-
Notifications
You must be signed in to change notification settings - Fork 0
/
baseConfig.yaml
212 lines (196 loc) · 14.8 KB
/
baseConfig.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
# MUST READ :
# If you are creating a cloudfuse config file using this kindly take care of below points
# 1. All boolean configs (true|false config) (except ignore-open-flags, virtual-directory, sync-to-flush) are set to 'false' by default.
# No need to mention them in your config file unless you are setting them to true.
# 2. 'loopbackfs' is purely for testing and shall not be used in production configuration.
# 3. 'stream' and 'file_cache' can not co-exist and config file shall have only one of them based on your use case.
# 4. By default log level is set to 'log_warning' level and are redirected to syslog.
# Either use 'base' logging or syslog filters to redirect logs to separate file.
# To install syslog filter follow below steps:
# sudo cp setup/11-cloudfuse.conf /etc/rsyslog.d/
# sudo cp setup/cloudfuse-logrotate /etc/logrotate.d/
# sudo service rsyslog restart
# 5. For non-HNS (flat namespace) accounts cloudfuse expects special directory marker files to
# exists in container to identify a directory.
# If these files do not exist in container, then 'virtual-directory: true' in 'azstorage' section is required
# 6. By default 'writeback-cache' is enabled for libfuse3 and this may result in append/write operations to fail.
# Either you can disable 'writeback-cache', which might hurt the performance
# or you can configure cloudfuse to ignore open flags given by user and make it work with ''writeback-cache'.
# 'libfuse' section below has both the configurations.
# 7. If are you using 'allow-other: true' config then make sure user_allow_other is enabled in /etc/fuse.conf file as
# well otherwise mount will fail. By default /etc/fuse.conf will have this option disabled we just need to
# enable it and save the file.
# 8. If data in your storage account (non-HNS) is created using cloudfuse or AzCopy then there are marker files present
# in your container to mark a directory. In such cases you can optimize your listing by setting 'virtual-directory'
# flag to false in mount command.
# 9. If you are using 'file_cache' component then make sure you have enough disk space available for cache.
# 10. 'sdk-trace' has been removed and setting log level to log_debug will auto enable these logs.
# -----------------------------------------------------------------------------------------------------------------------
# Daemon configuration
foreground: true|false <run cloudfuse in foreground or background>
# Common configurations
read-only: true|false <mount in read only mode - used for Streaming and FUSE>
allow-other: true|false <allow other users to access the mounted directory - used for FUSE and File Cache>
nonempty: true|false <allow mounting on non-empty directory>
restricted-characters-windows: true|false <allows filenames with restricted characters to appear on Windows - used for AzStorage and S3Storage>
# Logger configuration
logging:
type: syslog|silent|base <type of logger to be used by the system. silent = no logger, base = file based logger. Default - syslog>
level: log_off|log_crit|log_err|log_warning|log_info|log_trace|log_debug <log level. Default - log_warning>
file-path: <path where log files shall be stored. Default - '$HOME/.cloudfuse/cloudfuse.log'>
max-file-size-mb: <maximum allowed size for each log file (in MB). Default - 512 MB>
file-count: <maximum number of files to be rotated to preserve old logs. Default - 10>
track-time: true|false <track time taken by important operations>
# Pipeline configuration. Choose components to be engaged. The order below is the priority order that needs to be followed.
components:
- libfuse
- stream
- block_cache
- file_cache
- attr_cache
- s3storage
- azstorage
- loopbackfs
# Libfuse configuration
libfuse:
default-permission: 0777|0666|0644|0444 <default permissions to be presented for block blobs>
attribute-expiration-sec: <time kernel can cache inode attributes (in sec). Default - 120 sec>
entry-expiration-sec: <time kernel can cache directory listing attributes (in sec). Default - 120 sec>
negative-entry-expiration-sec: <time kernel can cache attributes of non existent paths (in sec). Default - 120 sec>
fuse-trace: true|false <enable libfuse api trace logs for debugging>
extension: <physical path to extension library>
disable-writeback-cache: true|false <disallow libfuse to buffer write requests if you must strictly open files in O_WRONLY or O_APPEND mode. alternatively, you can set ignore-open-flags.>
ignore-open-flags: true|false <ignore the append and write only flag since O_APPEND and O_WRONLY is not supported with writeback caching. alternatively, you can disable-writeback-cache. Default value is true>
max-fuse-threads: <number of threads allowed at libfuse layer for highly parallel operations, Default is 128>
direct-io: true|false <enable to bypass the kernel cache>
network-share: true|false <runs as a network share. may improve performance when latency to cloud is high. only supported on Windows. Known issue - only one Cloudfuse network share can be mounted at a time>
display-capacity-mb: <number of MB to display as the mounted storage capacity. Default - 1TB (1048576 MB)>
# Streaming configuration
stream:
# If block-size-mb, max-buffers or buffer-size-mb are 0, the stream component will not cache blocks.
block-size-mb: <for read only mode size of each block to be cached in memory while streaming (in MB). For read/write size of newly created blocks. Default - 0 MB>
max-buffers: <total number of buffers to store blocks in. Default - 0>
buffer-size-mb: <size for each buffer. Default - 0 MB>
file-caching: <read/write mode file level caching or handle level caching. Default - false (handle level caching ON)>
# Block cache related configuration. Block cache is only supported on Linux.
block_cache:
block-size-mb: <size of each block to be cached in memory (in MB). Default - 16 MB>
mem-size-mb: <total amount of memory to be preallocated for block cache (in MB). Default - 80% of free memory>
path: <path to local disk cache where downloaded blocked will be stored>
disk-size-mb: <maximum disk cache size allowed. Default - 80% of free disk space>
disk-timeout-sec: <default disk cache eviction timeout (in sec). Default - 120 sec>
prefetch: <number of blocks to be prefetched in serial read case. Min - 11, Default - 2 times number of CPU cores>
parallelism: <number of parallel threads downloading the data and writing to disk cache. Default - 3 times number of CPU cores>
prefetch-on-open: true|false <prefetch blocks on open. This shall be used only when user application is going to read file from offset 0>
# Disk cache related configuration
file_cache:
# Required
path: <path to local disk cache>
# Optional
timeout-sec: <default cache eviction timeout (in sec). Default - 120 sec>
max-eviction: <number of files that can be evicted at once. Default - 5000>
max-size-mb: <maximum cache size allowed. Default - 80% of free disk space>
high-threshold: <% disk space consumed which triggers eviction. This parameter overrides 'timeout-sec' parameter and cached files will be removed even if they have not expired. Default - 80>
low-threshold: <% disk space consumed which triggers eviction to stop when previously triggered by the high-threshold. Default - 60>
create-empty-file: true|false <create an empty file on container when create call is received from kernel>
allow-non-empty-temp: true|false <allow non empty temp directory at startup. Set true to persist local cache across reboots.>
cleanup-on-start: true|false <cleanup the temp directory on startup, if it's not empty>
policy-trace: true|false <generate eviction policy logs showing which files will expire soon>
offload-io: true|false <by default libfuse will service reads/writes to files for better perf. Set to true to make file-cache component service read/write calls.>
sync-to-flush: true|false <sync call to a file will force upload of the contents to storage account. Default - true>
refresh-sec: <number of seconds after which compare lmt of file in local cache and container and refresh file if container has the latest copy>
ignore-sync: true|false <sync call will be ignored and locally cached file will not be deleted>
hard-limit: true|false <if set to true, file-cache will not allow read/writes to file which exceed the configured limits>
# Attribute cache related configuration
attr_cache:
timeout-sec: <time attributes and directory contents can be cached (in sec). Default - 120 sec>
no-cache-on-list: true|false <do not cache attributes or directory contents during listing. Enabling may cause performance problems.>
enable-symlinks: true|false <enable symlink support. When false, symlinks will be treated like regular files. Enabling may cause performance problems.>
max-files: <maximum number of files in the attribute cache at a time. Default - 5000000>
no-cache-dirs: true|false <to prevent double-listing directories and to make timestamps accurate, disable caching directories. Breaks s3storage.>
# Loopback configuration
loopbackfs:
path: <path to local directory>
# Azure storage configuration
azstorage:
# Required
type: block|adls <type of storage account to be connected. Default - block>
account-name: <name of the storage account>
container: <name of the storage container to be mounted>
endpoint: <storage account endpoint (example - https://account-name.blob.core.windows.net)>
mode: key|sas|spn|msi|azcli <kind of authentication to be used>
account-key: <storage account key>
# OR
sas: <storage account sas>
# OR
appid: <storage account app id / client id for MSI>
resid: <storage account resource id for MSI>
objid: <object id for MSI - needs Azure CLI on system>
# OR
tenantid: <storage account tenant id for SPN>
clientid: <storage account client id for SPN>
clientsecret: <storage account client secret for SPN>
oauth-token-path: <path to file containing the OAuth token>
# Optional
use-http: true|false <use http instead of https for storage connection>
aadendpoint: <storage account custom aad endpoint>
subdirectory: <name of subdirectory to be mounted instead of whole container>
block-size-mb: <size of each block (in MB). Default - 16 MB>
max-concurrency: <number of parallel upload/download threads. Default - 32>
tier: hot|cool|cold|premium|archive|none <blob-tier to be set while uploading a blob. Default - none>
block-list-on-mount-sec: <time list api to be blocked after mount (in sec). Default - 0 sec>
max-retries: <number of retries to attempt for any operation failure. Default - 5>
max-retry-timeout-sec: <maximum timeout allowed for a given retry (in sec). Default - 900 sec>
retry-backoff-sec: <retry backoff between two tries (in sec). Default - 4 sec>
max-retry-delay-sec: <maximum delay between two tries (in sec). Default - 60 sec>
http-proxy: ip-address:port <http proxy to be used for connection>
https-proxy: ip-address:port <https proxy to be used for connection>
fail-unsupported-op: true|false <for block blob account return failure for unsupported operations like chmod and chown>
auth-resource: <resource string to be used during OAuth token retrieval>
update-md5: true|false <set md5 sum on upload. Impacts performance. works only when file-cache component is part of the pipeline>
validate-md5: true|false <validate md5 on download. Impacts performance. works only when file-cache component is part of the pipeline>
virtual-directory: true|false <support virtual directories without existence of a special marker blob. Default - true>
disable-compression: true|false <disable transport layer content encoding like gzip, set this flag to true if blobs have content-encoding set in container>
max-results-for-list: <maximum number of results returned in a single list API call while getting file attributes. Default - 2>
telemetry : <additional information that customer want to push in user-agent>
honour-acl: true|false <honour ACLs on files and directories when mounted using MSI Auth and object-ID is provided in config>
cpk-enabled: true|false <enable client provided key encryption>
cpk-encryption-key: <customer provided base64-encoded AES-256 encryption key value>
cpk-encryption-key-sha256: <customer provided base64-encoded sha256 of the encryption key>
# S3 storage configuration
s3storage:
bucket-name: <name of the bucket to be mounted. Default - first accessible bucket>
key-id: <S3 access key ID. Default - use credentials from environment variables or shared profile (see README)>
secret-key: <S3 secret access key. Default - use credentials from environment variables or shared profile (see README)>
region: <S3 region. Default - us-east-1 or region provided in endpoint>
profile: <AWS shared configuration profile name. Credentials above take precedence over shared profile.>
endpoint: <S3 endpoint URL. Default - https://s3.[region].lyvecloud.seagate.com>
subdirectory: <name of subdirectory to be mounted instead of whole bucket>
part-size-mb: <size of each part for multipart uploads (in MB). Valid range is 5MB to 5120MB. Default - 8 MB>
upload-cutoff-mb: <files exceeding this size will use be uploaded in parts (in MB). Default - 100 MB>
concurrency: <number of parallel upload/download threads. Default - 5>
disable-concurrent-download: true|false <disables concurrent downloads. Can improve performance with small files at the cost of slow downloads for large objects>
enable-checksum: true|false <enables checksum verification on upload. Must be supported by s3 provider>
checksum-algorithm: CRC32|CRC32C|SHA1|SHA256 <checksum algorithm to use on writes to cloud. Default - SHA1>
usePathStyle: true|false <enable the client to use path-style addressing. Only use if required by your S3 cloud>
disable-usage: true|false <do not use bucket size from Lyve Cloud to report drive size and storage statistics (StatFs). If not using Lyve Cloud, set to true.>
# Mount all configuration
mountall:
# allowlist takes precedence over denylist in case of conflicts
container-allowlist:
- <list of containers to be mounted>
container-denylist:
- <list of containers not to be mounted>
# Health Monitor configuration
health_monitor:
enable-monitoring: true|false <enable health monitor>
stats-poll-interval-sec: <Cloudfuse stats polling interval (in sec). Default - 10 sec>
process-monitor-interval-sec: <CPU, memory and network usage polling interval (in sec). Default - 30 sec>
output-path: <Path where health monitor will generate its output file. File name will be monitor_<pid>.json>
# list of monitors to be disabled
monitor-disable-list:
- cloudfuse_stats <Disable cloudfuse stats polling>
- file_cache_monitor <Disable file cache directory monitor>
- cpu_profiler <Disable CPU monitoring on cloudfuse process>
- memory_profiler <Disable memory monitoring on cloudfuse process>
- network_profiler <Disable network monitoring on cloudfuse process>