forked from Azure/azure-storage-fuse
-
Notifications
You must be signed in to change notification settings - Fork 0
/
baseConfig.yaml
194 lines (178 loc) · 12.7 KB
/
baseConfig.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
# MUST READ :
# If you are creating a blobfuse2 config file using this kindly take care of below points
# 1. All boolean configs (true|false config) (except ignore-open-flags, virtual-directory) are set to 'false' by default.
# No need to mention them in your config file unless you are setting them to true.
# 2. 'loopbackfs' is purely for testing and shall not be used in production configuration.
# 3. 'stream' and 'file_cache' can not co-exist and config file shall have only one of them based on your use case.
# 4. By default log level is set to 'log_warning' level and are redirected to syslog.
# Either use 'base' logging or syslog filters to redirect logs to separate file.
# To install syslog filter follow below steps:
# sudo cp setup/11-blobfuse2.conf /etc/rsyslog.d/
# sudo cp setup/blobfuse2-logrotate /etc/logrotate.d/
# sudo service rsyslog restart
# 5. For non-HNS (flat namespace) accounts blobfuse expects special directory marker files to
# exists in container to identify a directory.
# If these files do not exist in container, then 'virtual-directory: true' in 'azstorage' section is required
# 6. By default 'writeback-cache' is enabled for libfuse3 and this may result in append/write operations to fail.
# Either you can disable 'writeback-cache', which might hurt the performance
# or you can configure blobfuse2 to ignore open flags given by user and make it work with ''writeback-cache'.
# 'libfuse' sectoin below has both the configurations.
# 7. If are you using 'allow-other: true' config then make sure user_allow_other is enabled in /etc/fuse.conf file as
# well otherwise mount will fail. By default /etc/fuse.conf will have this option disabled we just need to
# enable it and save the file.
# 8. If data in your storage account (non-HNS) is created using Blobfuse or AzCopy then there are marker files present
# in your container to mark a directory. In such cases you can optimize your listing by setting 'virtual-directory'
# flag to false in mount command.
# -----------------------------------------------------------------------------------------------------------------------
# Daemon configuration
foreground: true|false <run blobfuse2 in foreground or background>
# Common configurations
read-only: true|false <mount in read only mode - used for Streaming and FUSE>
allow-other: true|false <allow other users to access the mounted directory - used for FUSE and File Cache>
nonempty: true|false <allow mounting on non-empty directory>
# Dynamic profiler related configuration. This helps to root-cause high memory/cpu usage related issues.
dynamic-profile: true|false <allows to turn on dynamic profiler for cpu/memory usage monitoring. Only for debugging, shall not be used in production>
profiler-port: <port number for dynamic-profiler to listen for REST calls. Default - 6060>
profiler-ip: <IP address for dynamic-profiler to listen for REST calls. Default - localhost>
# Logger configuration
logging:
type: syslog|silent|base <type of logger to be used by the system. silent = no logger, base = file based logger. Default - syslog>
level: log_off|log_crit|log_err|log_warning|log_info|log_trace|log_debug <log level. Default - log_warning>
file-path: <path where log files shall be stored. Default - '$HOME/.blobfuse2/blobfuse2.log'>
max-file-size-mb: <maximum allowed size for each log file (in MB). Default - 512 MB>
file-count: <maximum number of files to be rotated to preserve old logs. Default - 10>
track-time: true|false <track time taken by important operations>
# Pipeline configuration. Choose components to be engaged. The order below is the priority order that needs to be followed.
components:
- libfuse
- stream
- block_cache
- file_cache
- attr_cache
- azstorage
- loopbackfs
# Libfuse configuration
libfuse:
default-permission: 0777|0666|0644|0444 <default permissions to be presented for block blobs>
attribute-expiration-sec: <time kernel can cache inode attributes (in sec). Default - 120 sec>
entry-expiration-sec: <time kernel can cache directory listing attributes (in sec). Default - 120 sec>
negative-entry-expiration-sec: <time kernel can cache attributes of non existent paths (in sec). Default - 120 sec>
fuse-trace: true|false <enable libfuse api trace logs for debugging>
extension: <physical path to extension library>
disable-writeback-cache: true|false <disallow libfuse to buffer write requests if you must strictly open files in O_WRONLY or O_APPEND mode. alternatively, you can set ignore-open-flags.>
ignore-open-flags: true|false <ignore the append and write only flag since O_APPEND and O_WRONLY is not supported with writeback caching. alternatively, you can disable-writeback-cache. Default value is true>
max-fuse-threads: <number of threads allowed at libfuse layer for highly parallel operations, Default is 128>
direct-io: true|false <enable to bypass the kernel cache>
# Streaming configuration
stream:
# If block-size-mb, max-buffers or buffer-size-mb are 0, the stream component will not cache blocks.
block-size-mb: <for read only mode size of each block to be cached in memory while streaming (in MB). For read/write size of newly created blocks. Default - 0 MB>
max-buffers: <total number of buffers to store blocks in. Default - 0>
buffer-size-mb: <size for each buffer. Default - 0 MB>
file-caching: <read/write mode file level caching or handle level caching. Default - false (handle level caching ON)>
# Block cache related configuration
block_cache:
block-size-mb: <size of each block to be cached in memory (in MB). Default - 16 MB>
mem-size-mb: <total amount of memory to be preallocated for block cache (in MB). Default - 4192 MB>
path: <path to local disk cache where downloaded blocked will be stored>
disk-size-mb: <maximum disk cache size allowed. Default - 4192 MB>
disk-timeout-sec: <default disk cache eviction timeout (in sec). Default - 120 sec>
prefetch: <number of blocks to be prefetched in serial read case. Min - 11>
parallelism: <number of parallel threads downloading the data and writing to disk cache. Default - 128>
prefetch-on-open: true|false <prefetch blocks on open. This shall be used only when user application is going to read file from offset 0>
# Disk cache related configuration
file_cache:
# Required
path: <path to local disk cache>
# Optional
policy: lru|lfu <eviction policy to be engaged for cache eviction. lru = least recently used file to be deleted, lfu = least frequently used file to be deleted. Default - lru>
timeout-sec: <default cache eviction timeout (in sec). Default - 120 sec>
max-eviction: <number of files that can be evicted at once. Default - 5000>
max-size-mb: <maximum cache size allowed. Default - 0 (unlimited)>
high-threshold: <% disk space consumed which triggers eviction. This parameter overrides 'timeout-sec' parameter and cached files will be removed even if they have not expired. Default - 80>
low-threshold: <% disk space consumed which triggers eviction to stop when previously triggered by the high-threshold. Default - 60>
create-empty-file: true|false <create an empty file on container when create call is received from kernel>
allow-non-empty-temp: true|false <allow non empty temp directory at startup>
cleanup-on-start: true|false <cleanup the temp directory on startup, if its not empty>
policy-trace: true|false <generate eviction policy logs showing which files will expire soon>
offload-io: true|false <by default libfuse will service reads/writes to files for better perf. Set to true to make file-cache component service read/write calls.>
sync-to-flush: true|false <sync call to a file will force upload of the contents to storage account>
refresh-sec: <number of seconds after which compare lmt of file in local cache and container and refresh file if container has the latest copy>
ignore-sync: true|false <sync call will be ignored and locally cached file will not be deleted>
hard-limit: true|false <if set to true, file-cache will not allow read/writes to file which exceed the configured limits>
# Attribute cache related configuration
attr_cache:
timeout-sec: <time attributes can be cached (in sec). Default - 120 sec>
no-cache-on-list: true|false <do not cache attributes during listing, to optimize performance>
no-symlinks: true|false <to improve performance disable symlink support. symlinks will be treated like regular files.>
max-files: <maximum number of files in the attribute cache at a time. Default - 5000000>
# Loopback configuration
loopbackfs:
path: <path to local directory>
# Azure storage configuration
azstorage:
# Required
type: block|adls <type of storage account to be connected. Default - block>
account-name: <name of the storage account>
container: <name of the storage container to be mounted>
endpoint: <storage account endpoint (example - https://account-name.blob.core.windows.net)>
mode: key|sas|spn|msi <kind of authentication to be used>
account-key: <storage account key>
# OR
sas: <storage account sas>
# OR
appid: <storage account app id / client id for MSI>
resid: <storage account resource id for MSI>
objid: <object id for MSI>
# OR
tenantid: <storage account tenant id for SPN>
clientid: <storage account client id for SPN>
clientsecret: <storage account client secret for SPN>
oauth-token-path: <path to file containing the OAuth token>
# Optional
use-http: true|false <use http instead of https for storage connection>
aadendpoint: <storage account custom aad endpoint>
subdirectory: <name of subdirectory to be mounted instead of whole container>
block-size-mb: <size of each block (in MB). Default - 16 MB>
max-concurrency: <number of parallel upload/download threads. Default - 32>
tier: hot|cool|archive|none <blob-tier to be set while uploading a blob. Default - none>
block-list-on-mount-sec: <time list api to be blocked after mount (in sec). Default - 0 sec>
max-retries: <number of retries to attempt for any operation failure. Default - 5>
max-retry-timeout-sec: <maximum timeout allowed for a given retry (in sec). Default - 900 sec>
retry-backoff-sec: <retry backoff between two tries (in sec). Default - 4 sec>
max-retry-delay-sec: <maximum delay between two tries (in sec). Default - 60 sec>
http-proxy: ip-address:port <http proxy to be used for connection>
https-proxy: ip-address:port <https proxy to be used for connection>
sdk-trace: true|false <enable storage sdk logging>
fail-unsupported-op: true|false <for block blob account return failure for unsupported operations like chmod and chown>
auth-resource: <resource string to be used during OAuth token retrieval>
update-md5: true|false <set md5 sum on upload. Impacts performance. works only when file-cache component is part of the pipeline>
validate-md5: true|false <validate md5 on download. Impacts performance. works only when file-cache component is part of the pipeline>
virtual-directory: true|false <support virtual directories without existence of a special marker blob. Default - true>
disable-compression: true|false <disable transport layer content encoding like gzip, set this flag to true if blobs have content-encoding set in container>
max-results-for-list: <maximum number of results returned in a single list API call while getting file attributes. Default - 2>
telemetry : <additional information that customer want to push in user-agent>
honour-acl: true|false <honour ACLs on files and directories when mounted using MSI Auth and object-ID is provided in config>
cpk-enabled: true|false <enable client provided key encryption>
cpk-encryption-key: <customer provided base64-encoded AES-256 encryption key value>
cpk-encryption-key-sha256: <customer provided base64-encoded sha256 of the encryption key>
# Mount all configuration
mountall:
# allowlist takes precedence over denylist in case of conflicts
container-allowlist:
- <list of containers to be mounted>
container-denylist:
- <list of containers not to be mounted>
# Health Monitor configuration
health_monitor:
enable-monitoring: true|false <enable health monitor>
stats-poll-interval-sec: <Blobfuse2 stats polling interval (in sec). Default - 10 sec>
process-monitor-interval-sec: <CPU, memory and network usage polling interval (in sec). Default - 30 sec>
output-path: <Path where health monitor will generate its output file. File name will be monitor_<pid>.json>
# list of monitors to be disabled
monitor-disable-list:
- blobfuse_stats <Disable blobfuse2 stats polling>
- file_cache_monitor <Disable file cache directory monitor>
- cpu_profiler <Disable CPU monitoring on blobfuse2 process>
- memory_profiler <Disable memory monitoring on blobfuse2 process>
- network_profiler <Disable network monitoring on blobfuse2 process>