2014cdb906
Preventing access to expired objects
------------------------------------
Re-enabled accepting X-Delete-At and X-Delete-After headers. During a GET on
an expired object, DiskFileExpired is raised by DiskFile class. This will
result in object-server returning HTTPNotFound (404) to the client.
Tracking objects to be deleted
------------------------------
Objects to be deleted are tracked using "tracker objects". These are PUT into
a special account(a volume, for now). These zero size "tracker objects" have
names that contain:
* Expiration timestamp
* Path of the actual object to be deleted
Deleting actual objects from GlusterFS volume
---------------------------------------------
The object-expirer daemon runs a pass once every X seconds. For every pass it
makes, it queries the special account for "tracker objects". Based on
(timestamp, path) present in name of "tracker objects", object-expirer then
deletes the actual object and the corresponding tracker object.
To run object-expirer forever:
swift-init object-expirer start
To run just once:
swift-object-expirer -o -v /etc/swift/object-expirer.conf
Caveat/Limitation: Object-expirer needs a separate account(volume) that
is not used by other services like gswauth. By default, this volume is
named "gsexpiring" and is configurable.
More info about object expiration:
http://docs.openstack.org/developer/swift/overview_expiring_objects.html
Change-Id: I876995bf4f16ef4bfdff901561e0558ecf1dc38f
Signed-off-by: Prashanth Pai <ppai@redhat.com>
Reviewed-on: http://review.gluster.org/6891
Tested-by: Chetan Risbud <crisbud@redhat.com>
Reviewed-by: pushpesh sharma <psharma@redhat.com>
Tested-by: pushpesh sharma <psharma@redhat.com>
Reviewed-by: Chetan Risbud <crisbud@redhat.com>
40 lines
1.3 KiB
Plaintext
40 lines
1.3 KiB
Plaintext
[DEFAULT]
|
|
#
|
|
# Default gluster mount point to be used for object store,can be changed by
|
|
# setting the following value in {account,container,object}-server.conf files.
|
|
# It is recommended to keep this value same for all the three services but can
|
|
# be kept different if environment demands.
|
|
devices = /mnt/gluster-object
|
|
#
|
|
# Once you are confident that your startup processes will always have your
|
|
# gluster volumes properly mounted *before* the account-server workers start,
|
|
# you can *consider* setting this value to "false" to reduce the per-request
|
|
# overhead it can incur.
|
|
mount_check = true
|
|
bind_port = 6012
|
|
#
|
|
# Override swift's default behaviour for fallocate.
|
|
disable_fallocate = true
|
|
#
|
|
# One or two workers should be sufficient for almost any installation of
|
|
# Gluster.
|
|
workers = 1
|
|
|
|
[pipeline:main]
|
|
pipeline = account-server
|
|
|
|
[app:account-server]
|
|
use = egg:gluster_swift#account
|
|
user = root
|
|
log_facility = LOG_LOCAL2
|
|
log_level = WARN
|
|
# The following parameter is used by object-expirer and needs to be same
|
|
# across all conf files!
|
|
auto_create_account_prefix = gs
|
|
#
|
|
# After ensuring things are running in a stable manner, you can turn off
|
|
# normal request logging for the account server to unclutter the log
|
|
# files. Warnings and errors will still be logged.
|
|
log_requests = off
|
|
|