make most changes suggested during install-party
This commit is contained in:
parent
ebd21b325e
commit
289521886b
6 changed files with 17 additions and 13 deletions
|
@ -92,7 +92,7 @@ Then, replace the broken node by the new one, using:
|
||||||
|
|
||||||
```
|
```
|
||||||
garage node configure --replace <old_node_id> \
|
garage node configure --replace <old_node_id> \
|
||||||
-c <capacity> -d <datacenter> -t <node_tag> <new_node_id>
|
-c <capacity> -z <zone> -t <node_tag> <new_node_id>
|
||||||
```
|
```
|
||||||
|
|
||||||
Garage will then start synchronizing all required data on the new node.
|
Garage will then start synchronizing all required data on the new node.
|
||||||
|
|
|
@ -72,7 +72,7 @@ Use the following command to start Garage in a docker container:
|
||||||
```
|
```
|
||||||
docker run -d \
|
docker run -d \
|
||||||
-p 3901:3901 -p 3902:3902 -p 3900:3900 \
|
-p 3901:3901 -p 3902:3902 -p 3900:3900 \
|
||||||
-v ./config.toml:/garage/config.toml \
|
-v $PWD/garage.toml:/garage/garage.toml \
|
||||||
lxpz/garage_amd64:v0.3.0
|
lxpz/garage_amd64:v0.3.0
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -82,7 +82,7 @@ at launch time. For instance:
|
||||||
```
|
```
|
||||||
docker run -d \
|
docker run -d \
|
||||||
-p 3901:3901 -p 3902:3902 -p 3900:3900 \
|
-p 3901:3901 -p 3902:3902 -p 3900:3900 \
|
||||||
-v ./config.toml:/garage/config.toml \
|
-v $PWD/garage.toml:/garage/garage.toml \
|
||||||
-e RUST_LOG=garage=info \
|
-e RUST_LOG=garage=info \
|
||||||
lxpz/garage_amd64:v0.3.0
|
lxpz/garage_amd64:v0.3.0
|
||||||
```
|
```
|
||||||
|
|
|
@ -12,7 +12,7 @@ You first need to generate TLS certificates to encrypt traffic between Garage no
|
||||||
To generate your TLS certificates, run on your machine:
|
To generate your TLS certificates, run on your machine:
|
||||||
|
|
||||||
```
|
```
|
||||||
wget https://git.deuxfleurs.fr/Deuxfleurs/garage/raw/branch/master/genkeys.sh
|
wget https://git.deuxfleurs.fr/Deuxfleurs/garage/raw/branch/main/genkeys.sh
|
||||||
chmod +x genkeys.sh
|
chmod +x genkeys.sh
|
||||||
./genkeys.sh
|
./genkeys.sh
|
||||||
```
|
```
|
||||||
|
@ -49,13 +49,13 @@ For our example, we will suppose the following infrastructure with IPv6 connecti
|
||||||
On each machine, we will have a similar setup,
|
On each machine, we will have a similar setup,
|
||||||
especially you must consider the following folders/files:
|
especially you must consider the following folders/files:
|
||||||
|
|
||||||
- `/etc/garage/config.toml`: Garage daemon's configuration (see below)
|
- `/etc/garage/garage.toml`: Garage daemon's configuration (see below)
|
||||||
- `/etc/garage/pki/`: Folder containing Garage certificates, must be generated on your computer and copied on the servers
|
- `/etc/garage/pki/`: Folder containing Garage certificates, must be generated on your computer and copied on the servers
|
||||||
- `/var/lib/garage/meta/`: Folder containing Garage's metadata, put this folder on a SSD if possible
|
- `/var/lib/garage/meta/`: Folder containing Garage's metadata, put this folder on a SSD if possible
|
||||||
- `/var/lib/garage/data/`: Folder containing Garage's data, this folder will grows and must be on a large storage, possibly big HDDs.
|
- `/var/lib/garage/data/`: Folder containing Garage's data, this folder will grows and must be on a large storage, possibly big HDDs.
|
||||||
- `/etc/systemd/system/garage.service`: Service file to start garage at boot automatically (defined below, not required if you use docker)
|
- `/etc/systemd/system/garage.service`: Service file to start garage at boot automatically (defined below, not required if you use docker)
|
||||||
|
|
||||||
A valid `/etc/garage/config.toml` for our cluster would be:
|
A valid `/etc/garage/garage.toml` for our cluster would be:
|
||||||
|
|
||||||
```toml
|
```toml
|
||||||
metadata_dir = "/var/lib/garage/meta"
|
metadata_dir = "/var/lib/garage/meta"
|
||||||
|
@ -103,7 +103,7 @@ docker run \
|
||||||
--restart always \
|
--restart always \
|
||||||
--network host \
|
--network host \
|
||||||
-v /etc/garage/pki:/etc/garage/pki \
|
-v /etc/garage/pki:/etc/garage/pki \
|
||||||
-v /etc/garage/config.toml:/garage/config.toml \
|
-v /etc/garage/garage.toml:/garage/garage.toml \
|
||||||
-v /var/lib/garage/meta:/var/lib/garage/meta \
|
-v /var/lib/garage/meta:/var/lib/garage/meta \
|
||||||
-v /var/lib/garage/data:/var/lib/garage/data \
|
-v /var/lib/garage/data:/var/lib/garage/data \
|
||||||
lxpz/garage_amd64:v0.3.0
|
lxpz/garage_amd64:v0.3.0
|
||||||
|
@ -130,7 +130,7 @@ Wants=network-online.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Environment='RUST_LOG=garage=info' 'RUST_BACKTRACE=1'
|
Environment='RUST_LOG=garage=info' 'RUST_BACKTRACE=1'
|
||||||
ExecStart=/usr/local/bin/garage server -c /etc/garage/config.toml
|
ExecStart=/usr/local/bin/garage server -c /etc/garage/garage.toml
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
|
|
@ -11,7 +11,7 @@ As this part is not relevant for a test cluster, you can use this three-liner to
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
garagectl status | grep UNCONFIGURED | grep -Po '^[0-9a-f]+' | while read id; do
|
garagectl status | grep UNCONFIGURED | grep -Po '^[0-9a-f]+' | while read id; do
|
||||||
garagectl node configure -d dc1 -c 1 $id
|
garagectl node configure -z dc1 -c 1 $id
|
||||||
done
|
done
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -125,7 +125,7 @@ pub enum BucketOperation {
|
||||||
#[structopt(name = "allow")]
|
#[structopt(name = "allow")]
|
||||||
Allow(PermBucketOpt),
|
Allow(PermBucketOpt),
|
||||||
|
|
||||||
/// Allow key to read or write to bucket
|
/// Deny key from reading or writing to bucket
|
||||||
#[structopt(name = "deny")]
|
#[structopt(name = "deny")]
|
||||||
Deny(PermBucketOpt),
|
Deny(PermBucketOpt),
|
||||||
|
|
||||||
|
|
|
@ -279,9 +279,13 @@ impl RpcHttpClient {
|
||||||
tls_config: &Option<TlsConfig>,
|
tls_config: &Option<TlsConfig>,
|
||||||
) -> Result<Self, Error> {
|
) -> Result<Self, Error> {
|
||||||
let method = if let Some(cf) = tls_config {
|
let method = if let Some(cf) = tls_config {
|
||||||
let ca_certs = tls_util::load_certs(&cf.ca_cert)?;
|
let ca_certs = tls_util::load_certs(&cf.ca_cert).map_err(|e| {
|
||||||
let node_certs = tls_util::load_certs(&cf.node_cert)?;
|
Error::Message(format!("Failed to open CA certificate file: {:?}", e))
|
||||||
let node_key = tls_util::load_private_key(&cf.node_key)?;
|
})?;
|
||||||
|
let node_certs = tls_util::load_certs(&cf.node_cert)
|
||||||
|
.map_err(|e| Error::Message(format!("Failed to open certificate file: {:?}", e)))?;
|
||||||
|
let node_key = tls_util::load_private_key(&cf.node_key)
|
||||||
|
.map_err(|e| Error::Message(format!("Failed to open private key file: {:?}", e)))?;
|
||||||
|
|
||||||
let mut config = rustls::ClientConfig::new();
|
let mut config = rustls::ClientConfig::new();
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue