Harshavardhana
fd53057654
Add InfoCannedPolicy API to fetch only necessary policy ( #8307 )
...
This PR adds
- InfoCannedPolicy() API for efficiency in fetching policies
- Send group memberships for LDAPUser if available
5 years ago
Harshavardhana
3094615e38
Update LDAP document to reflect work user/group sub-commands ( #8313 )
...
This PR also fixes markdown formatting
5 years ago
Klaus Post
ff726969aa
Switch to Snappy -> S2 compression ( #8189 )
5 years ago
Klaus Post
be313f1758
S3 Select: Workaround java buffer size ( #8312 )
...
Updates #7475
The Java implementation has a 128KB buffer and a message must be emitted before that is used. #7475 therefore limits the message size to 128KB. But up to 256 bytes are written to the buffer in each call. This means we must emit a message before shorter than 128KB.
Therefore we change the limit to 128KB minus 256 bytes.
5 years ago
Aditya Manthramurthy
704be85987
Fix numbering in doc ( #8311 )
5 years ago
Aditya Manthramurthy
c8da04ba5b
Add section on user/group policy for AD/LDAP integration ( #8310 )
5 years ago
Minio Trusted
9ed423b13f
Update yaml files to latest version RELEASE.2019-09-25T18-25-51Z
5 years ago
Harshavardhana
c8fbc94329
Fix writing 'format.json' and make it atomic ( #8296 )
...
- Choose a unique uuid such that under situations of duplicate
mounts we do not append to an existing json entry.
- Avoid AppendFile instead use WriteAll() to write the entire
byte array atomically.
5 years ago
Harshavardhana
be70ef59e7
Update minio-go to latest release ( #8297 )
...
- Change LDAP XML names to follow server changes
- Fix listObjects hang when listing special characters
- set encoding type to url in listobjects API
5 years ago
Anis Elleuch
a790877c01
s3: Encode continuation & next continuation tokens when asked ( #8292 )
...
When url encoding is passed in v2 listing handler, continuationToken
and nextContinuationToken needs to be encoded. The reason is that
both represents an object name/prefix in Minio server and it could
contain a character unsupported by XML specification.
5 years ago
Harshavardhana
77dc2031a2
Fix LDAP responseXML to be named appropriately ( #8285 )
...
This PR additionally also adds support for missing
- Session policy support for AD/LDAP
- Add API request/response parameters detail
- Update example to take ldap username,
password input from the command line
- Fixes session policy handling for
ClientGrants and WebIdentity
5 years ago
Harshavardhana
975134e42b
Add checks in DiskInfo() to protect against changing mounts ( #8286 )
5 years ago
Andreas Auernhammer
cb7d23cb17
remove SSE-S3 key rotation in CopyObject ( #8278 )
...
This commit removes the SSE-S3 key rotation functionality
from CopyObject since there will be a dedicated Admin-API
for this purpose.
Also update the security documentation to link to mc and
the admin documentation.
5 years ago
poornas
2e02e1889b
Cleanup ResponseWriter function for audit and trace ( #8283 )
5 years ago
Julio Pintos
3b05e175d7
fix link to let's encrypt doc ( #8294 )
5 years ago
Harshavardhana
b512241300
Add metrics healthcheck test with JWT ( #8287 )
5 years ago
ebozduman
dbf7b1e573
starts-with policy condition support issue ( #7937 )
5 years ago
Harshavardhana
26985ac632
Fix all failing tests with -race
5 years ago
Praveen raj Mani
ad75683bde
Authorize prometheus endpoint with bearer token ( #7640 )
5 years ago
poornas
4925bc3e80
log server startup messages to admin console api ( #8264 )
5 years ago
Andreas Auernhammer
ffded5a930
make the crypto error type a native go type ( #8267 )
...
This commit makes the `crypto.Error` type a native go (string)
type. That allows us to define error values as constants instead
of variables.
For reference see:
- https://twitter.com/_aead_/status/1118170258215514115?s=20
- https://dave.cheney.net/2016/04/07/constant-errors
5 years ago
Krishnan Parthasarathi
1127293863
Add a basic .dockerignore file to reduce docker context in `make docker` ( #8282 )
...
- Add useful default tag to dev docker image build using `make docker`
5 years ago
Andreas Auernhammer
2b51fe9f26
make SSE request header check comprehensive ( #8276 )
...
This commit refactors the SSE header check
by moving it into the `crypto` package, adds
a unit test for it and makes the check comprehensive.
5 years ago
Harshavardhana
4780fa5a58
Remove setting net.Conn Deadlines as its not needed anymore ( #8269 )
...
This commit fixes a bug introduced in af6c6a2b35
.
Setting deadlines in Go results in arbitrary hangs as reported here
https://github.com/golang/go/issues/34385
Fixes https://github.com/minio/minio/issues/7852
5 years ago
Klaus Post
520552ffa9
S3 select: flush when reaching limit ( #8279 )
...
Add missing flush when reaching select limit.
5 years ago
Andreas Auernhammer
b823d6d7bd
remove the unused code for decrypting `io.Writer` ( #8277 )
...
This commit removes unused code for decrypting
`io.Writer` since the actual implementation only
decrypts `io.Reader`
5 years ago
Andreas Auernhammer
a9d724120f
remove TLS 1.3 opt-in code ( #8275 )
...
This commit removes the TLS 1.3 opt-in code.
Since TLS 1.3 is opt-out for >= Go 1.13 this
code is not needed anymore.
5 years ago
Praveen raj Mani
dc0dce9beb
Check for connection errors during event transit in elasticsearch and webhook ( #8273 )
5 years ago
Yao Zongyou
0e1408844b
fix get container id bug ( #8196 )
5 years ago
Andreas Auernhammer
e34369c860
prepare SSE-S3 metadata parsing for K/V data key store ( #8259 )
...
This commit allows the MinIO server to parse the metadata if:
- either the `X-Minio-Internal-Server-Side-Encryption-S3-Key-Id`
and the `X-Minio-Internal-Server-Side-Encryption-S3-Kms-Sealed-Key`
entries are present.
- or *both* headers are not present.
This is in service to support a K/V data key store.
5 years ago
Minio Trusted
8dc897b5f5
Update yaml files to latest version RELEASE.2019-09-18T21-55-05Z
5 years ago
Praveen raj Mani
456ce4cc92
Add rootCAs support to Kafka & MQTT ( #8236 )
...
Fixes #8211
5 years ago
Aditya Manthramurthy
696f4ceee2
Add notes on configuring LDAP STS with Microsoft Active Directory ( #8260 )
5 years ago
Klaus Post
dac1cf5a9a
S3 Select: Parsing tweaks ( #8261 )
...
* Don't output empty lines.
* Trim whitespace from byte to int/float/bool conversions.
5 years ago
Harshavardhana
cb01516a26
In HDFS gateway fix non-empty folder behavior ( #8254 )
...
To be compatible with our FS and Erasure coded
mode deployments, make sure that we do not send
200 OK for folders which have files inside.
Fixes #8143
5 years ago
Aditya Manthramurthy
dfa1b417a8
Update comments in ldap example client code ( #8257 )
5 years ago
Krishnan Parthasarathi
31bee6b6ed
Remove size query parameter from PerfInfo handler ( #8258 )
5 years ago
poornas
04b92124c5
fs/xl: Log warning if cache config specified ( #8251 )
...
in non-gateway mode.
5 years ago
Harshavardhana
5392eee250
Avoid recursion and use a simple loop to merge entries ( #8239 )
...
This avoids stack overflows when there are
lot of entries to be skipped, this PR also
optimizes the code to reuse the buffers.
5 years ago
Vivian Kong
fa32c71a56
Build staticcheck as pre-built binaries are not available for s390x ( #8220 )
5 years ago
Klaus Post
c9b8bd8de2
S3 Select: optimize output ( #8238 )
...
Queue output items and reuse them.
Remove the unneeded type system in sql and just use the Go type system.
In best case this is more than an order of magnitude speedup:
```
BenchmarkSelectAll_1M-12 1 1841049400 ns/op 274299728 B/op 4198522 allocs/op
BenchmarkSelectAll_1M-12 14 84833400 ns/op 169228346 B/op 3146541 allocs/op
```
5 years ago
Klaus Post
017456df63
Wait clearing the close channel ( #8250 )
...
Close channel should not be nilled before goroutines have exited.
Fixes potential hang on closing.
5 years ago
Harshavardhana
14b137aa66
posix/readDir should populate name for DT_UKNOWN ( #8240 )
...
In commit a8296445ad
we changed the code to handle
some corner cases on ARM and other platforms, this
PR just avoids the return for unknown filetypes
prematurely and let the name be populated appropriately.
This fixes bug for older XFS implementations such as
in Ubuntu 14.04
5 years ago
Andreas Auernhammer
3064da7b08
return error during part listing when no quorum ( #8241 )
...
This commit fixes a subtle bug that (probably)
caused an issue affecting encrypted multipart objects.
When a cluster has no quorum this bug causes `ListObjectParts`
to return nil as error instead of a quorum error.
Thanks to @harshavardhana for detecting this.
5 years ago
poornas
76df027264
Allow caching only in gateway mode. ( #8232 )
...
This PR changes cache on PUT behavior to background fill the cache
after PutObject completes. This will avoid concurrency issues as in #8219 .
Added cleanup of partially filled cache to prevent cache corruption
- Fixes #8208
5 years ago
k-tipp
208efb843b
Update Kafka notification example doc ( #8212 )
5 years ago
Harshavardhana
9ac12cf898
Remove unusued Set/GetConfigKeys API ( #8235 )
5 years ago
Klaus Post
ddea0bdf11
Concurrent CSV parsing and reduce S3 select allocations ( #8200 )
...
```
CSV parsing, BEFORE:
BenchmarkReaderBasic-12 2842 407533 ns/op 397860 B/op 957 allocs/op
BenchmarkReaderReplace-12 2718 429914 ns/op 397844 B/op 957 allocs/op
BenchmarkReaderReplaceTwo-12 2718 435556 ns/op 397855 B/op 957 allocs/op
BenchmarkAggregateCount_100K-12 171 6798974 ns/op 16667102 B/op 308077 allocs/op
BenchmarkAggregateCount_1M-12 19 65657411 ns/op 168057743 B/op 3146610 allocs/op
BenchmarkSelectAll_10M-12 1 20882119900 ns/op 2758799896 B/op 41978762 allocs/op
CSV parsing, AFTER:
BenchmarkReaderBasic-12 3721 312549 ns/op 101920 B/op 338 allocs/op
BenchmarkReaderReplace-12 3776 318810 ns/op 101993 B/op 340 allocs/op
BenchmarkReaderReplaceTwo-12 3610 330967 ns/op 102012 B/op 341 allocs/op
BenchmarkAggregateCount_100K-12 295 4149588 ns/op 3553623 B/op 103261 allocs/op
BenchmarkAggregateCount_1M-12 30 37746503 ns/op 33827931 B/op 1049435 allocs/op
BenchmarkSelectAll_10M-12 1 17608495800 ns/op 1416504040 B/op 21007082 allocs/op
~ benchcmp old.txt new.txt
benchmark old ns/op new ns/op delta
BenchmarkReaderBasic-12 407533 312549 -23.31%
BenchmarkReaderReplace-12 429914 318810 -25.84%
BenchmarkReaderReplaceTwo-12 435556 330967 -24.01%
BenchmarkAggregateCount_100K-12 6798974 4149588 -38.97%
BenchmarkAggregateCount_1M-12 65657411 37746503 -42.51%
BenchmarkSelectAll_10M-12 20882119900 17608495800 -15.68%
benchmark old allocs new allocs delta
BenchmarkReaderBasic-12 957 338 -64.68%
BenchmarkReaderReplace-12 957 340 -64.47%
BenchmarkReaderReplaceTwo-12 957 341 -64.37%
BenchmarkAggregateCount_100K-12 308077 103261 -66.48%
BenchmarkAggregateCount_1M-12 3146610 1049435 -66.65%
BenchmarkSelectAll_10M-12 41978762 21007082 -49.96%
benchmark old bytes new bytes delta
BenchmarkReaderBasic-12 397860 101920 -74.38%
BenchmarkReaderReplace-12 397844 101993 -74.36%
BenchmarkReaderReplaceTwo-12 397855 102012 -74.36%
BenchmarkAggregateCount_100K-12 16667102 3553623 -78.68%
BenchmarkAggregateCount_1M-12 168057743 33827931 -79.87%
BenchmarkSelectAll_10M-12 2758799896 1416504040 -48.66%
```
```
BenchmarkReaderHuge/97K-12 2200 540840 ns/op 184.32 MB/s 1604450 B/op 687 allocs/op
BenchmarkReaderHuge/194K-12 1522 752257 ns/op 265.04 MB/s 2143135 B/op 1335 allocs/op
BenchmarkReaderHuge/389K-12 1190 947858 ns/op 420.69 MB/s 3221831 B/op 2630 allocs/op
BenchmarkReaderHuge/778K-12 806 1472486 ns/op 541.61 MB/s 5201856 B/op 5187 allocs/op
BenchmarkReaderHuge/1557K-12 426 2575269 ns/op 619.36 MB/s 9101330 B/op 10233 allocs/op
BenchmarkReaderHuge/3115K-12 286 4034656 ns/op 790.66 MB/s 12397968 B/op 16099 allocs/op
BenchmarkReaderHuge/6230K-12 172 6830563 ns/op 934.05 MB/s 16008416 B/op 26844 allocs/op
BenchmarkReaderHuge/12461K-12 100 11409467 ns/op 1118.39 MB/s 22655163 B/op 48107 allocs/op
BenchmarkReaderHuge/24922K-12 66 19780395 ns/op 1290.19 MB/s 35158559 B/op 90216 allocs/op
BenchmarkReaderHuge/49844K-12 34 37282559 ns/op 1369.03 MB/s 60528624 B/op 174497 allocs/op
```
5 years ago
Harshavardhana
e7f491a14b
Use optimized sha256-simd whenever possible ( #8227 )
...
Avoid using `crypto/sha256` and use always
`github.com/minio/sha256-simd`
5 years ago
Praveen raj Mani
8700945cdf
Handle connection failures on webhook/url pings ( #8204 )
...
Properly handle connection failures while replaying events
Fixes #8194
5 years ago