Merge branch 'main' of github.com:rustfs/s3-rustfs into feature/observability-metrics

# Conflicts:
#	.github/workflows/build.yml
#	.github/workflows/ci.yml
#	Cargo.lock
#	Cargo.toml
#	appauth/src/token.rs
#	crates/config/src/config.rs
#	crates/event-notifier/examples/simple.rs
#	crates/event-notifier/src/global.rs
#	crates/event-notifier/src/lib.rs
#	crates/event-notifier/src/notifier.rs
#	crates/event-notifier/src/store.rs
#	crates/filemeta/src/filemeta.rs
#	crates/notify/examples/webhook.rs
#	crates/utils/Cargo.toml
#	ecstore/Cargo.toml
#	ecstore/src/cmd/bucket_replication.rs
#	ecstore/src/config/com.rs
#	ecstore/src/disk/error.rs
#	ecstore/src/disk/mod.rs
#	ecstore/src/set_disk.rs
#	ecstore/src/store_api.rs
#	ecstore/src/store_list_objects.rs
#	iam/Cargo.toml
#	iam/src/manager.rs
#	policy/Cargo.toml
#	rustfs/src/admin/rpc.rs
#	rustfs/src/main.rs
#	rustfs/src/storage/mod.rs

scripts/build-docker-multiarch.sh

@@ -0,0 +1,242 @@
+#!/bin/bash
+set -euo pipefail
+
+# 多架构 Docker 构建脚本
+# 支持构建并推送 x86_64 和 ARM64 架构的镜像
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+PROJECT_ROOT="$(dirname "$SCRIPT_DIR")"
+cd "$PROJECT_ROOT"
+
+# 默认配置
+REGISTRY_IMAGE_DOCKERHUB="rustfs/rustfs"
+REGISTRY_IMAGE_GHCR="ghcr.io/rustfs/s3-rustfs"
+VERSION="${VERSION:-latest}"
+PUSH="${PUSH:-false}"
+IMAGE_TYPE="${IMAGE_TYPE:-production}"
+
+# 帮助信息
+show_help() {
+    cat << EOF
+用法: $0 [选项]
+
+选项:
+    -h, --help          显示此帮助信息
+    -v, --version TAG   设置镜像版本标签 (默认: latest)
+    -p, --push          推送镜像到仓库
+    -t, --type TYPE     镜像类型 (production|ubuntu|rockylinux|devenv, 默认: production)
+
+环境变量:
+    DOCKERHUB_USERNAME  Docker Hub 用户名
+    DOCKERHUB_TOKEN     Docker Hub 访问令牌
+    GITHUB_TOKEN        GitHub 访问令牌
+
+示例:
+    # 仅构建不推送
+    $0 --version v1.0.0
+
+    # 构建并推送到仓库
+    $0 --version v1.0.0 --push
+
+    # 构建 Ubuntu 版本
+    $0 --type ubuntu --version v1.0.0
+EOF
+}
+
+# 解析命令行参数
+while [[ $# -gt 0 ]]; do
+    case $1 in
+        -h|--help)
+            show_help
+            exit 0
+            ;;
+        -v|--version)
+            VERSION="$2"
+            shift 2
+            ;;
+        -p|--push)
+            PUSH=true
+            shift
+            ;;
+        -t|--type)
+            IMAGE_TYPE="$2"
+            shift 2
+            ;;
+        *)
+            echo "未知参数: $1"
+            show_help
+            exit 1
+            ;;
+    esac
+done
+
+# 设置 Dockerfile 和后缀
+case "$IMAGE_TYPE" in
+    production)
+        DOCKERFILE="Dockerfile"
+        SUFFIX=""
+        ;;
+    ubuntu)
+        DOCKERFILE=".docker/Dockerfile.ubuntu22.04"
+        SUFFIX="-ubuntu22.04"
+        ;;
+    rockylinux)
+        DOCKERFILE=".docker/Dockerfile.rockylinux9.3"
+        SUFFIX="-rockylinux9.3"
+        ;;
+    devenv)
+        DOCKERFILE=".docker/Dockerfile.devenv"
+        SUFFIX="-devenv"
+        ;;
+    *)
+        echo "错误: 不支持的镜像类型: $IMAGE_TYPE"
+        echo "支持的类型: production, ubuntu, rockylinux, devenv"
+        exit 1
+        ;;
+esac
+
+echo "🚀 开始多架构 Docker 构建"
+echo "📋 构建信息:"
+echo "   - 镜像类型: $IMAGE_TYPE"
+echo "   - Dockerfile: $DOCKERFILE"
+echo "   - 版本标签: $VERSION$SUFFIX"
+echo "   - 推送: $PUSH"
+echo "   - 架构: linux/amd64, linux/arm64"
+
+# 检查必要的工具
+if ! command -v docker &> /dev/null; then
+    echo "❌ 错误: 未找到 docker 命令"
+    exit 1
+fi
+
+# 检查 Docker Buildx
+if ! docker buildx version &> /dev/null; then
+    echo "❌ 错误: Docker Buildx 不可用"
+    echo "请运行: docker buildx install"
+    exit 1
+fi
+
+# 创建并使用 buildx 构建器
+BUILDER_NAME="rustfs-multiarch-builder"
+if ! docker buildx inspect "$BUILDER_NAME" &> /dev/null; then
+    echo "🔨 创建多架构构建器..."
+    docker buildx create --name "$BUILDER_NAME" --use --bootstrap
+else
+    echo "🔨 使用现有构建器..."
+    docker buildx use "$BUILDER_NAME"
+fi
+
+# 构建多架构二进制文件
+echo "🔧 构建多架构二进制文件..."
+
+# 检查是否存在预构建的二进制文件
+if [[ ! -f "target/x86_64-unknown-linux-musl/release/rustfs" ]] || [[ ! -f "target/aarch64-unknown-linux-gnu/release/rustfs" ]]; then
+    echo "⚠️  未找到预构建的二进制文件，正在构建..."
+
+    # 安装构建依赖
+    if ! command -v cross &> /dev/null; then
+        echo "📦 安装 cross 工具..."
+        cargo install cross
+    fi
+
+    # 生成 protobuf 代码
+    echo "📝 生成 protobuf 代码..."
+    cargo run --bin gproto || true
+
+    # 构建 x86_64
+    echo "🔨 构建 x86_64 二进制文件..."
+    cargo build --release --target x86_64-unknown-linux-musl --bin rustfs
+
+    # 构建 ARM64
+    echo "🔨 构建 ARM64 二进制文件..."
+    cross build --release --target aarch64-unknown-linux-gnu --bin rustfs
+fi
+
+# 准备构建参数
+BUILD_ARGS=""
+TAGS=""
+
+# Docker Hub 标签
+if [[ -n "${DOCKERHUB_USERNAME:-}" ]]; then
+    TAGS="$TAGS -t $REGISTRY_IMAGE_DOCKERHUB:$VERSION$SUFFIX"
+fi
+
+# GitHub Container Registry 标签
+if [[ -n "${GITHUB_TOKEN:-}" ]]; then
+    TAGS="$TAGS -t $REGISTRY_IMAGE_GHCR:$VERSION$SUFFIX"
+fi
+
+# 如果没有设置标签，使用本地标签
+if [[ -z "$TAGS" ]]; then
+    TAGS="-t rustfs:$VERSION$SUFFIX"
+fi
+
+# 构建镜像
+echo "🏗️ 构建多架构 Docker 镜像..."
+BUILD_CMD="docker buildx build \
+    --platform linux/amd64,linux/arm64 \
+    --file $DOCKERFILE \
+    $TAGS \
+    --build-arg BUILDTIME=$(date -u +%Y-%m-%dT%H:%M:%SZ) \
+    --build-arg VERSION=$VERSION \
+    --build-arg REVISION=$(git rev-parse --short HEAD 2>/dev/null || echo 'unknown')"
+
+if [[ "$PUSH" == "true" ]]; then
+    # 登录到仓库
+    if [[ -n "${DOCKERHUB_USERNAME:-}" ]] && [[ -n "${DOCKERHUB_TOKEN:-}" ]]; then
+        echo "🔐 登录到 Docker Hub..."
+        echo "$DOCKERHUB_TOKEN" | docker login --username "$DOCKERHUB_USERNAME" --password-stdin
+    fi
+
+    if [[ -n "${GITHUB_TOKEN:-}" ]]; then
+        echo "🔐 登录到 GitHub Container Registry..."
+        echo "$GITHUB_TOKEN" | docker login ghcr.io --username "$(whoami)" --password-stdin
+    fi
+
+    BUILD_CMD="$BUILD_CMD --push"
+else
+    BUILD_CMD="$BUILD_CMD --load"
+fi
+
+BUILD_CMD="$BUILD_CMD ."
+
+echo "📋 执行构建命令:"
+echo "$BUILD_CMD"
+echo ""
+
+# 执行构建
+eval "$BUILD_CMD"
+
+echo ""
+echo "✅ 多架构 Docker 镜像构建完成!"
+
+if [[ "$PUSH" == "true" ]]; then
+    echo "🚀 镜像已推送到仓库"
+
+    # 显示推送的镜像信息
+    echo ""
+    echo "📦 推送的镜像:"
+    if [[ -n "${DOCKERHUB_USERNAME:-}" ]]; then
+        echo "   - $REGISTRY_IMAGE_DOCKERHUB:$VERSION$SUFFIX"
+    fi
+    if [[ -n "${GITHUB_TOKEN:-}" ]]; then
+        echo "   - $REGISTRY_IMAGE_GHCR:$VERSION$SUFFIX"
+    fi
+
+    echo ""
+    echo "🔍 验证多架构支持:"
+    if [[ -n "${DOCKERHUB_USERNAME:-}" ]]; then
+        echo "   docker buildx imagetools inspect $REGISTRY_IMAGE_DOCKERHUB:$VERSION$SUFFIX"
+    fi
+    if [[ -n "${GITHUB_TOKEN:-}" ]]; then
+        echo "   docker buildx imagetools inspect $REGISTRY_IMAGE_GHCR:$VERSION$SUFFIX"
+    fi
+else
+    echo "💾 镜像已构建到本地"
+    echo ""
+    echo "🔍 查看镜像:"
+    echo "   docker images rustfs:$VERSION$SUFFIX"
+fi
+
+echo ""
+echo "🎉 构建任务完成!"

scripts/dev_clear.sh

@@ -0,0 +1,11 @@
+for i in {0..3}; do
+    DIR="/data/rustfs$i"
+    echo "处理 $DIR"
+    if [ -d "$DIR" ]; then
+        echo "清空 $DIR"
+        sudo rm -rf "$DIR"/* "$DIR"/.[!.]* "$DIR"/..?* 2>/dev/null || true
+        echo "已清空 $DIR"
+    else
+        echo "$DIR 不存在，跳过"
+    fi
+done

scripts/dev_deploy.sh

@@ -4,18 +4,20 @@
 
 rm ./target/x86_64-unknown-linux-musl/release/rustfs.zip
 # 压缩./target/x86_64-unknown-linux-musl/release/rustfs
-zip  ./target/x86_64-unknown-linux-musl/release/rustfs.zip ./target/x86_64-unknown-linux-musl/release/rustfs
-
+zip -j ./target/x86_64-unknown-linux-musl/release/rustfs.zip ./target/x86_64-unknown-linux-musl/release/rustfs
 
 # 本地文件路径
 LOCAL_FILE="./target/x86_64-unknown-linux-musl/release/rustfs.zip"
 REMOTE_PATH="~"
 
-# 定义服务器列表数组
-# 格式：服务器 IP 用户名 目标路径
-SERVER_LIST=(
-    "root@121.89.80.13"
-)
+# 必须传入IP参数，否则报错退出
+if [ -z "$1" ]; then
+    echo "用法: $0 <server_ip>"
+    echo "请传入目标服务器IP地址"
+    exit 1
+fi
+
+SERVER_LIST=("root@$1")
 
 # 遍历服务器列表
 for SERVER in "${SERVER_LIST[@]}"; do
@@ -26,7 +28,4 @@ for SERVER in "${SERVER_LIST[@]}"; do
     else
         echo "复制到 $SERVER 失败"
     fi
-done
-
-
-# ps -ef | grep rustfs | awk '{print $2}'| xargs kill -9
+done

scripts/dev_rustfs.env

@@ -0,0 +1,12 @@
+RUSTFS_ROOT_USER=rustfsadmin
+RUSTFS_ROOT_PASSWORD=rustfsadmin
+
+RUSTFS_VOLUMES="http://node{1...4}:7000/data/rustfs{0...3}     http://node{5...8}:7000/data/rustfs{0...3}"
+RUSTFS_ADDRESS=":7000"
+RUSTFS_CONSOLE_ENABLE=true
+RUSTFS_CONSOLE_ADDRESS=":7001"
+RUST_LOG=warn
+RUSTFS_OBS_LOG_DIRECTORY="/var/logs/rustfs/"
+RUSTFS_NS_SCANNER_INTERVAL=60
+#RUSTFS_SKIP_BACKGROUND_TASK=true
+RUSTFS_COMPRESSION_ENABLED=true

scripts/dev_rustfs.sh

@@ -0,0 +1,199 @@
+#!/bin/bash
+
+# ps -ef | grep rustfs | awk '{print $2}'| xargs kill -9
+
+# 本地 rustfs.zip 路径
+ZIP_FILE="./rustfs.zip"
+# 解压目标
+UNZIP_TARGET="./"
+
+
+SERVER_LIST=(
+    "root@node1" # node1
+    "root@node2" # node2
+    "root@node3" # node3
+    "root@node4" # node4
+    # "root@node5" # node5
+    # "root@node6" # node6
+    # "root@node7" # node7
+    # "root@node8" # node8
+)
+
+REMOTE_TMP="~/rustfs"
+
+# 部署 rustfs 到所有服务器
+deploy() {
+    echo "解压 $ZIP_FILE ..."
+    unzip -o "$ZIP_FILE" -d "$UNZIP_TARGET"
+    if [ $? -ne 0 ]; then
+        echo "解压失败，退出"
+        exit 1
+    fi
+
+    LOCAL_RUSTFS="${UNZIP_TARGET}rustfs"
+    if [ ! -f "$LOCAL_RUSTFS" ]; then
+        echo "未找到解压后的 rustfs 文件，退出"
+        exit 1
+    fi
+
+    for SERVER in "${SERVER_LIST[@]}"; do
+        echo "上传 $LOCAL_RUSTFS 到 $SERVER:$REMOTE_TMP"
+        scp "$LOCAL_RUSTFS" "${SERVER}:${REMOTE_TMP}"
+        if [ $? -ne 0 ]; then
+            echo "❌ 上传到 $SERVER 失败，跳过"
+            continue
+        fi
+
+        echo "在 $SERVER 上操作 systemctl 和文件替换"
+        ssh "$SERVER" bash <<EOF
+set -e
+echo "停止 rustfs 服务"
+sudo systemctl stop rustfs || true
+echo "覆盖 /usr/local/bin/rustfs"
+sudo cp ~/rustfs /usr/local/bin/rustfs
+sudo chmod +x /usr/local/bin/rustfs
+echo "启动 rustfs 服务"
+sudo systemctl start rustfs
+echo "检测 rustfs 服务状态"
+sudo systemctl status rustfs --no-pager --lines=10
+EOF
+
+        if [ $? -eq 0 ]; then
+            echo "✅ $SERVER 部署并重启 rustfs 成功"
+        else
+            echo "❌ $SERVER 部署或重启 rustfs 失败"
+        fi
+    done
+}
+
+# 清空 /data/rustfs0~3 目录下所有文件（包括隐藏文件）
+clear_data_dirs() {
+    for SERVER in "${SERVER_LIST[@]}"; do
+        echo "清空 $SERVER:/data/rustfs0~3 下所有文件"
+        ssh "$SERVER" bash <<EOF
+for i in {0..3}; do
+    DIR="/data/rustfs$i"
+    echo "处理 $DIR"
+    if [ -d "$DIR" ]; then
+        echo "清空 $DIR"
+        sudo rm -rf "$DIR"/* "$DIR"/.[!.]* "$DIR"/..?* 2>/dev/null || true
+        echo "已清空 $DIR"
+    else
+        echo "$DIR 不存在，跳过"
+    fi
+done
+EOF
+    done
+}
+
+# 控制 rustfs 服务
+stop_rustfs() {
+    for SERVER in "${SERVER_LIST[@]}"; do
+        echo "停止 $SERVER rustfs 服务"
+        ssh "$SERVER" "sudo systemctl stop rustfs"
+    done
+}
+
+start_rustfs() {
+    for SERVER in "${SERVER_LIST[@]}"; do
+        echo "启动 $SERVER rustfs 服务"
+        ssh "$SERVER" "sudo systemctl start rustfs"
+    done
+}
+
+restart_rustfs() {
+    for SERVER in "${SERVER_LIST[@]}"; do
+        echo "重启 $SERVER rustfs 服务"
+        ssh "$SERVER" "sudo systemctl restart rustfs"
+    done
+}
+
+# 向所有服务器追加公钥到 ~/.ssh/authorized_keys
+add_ssh_key() {
+    if [ -z "$2" ]; then
+        echo "用法: $0 addkey <pubkey_file>"
+        exit 1
+    fi
+    PUBKEY_FILE="$2"
+    if [ ! -f "$PUBKEY_FILE" ]; then
+        echo "指定的公钥文件不存在: $PUBKEY_FILE"
+        exit 1
+    fi
+    PUBKEY_CONTENT=$(cat "$PUBKEY_FILE")
+    for SERVER in "${SERVER_LIST[@]}"; do
+        echo "追加公钥到 $SERVER:~/.ssh/authorized_keys"
+        ssh "$SERVER" "mkdir -p ~/.ssh && chmod 700 ~/.ssh && echo '$PUBKEY_CONTENT' >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"
+        if [ $? -eq 0 ]; then
+            echo "✅ $SERVER 公钥追加成功"
+        else
+            echo "❌ $SERVER 公钥追加失败"
+        fi
+    done
+}
+
+monitor_logs() {
+    for SERVER in "${SERVER_LIST[@]}"; do
+        echo "监控 $SERVER:/var/logs/rustfs/rustfs.log ..."
+        ssh "$SERVER" "tail -F /var/logs/rustfs/rustfs.log" |
+            sed "s/^/[$SERVER] /" &
+    done
+    wait
+}
+
+set_env_file() {
+    if [ -z "$2" ]; then
+        echo "用法: $0 setenv <env_file>"
+        exit 1
+    fi
+    ENV_FILE="$2"
+    if [ ! -f "$ENV_FILE" ]; then
+        echo "指定的环境变量文件不存在: $ENV_FILE"
+        exit 1
+    fi
+    for SERVER in "${SERVER_LIST[@]}"; do
+        echo "上传 $ENV_FILE 到 $SERVER:~/rustfs.env"
+        scp "$ENV_FILE" "${SERVER}:~/rustfs.env"
+        if [ $? -ne 0 ]; then
+            echo "❌ 上传到 $SERVER 失败，跳过"
+            continue
+        fi
+        echo "覆盖 $SERVER:/etc/default/rustfs"
+        ssh "$SERVER" "sudo mv ~/rustfs.env /etc/default/rustfs"
+        if [ $? -eq 0 ]; then
+            echo "✅ $SERVER /etc/default/rustfs 覆盖成功"
+        else
+            echo "❌ $SERVER /etc/default/rustfs 覆盖失败"
+        fi
+    done
+}
+
+# 主命令分发
+case "$1" in
+    deploy)
+        deploy
+        ;;
+    clear)
+        clear_data_dirs
+        ;;
+    stop)
+        stop_rustfs
+        ;;
+    start)
+        start_rustfs
+        ;;
+    restart)
+        restart_rustfs
+        ;;
+    addkey)
+        add_ssh_key "$@"
+        ;;
+    monitor_logs)
+        monitor_logs
+        ;;
+    setenv)
+        set_env_file "$@"
+        ;;
+    *)
+        echo "用法: $0 {deploy|clear|stop|start|restart|addkey <pubkey_file>|monitor_logs|setenv <env_file>}"
+        ;;
+esac

scripts/run.sh

@@ -19,8 +19,7 @@ mkdir -p ./target/volume/test{0..4}
 
 if [ -z "$RUST_LOG" ]; then
     export RUST_BACKTRACE=1
-#    export RUST_LOG="rustfs=debug,ecstore=debug,s3s=debug,iam=debug"
-    export RUST_LOG="rustfs=info,ecstore=info,s3s=info,iam=info,rustfs-obs=info"
+    export RUST_LOG="rustfs=debug,ecstore=debug,s3s=debug,iam=debug"
 fi
 
 # export RUSTFS_ERASURE_SET_DRIVE_COUNT=5
@@ -75,6 +74,11 @@ export OTEL_INSTRUMENTATION_VERSION="0.1.1"
 export OTEL_INSTRUMENTATION_SCHEMA_URL="https://opentelemetry.io/schemas/1.31.0"
 export OTEL_INSTRUMENTATION_ATTRIBUTES="env=production"
 
+export RUSTFS_NS_SCANNER_INTERVAL=60  # 对象扫描间隔时间，单位为秒
+# exportRUSTFS_SKIP_BACKGROUND_TASK=true
+
+export RUSTFS_COMPRESSION_ENABLED=true # 是否启用压缩
+
 # 事件消息配置
 #export RUSTFS_EVENT_CONFIG="./deploy/config/event.example.toml"