make most changes suggested during install-party

This commit is contained in:
Trinity Pointard 2021-05-29 21:22:15 +02:00
parent ebd21b325e
commit 289521886b
6 changed files with 17 additions and 13 deletions

View file

@ -92,7 +92,7 @@ Then, replace the broken node by the new one, using:
```
garage node configure --replace <old_node_id> \
-c <capacity> -d <datacenter> -t <node_tag> <new_node_id>
-c <capacity> -z <zone> -t <node_tag> <new_node_id>
```
Garage will then start synchronizing all required data on the new node.

View file

@ -72,7 +72,7 @@ Use the following command to start Garage in a docker container:
```
docker run -d \
-p 3901:3901 -p 3902:3902 -p 3900:3900 \
-v ./config.toml:/garage/config.toml \
-v $PWD/garage.toml:/garage/garage.toml \
lxpz/garage_amd64:v0.3.0
```
@ -82,7 +82,7 @@ at launch time. For instance:
```
docker run -d \
-p 3901:3901 -p 3902:3902 -p 3900:3900 \
-v ./config.toml:/garage/config.toml \
-v $PWD/garage.toml:/garage/garage.toml \
-e RUST_LOG=garage=info \
lxpz/garage_amd64:v0.3.0
```

View file

@ -12,7 +12,7 @@ You first need to generate TLS certificates to encrypt traffic between Garage no
To generate your TLS certificates, run on your machine:
```
wget https://git.deuxfleurs.fr/Deuxfleurs/garage/raw/branch/master/genkeys.sh
wget https://git.deuxfleurs.fr/Deuxfleurs/garage/raw/branch/main/genkeys.sh
chmod +x genkeys.sh
./genkeys.sh
```
@ -49,13 +49,13 @@ For our example, we will suppose the following infrastructure with IPv6 connecti
On each machine, we will have a similar setup,
especially you must consider the following folders/files:
- `/etc/garage/config.toml`: Garage daemon's configuration (see below)
- `/etc/garage/garage.toml`: Garage daemon's configuration (see below)
- `/etc/garage/pki/`: Folder containing Garage certificates, must be generated on your computer and copied on the servers
- `/var/lib/garage/meta/`: Folder containing Garage's metadata, put this folder on a SSD if possible
- `/var/lib/garage/data/`: Folder containing Garage's data, this folder will grows and must be on a large storage, possibly big HDDs.
- `/etc/systemd/system/garage.service`: Service file to start garage at boot automatically (defined below, not required if you use docker)
A valid `/etc/garage/config.toml` for our cluster would be:
A valid `/etc/garage/garage.toml` for our cluster would be:
```toml
metadata_dir = "/var/lib/garage/meta"
@ -103,7 +103,7 @@ docker run \
--restart always \
--network host \
-v /etc/garage/pki:/etc/garage/pki \
-v /etc/garage/config.toml:/garage/config.toml \
-v /etc/garage/garage.toml:/garage/garage.toml \
-v /var/lib/garage/meta:/var/lib/garage/meta \
-v /var/lib/garage/data:/var/lib/garage/data \
lxpz/garage_amd64:v0.3.0
@ -130,7 +130,7 @@ Wants=network-online.target
[Service]
Environment='RUST_LOG=garage=info' 'RUST_BACKTRACE=1'
ExecStart=/usr/local/bin/garage server -c /etc/garage/config.toml
ExecStart=/usr/local/bin/garage server -c /etc/garage/garage.toml
[Install]
WantedBy=multi-user.target

View file

@ -11,7 +11,7 @@ As this part is not relevant for a test cluster, you can use this three-liner to
```bash
garagectl status | grep UNCONFIGURED | grep -Po '^[0-9a-f]+' | while read id; do
garagectl node configure -d dc1 -c 1 $id
garagectl node configure -z dc1 -c 1 $id
done
```

View file

@ -125,7 +125,7 @@ pub enum BucketOperation {
#[structopt(name = "allow")]
Allow(PermBucketOpt),
/// Allow key to read or write to bucket
/// Deny key from reading or writing to bucket
#[structopt(name = "deny")]
Deny(PermBucketOpt),

View file

@ -279,9 +279,13 @@ impl RpcHttpClient {
tls_config: &Option<TlsConfig>,
) -> Result<Self, Error> {
let method = if let Some(cf) = tls_config {
let ca_certs = tls_util::load_certs(&cf.ca_cert)?;
let node_certs = tls_util::load_certs(&cf.node_cert)?;
let node_key = tls_util::load_private_key(&cf.node_key)?;
let ca_certs = tls_util::load_certs(&cf.ca_cert).map_err(|e| {
Error::Message(format!("Failed to open CA certificate file: {:?}", e))
})?;
let node_certs = tls_util::load_certs(&cf.node_cert)
.map_err(|e| Error::Message(format!("Failed to open certificate file: {:?}", e)))?;
let node_key = tls_util::load_private_key(&cf.node_key)
.map_err(|e| Error::Message(format!("Failed to open private key file: {:?}", e)))?;
let mut config = rustls::ClientConfig::new();