openstack/swift
Code Issues Proposed changes

Merge "docs: Clarify that encryption should not be in reconciler pipeline"

Browse Source
This commit is contained in:
Zuul 2021-01-22 15:35:16 +00:00 committed by Gerrit Code Review
commit 48b26ba833
2 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/source/overview_encryption.rst
View File

@ -781,8 +781,9 @@ encrypted.
Encryption has no impact on the `container-reconciler` service. The Encryption has no impact on the `container-reconciler` service. The
`container-reconciler` uses an internal client to move objects between `container-reconciler` uses an internal client to move objects between
different policy rings. The destination object has the same URL as the source different policy rings. The reconciler's pipeline *MUST NOT* have encryption
object and the object is moved without re-encryption. enabled. The destination object has the same URL as the source object and the
object is moved without re-encryption.
Considerations for developers Considerations for developers

6
etc/container-reconciler.conf-sample
View File

@ -58,6 +58,12 @@
# ionice_priority = # ionice_priority =
[pipeline:main] [pipeline:main]
# Note that the reconciler's pipeline is intentionally very sparse -- it is
# only responsible for moving data from one policy to another and should not
# perform any transformations beyond (potentially) changing erasure coding.
# It notably MUST NOT include transformative middlewares (such as encryption),
# redirection middlewares (such as symlink), or composing middlewares (such
# as slo and dlo).
pipeline = catch_errors proxy-logging cache proxy-server pipeline = catch_errors proxy-logging cache proxy-server
[app:proxy-server] [app:proxy-server]