diff --git a/cmd/handler-api.go b/cmd/handler-api.go index 48d5545c8..8505c234e 100644 --- a/cmd/handler-api.go +++ b/cmd/handler-api.go @@ -49,7 +49,7 @@ type apiConfig struct { staleUploadsExpiry time.Duration staleUploadsCleanupInterval time.Duration deleteCleanupInterval time.Duration - disableODirect bool + enableODirect bool gzipObjects bool rootAccess bool syncEvents bool @@ -164,17 +164,17 @@ func (t *apiConfig) init(cfg api.Config, setDriveCounts []int) { t.staleUploadsExpiry = cfg.StaleUploadsExpiry t.staleUploadsCleanupInterval = cfg.StaleUploadsCleanupInterval t.deleteCleanupInterval = cfg.DeleteCleanupInterval - t.disableODirect = cfg.DisableODirect + t.enableODirect = cfg.EnableODirect t.gzipObjects = cfg.GzipObjects t.rootAccess = cfg.RootAccess t.syncEvents = cfg.SyncEvents } -func (t *apiConfig) isDisableODirect() bool { +func (t *apiConfig) odirectEnabled() bool { t.mu.RLock() defer t.mu.RUnlock() - return t.disableODirect + return t.enableODirect } func (t *apiConfig) shouldGzipObjects() bool { diff --git a/cmd/xl-storage.go b/cmd/xl-storage.go index 85634eef4..f394d5957 100644 --- a/cmd/xl-storage.go +++ b/cmd/xl-storage.go @@ -284,7 +284,7 @@ func newXLStorage(ep Endpoint, cleanUp bool) (s *xlStorage, err error) { s.formatLegacy = format.Erasure.DistributionAlgo == formatErasureVersionV2DistributionAlgoV1 } - if !globalAPIConfig.isDisableODirect() { + if globalAPIConfig.odirectEnabled() { // Return an error if ODirect is not supported // unless it is a single erasure disk mode if err := s.checkODirectDiskSupport(); err == nil { @@ -1480,7 +1480,7 @@ func (s *xlStorage) readAllData(ctx context.Context, volumeDir string, filePath return nil, time.Time{}, ctx.Err() } - odirectEnabled := !globalAPIConfig.isDisableODirect() && s.oDirect + odirectEnabled := globalAPIConfig.odirectEnabled() && s.oDirect var f *os.File if odirectEnabled { f, err = OpenFileDirectIO(filePath, readMode, 0o666) @@ -1761,7 +1761,7 @@ func (s *xlStorage) ReadFileStream(ctx context.Context, volume, path string, off return nil, err } - odirectEnabled := !globalAPIConfig.isDisableODirect() && s.oDirect + odirectEnabled := globalAPIConfig.odirectEnabled() && s.oDirect var file *os.File if odirectEnabled { @@ -1898,7 +1898,7 @@ func (s *xlStorage) writeAllDirect(ctx context.Context, filePath string, fileSiz return osErrToFileErr(err) } - odirectEnabled := !globalAPIConfig.isDisableODirect() && s.oDirect + odirectEnabled := globalAPIConfig.odirectEnabled() && s.oDirect var w *os.File if odirectEnabled { diff --git a/docs/config/README.md b/docs/config/README.md index b84105113..a10f31332 100644 --- a/docs/config/README.md +++ b/docs/config/README.md @@ -143,7 +143,9 @@ transition_workers (number) set the number of transition workers stale_uploads_expiry (duration) set to expire stale multipart uploads older than this values (default: '24h') stale_uploads_cleanup_interval (duration) set to change intervals when stale multipart uploads are expired (default: '6h') delete_cleanup_interval (duration) set to change intervals when deleted objects are permanently deleted from ".trash" folder (default: '5m') -disable_odirect (boolean) set to disable O_DIRECT for reads under special conditions. NOTE: it is not recommended to disable O_DIRECT without prior testing. (default: 'off') +odirect (boolean) set to enable or disable O_DIRECT for read and writes under special conditions. NOTE: do not disable O_DIRECT without prior testing (default: 'on') +root_access (boolean) turn 'off' root credential access for all API calls including s3, admin operations (default: 'on') +sync_events (boolean) set to enable synchronous bucket notifications (default: 'off') ``` or environment variables @@ -160,7 +162,9 @@ MINIO_API_TRANSITION_WORKERS (number) set the number of transiti MINIO_API_STALE_UPLOADS_EXPIRY (duration) set to expire stale multipart uploads older than this values (default: '24h') MINIO_API_STALE_UPLOADS_CLEANUP_INTERVAL (duration) set to change intervals when stale multipart uploads are expired (default: '6h') MINIO_API_DELETE_CLEANUP_INTERVAL (duration) set to change intervals when deleted objects are permanently deleted from ".trash" folder (default: '5m') -MINIO_API_DISABLE_ODIRECT (boolean) set to disable O_DIRECT for reads under special conditions. NOTE: it is not recommended to disable O_DIRECT without prior testing. (default: 'off') +MINIO_API_ODIRECT (boolean) set to enable or disable O_DIRECT for read and writes under special conditions. NOTE: do not disable O_DIRECT without prior testing (default: 'on') +MINIO_API_ROOT_ACCESS (boolean) turn 'off' root credential access for all API calls including s3, admin operations (default: 'on') +MINIO_API_SYNC_EVENTS (boolean) set to enable synchronous bucket notifications (default: 'off') ``` #### Notifications diff --git a/internal/config/api/api.go b/internal/config/api/api.go index 6cef0abfb..df8697187 100644 --- a/internal/config/api/api.go +++ b/internal/config/api/api.go @@ -43,6 +43,7 @@ const ( apiStaleUploadsExpiry = "stale_uploads_expiry" apiDeleteCleanupInterval = "delete_cleanup_interval" apiDisableODirect = "disable_odirect" + apiODirect = "odirect" apiGzipObjects = "gzip_objects" apiRootAccess = "root_access" apiSyncEvents = "sync_events" @@ -52,17 +53,19 @@ const ( EnvAPIClusterDeadline = "MINIO_API_CLUSTER_DEADLINE" EnvAPICorsAllowOrigin = "MINIO_API_CORS_ALLOW_ORIGIN" EnvAPIRemoteTransportDeadline = "MINIO_API_REMOTE_TRANSPORT_DEADLINE" + EnvAPITransitionWorkers = "MINIO_API_TRANSITION_WORKERS" EnvAPIListQuorum = "MINIO_API_LIST_QUORUM" - EnvAPISecureCiphers = "MINIO_API_SECURE_CIPHERS" // default "on" + EnvAPISecureCiphers = "MINIO_API_SECURE_CIPHERS" // default config.EnableOn EnvAPIReplicationPriority = "MINIO_API_REPLICATION_PRIORITY" EnvAPIStaleUploadsCleanupInterval = "MINIO_API_STALE_UPLOADS_CLEANUP_INTERVAL" EnvAPIStaleUploadsExpiry = "MINIO_API_STALE_UPLOADS_EXPIRY" EnvAPIDeleteCleanupInterval = "MINIO_API_DELETE_CLEANUP_INTERVAL" EnvDeleteCleanupInterval = "MINIO_DELETE_CLEANUP_INTERVAL" + EnvAPIODirect = "MINIO_API_ODIRECT" EnvAPIDisableODirect = "MINIO_API_DISABLE_ODIRECT" EnvAPIGzipObjects = "MINIO_API_GZIP_OBJECTS" - EnvAPIRootAccess = "MINIO_API_ROOT_ACCESS" // default "on" + EnvAPIRootAccess = "MINIO_API_ROOT_ACCESS" // default config.EnableOn EnvAPISyncEvents = "MINIO_API_SYNC_EVENTS" // default "off" ) @@ -71,11 +74,6 @@ const ( apiReadyDeadline = "ready_deadline" apiReplicationWorkers = "replication_workers" apiReplicationFailedWorkers = "replication_failed_workers" - - EnvAPIReadyDeadline = "MINIO_API_READY_DEADLINE" - EnvAPIReplicationWorkers = "MINIO_API_REPLICATION_WORKERS" - EnvAPIReplicationFailedWorkers = "MINIO_API_REPLICATION_FAILED_WORKERS" - EnvAPITransitionWorkers = "MINIO_API_TRANSITION_WORKERS" ) // DefaultKVS - default storage class config @@ -126,20 +124,25 @@ var ( Value: "5m", }, config.KV{ - Key: apiDisableODirect, - Value: "off", + Key: apiDisableODirect, + Value: "", + Deprecated: true, + }, + config.KV{ + Key: apiODirect, + Value: config.EnableOn, }, config.KV{ Key: apiGzipObjects, - Value: "off", + Value: config.EnableOff, }, config.KV{ Key: apiRootAccess, - Value: "on", + Value: config.EnableOn, }, config.KV{ Key: apiSyncEvents, - Value: "off", + Value: config.EnableOff, }, } ) @@ -157,7 +160,7 @@ type Config struct { StaleUploadsCleanupInterval time.Duration `json:"stale_uploads_cleanup_interval"` StaleUploadsExpiry time.Duration `json:"stale_uploads_expiry"` DeleteCleanupInterval time.Duration `json:"delete_cleanup_interval"` - DisableODirect bool `json:"disable_odirect"` + EnableODirect bool `json:"enable_odirect"` GzipObjects bool `json:"gzip_objects"` RootAccess bool `json:"root_access"` SyncEvents bool `json:"sync_events"` @@ -184,13 +187,14 @@ func LookupConfig(kvs config.KVS) (cfg Config, err error) { } disableODirect := env.Get(EnvAPIDisableODirect, kvs.Get(apiDisableODirect)) == config.EnableOn + enableODirect := env.Get(EnvAPIODirect, kvs.Get(apiODirect)) == config.EnableOn gzipObjects := env.Get(EnvAPIGzipObjects, kvs.Get(apiGzipObjects)) == config.EnableOn rootAccess := env.Get(EnvAPIRootAccess, kvs.Get(apiRootAccess)) == config.EnableOn cfg = Config{ - DisableODirect: disableODirect, - GzipObjects: gzipObjects, - RootAccess: rootAccess, + EnableODirect: enableODirect || !disableODirect, + GzipObjects: gzipObjects, + RootAccess: rootAccess, } var corsAllowOrigin []string diff --git a/internal/config/api/help.go b/internal/config/api/help.go index c347884cc..84b34e10b 100644 --- a/internal/config/api/help.go +++ b/internal/config/api/help.go @@ -93,8 +93,8 @@ var ( Type: "duration", }, config.HelpKV{ - Key: apiDisableODirect, - Description: "set to disable O_DIRECT for read and writes under special conditions. NOTE: it is not recommended to disable O_DIRECT without prior testing" + defaultHelpPostfix(apiDisableODirect), + Key: apiODirect, + Description: "set to enable or disable O_DIRECT for read and writes under special conditions. NOTE: do not disable O_DIRECT without prior testing" + defaultHelpPostfix(apiODirect), Optional: true, Type: "boolean", },