Lifecycle policy specification includes a cluster setting, policy headers on domain and bucket objects, bucket policies as stored in Swarm storage (as headers) by the Gateway, and relevant changes to the UIS for lifecycle policies.
Cluster Setting Values
The CAStor cluster setting policy.lifecycle supports the following two values:
disabled – The evaluation of all lifecycle policies is disabled in the cluster. Generally, the default value disables the feature, giving the legacy behavior, so disabled is the default for the setting.
enabled – Lifecycle policy may be disabled at the domain level for domains where such policies should not be applied.
The policy.lifecycle setting will be persisted and set-able via the Management API and SNMP just like other policy settings.
Policy Header Values
Domain objects supports a persisted Policy-Lifecycle header that controls the behavior of lifecycle policies for buckets in the domain. The header supports one of the following values:
<unspecified> – The lack of a defined policy header means that lifecycle policies are only enabled for buckets in the domain exactly when the policy.lifecycle setting is enabled.
enabled – The lifecycle policies are enabled for buckets in the domain, but only when the policy.lifecycle cluster setting is enabled.
disabled – The lifecycle policies are disabled for buckets in the domain regardless of the policy.lifecycle setting. The Policy-Lifecycle value may be prefixed with a <cluster name>=, meaning that the policy only applies within the specified cluster. If this feature is used, multiple values are allowed.
Domain objects will NOT support policy specification on domains that applies to tenanted content in the domain.
Bucket objects support a Policy-Lifecycle header with multiple values. Each such header value encodes exactly one lifecycle policy. Each Policy-Lifecycle complete rule value may be suffixed with a :<cluster name>, meaning that the policy only applies within the specified cluster. Each lifecycle rule is comprised of a number of optional attributes, expressed as <name>:<value> pairs separated by spaces. Extra spaces are allowed at the beginning, end & before and after the colon.
Duplicate names are not allowed within a rule.
Unsupported names or values result in a 400 on the bucket (or domain) write.
Supported Attributes
The following attributes are supported:
Attribute | Value | Definition |
|---|---|---|
RuleId | <unique rule id> | A required, user-defined id of the rule. The required quotes allow spaces in the id. Double quotes in the id must be backslash escaped. |
Enabled | <true|false> | An optional indication as to whether the rule is enabled. The absence of the attribute indicates the rule is enabled. |
NamePrefix | <prefix> | An optional prefix to be matched against the relative name of the object in question. Quotes are required. The first character of the prefix should not be a slash. Only if the prefix matched an object name would the rule be applied to the object. The absence of this attribute means that the rule applies to all the objects in the bucket. The quotes allow vertical spaces in the prefix. Double quotes in the prefix must be backslash escaped. |
ExpirationDays | <nonnegative integer> | The rule indicates that the current version of the object should be expired after some number of days. |
ExpirationDate | <ISO 8601 date> | The rule indicates that the current version of the object should be expired after the specified date (midnight UTC time). |
ObsoleteExpirationDays | <nonnegative integer> | The rule indicates that a non-current version of an object should be expired after some number of days after the time when the object became non-current. If versioning is not enabled in the bucket, this rule has no effect. |
ObsoleteExpirationDate | <ISO 8601 date> | The rule indicates that a non-current version of the object should be expired after the specified date (midnight UTC time). If versioning is not enabled in the bucket, this rule has no effect. |
Rules with Attributes
Every rule must have one or more expiration-related attributes.
Every rule must have an action.
A rule may not have both ExpirationDays and ExpirationDate attributes.
A rule may not have both ObsoleteExpirationDays and ObsoleteExprirationDate attributes.
For expiration days, the expiration time refers to;
Creation time of the current version + Number of days indicated + Rounded up to the next midnight UTC.For obsolete expiration days, the expiration time refers to;
Create time of the next newer object in the versioning chain + Number of days indicated + Round up to the next midnight UTC.ISO 8601 dates must unambiguously specify a calendar date. The (unspecified) expiration time is always midnight UTC of that date.
Expiration of a current version of an object that is not a delete marker in a versioning enabled bucket means to create a delete marker, pushing the current version down the versioning stack.
In all other cases, the object or object version is permanently deleted.
The Gateway supports normal SCSP reads & writes of domain and bucket headers with those policies specified. Additionally, the Gateway S3 interface is modified to support GET, PUT, DELETE and related permissions for bucket lifecycle policies as specified in the S3 documentation (good to have a link). Gateway will validate such policies against the S3 specification. On PUT or DELETE, Gateway will translate the client-supplied bucket policy specifications into the appropriate CAStor bucket headers. Aspects of the bucket lifecycle policies that are not supported by CAStor will be dropped during this translation, such as storage class transitions. On the bucket lifecycle policy GET reply, Gateway will reverse translate any (Policy-Lifecycle) headers on the bucket object for its S3 response.
UIC will provide appropriate editing methods for bucket lifecycle policies at the cluster, domain, and bucket levels.
Lifecycle policies are part of the overall context-level policy framework. GET and HEAD requests on contexts and name objects (with the verbose query argument) will return Policy-Lifecycle-Evaluated and Policy-Lifecycle-Evaluated-Constrained headers describing whether the lifecycle policies are in force at the various levels (cluster, domain, bucket).