Fix entrypoint.sh incorrectly passing logs directory as data volume with improved separation (#561)

* Initial plan

* Fix entrypoint.sh: separate log directory from data volumes

Co-authored-by: overtrue <1472352+overtrue@users.noreply.github.com>

* Improve separation: use functions and RUSTFS_OBS_LOG_DIRECTORY env var

Co-authored-by: overtrue <1472352+overtrue@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: overtrue <1472352+overtrue@users.noreply.github.com>

README.md

@@ -136,6 +136,8 @@ To get started with RustFS, follow these steps:
 5. **Create a Bucket**: Use the console to create a new bucket for your objects.
 6. **Upload Objects**: You can upload files directly through the console or use S3-compatible APIs to interact with your RustFS instance.
 
+**NOTE**: If you want to access RustFS instance with `https`, you can refer to [TLS configuration docs](https://docs.rustfs.com/integration/tls-configured.html).
+
 ## Documentation
 
 For detailed documentation, including configuration options, API references, and advanced usage, please visit our [Documentation](https://docs.rustfs.com).

README_ZH.md

@@ -86,6 +86,8 @@ RustFS 是一个使用 Rust（全球最受欢迎的编程语言之一）构建
 4. **创建存储桶**：使用控制台为您的对象创建新的存储桶。
 5. **上传对象**：您可以直接通过控制台上传文件，或使用 S3 兼容的 API 与您的 RustFS 实例交互。
 
+**注意**：如果你想通过 `https` 来访问 RustFS 实例，请参考 [TLS 配置文档](https://docs.rustfs.com/zh/integration/tls-configured.html)
+
 ## 文档
 
 有关详细文档，包括配置选项、API 参考和高级用法，请访问我们的[文档](https://docs.rustfs.com)。

crates/ecstore/src/endpoints.rs

@@ -13,13 +13,12 @@
 // limitations under the License.
 
 use rustfs_utils::{XHost, check_local_server_addr, get_host_ip, is_local_host};
-use tracing::{error, instrument, warn};
+use tracing::{error, info, instrument, warn};
 
 use crate::{
     disk::endpoint::{Endpoint, EndpointType},
     disks_layout::DisksLayout,
     global::global_rustfs_port,
-    // utils::net::{self, XHost},
 };
 use std::io::{Error, Result};
 use std::{
@@ -242,15 +241,32 @@ impl PoolEndpointList {
 
                 let host = ep.url.host().unwrap();
                 let host_ip_set = if let Some(set) = host_ip_cache.get(&host) {
+                    info!(
+                        target: "rustfs::ecstore::endpoints",
+                        host = %host,
+                        endpoint = %ep.to_string(),
+                        from = "cache",
+                        "Create pool endpoints host '{}' found in cache for endpoint '{}'", host, ep.to_string()
+                    );
                     set
                 } else {
                     let ips = match get_host_ip(host.clone()).await {
                         Ok(ips) => ips,
                         Err(e) => {
-                            error!("host {} not found, error:{}", host, e);
+                            error!("Create pool endpoints host {} not found, error:{}", host, e);
                             return Err(Error::other(format!("host '{host}' cannot resolve: {e}")));
                         }
                     };
+                    info!(
+                        target: "rustfs::ecstore::endpoints",
+                        host = %host,
+                        endpoint = %ep.to_string(),
+                        from = "get_host_ip",
+                        "Create pool endpoints host '{}' resolved to ips {:?} for endpoint '{}'",
+                        host,
+                        ips,
+                        ep.to_string()
+                    );
                     host_ip_cache.insert(host.clone(), ips);
                     host_ip_cache.get(&host).unwrap()
                 };

crates/utils/src/dns_resolver.rs

@@ -12,6 +12,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+#![allow(dead_code)]
+
 //! Layered DNS resolution utility for Kubernetes environments
 //!
 //! This module provides robust DNS resolution with multiple fallback layers:

crates/utils/src/net.rs

@@ -118,17 +118,17 @@ pub fn is_local_host(host: Host<&str>, port: u16, local_port: u16) -> std::io::R
 pub async fn get_host_ip(host: Host<&str>) -> std::io::Result<HashSet<IpAddr>> {
     match host {
         Host::Domain(domain) => {
-            match crate::dns_resolver::resolve_domain(domain).await {
-                Ok(ips) => {
-                    info!("Resolved domain {domain} using custom DNS resolver: {ips:?}");
-                    return Ok(ips.into_iter().collect());
-                }
-                Err(err) => {
-                    error!(
-                        "Failed to resolve domain {domain} using custom DNS resolver, falling back to system resolver,err: {err}"
-                    );
-                }
-            }
+            // match crate::dns_resolver::resolve_domain(domain).await {
+            //     Ok(ips) => {
+            //         info!("Resolved domain {domain} using custom DNS resolver: {ips:?}");
+            //         return Ok(ips.into_iter().collect());
+            //     }
+            //     Err(err) => {
+            //         error!(
+            //             "Failed to resolve domain {domain} using custom DNS resolver, falling back to system resolver,err: {err}"
+            //         );
+            //     }
+            // }
             // Check cache first
             if let Ok(mut cache) = DNS_CACHE.lock() {
                 if let Some(entry) = cache.get(domain) {

docker-compose.yml

@@ -40,6 +40,7 @@ services:
       - RUSTFS_ACCESS_KEY=rustfsadmin
       - RUSTFS_SECRET_KEY=rustfsadmin
       - RUSTFS_LOG_LEVEL=info
+      - RUSTFS_TLS_PATH=/opt/tls
       - RUSTFS_OBS_ENDPOINT=http://otel-collector:4317
     volumes:
       - rustfs_data_0:/data/rustfs0
@@ -47,6 +48,7 @@ services:
       - rustfs_data_2:/data/rustfs2
       - rustfs_data_3:/data/rustfs3
       - logs_data:/app/logs
+      - .docker/tls/:/opt/tls # TLS configuration, you should create tls directory and put your tls files in it and then specify the path here
     networks:
       - rustfs-network
     restart: unless-stopped

entrypoint.sh

@@ -12,49 +12,68 @@ elif [ "$1" = "rustfs" ]; then
   set -- /usr/bin/rustfs "$@"
 fi
 
-# 2) Parse and create local mount directories (ignore http/https), ensure /logs is included
-VOLUME_RAW="${RUSTFS_VOLUMES:-/data}"
-# Convert comma/tab to space
-VOLUME_LIST=$(echo "$VOLUME_RAW" | tr ',\t' ' ')
-LOCAL_VOLUMES=""
-for vol in $VOLUME_LIST; do
-  case "$vol" in
-    /*)
-      case "$vol" in
-        http://*|https://*) : ;;
-        *) LOCAL_VOLUMES="$LOCAL_VOLUMES $vol" ;;
-      esac
-      ;;
-    *)
-      : # skip non-local paths
-      ;;
-  esac
-done
-# Ensure /logs is included
-case " $LOCAL_VOLUMES " in
-  *" /logs "*) : ;;
-  *) LOCAL_VOLUMES="$LOCAL_VOLUMES /logs" ;;
-esac
+# 2) Process data volumes (separate from log directory)
+DATA_VOLUMES=""
+process_data_volumes() {
+  VOLUME_RAW="${RUSTFS_VOLUMES:-/data}"
+  # Convert comma/tab to space
+  VOLUME_LIST=$(echo "$VOLUME_RAW" | tr ',\t' ' ')
+  
+  for vol in $VOLUME_LIST; do
+    case "$vol" in
+      /*)
+        case "$vol" in
+          http://*|https://*) : ;;
+          *) DATA_VOLUMES="$DATA_VOLUMES $vol" ;;
+        esac
+        ;;
+      *)
+        : # skip non-local paths
+        ;;
+    esac
+  done
+  
+  echo "Initializing data directories:$DATA_VOLUMES"
+  for vol in $DATA_VOLUMES; do
+    if [ ! -d "$vol" ]; then
+      echo "  mkdir -p $vol"
+      mkdir -p "$vol"
+      # If target user is specified, try to set directory owner to that user (non-recursive to avoid large disk overhead)
+      if [ -n "$RUSTFS_UID" ] && [ -n "$RUSTFS_GID" ]; then
+        chown "$RUSTFS_UID:$RUSTFS_GID" "$vol" 2>/dev/null || true
+      elif [ -n "$RUSTFS_USERNAME" ] && [ -n "$RUSTFS_GROUPNAME" ]; then
+        chown "$RUSTFS_USERNAME:$RUSTFS_GROUPNAME" "$vol" 2>/dev/null || true
+      fi
+    fi
+  done
+}
 
-echo "Initializing mount directories:$LOCAL_VOLUMES"
-for vol in $LOCAL_VOLUMES; do
-  if [ ! -d "$vol" ]; then
-    echo "  mkdir -p $vol"
-    mkdir -p "$vol"
+# 3) Process log directory (separate from data volumes)
+process_log_directory() {
+  LOG_DIR="${RUSTFS_OBS_LOG_DIRECTORY:-/logs}"
+  
+  echo "Initializing log directory: $LOG_DIR"
+  if [ ! -d "$LOG_DIR" ]; then
+    echo "  mkdir -p $LOG_DIR"
+    mkdir -p "$LOG_DIR"
     # If target user is specified, try to set directory owner to that user (non-recursive to avoid large disk overhead)
     if [ -n "$RUSTFS_UID" ] && [ -n "$RUSTFS_GID" ]; then
-      chown "$RUSTFS_UID:$RUSTFS_GID" "$vol" 2>/dev/null || true
+      chown "$RUSTFS_UID:$RUSTFS_GID" "$LOG_DIR" 2>/dev/null || true
     elif [ -n "$RUSTFS_USERNAME" ] && [ -n "$RUSTFS_GROUPNAME" ]; then
-      chown "$RUSTFS_USERNAME:$RUSTFS_GROUPNAME" "$vol" 2>/dev/null || true
+      chown "$RUSTFS_USERNAME:$RUSTFS_GROUPNAME" "$LOG_DIR" 2>/dev/null || true
     fi
   fi
-done
+}
 
-# 3) Default credentials warning
+# Execute the separate processes
+process_data_volumes
+process_log_directory
+
+# 4) Default credentials warning
 if [ "${RUSTFS_ACCESS_KEY}" = "rustfsadmin" ] || [ "${RUSTFS_SECRET_KEY}" = "rustfsadmin" ]; then
   echo "!!!WARNING: Using default RUSTFS_ACCESS_KEY or RUSTFS_SECRET_KEY. Override them in production!"
 fi
 
 echo "Starting: $*"
-set -- "$@" $LOCAL_VOLUMES
+set -- "$@" $DATA_VOLUMES
 exec "$@"

rustfs/src/main.rs

@@ -64,7 +64,6 @@ use rustfs_iam::init_iam_sys;
 use rustfs_notify::global::notifier_instance;
 use rustfs_obs::{init_obs, set_global_guard};
 use rustfs_targets::arn::TargetID;
-use rustfs_utils::dns_resolver::init_global_dns_resolver;
 use rustfs_utils::net::parse_and_resolve_address;
 use s3s::s3_error;
 use std::io::{Error, Result};
@@ -129,12 +128,12 @@ async fn main() -> Result<()> {
 async fn run(opt: config::Opt) -> Result<()> {
     debug!("opt: {:?}", &opt);
 
-    // Initialize global DNS resolver early for enhanced DNS resolution (concurrent)
-    let dns_init = tokio::spawn(async {
-        if let Err(e) = init_global_dns_resolver().await {
-            warn!("Failed to initialize global DNS resolver: {}. Using standard DNS resolution.", e);
-        }
-    });
+    // // Initialize global DNS resolver early for enhanced DNS resolution (concurrent)
+    // let dns_init = tokio::spawn(async {
+    //     if let Err(e) = rustfs_utils::dns_resolver::init_global_dns_resolver().await {
+    //         warn!("Failed to initialize global DNS resolver: {}. Using standard DNS resolution.", e);
+    //     }
+    // });
 
     if let Some(region) = &opt.region {
         rustfs_ecstore::global::set_global_region(region.clone());
@@ -153,8 +152,8 @@ async fn run(opt: config::Opt) -> Result<()> {
 
     set_global_addr(&opt.address).await;
 
-    // Wait for DNS initialization to complete before network-heavy operations
-    dns_init.await.map_err(Error::other)?;
+    // // Wait for DNS initialization to complete before network-heavy operations
+    // dns_init.await.map_err(Error::other)?;
 
     // For RPC
     let (endpoint_pools, setup_type) = EndpointServerPools::from_volumes(server_address.clone().as_str(), opt.volumes.clone())

rustfs/src/storage/ecfs.rs

@@ -1209,6 +1209,7 @@ impl S3 for FS {
             name: v2.name,
             prefix: v2.prefix,
             max_keys: v2.max_keys,
+            common_prefixes: v2.common_prefixes,
             ..Default::default()
         }))
     }