diff options
Diffstat (limited to 'weed/command/master.go')
| -rw-r--r-- | weed/command/master.go | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/weed/command/master.go b/weed/command/master.go index bd2267b9e..5b45c9627 100644 --- a/weed/command/master.go +++ b/weed/command/master.go @@ -1,6 +1,8 @@ package command import ( + "github.com/chrislusf/seaweedfs/weed/security" + "github.com/spf13/viper" "net/http" "os" "runtime" @@ -23,8 +25,11 @@ func init() { var cmdMaster = &Command{ UsageLine: "master -port=9333", Short: "start a master server", - Long: `start a master server to provide volume=>location mapping service - and sequence number of file ids + Long: `start a master server to provide volume=>location mapping service and sequence number of file ids + + The configuration file "security.toml" is read from ".", "$HOME/.seaweedfs/", or "/etc/seaweedfs/", in that order. + + The example security.toml configuration file can be generated by "weed scaffold -config=security" `, } @@ -44,7 +49,6 @@ var ( mMaxCpu = cmdMaster.Flag.Int("maxCpu", 0, "maximum number of CPUs. 0 means all available CPUs") garbageThreshold = cmdMaster.Flag.Float64("garbageThreshold", 0.3, "threshold to vacuum and reclaim spaces") masterWhiteListOption = cmdMaster.Flag.String("whiteList", "", "comma separated Ip addresses having write permission. No limit if empty.") - masterSecureKey = cmdMaster.Flag.String("secure.secret", "", "secret to encrypt Json Web Token(JWT)") masterCpuProfile = cmdMaster.Flag.String("cpuprofile", "", "cpu profile output file") masterMemProfile = cmdMaster.Flag.String("memprofile", "", "memory profile output file") @@ -52,6 +56,9 @@ var ( ) func runMaster(cmd *Command, args []string) bool { + + weed_server.LoadConfiguration("security", false) + if *mMaxCpu < 1 { *mMaxCpu = runtime.NumCPU() } @@ -72,7 +79,7 @@ func runMaster(cmd *Command, args []string) bool { ms := weed_server.NewMasterServer(r, *mport, *metaFolder, *volumeSizeLimitMB, *volumePreallocate, *mpulse, *defaultReplicaPlacement, *garbageThreshold, - masterWhiteList, *masterSecureKey, + masterWhiteList, ) listeningAddress := *masterBindIp + ":" + strconv.Itoa(*mport) @@ -102,7 +109,7 @@ func runMaster(cmd *Command, args []string) bool { glog.Fatalf("master failed to listen on grpc port %d: %v", grpcPort, err) } // Create your protocol servers. - grpcS := util.NewGrpcServer() + grpcS := util.NewGrpcServer(security.LoadServerTLS(viper.Sub("grpc"), "master")) master_pb.RegisterSeaweedServer(grpcS, ms) reflection.Register(grpcS) |