Browse Source
Merge pull request #2510 from kmlebedev/helm_auditLogConfig
helm add auditLogConfig option
pull/2515/head
Chris Lu
3 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with
16 additions and
3 deletions
-
k8s/helm_charts2/templates/filer-statefulset.yaml
-
k8s/helm_charts2/templates/s3-deployment.yaml
-
k8s/helm_charts2/templates/seaweedfs-s3-secret.yaml
-
k8s/helm_charts2/values.yaml
|
|
|
@ -149,6 +149,9 @@ spec: |
|
|
|
{{- if .Values.filer.s3.enableAuth }} |
|
|
|
-s3.config=/etc/sw/seaweedfs_s3_config \ |
|
|
|
{{- end }} |
|
|
|
{{- if .Values.filer.s3.auditLogConfig }} |
|
|
|
-s3.auditLogConfig=/etc/sw/filer_s3_auditLogConfig.json \ |
|
|
|
{{- end }} |
|
|
|
{{- end }} |
|
|
|
-master={{ range $index := until (.Values.master.replicas | int) }}${SEAWEEDFS_FULLNAME}-master-{{ $index }}.${SEAWEEDFS_FULLNAME}-master:{{ $.Values.master.port }}{{ if lt $index (sub ($.Values.master.replicas | int) 1) }},{{ end }}{{ end }} |
|
|
|
{{- if or (.Values.global.enableSecurity) (.Values.filer.extraVolumeMounts) }} |
|
|
|
|
|
|
|
@ -93,6 +93,9 @@ spec: |
|
|
|
{{- if .Values.s3.enableAuth }} |
|
|
|
-config=/etc/sw/seaweedfs_s3_config \ |
|
|
|
{{- end }} |
|
|
|
{{- if .Values.s3.auditLogConfig }} |
|
|
|
-auditLogConfig=/etc/sw/s3_auditLogConfig.json \ |
|
|
|
{{- end }} |
|
|
|
-filer={{ template "seaweedfs.name" . }}-filer-client:{{ .Values.filer.port }} |
|
|
|
volumeMounts: |
|
|
|
- name: logs |
|
|
|
|
|
|
|
@ -18,4 +18,12 @@ stringData: |
|
|
|
read_access_key_id: {{ $access_key_read }} |
|
|
|
read_secret_access_key: {{ $secret_key_read }} |
|
|
|
seaweedfs_s3_config: '{"identities":[{"name":"anvAdmin","credentials":[{"accessKey":"{{ $access_key_admin }}","secretKey":"{{ $secret_key_admin }}"}],"actions":["Admin","Read","Write"]},{"name":"anvReadOnly","credentials":[{"accessKey":"{{ $access_key_read }}","secretKey":"{{ $secret_key_read }}"}],"actions":["Read"]}]}' |
|
|
|
{{- if .Values.filer.s3.auditLogConfig }} |
|
|
|
filer_s3_auditLogConfig.json: | |
|
|
|
{{ toJson .Values.filer.s3.auditLogConfig | nindent 4 }} |
|
|
|
{{- end }} |
|
|
|
{{- if .Values.s3.auditLogConfig }} |
|
|
|
s3_auditLogConfig.json: | |
|
|
|
{{ toJson .Values.s3.auditLogConfig | nindent 4 }} |
|
|
|
{{- end }} |
|
|
|
{{- end }} |
|
|
|
@ -273,9 +273,6 @@ filer: |
|
|
|
# Limit sub dir listing size (default 100000) |
|
|
|
dirListLimit: 100000 |
|
|
|
|
|
|
|
# Turn off directory listing |
|
|
|
disableDirListing: false |
|
|
|
|
|
|
|
# Disable http request, only gRpc operations are allowed |
|
|
|
disableHttp: false |
|
|
|
|
|
|
|
@ -378,6 +375,7 @@ filer: |
|
|
|
# enable user & permission to s3 (need to inject to all services) |
|
|
|
enableAuth: false |
|
|
|
skipAuthSecretCreation: false |
|
|
|
auditLogConfig: {} |
|
|
|
|
|
|
|
s3: |
|
|
|
enabled: false |
|
|
|
@ -394,6 +392,7 @@ s3: |
|
|
|
# enable user & permission to s3 (need to inject to all services) |
|
|
|
enableAuth: false |
|
|
|
skipAuthSecretCreation: false |
|
|
|
auditLogConfig: {} |
|
|
|
|
|
|
|
# Suffix of the host name, {bucket}.{domainName} |
|
|
|
domainName: "" |
|
|
|
|
