Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Lifecycle policy specification includes:

  • Cluster setting

  • Policy header on domain objects (optional)

  • Policy headers on bucket objects

Cluster Setting Values

The Swarm cluster setting policy.lifecycle supports two values:

  • disabled – By default, the evaluation of all lifecycle policies is disabled in the cluster to provide legacy behavior.

  • enabled – Lifecycle policies may be enabled or disabled at the domain level for domains where such policies are applied.

The policy.lifecycle setting can be set via Management API.

SNMP Name

Default

Desciption

bidding.relocationThreshold

5

Percentage, 0-100. How much difference between volume utilizations will cause a lower bid on another node to relocate or rebalance a replica to the other node. Lower values improve load balancing and throughput. Higher values minimize data movement at the expense of lower maximum throughput.

SNMP: relocationThreshold

cip.group

224.0.10.100

The multicast IP address for the cluster, as a Class D IP address in the 224.0.0.0 - 239.255.255.255 range. This address must be unique for each cluster. When configuring multiple, distinct clusters, take care that the multicast groups do not overlap, as any node with the same multicast group will become part of a single cluster.

SNMP: group

Examples: 224.5.5.7, 239.255.255.253

cip.queryRetryMultiplier

1

What multiple of time to wait on each successive UDP multicast read retry.

SNMP: queryRetryMultiplier

cip.ttl

1

Controls configuration of multicast network traffic TTL (time to live). When set to 1, the multicast traffic should remain on the subnet.

cluster.enforceTenancy

FALSE

Setting to True (recommended) ensures that all content is written into a domain named in the request or else into the default domain. Setting to False (default) allows backward compatibility for applications in use before Swarm 5.0 that access data outside of domains and is required when using Gateway in legacy only mode to access this kind of content. Set to True for new deployments.

SNMP: enforceTenancy

cluster.name

The name of the cluster. Use an IANA-compatible domain name, such as cluster.example.com, and create one domain with the same name as the cluster, which sets up a default cluster domain that holds all unnamed objects. Do not use spaces in the name. To prevent confusion, configure all nodes in the cluster with the same cluster name.

SNMP: cluster

Example: swarm1.yourcompany.com

cluster.proxyIPAddress

[deprecated] The reverse proxy IP address for the cluster. Use cluster.proxyIPList instead.

Example: 129.3.7.14

cluster.proxyIPList

For use with bidirectional GET replication only, to configure proxies on the source side for the target nodes to connect to. A comma-separated list of reverse proxy IP addresses or names, including ports in name:port format.

SNMP: clusterProxyIpList

Example: 129.3.7.14:80, 129.3.7.15:80

cluster.proxyPort

80

[deprecated] The reverse proxy access port for the cluster. Use cluster.proxyIPList instead.

console.expiryErrInterval

10

Number of days before the cluster license expires to generate an error as a log message and a console indicator.

console.expiryWarnInterval

30

Number of days before the cluster license expires to generate a warning as a log message and a console indicator.

console.indexErrorLevel

90

Percentage, 0-100. How much index utilization will generate an error as a log message and a console indicator.

console.indexWarningLevel

80

Percentage, 0-100. How much index utilization will generate a warning as a log message and a console indicator.

console.messageExpirationSeconds

1209600

In seconds; defaults to 2 weeks. How long until an error expires out of the error table.

SNMP: messageExpirationSeconds

console.port

90

Which port Swarm uses to listen for requests. All nodes in the same cluster must be set to the same port. When deploying Swarm into untrusted network environments, firewall this port so that only administrators can access it.

console.reportStyleUrl

The URL for the path to the stylesheet and image files for configuring Swarm console.

Example: http://10.10.15.32/css/swarm-reports.css

console.spaceErrorLevel

10

Percentage, 0-100. How much cluster capacity remaining will generate an error as a log message and a console indicator.

console.spaceWarnLevel

25

Percentage, 0-100. How much cluster capacity remaining will generate a warning as a log message and a console indicator.

console.styleUrl

The URL for the path to the stylesheet and image files for configuring the Swarm console.

Example: http://10.10.15.32/css/swarm.css

disk.atimeEnabled

FALSE

Whether to track the time of last access on GET requests, stored in the Castor-System-Accessed header and indexed as the search field 'accessed'. Increases load on the cluster and Elasticsearch.

SNMP: accessedTimeEnabled

disk.atimeGranularity

86400

In seconds; defaults to 1 day. The window during which accessed time will not be updated. Lowering the value affects GET performance.

SNMP: accessedTimeGranularity

disk.contextDeleteMarkerLifespan

31536000

In seconds; defaults to 1 year. How long a delete marker lives for a context (domain or bucket) object.

disk.deleteMarkerLifespan

1209600

In seconds; defaults to 2 weeks. How long the cluster remembers a deleted named object. Lower this value if your applications create and delete objects so rapidly that they cause available memory to decrease. To view the current amount of available memory on a node, expand Node Info to see the value of Index Utilization. If this value is high for a long period of time, you may have stored a large number of objects and may benefit from lowering this value.

disk.obsoleteTimeout

1209600

In seconds; defaults to 2 weeks. The amount of time after which an unused volume is considered "stale" and will not recover, except with use of the 'k' modifier.

ec.conversionPercentage

0

Percentage, 1-100; 0 stops all conversion. Adjusts the rate at which the Health Processor consolidates multi-set erasure-coded objects each HP cycle. Lower to reduce cluster load; increase to convert a large number of eligible objects faster, at the cost of load on the cluster. Requires policy.eCEncoding to be specified.

SNMP: ecConversionPercentage

ec.convertToPolicy

FALSE

When true, convert existing EC objects to the EC encoding specified by policy.

SNMP: ecConvertToPolicy

ec.convertVersionedObjects

FALSE

When true, Swarm performs lifepoint conversions and consolidations of multi-set erasure-coded versioned objects.

SNMP: ecConvertVersionedObjects

ec.maxManifests

6

Range, 3-36. The maximum number of manifests written for an EC object. Usually p+1 are written for a k:p encoding. Do not set above 6 unless directed by Support.

SNMP: ecMaxManifests

ec.minParity

-1

Range -1 or 1-4; default of -1 is max(policyminreps - 1, 1), where policyminreps is the min value in policy.replicas. The minimum number of parity segments the cluster requires. This is the lower limit on p for EC content protection, regardless of the parity value expressed on individual objects through query arguments or lifepoints.

SNMP: ecMinParity

ec.protectionLevel

node

Either 'node', 'subcluster', or 'volume'. At what level segments must be distributed for an EC write to succeed; note that multiple segments are allowed per level, if needed. 'node' (default) distributes segments across the cluster's physical/virtual machines. 'subcluster' requires node.subcluster to be defined across sets of nodes. You must have (k+p)/p nodes/subclusters for those levels; at minimum, you must have k+p volumes.

SNMP: ecProtectionLevel

ec.segmentConsolidationFrequency

10

Percentage, 1-100, 0 to disable. How quickly the health processor consolidates object segments after ingest. Increase this value (such as to 25, to consolidate over 4 HP cycles) to make new content readable sooner by clients. For multipart uploads via S3 clients, 10 is recommended; for SwarmFS, 100 is recommended, with extra space allowances for trapped space. Consolidation changes the ETag (which affects If-Match requests) and Castor-System-Version headers, but Content-MD5 and Castor-System-CompositeMD5 headers are unchanged. Therefore, have clients use hash and last-modified date, rather than ETag, to find if an object has changed.

SNMP: ecSegmentConsolidationFrequency

ec.segmentSize

-1

In bytes; default of -1 implies 200 MB, with recommended minimum of 100 MB. The maximum size allowed for an EC segment before triggering another level of erasure coding. For mostly large (1+ GB) objects, increase to minimize the number of EC sets, which reduces index memory usage. Alternatively, increase the size as needed per write request using the 'segmentsize' query arg.

SNMP: ecSegmentSize

feeds.retry

[30, 300, 1200]

In seconds. The progressive number of retry attempts by the plug-in, when blocked.

SNMP: feedsRetryDelays

Example: [60, 60, 60, 3600]

feeds.statsReportInterval

300

In seconds. How frequently to report statistics.

health.defragInterval

3600

In seconds; defaults to 1 hour. How long to wait between attempts to defrag a volume during an HP cycle.

SNMP: healthDefragInterval

health.ecrSegmentDelay

0

In seconds; defaults to 0.0. Tunes ECRs by defining the length of the forced delay after each segment is relocated. Change from default only as directed.

SNMP: healthFVRPushDelay

health.examDelay

0.18

In seconds; defaults to 0.18. Tunes the health processor by defining the length of the forced delay until the next HP exam, or removes the delay altogether (-1). Change from default only as directed.

SNMP: healthExamDelay

health.fvrPushDelay

0.3

In seconds; defaults to 0.3. Tunes FVRs by defining the length of the forced delay after each replica/bundle is pushed to another node. Change from default only as directed.

SNMP: healthFVRPushDelay

health.neonatalROWProtection

TRUE

If the exam queue for newly written objects is close to overflow, enables Swarm to override the data protection scheme of transitioning to ROW (scsp.replicateOnWrite). All subsequent replicas are processed out of this queue.

health.offloadPauseInterval

600

The delay between attempts to bulk offload to the cluster, in seconds.

SNMP: healthOffloadPauseInterval

health.parallelWriteTimeout

2592000

In seconds; defaults to 1 month. When to time out an uncompleted multipart upload so that Swarm can clean up the unused parts. 0 disables; do not disable if using SwarmFS.

SNMP: healthParallelWriteTimeout

health.persistentUnderreplicationAlertPercent

2

Percentage, 0-100; set 0 to disable. Creates an alert when this percentage (or more) of objects are persistently under-replicated.

SNMP: healthPersistentUnderreplicationAlertPercent

health.recursiveDeleteDelay

604800

In seconds; defaults to 1 week. The length of the grace period before the health processor begins reclaiming the space for a deleted domain or bucket. During this grace period, you can restore the domain or bucket without losing any of its content. No grace period is granted if you use recursive=now.

health.relocationVolumeFillRate

10

Percentage, 0-100. How much available space on new volumes may be filled for object relocation during one cluster health processor (HP) cycle, to prevent the HP on existing nodes from overwhelming a new, empty node.

SNMP: hpRelocationVolumeFillRate

health.replicationMulticastFrequency

1

Percentage, 0-100. The frequency, as an approximate percentage, that UUIDs are multicast to verify replicas. Set this parameter to the same value for all nodes in the cluster.

SNMP: repMulticastFrequency

health.replicationUnicastFrequency

100

Percentage, 0-100. The frequency, as an approximate percentage, that a unit is forced to verify hints.

SNMP: repUnicastFrequency

health.underreplicationAlertPercent

10

Percentage, 0-100; set 0 to disable. Generates an under-replication alert when the percentage of under-replicated objects exceeds this value.

SNMP: healthUnderreplicationAlertPercent

health.underreplicationTolerance

100

Count. The number of under-replicated objects below which to suppress the alerts triggered by health.underreplicationAlertPercent.

SNMP: healthUnderreplicationTolerance

index.optimize404

TRUE

Enables the Optimize 404 feature in the overlay index, which returns 404 without multicast where possible.

SNMP: overlayOptimize404

index.ovMinNodes

3

Count. The minimum number of cluster nodes needed to activate use of the overlay index.

SNMP: overlayMinNodes

index.overlayEnabled

TRUE

Enables the overlay index.

SNMP: overlayIndexEnabled

log.host

The IP address of the remote Syslog server. Logging must be used for production environments. Set to '' to stop logging in test environments.

SNMP: logHost

Example: 10.10.33.12

log.level

40

The log level, from most to least verbose, each including everything below it: 10, 20, 30, 40, 50, 0. 10 Debug (all information plus stack traces), 15 Audit (replication and object movement), 20 Info (informational, including non-errors), 30 Warn (user and application errors, plus SCSP 4xx/5xx codes), 40 Error (server hardware and software errors, plus abnormal conditions), 50 Critical (errors that can result in data loss, such as disk I/O errors), 0 Disable logging.

SNMP: logLevel

log.obscureUUIDs

FALSE

Whether to obscure UUIDs from displaying in INFO and higher level logs (does not affect AUDIT and lower levels). Set to True to abbreviate the UUID, if indicated by your security requirements.

SNMP: logObscureUUIDs

log.port

514

The port for the remote syslog host to use.

SNMP: logPort

metrics.diskUtilizationCheckInterval

600

[deprecated] In seconds, from 15 seconds to 1 day; defaults to 10 minutes. How frequently to check disk utilization on the Elasticsearch cluster.

metrics.diskUtilizationThreshold

5

[deprecated] Percentage, 0-100. The minimum space available Elasticsearch disk space that, when reached, will stop metrics from being indexed.

metrics.enableNodeExporter

TRUE

Enabled by default. Set to FALSE to to disable the node_exporter service, for the export of both node system metrics and Swarm metrics.

metrics.nodeExporterFrequency

0

In seconds, from 1 minute to 1 hour; How frequently to refresh Swarm-specific metrics via the node exporter. 0 disables export of this data.

SNMP: metricsExporterFrequency

metrics.period

900

[deprecated] In seconds, from 15 seconds to 1 day; defaults to 15 minutes. How frequently to capture metrics-related statistics.

SNMP: metricsPeriod

metrics.port

9200

[deprecated] The port on the Elasticsearch server where metrics-related statistics are captured.

SNMP: metricsTargetPort

metrics.target

[deprecated] One or more servers in the Elasticsearch cluster (fully qualified domain names or IP addresses) where metrics-related statistics are captured. Use spaces or commas to separate multiple values. To disable statistics collection, leave blank.

SNMP: metricsTargetHost

Examples: es1.yourcompany.com, es2.yourcompany.com, 10.12.14.14

network.dnsDomain

Optional. The domain name(s) that will be searched for host name resolution when using static IP assignment. Ignored unless network.ipAddress is set. Use in conjunction with network.dnsServers.

Examples: http://example.com, hq.example.com, dr.example.com

network.dnsServers

Optional. The servers that will be used for host name resolution when using static IP assignment. Ignored unless network.ipAddress is set. Use in conjunction with network.dnsDomain.

Examples: 8.8.8.8, 1.1.1.1, 8.8.4.4

network.icmpAcceptRedirects

TRUE

Determines if the node accepts routing information from ICMP redirect responses.

network.igmpTimeout

0

In seconds; defaults to 0 (disabled). The IGMP querier timeout, which is the frequency that IGMP queries will be sent on the network.

SNMP: networkIGMPTimeout

network.igmpVersion

2

Range, 1-3. The IGMP (Internet Group Management Protocol) version that the Linux kernel will use for host membership queries.

network.mtu

0

In bytes. Sets the maximum transmission unit (MTU) that Swarm accepts. Set to a higher value to use jumbo frames. Before you change the default value, verify that the node's network interfaces and all other network hardware support the selected MTU; otherwise, the nodes might not be able to replicate objects or communicate. Set to 0 to use value from DHCP or else 1500.

policy.eCEncoding

unspecified anchored

The cluster-wide setting for the EC (erasure coding) encoding policy. Valid values: unspecified, disabled, k:p (a tuple such as 5:2 that specifies the data (k) and parity (p) encoding to use). Add 'anchored' to set this cluster-wide; remove it to allow domains and buckets to have custom encodings.

SNMP: policyECEncoding

Examples: 05:02, 6:3 anchored

policy.eCMinStreamSize

1Mb anchored

In integer units of megabytes (MB) or gigabytes (GB); must be 1MB or greater. The size that triggers an object to be erasure-coded, if specified (by eCEncoding, lifepoint, query arg) and allowed by policy. Below this threshold, objects are replicated unless they are multipart or chunked writes. Add 'anchored' to set this cluster-wide; remove it to allow domains and buckets to have custom values.

SNMP: policyECMinStreamSize

Examples: 100Mb, 1GB anchored

policy.lifecycle

disabled

The cluster-wide setting for bucket lifecycle policies. If enabled, bucket lifecycle policies will be evaluated.

SNMP: policyLifecycle

Examples: disabled, enabled

policy.replicas

min:2 max:16 default:2 anchored

The minimum, maximum, and default number of replicas allowed for objects in this cluster. Can differ from the policy in a replicated target cluster.

SNMP: policyReplicas

Examples: min:2 max:16 default:3, min:3 max:10 default:3

policy.versioning

disallowed

Specifies whether versioning is allowed to be enabled on contexts (domains and buckets) within the cluster. Valid states: disallowed, suspended, allowed. This policy overrides context-level policies. Disallowed removes historical versions, if any. Suspended stops creation of new versions but retains version history.

SNMP: policyVersioning

Examples: allowed, disallowed, suspended

power.savingMode

TRUE

Enables Power Saving mode, which allows the system to go to sleep or power cap. Set to False to disable Power Saving mode.

SNMP: powerSavingMode

power.sleepAfter

7200

In seconds, 60 or greater; defaults to 2 hours. In Power Saving mode, how long a node is inactive before it becomes idle.

SNMP: sleepAfter

power.wakeAfter

28800

In seconds; defaults to 8 hours. In Power Saving mode, how long a node is idle before it becomes active again.

SNMP: wakeAfter

recovery.completedRecoveryExpiration

2592000

In seconds; defaults to 30 days. How long to remember completed recoveries.

SNMP: completedRecoveryExpiration

recovery.suspend

FALSE

Defaults to False, which allows normal volume recovery and recovery behavior. Set to True to disable all recovery behavior. All nodes in the cluster must be set to the same value.

SNMP: volumeRecoverySuspend

recovery.suspendedVolumes

[]

The comma-separated list of 32-character volume IDs of the volumes for which recovery is suspended.

SNMP: castorAddVolumeRecoverySuspend, castorRemoveVolumeRecoverySuspend

Example: ['d315ca82bae4b4a0d24fd90904216554', '2195a057c205bd58e05f5835d4b9f21e']

recovery.volMaintenanceInterval

10800

In seconds; defaults to 3 hours. How long the cluster waits after a node has been rebooted or shut down before considering the node and its volumes missing for recovery and replication purposes. This time does not include the time to mount the volumes. This maintenance window allows administrators to perform regular, scheduled tasks on a node without creating over-replication in the cluster. Node shutdowns or failures that are not initiated by an administrator are considered immediately missing.

SNMP: volMaintenanceInterval

scsp.allowPutCreate

FALSE

When true, PUTs can be used to create new named objects. Conditional headers still apply. With this option enabled, you do not need to add the putcreate query argument.

SNMP: allowPutCreate

scsp.autoContentMD5Computation

FALSE

When true, Swarm computes and stores the Content-MD5 value on every applicable write.

SNMP: autoContentMD5Computation

scsp.autoRecursiveDelete

TRUE

When true, all context deletes (deletes of domains and buckets) are treated as recursive, which prevents orphaned content. With this option enabled, you do not need to add the recursive query argument. To force immediate reclamation of space, use the recursive=now argument.

SNMP: autoRecursiveDelete

scsp.clientPoolTimeout

120

In seconds. How long until pooled SCSP connections expire.

SNMP: scspClientPoolTimeout

scsp.defaultContextReplicas

-1

Defaults to -1, which uses the value of scsp.maxContextReplicas. Sets the default number of replicas for a POST/PUT on a context (domain or bucket) object if the number is not specified by the current lifepoint or the request.

SNMP: scspDefaultContextReplicas

scsp.defaultFeedSendTimeout

30

The timeout on a feed SEND request, if the timeout=true query argument is provided.

scsp.defaultROWAction

immediate

The default Replicate On Write (ROW) action when scsp.replicateOnWrite is enabled. Valid options are 'immediate', 'full', or an integer between 2 and 5 (inclusive).

SNMP: scspDefaultROWAction

scsp.domainHeaders

['X-Forwarded-Host', 'Host']

A comma-separated list of headers that specifies the search order in which to find the host of an SCSP request. RFC 7230 5.4 requires a Host header with every SCSP request to support web servers or server farms that host multiple domains. Your client might use an HTTP proxy that modifies the Host header, but the Swarm domain name matches the original Host header. In that case, an HTTP proxy copies the original Host header into another header, typically X-Forwarded-Host.

Examples: ['X-Forwarded-Host', 'Host', 'X-ProxyForward-Host'], ['Host']

scsp.enableVolumeRedirects

FALSE

Whether to allow redirects to SCSP heads on volume processes, for faster GET requests. For use with Gateway only, and best for sites with smaller objects.

SNMP: enableVolumeRedirects

scsp.falseStartTimeout

240

In seconds, 0 to disable; defaults to 4 minutes. How long to wait to receive the first byte before timing out and disconnecting.

scsp.filterResponseBlacklist

[]

Which headers to remove from HTTP responses. List is comma-separated and case-insensitive. For example: ['Castor-System-Path', 'Castor-System-Owner']

SNMP: filterResponseBlacklist

scsp.filterResponseHeaders

none

Swarm will filter response headers according to the given method. Allowed values: 'none', 'blacklist', 'whitelist'.

SNMP: filterResponseHeaders

scsp.filterResponseWhitelist

[]

Which headers to retain in HTTP responses, removing all others. List is comma-separated and case-insensitive. For example: ['Etag', 'Last-Modified']

SNMP: filterResponseWhitelist

scsp.idleDisconnectTimeout

14400

In seconds, 0 to disable; defaults to 4 hours. How long to wait after receiving the last byte before timing out and disconnecting.

scsp.keepAliveInterval

15

How many seconds to wait before sending successive chunked keep-alive bytes after a 202 Accepted response.

SNMP: keepAliveInterval

scsp.maxContextReplicas

16

Count. Sets the maximum number of replicas in this cluster for a context (domain or bucket) object.

SNMP: maxcontextreplicas

scsp.maxReadTime

10800

SCSP read time limit in seconds; defaults to 3 hours. SCSP GET requests running longer than this value will be prematurely closed.

scsp.maxWriteTime

10800

SCSP write time limit in seconds; defaults to 3 hours. SCSP write requests running longer than this value will be prematurely closed.

SNMP: scspMaxWriteTime

scsp.port

80

Port number; defaults to 80. The port used by client applications to access cluster nodes with HTTP requests. This setting must be the same on all nodes in the same cluster.

SNMP: scspport

scsp.replicateOnWrite

TRUE

Enabled by default. Improves content integrity by requiring a replica to be written in order for the POST, PUT, COPY, or APPEND request to succeed. Set to False to have the health processor manage creation of replicas after the write.

SNMP: autoRepOnWrite

scsp.requireExplicitContextCreate

FALSE

When true, Swarm requires creation of a context (domain or bucket) to include the 'Content-type: application/castorcontext' header. Enable the option to protect against content being erroneously written as context objects, which hurts performance.

SNMP: requireExplicitContextCreate

scsp.validateOnRead

FALSE

Disabled by default. Enable to force Swarm to validate the object's contents before returning successful read responses to client requests. Although validation can be specified on a per-read basis, this setting forces all reads to use validation. During the read from the disk, the content hash is computed. If the hash is wrong, indicating logical disk corruption, the socket will be closed before the last block is transmitted, forcing an error to the client. Note that using this option creates additional CPU load on the node.

SNMP: scspValidateOnRead

search.caseInsensitive

FALSE

Whether metadata fields should support case-insensitive searching. If true, then all custom metadata will be indexed to support only case-insensitive searching.

search.enableCustomMetadataTyping

TRUE

Whether to publish custom metadata typing information to Elasticsearch.

SNMP: enableCustomMetadataTyping

search.enableDelimiterPaths

FALSE

Whether to publish name delimiter path information to Elasticsearch.

SNMP: enableDelimiterPaths

search.numberOfShards

5

The number of shards to use when creating new Elasticsearch search indexes.

SNMP: searchNumberOfShards

search.pathDelimiter

/

Which character to use for parsing directory paths from object names, such as '2018/Q4/snapshot.pdf'. Defaults to forward slash: /

security.administrators

{'admin': 'ourpwdofchoicehere'}

One or more username:password pairs. Sets credentials for who can administer the cluster via the Swarm UI. If the value includes the snmp username, remove it from here and update snmp.rwCommunity with its password.

SNMP: addModifyAdministrator, removeAdministrator

Example:

{'admin': 'adminpassword', 'admin2': 'adminpassword2'}

security.noauth

TRUE

[deprecated] To enable native Swarm authorization, set to False.

security.operators

{}

One or more username:password pairs. Sets credentials for who can view the Swarm UI. If the value includes an snmp username, it is ignored; remove it from here and update snmp.roCommunity with its password.

Example: {'operator': 'operatorpassword', 'operator2': 'operatorpassword2'}

security.secureLogging

FALSE

Enable to prevent logging of the details of a client request. This option results in short, secure log messages.

SNMP: secureLogging

snmp.getnextskips

['35', '36.20', '36.21', '36.22', '36.23', '36.25', '37.11.8', '38', '41', '55', '57', '58', '61', '63', '64', '65', '66', '68', '69']

List of OIDs to be skipped on output. To protect cluster performance, this setting causes the snmpwalk of the entire CASTOR MIB to skip several large, detailed tables in SNMP groups. The default list of OIDs causes a top-level snmpwalk to skip the groups or tables under clusterConfig, responseHistogramTable, hp, clusterdata, indexer, configVariableTable, castorFeeds, feedVolTable, performance, and recoveryTable. You can add or remove OIDs to control which sections of the MIB are returned by an snmpwalk. Enter values as strings in numeric form, relative to the Castor OID, .1.3.6.1.4.1.24659.1.

Example: ['35', '37.11.8', '38', '41', '55', '57', '58', '61', '63', '64', '65', '66', '68', '69']

snmp.roCommunity

public

Password for the SNMP read-only community. If security.operators includes the snmp username, remove it and update the password here.

snmp.rwCommunity

ourpwdofchoicehere

Password for the SNMP read-write community. If security.administrators includes the snmp username, remove it and update the password here.

snmp.timeout

5

In seconds, 1-60. The snmpget, snmpset, and snmpwalk timeout for Swarm and Watchdog.

SNMP: snmpTimeout

startup.certificates

Public certificates to add to cert bundle.

Chassis (Node) Settings

SNMP Name

Default

Description

cache.expirationTime

600

In seconds; defaults to 10 minutes. Set 0 to disable. How long to hold an object after its last access.

cache.maxCacheableSize

1E+06

In bytes, defaulting to 1 MB. The largest object that can be stored in the content cache. If increased to greater than 5 MB, then scsp.readBufferAllowance must be increased to the same value.

cache.percentage

10

Percentage, 0-100; set 0 to disable. How much I/O buffer memory to reserve for the content cache, which improves access to active content by storing it in geographically proximate locations. The reserve is reported when the node starts up: 'MAIN ANNOUNCE: Memory allocation at startup.' For best performance, especially with writing named objects, do not disable the content cache unless directed by Support.

cache.realmStaleTimeout

600

In seconds, 60 or higher. How long before the security user list cache for domains is cleared. Lower this value if user lists update frequently.

chassis.name

The user-defined chassis name.

cip.histogramInterval

0.01

In seconds. The histogram bucket bin size.

cip.queryMinimumTimeout

0

In seconds. The minimum CIP query session time.

cip.queryTimeout

0.03

In seconds. How long after booting that the cluster will initially wait for node replication bids. Once the cluster is running, bid wait times are calculated dynamically based on response times. For clusters with network latency, the initial wait time may need to be increased until the cluster can correctly calibrate.

cip.readBufferSize

1E+06

In bytes. The size of the multicast UDP socket read buffer. This value is capped the Linux /proc/sys/net/core/rmem_max value, which may be set via sysctl.coreRMemMax.

disk.defragBufferBytes

0

Size in bytes of the per-disk buffer allocated for bulk defragmentation operations. Disable bulk mode by setting to 0.

disk.defragUntilPercentage

0.8

Ratio, 0.0-1.0. The portion of known unused space that, when untrapped, will stop the disk defrag process.

disk.enableMultipath

FALSE

[deprecated] Whether to enable support for Device Mapper Multipathing (DM-Multipath). Multipath support was dropped in Swarm 10.0.

disk.encryptNewVolumes

FALSE

Whether to encrypt new Swarm volumes. Enabling encryptNewVolumes means that any newly-formatted Swarm volume will be encrypted

disk.encryptionCipher

aes-xts-plain64

The encryption cipher to be used when setting encryption for new Swarm volumes. Supported values are aes-xts-plain64 and aes-cbc-essiv

disk.encryptionHash

sha512

The encryption hash algorithm to be used when setting encryption for new Swarm volumes. Supported values are sha256 and sha512.

disk.encryptionIterationTime

5000

In seconds. The maximum amount of time to be spent while iterating to generate an internal LUKS key from a Swarm encryption key, which will be used when setting encryption for new Swarm volumes.

disk.encryptionKeyPrimary

The mnemonic name of the encryption key to use for encrypting new Swarm volumes. Do not use quotes. For this key to be used, disk.encryptNewVolumes must be set to True.

Example: cluster_key_5_15_2016

disk.encryptionKeySize

512

The size of the internal LUKS key to be used when setting encryption for new Swarm volumes. Supported values are 128, 256, and 512.

disk.encryptionKeys

{}

A comma-separated list of mnemonic name and encryption key pairs, used for accessing encrypted Swarm volumes.

Example: {'cluster_key_5_15_2016': 'a24f8ec391ab3341', 'cluster_key_5_12_2015': 'de3498245ce8bf89'}

disk.encryptionType

luks

The encrypted volume format type used when formatting new volumes. Supported values are: 'luks', 'luks1', 'luks2'.

disk.ioErrorToRetire

2

Count. How many consecutive I/O errors (no more than disk.ioErrorWindow seconds between each error) that will force a volume to retire.

disk.ioErrorTolerance

200

Count. How many I/O errors are tolerated, past which the volume is taken offline immediately. Swarm then marks the volume as Unavailable and initiates both the volume recovery process (FVR) and the erasure coding recovery process (ECR) to relocate all the volume's objects.

disk.ioErrorWindow

172800

In seconds; defaults to 2 days. The length of time after which an I/O error is forgotten, if no other errors followed and the volume's state is OK. Works with disk.ioErrorToRetire to control when volumes are retired. The default values means that if more than one error occurs within 2 days, the volume is retired.

disk.minGB

64

How many GB a device must have to be eligible for automatic storage volume assignment with volumes = all. Set to 0 to include all disk devices.

disk.smudgesToRetire

4

How many soft errors (smudges) over the life of a volume will trigger Swarm to retire the volume. A soft error occurs when the health processor does not get the expected data when validating the object but the disk gave no explicit I/O (hard) error. Set to 0 to disable the automatic retire.

disk.standbyTimeout

360

In seconds. How long until an idle disk spins down automatically.

disk.trappedToTotalPercentage

0.0001

Ratio, 0.0-0.01. The portion, of trapped space to total space, below which, will stop the defrag process (0.0 for no limit).

disk.volumes

Required. Specifies the volume storage devices for Swarm to use. Valid entries: all, or a space-separated list of Linux volume identifiers, such as /dev/sda, /dev/sdb. all (recommended) is required for hot plugging and lets Swarm to use all volumes larger than disk.minGB. If a node is shut down longer than disk.obsoleteTimeout, all of its volumes are stale and cannot be used unless you force a volume remount by adding the :k (keep) policy option modifier. To specify the size, add a modifier with units: vols1:100m vols2:250g.

SNMP: vols

Examples: all, /dev/sda /dev/sdb

ec.inProgressConsolidationTimeout

86400

Time in seconds, 0 to disable. An 'in progress' multipart PATCH complete cannot be consolidated before this timeout.

feeds.maxMem

100000

In bytes. The maximum memory allowed per feed, for queue management.

health.startDelay

900

In seconds; defaults to 900 seconds (15 minutes). How long after a node starts up to begin Health Processor checking and recovery processes. This option creates a grace period for the remaining nodes to stabilize in the cluster, which is useful in situations in which an entire cluster must be shut down and restarted.

SNMP: hpStartDelay

license.url

<Swarm default 2T license>

The location and name of the Swarm license file, caringo/license.txt. Can be a pathname or a URL. To use the default 2 TB license, you must keep the default location.

Example: http://10.10.15.32/config/swarm-license.txt

mdns.readBufferSize

1E+06

In bytes. The size of the read buffer for the multicast UDP socket.

network.gateway

Optional. The default gateway IP address in the subnet. Ignored unless network.ipAddress is set.

SNMP: gateway

Example: 10.10.12.253

network.ipAddress

The single static IP address for a node to use, or blank to use DHCP.

SNMP: ipaddress

Example: 10.10.12.1

network.iptablesFileUrl

Optional. Location (URL) of Linux firewall rules to apply. When specified, Swarm transmits the rules without validation to the 'iptables-restore' command before starting the storage node processes.

Example: http://10.10.15.32/config/swarm-iptables

network.netmask

Optional. Sets the IP network mask for a node. Ignored unless network.ipAddress is set.

SNMP: netmask

Examples: 255.255.255.0, 255.255.0.0

network.timeSource

Recommended. List of one or more NTP servers by IP address or by name if network.dnsServers is set. You must have at least one usable NTP server in order for the storage node to start. If you don't assign a value here, a list from *.pool.ntp.org will be generated.

SNMP: timeSource

Examples: 10.20.30.55, 10.20.30.65, http://0.be.pool.ntp.org, 1.be.pool.ntp.org

node.archiveMode

FALSE

Disabled by default, which is the normal operating state. Set to TRUE to change the node to archive mode, where it remains idle in low-power mode without participating in cluster activity until its capacity is needed. This setting is useful for proactively provisioning new nodes into the cluster before they are needed.

SNMP: archiveMode

node.subcluster

default

Specifies the name of the subcluster to which the chassis belongs. Names can have no more than 16 characters and no special characters, such as quotes and hyphens.

SNMP: subcluster

Example: subcluster1

shutdown.gracePeriod

120

In seconds; defaults to 2 minutes. How long to allow ongoing SCSP requests to complete during shutdown.

snmp.enabled

TRUE

Master switch to enable or disable the SNMP daemon

snmp.sysContact

Unspecified

The value for the SNMP system contact, SNMPv2-MIB::sysContact. Must be a valid email address in 7-bit USASCII in one of these forms: Name <email@domain> First Last <email@domain>

Example: admin@yourcompany.com

snmp.sysLocation

Unspecified

The value for the SNMP system location, SNMPv2-MIB::sysLocation.

Example: rack3

snmp.sysName

Unspecified

The value for the SNMP system name, SNMPv2-MIB::sysName.

Example: Joe Administrator

Policy Header Values

Domain objects support a Policy-Lifecycle header that controls the behavior of lifecycle policies for buckets in the domain. The header supports either of the following values:

  • <unspecified> – The lack of a defined policy header means that lifecycle policies are only enabled for buckets in the domain when the policy.lifecycle setting is enabled. This means that setting the policy at the domain level is optional.

  • enabled – The lifecycle policies are enabled for buckets in a domain when the policy.lifecycle cluster setting is enabled.

  • disabled – The lifecycle policies are disabled for buckets in a domain regardless of policy.lifecycle setting.

Lifecycle policy does not apply to unnamed content within a domain. Only named objects within buckets will have lifecycle policy applied to them.

Bucket objects support a Policy-Lifecycle header with multiple values.

  • Each header value encodes one lifecycle policy rule.

  • Each lifecycle rule is comprised of a number of optional attributes, expressed as <name>:<value> pairs separated by space. Extra spaces are allowed at the beginning, end, and before & after the colon.

Important

  • Duplicate names are not allowed across lifecycle rules for a bucket.

  • Unsupported names or values result in an 400 error on the bucket (or domain) write. The 400 response will indicate the source of the problem.

Supported Rule Attributes

Attribute

Value

Definition

RuleId

<unique rule id>

A required, user-defined id of the rule. The value must be contained within quotes. Values within the quotes must be URL-encoded.

Enabled

<true|false>

An optional indication to confirm whether the rule is enabled or not. The absence of this attribute indicates the rule enabled.

NamePrefix

<prefix>

An optional prefix to be matched against the relative name of the object in question.

  • The value must be quoted.

  • Never use slash as a first character for the prefix.

  • If the prefix is matched with the object name, then the rule is applied to the object.

  • The absence of this prefix indicates the rule is applied to all objects in the bucket.

  • The quoted value must be URL encoded.

ExpirationDays

<nonnegative integer>

The current version of an object is expired after the defined number of days.

ExpirationDate

<ISO 8601 date>

The current version of an object is expired after the defined date (midnight UTC time).

ObsoleteExpirationDays

<nonnegative integer>

A non-current version of an object is expired after the defined number of days when the object becomes non-current.

This rule impacts nothing if the versioning is not enabled on the bucket.

ObsoleteExpirationDate

<ISO 8601 date>

A non-current version of the object is expired after the defined date (midnight UTC time).

This rule impacts nothing if the versioning is not enabled on the bucket.

Rules with Attributes

Every rule:

  • Must have one or multiple expiration attributes.

  • ExpirationDays and ExpirationDate attributes are mutually-exclusive.

  • ObsoleteExpirationDays and ObsoleteExprirationDate attributes are mutually-exclusive.

Expiration Time Rule

  • For expiration days,
    Expiration time = Creation time of the current version + Number of days indicated + Rounded up to the next midnight UTC

  • For obsolete expiration days,
    Expiration time = Create time of the next newest object version + Number of days indicated + Rounded up to the next midnight UTC

  • ISO 8601 dates must unambiguously specify a calendar date. The (unspecified) expiration time is always midnight UTC of that date, so any timezone specification is not allowed.

  • Expiration of a current version of an object (i.e. non-delete marker in the versioning enabled bucket) means creating a delete marker, pushing the current version down the versioning stack.

  • In all other cases, the object or object version is permanently deleted.

The gateway supports SCSP reads & writes of domain and bucket headers with lifecycle policies specified. Gateway S3 interface is modified to support GET, PUT, DELETE, and related permissions for bucket lifecycle policies as specified in the S3 documentation. Gateway validates policies against the S3 specification. On PUT or DELETE permission, the gateway translates the client-supplied bucket policy specifications into the appropriate Swarm bucket headers. Bucket lifecycle policy features provided via S3 that Swarm does not support (such as storage class transitions) are dropped during this translation. On the bucket lifecycle policy GET reply, Gateway performs reverse translation for any Policy-Lifecycle headers on the bucket object into an S3-compatible format.

Swarm Content Portal provides a convenient method of managing policies. This information is provided for completeness.

Since lifecycle policies are part of the overall context-level policy framework, GET and HEAD requests on contexts and name objects (with the verbose query argument) return Policy-Lifecycle-Evaluated and Policy-Lifecycle-Evaluated-Constrained headers. They describe if the lifecycle policies are enforced at the various levels such as cluster, domain, and bucket.

  • No labels