make most changes suggested during install-party

This commit is contained in:
Trinity Pointard 2021-05-29 21:22:15 +02:00
parent ebd21b325e
commit 289521886b
6 changed files with 17 additions and 13 deletions

View file

@ -92,7 +92,7 @@ Then, replace the broken node by the new one, using:
``` ```
garage node configure --replace <old_node_id> \ garage node configure --replace <old_node_id> \
-c <capacity> -d <datacenter> -t <node_tag> <new_node_id> -c <capacity> -z <zone> -t <node_tag> <new_node_id>
``` ```
Garage will then start synchronizing all required data on the new node. Garage will then start synchronizing all required data on the new node.

View file

@ -72,7 +72,7 @@ Use the following command to start Garage in a docker container:
``` ```
docker run -d \ docker run -d \
-p 3901:3901 -p 3902:3902 -p 3900:3900 \ -p 3901:3901 -p 3902:3902 -p 3900:3900 \
-v ./config.toml:/garage/config.toml \ -v $PWD/garage.toml:/garage/garage.toml \
lxpz/garage_amd64:v0.3.0 lxpz/garage_amd64:v0.3.0
``` ```
@ -82,7 +82,7 @@ at launch time. For instance:
``` ```
docker run -d \ docker run -d \
-p 3901:3901 -p 3902:3902 -p 3900:3900 \ -p 3901:3901 -p 3902:3902 -p 3900:3900 \
-v ./config.toml:/garage/config.toml \ -v $PWD/garage.toml:/garage/garage.toml \
-e RUST_LOG=garage=info \ -e RUST_LOG=garage=info \
lxpz/garage_amd64:v0.3.0 lxpz/garage_amd64:v0.3.0
``` ```

View file

@ -12,7 +12,7 @@ You first need to generate TLS certificates to encrypt traffic between Garage no
To generate your TLS certificates, run on your machine: To generate your TLS certificates, run on your machine:
``` ```
wget https://git.deuxfleurs.fr/Deuxfleurs/garage/raw/branch/master/genkeys.sh wget https://git.deuxfleurs.fr/Deuxfleurs/garage/raw/branch/main/genkeys.sh
chmod +x genkeys.sh chmod +x genkeys.sh
./genkeys.sh ./genkeys.sh
``` ```
@ -49,13 +49,13 @@ For our example, we will suppose the following infrastructure with IPv6 connecti
On each machine, we will have a similar setup, On each machine, we will have a similar setup,
especially you must consider the following folders/files: especially you must consider the following folders/files:
- `/etc/garage/config.toml`: Garage daemon's configuration (see below) - `/etc/garage/garage.toml`: Garage daemon's configuration (see below)
- `/etc/garage/pki/`: Folder containing Garage certificates, must be generated on your computer and copied on the servers - `/etc/garage/pki/`: Folder containing Garage certificates, must be generated on your computer and copied on the servers
- `/var/lib/garage/meta/`: Folder containing Garage's metadata, put this folder on a SSD if possible - `/var/lib/garage/meta/`: Folder containing Garage's metadata, put this folder on a SSD if possible
- `/var/lib/garage/data/`: Folder containing Garage's data, this folder will grows and must be on a large storage, possibly big HDDs. - `/var/lib/garage/data/`: Folder containing Garage's data, this folder will grows and must be on a large storage, possibly big HDDs.
- `/etc/systemd/system/garage.service`: Service file to start garage at boot automatically (defined below, not required if you use docker) - `/etc/systemd/system/garage.service`: Service file to start garage at boot automatically (defined below, not required if you use docker)
A valid `/etc/garage/config.toml` for our cluster would be: A valid `/etc/garage/garage.toml` for our cluster would be:
```toml ```toml
metadata_dir = "/var/lib/garage/meta" metadata_dir = "/var/lib/garage/meta"
@ -103,7 +103,7 @@ docker run \
--restart always \ --restart always \
--network host \ --network host \
-v /etc/garage/pki:/etc/garage/pki \ -v /etc/garage/pki:/etc/garage/pki \
-v /etc/garage/config.toml:/garage/config.toml \ -v /etc/garage/garage.toml:/garage/garage.toml \
-v /var/lib/garage/meta:/var/lib/garage/meta \ -v /var/lib/garage/meta:/var/lib/garage/meta \
-v /var/lib/garage/data:/var/lib/garage/data \ -v /var/lib/garage/data:/var/lib/garage/data \
lxpz/garage_amd64:v0.3.0 lxpz/garage_amd64:v0.3.0
@ -130,7 +130,7 @@ Wants=network-online.target
[Service] [Service]
Environment='RUST_LOG=garage=info' 'RUST_BACKTRACE=1' Environment='RUST_LOG=garage=info' 'RUST_BACKTRACE=1'
ExecStart=/usr/local/bin/garage server -c /etc/garage/config.toml ExecStart=/usr/local/bin/garage server -c /etc/garage/garage.toml
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

View file

@ -11,7 +11,7 @@ As this part is not relevant for a test cluster, you can use this three-liner to
```bash ```bash
garagectl status | grep UNCONFIGURED | grep -Po '^[0-9a-f]+' | while read id; do garagectl status | grep UNCONFIGURED | grep -Po '^[0-9a-f]+' | while read id; do
garagectl node configure -d dc1 -c 1 $id garagectl node configure -z dc1 -c 1 $id
done done
``` ```

View file

@ -125,7 +125,7 @@ pub enum BucketOperation {
#[structopt(name = "allow")] #[structopt(name = "allow")]
Allow(PermBucketOpt), Allow(PermBucketOpt),
/// Allow key to read or write to bucket /// Deny key from reading or writing to bucket
#[structopt(name = "deny")] #[structopt(name = "deny")]
Deny(PermBucketOpt), Deny(PermBucketOpt),

View file

@ -279,9 +279,13 @@ impl RpcHttpClient {
tls_config: &Option<TlsConfig>, tls_config: &Option<TlsConfig>,
) -> Result<Self, Error> { ) -> Result<Self, Error> {
let method = if let Some(cf) = tls_config { let method = if let Some(cf) = tls_config {
let ca_certs = tls_util::load_certs(&cf.ca_cert)?; let ca_certs = tls_util::load_certs(&cf.ca_cert).map_err(|e| {
let node_certs = tls_util::load_certs(&cf.node_cert)?; Error::Message(format!("Failed to open CA certificate file: {:?}", e))
let node_key = tls_util::load_private_key(&cf.node_key)?; })?;
let node_certs = tls_util::load_certs(&cf.node_cert)
.map_err(|e| Error::Message(format!("Failed to open certificate file: {:?}", e)))?;
let node_key = tls_util::load_private_key(&cf.node_key)
.map_err(|e| Error::Message(format!("Failed to open private key file: {:?}", e)))?;
let mut config = rustls::ClientConfig::new(); let mut config = rustls::ClientConfig::new();