mirror of
https://github.com/rustfs/rustfs.git
synced 2026-01-17 01:30:33 +00:00
1.0.0-alpha.80
17 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
majinghe
|
1e683f12ef | fix: change health check statement to fix unhealthy issue for docker … (#1515) | ||
|
YGoetschel
|
997f54e700 |
Fix Docker-based Development Workflow (#1031)
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: houseme <housemecn@gmail.com> |
||
|
majinghe
|
8b3d4ea59b | enhancement logs output for container deployment (#1090) | ||
|
orbisai0security
|
7c98c62d60 |
[Security] Fix HIGH vulnerability: yaml.docker-compose.security.writable-filesystem-service.writable-filesystem-service (#1005)
Co-authored-by: orbisai0security <orbisai0security@users.noreply.github.com> Co-authored-by: houseme <housemecn@gmail.com> |
||
|
Ali Mehraji
|
15c75b9d36 |
simple deployment via docker-compose (#1043)
Signed-off-by: Ali Mehraji <a.mehraji75@gmail.com> Co-authored-by: houseme <housemecn@gmail.com> |
||
|
Copilot
|
fdcdb30d28 |
Optimize concurrent GetObject performance with Moka cache, comprehensive metrics, complete test suite, cache writeback, and comprehensive documentation (#916)
* Initial plan * feat: add concurrency-aware buffer sizing and hot object caching for GetObject - Implement adaptive buffer sizing based on concurrent request load - Add per-request tracking with automatic cleanup using RAII guards - Implement hot object cache (LRU) for frequently accessed small files (<= 10MB) - Add disk I/O semaphore to prevent saturation under extreme load - Integrate concurrency module into GetObject implementation - Buffer sizes now adapt: low concurrency uses large buffers for throughput, high concurrency uses smaller buffers for fairness and memory efficiency - Add comprehensive metrics collection for monitoring performance Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * docs: add comprehensive documentation and tests for concurrent GetObject optimization - Add detailed technical documentation explaining the solution - Document root cause analysis and solution architecture - Include performance expectations and testing recommendations - Add integration tests for concurrency tracking and buffer sizing - Add cache behavior tests - Include benchmark tests for concurrent request handling Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * fix: address code review issues in concurrency module - Fix race condition in cache size tracking by using consistent atomic operations within lock - Correct buffer sizing logic: 1-2 requests use 100%, 3-4 use 75%, 5-8 use 50%, >8 use 40% - Improve error message for semaphore acquire failure - Document limitation of streaming cache implementation (not yet implemented) - Add TODO for proper streaming cache with suggested approaches - Update tests to match corrected buffer sizing thresholds Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * docs: add comprehensive implementation summary for concurrent GetObject optimization - Executive summary of problem and solution - Detailed architecture documentation for each optimization - Integration points and code examples - Complete testing strategy and performance validation steps - Monitoring and observability guidelines with Prometheus queries - Deployment considerations and rollout strategy - Future enhancement roadmap - Success criteria and quantitative metrics Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * fix * fix * refactor: optimize cache with lru 0.16.2 read-first pattern and add advanced features - Implement optimized read-first cache access using peek() to reduce write lock contention - Add batch cache operations: get_cached_batch() for efficient multi-object retrieval - Add cache utility methods: is_cached(), remove_cached(), get_hot_keys() - Implement warm_cache() for pre-populating cache on startup - Add get_advanced_buffer_size() with file size and sequential read optimization - Enhance test suite with 8 new comprehensive tests covering: - Batch operations and cache warming - Hot keys tracking and analysis - Cache removal and LRU behavior verification - Concurrent cache access performance - Advanced buffer sizing strategies - Improve documentation and code comments in English throughout Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * docs: add final comprehensive optimization summary - Complete technical documentation of all optimizations - Detailed performance analysis and metrics - Production deployment guide with examples - Comprehensive API reference and usage patterns - Migration guide and future enhancement roadmap - All documentation in professional English Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * fix * fix * add moka crate for cache * feat: replace LRU with Moka cache and add comprehensive metrics - Replace lru crate with moka 0.12.11 for superior concurrent performance - Implement lock-free cache with automatic TTL/TTI expiration - Add size-based eviction using Moka's weigher function - Integrate comprehensive metrics collection throughout GetObject flow: * Cache hit/miss tracking with per-key access counts * Request concurrency gauges * Disk permit wait time histograms * Total request duration tracking * Response size and buffer size histograms - Deep integration with ecfs.rs GetObject operation - Add hit rate calculation method - Enhanced CacheStats with hit/miss counters - Lock-free concurrent reads for better scalability Moka advantages over LRU: - True lock-free concurrent access - Built-in TTL and TTI support - Automatic size-based eviction - Better performance under high concurrency - Native async support Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * docs: add comprehensive Moka cache migration and metrics documentation - Complete technical documentation of LRU to Moka migration - Detailed performance comparison and benchmarks - Comprehensive metrics catalog with 15+ Prometheus metrics - Prometheus query examples for monitoring - Dashboard and alerting recommendations - Migration guide with code examples - Troubleshooting guide for common issues - Future enhancement roadmap Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * fix * fix * refactor: update tests for Moka cache implementation - Completely refactor test suite to align with Moka-based concurrency.rs - Add Clone derive to ConcurrencyManager for test convenience - Update all tests to handle Moka's async behavior with proper delays - Add new tests: * test_cache_hit_rate - validate hit rate calculation * test_ttl_expiration - verify TTL configuration * test_is_cached_no_side_effects - ensure contains doesn't affect LRU * bench_concurrent_cache_performance - benchmark concurrent access - Updated existing tests: * test_moka_cache_operations - renamed and updated for Moka API * test_moka_cache_eviction - validate automatic eviction * test_hot_keys_tracking - improved assertions for sorted results * test_concurrent_cache_access - validate lock-free performance - All tests now include appropriate sleep delays for Moka's async processing - Enhanced documentation and assertions for better test clarity - Total: 18 comprehensive integration tests Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * docs: add comprehensive Moka test suite documentation - Complete test suite documentation for all 18 tests - Detailed test patterns and best practices for Moka - Debugging guide for common test failures - Performance expectations and CI integration - 100% API coverage validation - Future enhancement roadmap Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * fix * fmt * docs: enhance code comments and test documentation throughout - Significantly improve module-level documentation in concurrency.rs - Add detailed explanations of performance characteristics and expected improvements - Document the solution to issue #911 with before/after metrics - Enhance constant documentation with purpose and impact explanations - Add comprehensive RAII guard documentation with thread safety notes - Improve test documentation with detailed test strategy and rationale - Add Moka-specific test patterns and timing guidance - Include performance expectations for each test category - Document why each test matters for solving the original issue - All documentation written in professional English - Follow Rust documentation best practices with examples Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * remove lru crate * upgrade version * fix: resolve test errors by correcting module structure and test assertions - Fix test import paths to use crate:: instead of rustfs:: (binary-only crate) - Keep test file in src/storage/ instead of tests/ (no lib.rs exists) - Add #[cfg(test)] guard to mod declaration in storage/mod.rs - Fix Arc type annotations for Moka's ConcurrencyManager in concurrent tests - Correct test_buffer_size_bounds assertions to match actual implementation: * Minimum buffer is 32KB for files <100KB, 64KB otherwise * Maximum buffer respects base_buffer_size when concurrency is low * Buffer sizing doesn't cap at file size, only at min/max constraints - All 17 integration tests now pass successfully Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * fix: modify `TimeoutLayer::new` to `TimeoutLayer::with_status_code` and improve docker health check * fix * feat: implement cache writeback for small objects in GetObject - Add cache writeback logic for objects meeting caching criteria: * No range/part request (full object retrieval) * Object size known and <= 10MB (max_object_size threshold) * Not encrypted (SSE-C or managed encryption) - Read eligible objects into memory and cache via background task - Serve response from in-memory data for immediate client response - Add metrics counter for cache writeback operations - Add 3 new tests for cache writeback functionality: * test_cache_writeback_flow - validates round-trip caching * test_cache_writeback_size_limit - ensures large objects aren't cached * test_cache_writeback_concurrent - validates thread-safe concurrent writes - Update test suite documentation (now 20 comprehensive tests) Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * improve code for const * cargo clippy * feat: add cache enable/disable configuration via environment variable - Add is_cache_enabled() method to ConcurrencyManager - Read RUSTFS_OBJECT_CACHE_ENABLE env var (default: false) at startup - Update ecfs.rs to check is_cache_enabled() before cache lookup and writeback - Cache lookup and writeback now respect the enable flag - Add test_cache_enable_configuration test - Constants already exist in rustfs_config: * ENV_OBJECT_CACHE_ENABLE = "RUSTFS_OBJECT_CACHE_ENABLE" * DEFAULT_OBJECT_CACHE_ENABLE = false - Total: 21 comprehensive tests passing Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * fix * fmt * fix * fix * feat: implement comprehensive CachedGetObject response cache with metadata - Add CachedGetObject struct with full response metadata fields: * body, content_length, content_type, e_tag, last_modified * expires, cache_control, content_disposition, content_encoding * storage_class, version_id, delete_marker, tag_count, etc. - Add dual cache architecture in HotObjectCache: * Legacy simple byte cache for backward compatibility * New response cache for complete GetObject responses - Add ConcurrencyManager methods for response caching: * get_cached_object() - retrieve cached response with metadata * put_cached_object() - store complete response * invalidate_cache() - invalidate on write operations * invalidate_cache_versioned() - invalidate both version and latest * make_cache_key() - generate cache keys with version support * max_object_size() - get cache threshold - Add builder pattern for CachedGetObject construction - Add 6 new tests for response cache functionality (27 total): * test_cached_get_object_basic - basic operations * test_cached_get_object_versioned - version key handling * test_cache_invalidation - write operation invalidation * test_cache_invalidation_versioned - versioned invalidation * test_cached_get_object_size_limit - size enforcement * test_max_object_size - threshold accessor All 27 tests pass successfully. Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * feat: integrate CachedGetObject cache in ecfs.rs with full metadata and cache invalidation Integration of CachedGetObject response cache in ecfs.rs: 1. get_object: Cache lookup uses get_cached_object() with full metadata - Returns complete response with e_tag, last_modified, content_type, etc. - Parses last_modified from RFC3339 string - Supports versioned cache keys via make_cache_key() 2. get_object: Cache writeback uses put_cached_object() with metadata - Stores content_type, e_tag, last_modified in CachedGetObject - Background writeback via tokio::spawn() 3. Cache invalidation added to write operations: - put_object: invalidate_cache_versioned() after store.put_object() - put_object_extract: invalidate_cache_versioned() after each file extraction - copy_object: invalidate_cache_versioned() after store.copy_object() - delete_object: invalidate_cache_versioned() after store.delete_object() - delete_objects: invalidate_cache_versioned() for each deleted object - complete_multipart_upload: invalidate_cache_versioned() after completion 4. Fixed test_adaptive_buffer_sizing to be more robust with parallel tests All 27 tests pass. Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * fix: add error logging for time parsing in cache lookup and writeback - Add warning log when RFC3339 parsing fails in cache lookup - Add warning log when time formatting fails in cache writeback - Improves debugging for cache-related issues Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * fix * fix * upgrade version * fmt * add http: 4138 and add max_object_size key * fix * fix * fix * modify metrics key * add * upgrade crates version and improve docker observability * feat: implement adaptive I/O strategy based on disk permit wait time Implements adaptive I/O strategy for GetObject operations based on disk permit wait times, as requested in issue #911. Key changes: 1. New types in concurrency.rs: - IoLoadLevel enum: Low (<10ms), Medium (10-50ms), High (50-200ms), Critical (>200ms) - IoStrategy struct: contains optimized I/O parameters based on load level - IoLoadMetrics: rolling window metrics for load tracking 2. New ConcurrencyManager methods: - calculate_io_strategy(): calculates adaptive strategy from permit wait duration - record_permit_wait(): records observation for load tracking - smoothed_load_level(): returns averaged load level for stability - io_load_stats(): returns (avg_wait, p95_wait, max_wait, count) for monitoring - adaptive_buffer_size(): convenience method for buffer sizing 3. Integration in ecfs.rs get_object: - Calculate IoStrategy after acquiring disk permit - Use strategy buffer_size instead of static sizing - Consider strategy.cache_writeback_enabled in cache decision - Record new metrics: io.load.level gauge, io.buffer.multiplier gauge, io.strategy.selected counter by load level 4. New tests (4 added, 31 total): - test_io_load_level_classification: validates load level thresholds - test_io_strategy_buffer_sizing: validates buffer multipliers - test_calculate_io_strategy: validates manager strategy calculation - test_io_load_stats: validates stats tracking All 31 tests pass. Clippy clean. Formatted. Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * fix * fix * docs: add comprehensive architecture design and fix cache hit event notification 1. Added CONCURRENCY_ARCHITECTURE.md with complete design documentation: - Executive summary and problem statement - Architecture overview with request flow diagram - Detailed module analysis for concurrency.rs and ecfs.rs - Critical analysis of helper.complete() for cache hits - Adaptive I/O strategy design with algorithm - Cache architecture with CachedGetObject structure - Metrics and monitoring with Prometheus queries - Performance characteristics and future enhancements 2. Fixed critical issue: Cache hit path now calls helper.complete() - S3 bucket notifications (s3:GetObject events) now trigger for cache hits - Event-driven workflows (Lambda, SNS) work correctly for all object access - Maintains audit trail for both cache hits and misses All 31 tests pass. Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * fix: set object info and version_id on helper before complete() for cache hits When serving from cache, properly configure the OperationHelper before calling complete() to ensure S3 bucket notifications include complete object metadata: 1. Build ObjectInfo from cached metadata: - bucket, name, size, actual_size - etag, mod_time, version_id, delete_marker - storage_class, content_type, content_encoding - user_metadata (user_defined) 2. Set helper.object(event_info).version_id(version_id_str) before complete() 3. Updated CONCURRENCY_ARCHITECTURE.md with: - Complete code example for cache hit event notification - Explanation of why ObjectInfo is required - Documentation of version_id handling This ensures: - Lambda triggers receive proper object metadata for cache hits - SNS/SQS notifications include complete information - Audit logs contain accurate object details - Version-specific event routing works correctly All 31 tests pass. Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * fix * improve code * fmt --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> Co-authored-by: houseme <housemecn@gmail.com> |
||
|
houseme
|
aac9b1edb7 |
chore: improve event and docker-compose ,Improve the permissions of the endpoint health interface, upgrade otel from 0.30.0 to 0.31.0 (#620)
* feat: improve code for notify * upgrade starshard version * upgrade version * Fix ETag format to comply with HTTP standards by wrapping with quotes (#592) * Initial plan * Fix ETag format to comply with HTTP standards by wrapping with quotes Co-authored-by: overtrue <1472352+overtrue@users.noreply.github.com> * bufigx --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: overtrue <1472352+overtrue@users.noreply.github.com> Co-authored-by: overtrue <anzhengchao@gmail.com> * Improve lock (#596) * improve lock Signed-off-by: Mu junxiang <1948535941@qq.com> * feat(tests): add wait_for_object_absence helper and improve lifecycle test reliability Signed-off-by: Mu junxiang <1948535941@qq.com> * chore: remove dirty docs Signed-off-by: Mu junxiang <1948535941@qq.com> --------- Signed-off-by: Mu junxiang <1948535941@qq.com> * feat(append): implement object append operations with state tracking (#599) * feat(append): implement object append operations with state tracking Signed-off-by: junxiang Mu <1948535941@qq.com> * chore: rebase Signed-off-by: junxiang Mu <1948535941@qq.com> --------- Signed-off-by: junxiang Mu <1948535941@qq.com> * build(deps): upgrade s3s (#595) Co-authored-by: loverustfs <155562731+loverustfs@users.noreply.github.com> * fix: validate mqtt broker * improve code for `import` * upgrade otel relation crates version * fix:dep("jsonwebtoken") feature = 'rust_crypto' * fix * fix * fix * upgrade version * improve code for ecfs * chore: improve event and docker-compose ,Improve the permissions of the `endpoint` health interface * fix * fix * fix * fix * improve code * fix --------- Signed-off-by: Mu junxiang <1948535941@qq.com> Signed-off-by: junxiang Mu <1948535941@qq.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: overtrue <1472352+overtrue@users.noreply.github.com> Co-authored-by: overtrue <anzhengchao@gmail.com> Co-authored-by: guojidan <63799833+guojidan@users.noreply.github.com> Co-authored-by: Nugine <nugine@foxmail.com> Co-authored-by: loverustfs <155562731+loverustfs@users.noreply.github.com> |
||
|
majinghe
|
65dd947350 |
add tls support for docker compose (#553)
* add tls support for docker compose * update docker compose file with comment |
||
|
Copilot
|
29c004d935 |
feat: enhance console separation with enterprise-grade security, monitoring, and advanced tower-http integration (#513)
* Initial plan * feat: implement console service separation from endpoint Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * feat: add console separation documentation and tests Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * feat: enhance console separation with configurable CORS and improved Docker support Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * feat: implement enhanced console separation with security hardening and monitoring Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * refactor: implement console TLS following endpoint logic and improve configuration Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * add tower-http feature "timeout|limit" * add dependencies crates `axum-server` * refactor: reconstruct console server with enhanced tower-http features and environment variables Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * upgrade dep * improve code for dns and console port `:9001` * improve code * fix * docs: comprehensive improvement of console separation documentation and Docker deployment standards Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> * fmt * add logs * improve code for Config handler * remove logs * fix --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: houseme <4829346+houseme@users.noreply.github.com> Co-authored-by: houseme <housemecn@gmail.com> |
||
|
majinghe
|
4595bf7db6 |
fix docker compose running with no such file error (#519)
* fix docker compose running with no such file error * fix observability docker compose |
||
|
安正超
|
36e3efb5a5 |
feat: implement Docker improvements and binary build scripts (#191)
* feat: implement Docker improvements and binary build scripts This commit transforms the RustFS Docker build system to follow MinIO's best practices: ## 🏗️ Binary Build Script (build-rustfs.sh) - Create independent binary compilation script for multi-platform builds - Support x86_64 and aarch64 Linux musl targets - Include checksum generation and optional binary signing - Support cross-compilation and upload functionality - Automated target installation and environment setup ## 🐳 Docker Improvements - Rewrite Dockerfiles to download precompiled binaries instead of building from source - Follow MinIO's approach for security and binary verification - Add comprehensive LABEL metadata (version, build-date, vcs-ref) - Implement proper environment variable management - Add signature verification with minisign (commented for future use) - Include static curl download for minimal runtime dependencies ## 🚀 Enhanced Build Script (docker-buildx.sh) - Inspired by MinIO's docker-buildx.sh for consistency and reliability - Support multiple platforms with proper build arguments - Auto-detect git versions and pass metadata to containers - Improved error messages with helpful troubleshooting hints - Cleanup and cache management between builds ## 🛠️ Supporting Scripts - scripts/download-static-curl.sh: Download statically compiled curl - scripts/setup-test-binaries.sh: Create test binaries for local development ## 📋 Key Benefits - Faster Docker builds (download vs compile) - Better security with signature verification - Consistent with industry standards (MinIO approach) - Proper multi-platform support - Enhanced metadata and traceability - Independent binary distribution capability * feat: update Docker files to use Aliyun OSS for binary downloads * feat: merge stash with OSS binary download improvements - Remove old build_rustfs.sh script - Keep Aliyun OSS download URLs for binary retrieval - Maintain Docker build improvements from stash - Resolve merge conflicts between stash and OSS updates * feat: improve build-rustfs.sh with auto platform detection - Auto-detect current platform using uname (like old build_rustfs.sh) - Default to building for current platform only - Add --all-platforms flag for cross-compilation to Linux musl targets - Support macOS (darwin) and Linux platforms - Auto-enable cross compilation when needed - Provide better usage examples and platform detection info This makes the script much more user-friendly by default while maintaining flexibility for cross-compilation scenarios. * refactor: simplify build-rustfs.sh for CI/CD pipeline usage - Remove cross-compilation complexity (each CI runner builds natively) - Focus on single platform builds per runner - Remove --all-platforms and --cross options - Simplify to match CI/CD workflow where: * Linux x86_64 runner builds Linux x86_64 binary * Linux ARM64 runner builds Linux ARM64 binary * macOS x86_64 runner builds macOS x86_64 binary * macOS ARM64 runner builds macOS ARM64 binary - Keep signing and upload functionality for release CI - Make the script's purpose and usage clearer This aligns with the user's understanding that build scripts should focus on native compilation for the current platform only. * feat: update download server domain to dl.rustfs.com - Update Dockerfile to use dl.rustfs.com/dev/ for development binaries - Update Dockerfile.release to use dl.rustfs.com/release/ for release binaries - Update docker-buildx.sh error messages with new URLs - Update build-rustfs.sh upload target to dl.rustfs.com - Update test scripts to reference new domain - Clean up remaining git conflict markers This centralizes all binary downloads through the official dl.rustfs.com domain instead of direct OSS access. * fix: correct dl.rustfs.com path structure to include /artifacts/rustfs/ - Update all download URLs to use correct path structure: * Dev: https://dl.rustfs.com/artifacts/rustfs/dev/ * Release: https://dl.rustfs.com/artifacts/rustfs/release/ - Test confirmed both paths return HTTP 200 with application/zip content-type - Update Dockerfile, Dockerfile.release, docker-buildx.sh, and build-rustfs.sh - Update test scripts with correct base path The dl.rustfs.com domain requires the /artifacts/rustfs/ prefix to access the binary files correctly. * feat: refactor Dockerfile to download binaries from GitHub Releases - Changed binary download source from dl.rustfs.com to GitHub Releases - Added support for latest release auto-detection via GitHub API - Enhanced error handling with detailed messages and helpful links - Added optional checksum verification using SHA256SUMS - Improved architecture support for amd64 and arm64 - Removed unnecessary minisign installation - Added jq dependency for JSON parsing * feat: consolidate Docker build to use single Dockerfile - Removed Dockerfile.release and use unified Dockerfile instead - Updated docker-buildx.sh to use single Dockerfile with build args - Both latest and release variants now use GitHub Releases - Simplified build process and reduced maintenance overhead - Updated error messages to point to GitHub releases * chore: remove unused Dockerfile.obs - Removed Dockerfile.obs as it's no longer needed - Simplified Docker build configuration * feat: unify Docker prebuild variants to use GitHub Releases - Updated .docker/alpine/Dockerfile.prebuild to download from GitHub Releases - Updated .docker/ubuntu/Dockerfile.prebuild to download from GitHub Releases - All prebuild variants now consistently use GitHub Releases as binary source - Added checksum verification for all prebuild variants - Updated .docker/README.md to reflect unified GitHub Releases approach - Improved error handling and user guidance in all prebuild Dockerfiles * feat: major Docker structure simplification and consolidation ## 🎯 Simplified Docker Structure Moved from complex multi-directory structure to clean root-level organization: ### Before: - Dockerfile (production) - .docker/alpine/Dockerfile.prebuild (duplicate) - .docker/alpine/Dockerfile.source - .docker/ubuntu/Dockerfile.prebuild (duplicate) - .docker/ubuntu/Dockerfile.source - .docker/ubuntu/Dockerfile.dev ### After: - Dockerfile (production - Alpine + GitHub Releases) - Dockerfile.source (source build - Ubuntu + cross-compilation) - Dockerfile.dev (development - Ubuntu + full toolchain) ## 🔧 Key Changes - **Eliminated Duplicates**: Removed redundant prebuild variants - **Moved Core Files**: Dockerfile.{source,dev} now in root directory - **Unified Configuration**: cargo.config.toml moved to root - **Updated References**: Fixed all GitHub Actions and docker-compose paths - **Simplified CI Matrix**: Reduced from 5 to 3 Docker variants ## 📦 Preserved Valuable Diversity - **Production**: Alpine-based for minimal size - **Source**: Ubuntu-based with cross-compilation support - **Development**: Ubuntu-based with full development tools ## 🚀 Benefits - ✅ Cleaner project structure - ✅ Easier maintenance and navigation - ✅ Reduced CI/CD complexity - ✅ Faster build matrix execution - ✅ Maintained functionality and flexibility * chore: remove duplicate cargo.config.toml from .docker directory The file is now in the root directory and no longer needed in .docker/ * fix: update all references to removed Dockerfile files - Updated .docker/compose/README.md to reference Dockerfile.source instead of Dockerfile.obs - Updated docker-compose.yml to use Dockerfile.source instead of Dockerfile.dev - Updated scripts/build-docker-multiarch.sh to use Dockerfile.source for devenv builds - Updated .github/workflows/docker.yml to use Dockerfile.source for dev builds - Updated Makefile to use Dockerfile.source for init-devenv target - Updated .docker/README.md to remove references to non-existent Dockerfile.dev - Ensured all Docker configurations consistently use the unified Dockerfile structure * chore: remove unnecessary console static assets download - Remove obsolete download steps from build.yml and performance.yml - Console static assets are already embedded via rust-embed in rustfs/static/ - The download from dl.rustfs.com is no longer needed as project contains complete console assets - This improves build reliability and reduces external dependencies - Replaced with verification steps that confirm embedded assets are present * feat: update Makefile and README.md for new Docker build system - Updated Makefile to use unified Docker build system: - Replace references to non-existent Dockerfile.ubuntu22.04 and Dockerfile.rockylinux9.3 - Add new docker-buildx targets using docker-buildx.sh script - Deprecate old docker-build-multiarch targets with warnings - Add docker-build-production and docker-build-source targets - Update help-docker with new command structure - Updated README.md with docker-buildx.sh usage: - Add comprehensive Docker build from source section - Document multi-architecture build capabilities - Include both script and Make target examples - Show registry flexibility and build optimization features - Update step numbers in quickstart guide - Improve developer experience with clear documentation and updated tooling - Maintain backward compatibility with deprecation warnings * feat: integrate console assets download into build-rustfs.sh - Added console download functionality to build-rustfs.sh: - New flags: --download-console, --force-console-update, --console-version - Intelligent detection of existing console assets - Retry logic with fallback error handling - Consistent with Docker build asset management - Updated scripts to use unified build process: - scripts/static.sh: Now uses build-rustfs.sh for console downloads - scripts/run.sh: Uses build-rustfs.sh instead of direct curl - scripts/run.ps1: Updated with guidance for Windows users - Benefits: - Unified asset management across all build processes - Consistent version handling and retry logic - Eliminates duplicate download logic - Better error handling and user feedback - Preparation for CI/CD integration - Removed unused download-static-curl.sh script This change centralizes console asset management and prepares for streamlined CI/CD processes where build-rustfs.sh becomes the single point of truth for binary and asset builds. * fix: update PowerShell script to use unified console asset management - Updated scripts/run.ps1 to use build-rustfs.sh for console asset downloads - Added guidance for Windows users to use the unified build script - Maintains consistency across all platform-specific scripts * feat: add binary verification to build script - Add verify_binary function to test built binaries - Test --help and --version commands - Verify binary structure with readelf/otool - Add --skip-verification option for cross-compilation - Include verification status in build output - Automatic error handling if verification fails * feat: add platform selection support to build script - Add --platform parameter to build-rustfs.sh for target platform selection - Implement cross-compilation support with automatic 'cross' tool detection - Auto-enable --skip-verification for cross-compilation scenarios - Update all Makefile build targets to use unified build-rustfs.sh script - Add helpful error messages and suggestions for cross-compilation failures - Update help documentation with platform selection examples - Improve build consistency across different architectures * feat: modernize CI/CD build process with build-rustfs.sh - Replace manual cargo build commands with unified build-rustfs.sh script - Simplify matrix configuration by removing cross-compilation flags - Ensure consistency between local and CI/CD builds - Automatic cross-compilation tool detection and installation - Built-in binary verification for quality assurance - Unified console asset management - Better error handling and suggestions Benefits: - Consistent build process across all environments - Automatic detection and handling of cross-compilation scenarios - Built-in quality checks with binary verification - Reduced CI/CD configuration complexity - Better maintainability with single source of truth for build logic * feat: optimize CI/CD workspace path management - Add WORKSPACE_DIR environment variable to cache github.workspace - Set default working-directory at job level for consistency - Use explicit workspace paths in critical operations - Improve reliability and maintainability of CI/CD paths - Ensure consistent behavior across different GitHub Actions environments Benefits: - More explicit and reliable path handling - Better maintainability with centralized workspace reference - Reduced risk of path-related issues in CI/CD - Consistent working directory across all job steps * refactor: simplify CI/CD path management - remove redundant workspace references - Remove unnecessary WORKSPACE_DIR environment variable - Remove redundant defaults.run.working-directory setting - Use relative paths since GITHUB_WORKSPACE is the default working directory - Follow GitHub Actions best practices by leveraging default behavior As per GitHub Actions documentation, GITHUB_WORKSPACE is already the default working directory, so explicit specification is unnecessary in most cases. * docs: update Docker README to reflect current project state - Fix directory structure: remove non-existent nginx/ directory - Correct base OS: Dockerfile.source uses Debian Bookworm, not Ubuntu 22.04 - Add docker-buildx.sh script documentation - Update Docker tag examples to match actual CI/CD workflows - Add CI/CD integration section explaining automated builds - Document build variants and manual build options - Reflect current project architecture and tooling These updates ensure the documentation accurately represents the current Docker build system and CI/CD workflows. * fix: update Docker command in rustfs README - Replace quay.io registry with Docker Hub (rustfs/rustfs:latest) - Remove separate console port 9001, console now runs on main port 9000 - Add both Docker and Podman examples for user choice - Fix console access URL to use unified port This aligns with the recent console port consolidation changes and the project's move to Docker Hub as the primary registry. * wip * fix: remove unnecessary entrypoint.sh and fix Docker paths * Update Dockerfile Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * cleanup: remove unused DOCKERFILE_PATH variable from Makefile * feat: update Docker build to use dl.rustfs.com for binary downloads - Replace GitHub releases download with dl.rustfs.com - Add CHANNEL parameter support (release/dev) - Update docker-buildx.sh to support channel-specific builds - Improve error messages with new download URLs - Support both latest and specific version downloads - Add channel validation in build script --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
安正超
|
618779a89d |
feat: implement multi-channel release system with artifact naming (#176)
* feat: implement multi-channel release system with artifact naming
- Add dedicated release.yml workflow for handling GitHub releases
- Refactor build.yml to support dev/release/prerelease artifact naming
- Update docker.yml to support version-specific image tagging
- Implement artifact naming rules:
- Dev: rustfs-{platform}-{arch}-dev-{sha}.zip
- Release: rustfs-{platform}-{arch}-v{version}.zip
- Prerelease: rustfs-{platform}-{arch}-v{version}.zip
- Add OSS upload directory separation (dev/ vs release/)
- Only stable releases update latest.json and create latest tags
- Separate GitHub Release creation from build workflow
- Add comprehensive build summaries and status reporting
This enables proper multi-channel distribution with clear artifact
identification and prevents confusion between dev and stable releases.
* fix: support version tags without v prefix (1.0.0 instead of v1.0.0)
- Update trigger patterns from 'v*.*.*' to '*.*.*' in all workflows
- Fix version extraction logic to handle tags without v prefix
- Maintain backward compatibility with existing logic
Note: Artifact naming still includes 'v' prefix for clarity
(e.g., tag '1.0.0' creates 'rustfs-linux-x86_64-v1.0.0.zip')
* feat: update Dockerfile to support multi-channel release system
- Add build arguments for VERSION, BUILD_TYPE, and TARGETARCH
- Support dynamic artifact download based on build type:
- Development: downloads from artifacts/rustfs/dev/
- Release: downloads from artifacts/rustfs/release/
- Auto-generate correct filenames based on new naming convention:
- Dev: rustfs-linux-{arch}-dev-{sha}.zip
- Release: rustfs-linux-{arch}-v{version}.zip
- Add architecture mapping for multi-platform builds
- Pass BUILD_TYPE parameter from docker.yml workflow
- Improve error handling with helpful download path suggestions
This ensures Docker images use the correct pre-built binaries
from the new multi-channel release system.
* feat: optimize and consolidate Dockerfile structure
## Major Improvements:
### ✅ Created Missing Files
- Add .docker/Dockerfile.alpine for lightweight Alpine-based builds
- Support both pre-built binary download and source compilation
### 🔧 Fixed Critical Issues
- Fix Dockerfile.obs: ubuntu:latest → ubuntu:22.04 (stable version)
- Add proper security practices (non-root user, health checks)
- Add proper error handling and environment variables
### 🗑️ Eliminated Redundancy
- Remove .docker/Dockerfile.ubuntu22.04 (duplicate of devenv)
- Update docker.yml workflow to use devenv for ubuntu variant
- Consolidate similar functionality into fewer, better files
### 🚀 Enhanced Functionality
- Make devenv Dockerfile dual-purpose (dev environment + runtime)
- Add VERSION/BUILD_TYPE support for dynamic binary downloads
- Improve security with proper user management
- Add comprehensive health checks and error handling
### 📊 Final Dockerfile Structure:
1. Dockerfile (production, Alpine-based, pre-built binaries)
2. Dockerfile.multi-stage (full source builds, Ubuntu-based)
3. Dockerfile.obs (observability builds, Ubuntu-based)
4. .docker/Dockerfile.alpine (lightweight Alpine variant)
5. .docker/Dockerfile.devenv (development + ubuntu variant)
6. .docker/Dockerfile.rockylinux9.3 (RockyLinux variant)
This reduces redundancy while maintaining all necessary build variants
and improving maintainability across the entire container ecosystem.
* refactor: streamline Dockerfile structure and remove unused files
## 🎯 Major Cleanup:
### 🗑️ Removed Unused Files (2 files)
- Delete Dockerfile.obs (not referenced anywhere)
- Delete .docker/Dockerfile.rockylinux9.3 (not referenced anywhere)
### 📁 Reorganized File Layout
- Move Dockerfile.multi-stage → .docker/Dockerfile.multi-stage
- Update docker-compose.yml to use new path
- Keep main Dockerfile in root (production use)
- Consolidate variants in .docker/ directory
### ✅ Final Clean Structure:
### 📊 Before vs After:
- **Before**: 7 files (1 missing, 2 unused, scattered layout)
- **After**: 4 files (all used, organized layout)
- **Reduction**: 43% fewer files, 100% utilization
This eliminates confusion and reduces maintenance overhead while
keeping all actually needed functionality intact.
* refactor: implement comprehensive Docker tag strategy with production variant
- Restore production variant as default with explicit naming
- Add support for prerelease channels (alpha, beta, rc)
- Implement rolling development tags (dev, dev-variant)
- Support semantic versioning with variant combinations
- Update documentation with complete tag strategy examples
- Align with GPT-suggested comprehensive tagging approach
Tag examples:
- rustfs/rustfs:1.2.3 (main production)
- rustfs/rustfs:1.2.3-production (explicit production)
- rustfs/rustfs:1.2.3-alpine (Alpine variant)
- rustfs/rustfs:alpha (latest alpha)
- rustfs/rustfs:dev (latest development)
- rustfs/rustfs:dev-13e4a0b (specific commit)
* perf: optimize Docker build speed with comprehensive caching and compilation improvements
- Add dual caching strategy: GitHub Actions + Registry cache
- Implement sccache for Rust compilation caching across builds
- Configure parallel compilation with all available CPU cores
- Add optimized cargo configuration for faster builds
- Enable sparse registry protocol for dependency resolution
- Configure LLD linker for faster linking
- Add BuildKit optimizations with inline cache
- Disable provenance/SBOM generation for faster builds
- Document build performance improvements and timings
Performance improvements:
- Source builds: ~40-50% faster with cache hits
- Pre-built binaries: ~30-40% faster
- Parallel matrix builds reduce total CI time significantly
- Registry cache provides persistent cross-run benefits
* refactor: consolidate Docker variants and eliminate duplication
- Replace root Dockerfile with enhanced Alpine prebuild version
- Remove redundant alpine variant from build matrix
- Root Dockerfile now includes:
- Non-root user security
- Health checks
- Better error handling
- protoc/flatc tool support
- Update documentation to reflect simplified 4-variant strategy
- Remove duplicate .docker/alpine/Dockerfile.prebuild
Build matrix now:
- production (root Dockerfile - Alpine prebuild)
- alpine-source (Alpine source build)
- ubuntu (Ubuntu prebuild)
- ubuntu-source (Ubuntu source build)
Benefits:
- Eliminates functional duplication
- Improves security with non-root execution
- Maintains same image variants with better quality
- Simplifies maintenance
* fix: restore alpine variant for better user choice
- Restore alpine variant (rustfs/rustfs:1.2.3-alpine)
- Re-add .docker/alpine/Dockerfile.prebuild
- Update build matrix to include 5 variants again:
- production (default)
- alpine (explicit Alpine choice)
- alpine-source (Alpine source build)
- ubuntu (Ubuntu pre-built)
- ubuntu-source (Ubuntu source build)
- Update documentation to reflect restored alpine tags
- Fix build performance table to include all variants
User feedback: Alpine variant provides explicit choice even if
similar to production variant. Better UX with clear options.
* fix: remove redundant rustup target add commands in Alpine Dockerfiles
- Remove 'rustup target add x86_64-unknown-linux-musl' from Alpine source build
- Remove redundant target add from Alpine prebuild fallback path
- Remove redundant target add from root Dockerfile fallback path
Reason: rust:alpine base image already has x86_64-unknown-linux-musl
as the default target since Alpine uses musl libc by default.
Thanks to @houseme for spotting this redundancy in code review.
* fix: add missing RUSTFS_VOLUMES environment variable in Dockerfiles
- Add RUSTFS_VOLUMES=/data to all Dockerfile variants
- This fixes the issue where CMD ['/app/rustfs'] was used without providing the required volumes parameter
- The volumes parameter is required by the application and can be provided via command line or RUSTFS_VOLUMES environment variable
* fix: update docker-compose configurations to ensure all environments work correctly
- Added missing access key and secret key environment variables to docker-compose.yaml
- This ensures the distributed test environment has proper authentication credentials
- Complementary fix to the previous Dockerfile updates for consistent configuration
* fix: recreate missing Dockerfile.obs with complete content
- The file was accidentally left empty after initial creation
- Now contains proper Ubuntu-based configuration for observability environment
- Includes all necessary environment variables including RUSTFS_VOLUMES
- Supports docker-compose-obs.yaml configuration
* refactor: organize Docker Compose configurations and eliminate duplication
- Move specialized configurations to .docker/compose/ directory
- Rename docker-compose.yaml → docker-compose.cluster.yaml (distributed testing)
- Rename docker-compose-obs.yaml → docker-compose.observability.yaml (observability testing)
- Keep docker-compose.yml as the main production configuration
- Add comprehensive README explaining different configuration purposes
- Eliminates confusion between similar filenames
- Provides clear guidance on when to use each configuration
* fix: correct relative paths in moved Docker Compose configurations
- Fix binary volume mount paths in docker-compose.cluster.yaml (./target → ../../target)
- Fix Dockerfile.obs context path in docker-compose.observability.yaml (. → ../..)
- Fix observability config file paths (./.docker → ../../.docker)
- Update README.md with correct usage instructions for new locations
- All configurations now correctly reference files relative to their new positions
* refactor: move Dockerfile.obs to .docker/compose/ directory for better organization
- Move Dockerfile.obs from root to .docker/compose/ directory
- Update all dockerfile references in docker-compose.observability.yaml
- Keep related files (Dockerfile.obs + docker-compose.observability.yaml) together
- Clean up root directory by removing specialized-purpose Dockerfile
- Update README.md to document new file organization
- Improves project structure and file discoverability
* refactor: improve Docker build configuration for better clarity
- Move Dockerfile.obs back to project root for simpler build context
- Update docker-compose.observability.yaml to use cleaner dockerfile reference
- Change from '.docker/compose/Dockerfile.obs' to simply 'Dockerfile.obs'
- Maintain context as '../..' for access to project files
- Remove redundant Dockerfile.obs documentation from compose README
- This follows Docker best practices: simple context + Dockerfile at context root
* wip
|
||
|
houseme
|
49a5643e76 |
refactor(config): Unify S3 API and Console ports (#173)
This commit streamlines the server configuration by unifying the S3 API and the WebUI (Console) to serve on a single port. Previously, the console was managed by separate configuration options (`RUSTFS_CONSOLE_ENABLE` and `RUSTFS_CONSOLE_ADDRESS`), requiring a distinct port. This added complexity to deployment and configuration. With this change: - The `RUSTFS_CONSOLE_ADDRESS` and `RUSTFS_CONSOLE_FS_ENDPOINT` environment variables are removed. - The WebUI is now always available and served directly from the main application port defined by `RUSTFS_ADDRESS`. - This simplifies setup, reduces the number of exposed ports, and makes the application easier to manage and deploy, especially in containerized environments. Users should update their startup scripts and remove the deprecated `RUSTFS_CONSOLE_*` variables. |
||
|
kira-offgrid
|
d41ccc1551 | fix: yaml.docker-compose.security.no-new-privileges.no-new-privileges-docker-compose.yml (#63) | ||
|
houseme
|
2e14b32ccd |
chore: Add copyright and license headers (#23)
* chore: Add copyright and license headers This commit adds the Apache 2.0 license and a copyright notice to the header of all source files. This ensures that the licensing and copyright information is clearly stated within the codebase. * cargo fmt * fix * fmt * fix clippy |
||
|
houseme
|
0ea5351a1b | remove rustfs | ||
|
overtrue
|
d29bf4809d | feat: Add comprehensive Docker build pipeline for multi-architecture images |