl"
	PutObject                      action = "s3:PutObject"
	PutObjectVersionAcl            action = "s3:PutObjectVersionAcl"
	PutReplicationConfiguration    action = "s3:PutReplicationConfiguration"
	RestoreObject                  action = "s3:RestoreObject"
)
View Source
const (
	RGWErrorNone = iota
	RGWErrorUnknown
	RGWErrorNotFound
	RGWErrorBadData
	RGWErrorParse
	ErrorCodeFileExists = 17
)
View Source
const (
	ServiceServingCertCAFile = "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt"
)

Variables

AllowedActions is a lenient default list of actions

View Source
var (

	// An user with system privileges for dashboard service
	DashboardUser = "dashboard-admin"
)

Functions

func Add added in v1.3.0

func Add(mgr manager.Manager, context *clusterd.Context) error

Add creates a new cephObjectStore Controller and adds it to the Manager. The Manager will set fields on the Controller and Start it when the Manager is Started.

func BuildDomainName added in v1.4.0

func BuildDomainName(name, namespace string) string

BuildDomainName build the dns name to reach out the service endpoint

func CreatePools added in v1.4.0

func CreatePools(context *Context, clusterSpec *cephv1.ClusterSpec, metadataPool, dataPool cephv1.PoolSpec) error

func DecodeSecret added in v1.4.0

func DecodeSecret(secret *v1.Secret, keyName string) (string, error)

func DecodeZoneGroupConfig added in v1.4.0

func DecodeZoneGroupConfig(data string) (zoneGroupType, error)

func DeleteObjectBucket added in v1.4.0

func DeleteObjectBucket(c *Context, bucketName string, purge bool) (int, error)

func DeleteUser added in v1.0.0

func DeleteUser(c *Context, id string, opts ...string) (string, error)

DeleteUser deletes the user with the given ID.

func EnableUserQuota added in v1.4.0

func EnableUserQuota(c *Context, id string) (string, error)

EnableUserQuota will allows to enable quota defined for a user

func GetBucketsStats added in v1.0.0

func GetBucketsStats(c *Context) (map[string]ObjectBucketStats, error)

func GetObjectBucketProvisioner added in v1.3.4

func GetObjectBucketProvisioner(c *clusterd.Context, namespace string) string

GetObjectBucketProvisioner returns the bucket provisioner name appended with operator namespace if OBC is watching on it

func GetRealmKeyArgs added in v1.4.0

func GetRealmKeyArgs(clusterdContext *clusterd.Context, realmName, namespace string) (string, string, error)

func GetTlsCaCert added in v1.5.12

func GetTlsCaCert(objContext *Context, objectStoreSpec *cephv1.ObjectStoreSpec) ([]byte, error)

GetTLSCACert fetch cacert for internal RGW requests

func LinkUser added in v1.1.0

func LinkUser(c *Context, id, bucket string) (string, int, error)

LinkUser will link a user to a bucket

func ListUserBuckets added in v1.5.5

func ListUserBuckets(c *Context, id string, opts ...string) (string, error)

func ListUsers added in v1.0.0

func ListUsers(c *Context) ([]string, int, error)

ListUsers lists the object pool users.

func RunAdminCommandNoMultisite added in v1.4.0

func RunAdminCommandNoMultisite(c *Context, expectJSON bool, args ...string) (string, error)

RunAdminCommandNoMultisite is for running radosgw-admin commands in scenarios where an object-store has not been created yet or for commands on the realm or zonegroup (ex: radosgw-admin zonegroup get) This function times out after a fixed interval if no response is received.

func SetQuotaUserBucketMax added in v1.1.0

func SetQuotaUserBucketMax(c *Context, id string, max int) (string, error)

SetQuotaUserBucketMax will set maximum bucket quota for a user

func SetQuotaUserMaxSize added in v1.4.0

func SetQuotaUserMaxSize(c *Context, id string, maxsize string) (string, error)

SetQuotaUserMaxSize allows to set maximum size for a user

func SetQuotaUserObjectMax added in v1.4.0

func SetQuotaUserObjectMax(c *Context, id string, maxobjects string) (string, error)

SetQuotaUserObject allows to set maximum limit on objects for a user

Types

type BucketPolicy added in v1.4.0

type BucketPolicy struct {
	// Id (optional) identifies the bucket policy
	Id string `json:"Id"`
	// Version is the version of the BucketPolicy data structure
	// should always be '2012-10-17'
	Version   string            `json:"Version"`
	Statement []PolicyStatement `json:"Statement"`
}

BucketPolicy represents set of policy statements for a single bucket.

func NewBucketPolicy added in v1.4.0

func NewBucketPolicy(ps ...PolicyStatement) *BucketPolicy

NewBucketPolicy obviously returns a new BucketPolicy. PolicyStatements may be passed in at creation or added after the fact. BucketPolicies should be passed to PutBucketPolicy().

func (*BucketPolicy) DropPolicyStatements added in v1.4.0

func (bp *BucketPolicy) DropPolicyStatements(sid ...string) *BucketPolicy

func (*BucketPolicy) EjectPrincipals added in v1.4.0

func (bp *BucketPolicy) EjectPrincipals(users ...string) *BucketPolicy

func (*BucketPolicy) ModifyBucketPolicy added in v1.4.0

func (bp *BucketPolicy) ModifyBucketPolicy(ps ...PolicyStatement) *BucketPolicy

ModifyBucketPolicy new and old statement SIDs and overwrites on a match. This allows users to Get, modify, and Replace existing statements as well as add new ones.

type Context added in v1.0.0

type Context struct {
	Context *clusterd.Context

	Name      string
	UID       string
	Endpoint  string
	Realm     string
	ZoneGroup string
	Zone      string
	// contains filtered or unexported fields
}

Context holds the context for the object store.

func NewContext added in v1.0.0

func NewContext(context *clusterd.Context, clusterInfo *client.ClusterInfo, name string) *Context

NewContext creates a new object store context.

func NewMultisiteContext added in v1.4.0

func NewMultisiteContext(context *clusterd.Context, clusterInfo *client.ClusterInfo, store *cephv1.CephObjectStore) (*Context, error)

type ObjectBucket added in v1.0.0

type ObjectBucket struct {
	Name string `json:"name"`
	ObjectBucketMetadata
	ObjectBucketStats
}

func GetBucket added in v1.0.0

func GetBucket(c *Context, bucket string) (*ObjectBucket, int, error)

func ListBuckets added in v1.0.0

func ListBuckets(c *Context) ([]ObjectBucket, error)

type ObjectBucketMetadata added in v1.0.0

type ObjectBucketMetadata struct {
	Owner     string    `json:"owner"`
	CreatedAt time.Time `json:"createdAt"`
}

type ObjectBucketStats added in v1.0.0

type ObjectBucketStats struct {
	Size            uint64 `json:"size"`
	NumberOfObjects uint64 `json:"numberOfObjects"`
}

func GetBucketStats added in v1.0.0

func GetBucketStats(c *Context, bucketName string) (*ObjectBucketStats, bool, error)

type ObjectBuckets added in v1.0.0

type ObjectBuckets []ObjectBucket

func (ObjectBuckets) Len added in v1.0.0

func (slice ObjectBuckets) Len() int

func (ObjectBuckets) Less added in v1.0.0

func (slice ObjectBuckets) Less(i, j int) bool

func (ObjectBuckets) Swap added in v1.0.0

func (slice ObjectBuckets) Swap(i, j int)

type ObjectUser added in v1.0.0

type ObjectUser struct {
	UserID      string  `json:"userId"`
	DisplayName *string `json:"displayName"`
	Email       *string `json:"email"`
	AccessKey   *string `json:"accessKey"`
	SecretKey   *string `json:"secretKey"`
	SystemUser  bool    `json:"systemuser"`
}

An ObjectUser defines the details of an object store user.

func CreateUser added in v1.0.0

func CreateUser(c *Context, user ObjectUser) (*ObjectUser, int, error)

CreateUser creates a new user with the information given.

func GetUser added in v1.0.0

func GetUser(c *Context, id string) (*ObjectUser, int, error)

GetUser returns the user with the given ID.

func UpdateUser added in v1.0.0

func UpdateUser(c *Context, user ObjectUser) (*ObjectUser, int, error)

UpdateUser updates the user whose ID matches the user.

type PolicyStatement added in v1.4.0

type PolicyStatement struct {
	// Sid (optional) is the PolicyStatement's unique  identifier
	Sid string `json:"Sid"`
	// Effect determines whether the Action(s) are 'Allow'ed or 'Deny'ed.
	Effect effect `json:"Effect"`
	// Principle is/are the Ceph user names affected by this PolicyStatement
	// Must be in the format of 'arn:aws:iam:::user/<ceph-user>'
	Principal map[string][]string `json:"Principal"`
	// Action is a list of s3:* actions
	Action []action `json:"Action"`
	// Resource is the ARN identifier for the S3 resource (bucket)
	// Must be in the format of 'arn:aws:s3:::<bucket>'
	Resource []string `json:"Resource"`
}

PolicyStatment is the Go representation of a PolicyStatement json struct it defines what Actions that a Principle can or cannot perform on a Resource

func NewPolicyStatement added in v1.4.0

func NewPolicyStatement() *PolicyStatement

NewPolicyStatement generates a new PolicyStatement. PolicyStatment methods are designed to be chain called with dot notation to allow for easy configuration at creation. This is preferable to a long parameter list.

func (*PolicyStatement) Actions added in v1.4.0

func (ps *PolicyStatement) Actions(actions ...action) *PolicyStatement

Actions is the set of "s3:*" actions for the PolicyStatement is concerned

func (*PolicyStatement) Allows added in v1.4.0

func (ps *PolicyStatement) Allows() *PolicyStatement

Allows sets the effect of the PolicyStatement to allow PolicyStatement's Actions

func (*PolicyStatement) Denies added in v1.4.0

func (ps *PolicyStatement) Denies() *PolicyStatement

Denies sets the effect of the PolicyStatement to deny the PolicyStatement's Actions

func (*PolicyStatement) EjectPrincipals added in v1.4.0

func (ps *PolicyStatement) EjectPrincipals(users ...string)

func (*PolicyStatement) ForPrincipals added in v1.4.0

func (ps *PolicyStatement) ForPrincipals(users ...string) *PolicyStatement

ForPrincipals adds users to the PolicyStatement

func (*PolicyStatement) ForResources added in v1.4.0

func (ps *PolicyStatement) ForResources(resources ...string) *PolicyStatement

ForResources adds resources (buckets) to the PolicyStatement with the appropriate ARN prefix

func (*PolicyStatement) ForSubResources added in v1.4.0

func (ps *PolicyStatement) ForSubResources(resources ...string) *PolicyStatement

ForSubResources add contents inside the bucket to the PolicyStatement with the appropriate ARN prefix

func (*PolicyStatement) WithSID added in v1.4.0

func (ps *PolicyStatement) WithSID(sid string) *PolicyStatement

type ReconcileCephObjectStore added in v1.3.0

type ReconcileCephObjectStore struct {
	// contains filtered or unexported fields
}

ReconcileCephObjectStore reconciles a cephObjectStore object

func (*ReconcileCephObjectStore) Reconcile added in v1.3.0

func (r *ReconcileCephObjectStore) Reconcile(context context.Context, request reconcile.Request) (reconcile.Result, error)

Reconcile reads that state of the cluster for a cephObjectStore object and makes changes based on the state read and what is in the cephObjectStore.Spec The Controller will requeue the Request to be processed again if the returned error is non-nil or Result.Requeue is true, otherwise upon completion it will remove the work from the queue.

type S3Agent added in v1.4.0

type S3Agent struct {
	Client *s3.S3
}

S3Agent wraps the s3.S3 structure to allow for wrapper methods

func NewS3Agent added in v1.4.0

func NewS3Agent(accessKey, secretKey, endpoint string, debug bool, tlsCert []byte) (*S3Agent, error)

func (*S3Agent) CreateBucket added in v1.4.0

func (s *S3Agent) CreateBucket(name string) error

CreateBucket creates a bucket with the given name

func (*S3Agent) CreateBucketNoInfoLogging added in v1.4.0

func (s *S3Agent) CreateBucketNoInfoLogging(name string) error

CreateBucket creates a bucket with the given name

func (*S3Agent) DeleteBucket added in v1.4.0

func (s *S3Agent) DeleteBucket(name string) (bool, error)

DeleteBucket function deletes given bucket using s3 client

func (*S3Agent) DeleteObjectInBucket added in v1.4.0

func (s *S3Agent) DeleteObjectInBucket(bucketname string, key string) (bool, error)

DeleteObjectInBucket function deletes given bucket using s3 client

func (*S3Agent) GetBucketPolicy added in v1.4.0

func (s *S3Agent) GetBucketPolicy(bucket string) (*BucketPolicy, error)

func (*S3Agent) GetObjectInBucket added in v1.4.0

func (s *S3Agent) GetObjectInBucket(bucketname string, key string) (string, error)

GetObjectInBucket function retrieves an object from a bucket using s3 client

func (*S3Agent) PutBucketPolicy added in v1.4.0

func (s *S3Agent) PutBucketPolicy(bucket string, policy BucketPolicy) (*s3.PutBucketPolicyOutput, error)

PutBucketPolicy applies the policy to the bucket

func (*S3Agent) PutObjectInBucket added in v1.4.0

func (s *S3Agent) PutObjectInBucket(bucketname string, body string, key string,
	contentType string) (bool, error)

PutObjectInBucket function puts an object in a bucket using s3 client

Directories

Path Synopsis
Package objectrealm to manage a rook object realm.
Package objectrealm to manage a rook object realm.
Package objectuser to manage a rook object store user.
Package objectuser to manage a rook object store user.
Package zone to manage a rook object zone.
Package zone to manage a rook object zone.
Package objectzonegroup to manage a rook object zonegroup.
Package objectzonegroup to manage a rook object zonegroup.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL