ceph/doc/radosgw/frontends.rst

   1 .. _rgw_frontends:
   2
   3 ==============
   4 HTTP Frontends
   5 ==============
   6
   7 .. contents::
   8
   9 The Ceph Object Gateway supports two embedded HTTP frontend libraries
  10 that can be configured with ``rgw_frontends``. See `Config Reference`_
  11 for details about the syntax.
  12
  13 Beast
  14 =====
  15
  16 .. versionadded:: Mimic
  17
  18 The ``beast`` frontend uses the Boost.Beast library for HTTP parsing
  19 and the Boost.Asio library for asynchronous network i/o.
  20
  21 Options
  22 -------
  23
  24 ``port`` and ``ssl_port``
  25
  26 :Description: Sets the ipv4 & ipv6 listening port number. Can be specified multiple
  27               times as in ``port=80 port=8000``.
  28 :Type: Integer
  29 :Default: ``80``
  30
  31
  32 ``endpoint`` and ``ssl_endpoint``
  33
  34 :Description: Sets the listening address in the form ``address[:port]``, where
  35               the address is an IPv4 address string in dotted decimal form, or
  36               an IPv6 address in hexadecimal notation surrounded by square
  37               brackets. Specifying a IPv6 endpoint would listen to v6 only. The
  38               optional port defaults to 80 for ``endpoint`` and 443 for
  39               ``ssl_endpoint``. Can be specified multiple times as in
  40               ``endpoint=[::1] endpoint=192.168.0.100:8000``.
  41
  42 :Type: Integer
  43 :Default: None
  44
  45
  46 ``ssl_certificate``
  47
  48 :Description: Path to the SSL certificate file used for SSL-enabled endpoints.
  49               If path is prefixed with ``config://``, the certificate will be
  50               pulled from the ceph monitor ``config-key`` database.
  51
  52 :Type: String
  53 :Default: None
  54
  55
  56 ``ssl_private_key``
  57
  58 :Description: Optional path to the private key file used for SSL-enabled
  59               endpoints. If one is not given, the ``ssl_certificate`` file
  60               is used as the private key.
  61               If path is prefixed with ``config://``, the certificate will be
  62               pulled from the ceph monitor ``config-key`` database.
  63
  64 :Type: String
  65 :Default: None
  66
  67 ``ssl_options``
  68
  69 :Description: Optional colon separated list of ssl context options:
  70
  71               ``default_workarounds`` Implement various bug workarounds.
  72
  73               ``no_compression`` Disable compression.
  74
  75               ``no_sslv2`` Disable SSL v2.
  76
  77               ``no_sslv3`` Disable SSL v3.
  78
  79               ``no_tlsv1`` Disable TLS v1.
  80
  81               ``no_tlsv1_1`` Disable TLS v1.1.
  82
  83               ``no_tlsv1_2`` Disable TLS v1.2.
  84
  85               ``single_dh_use`` Always create a new key when using tmp_dh parameters.
  86
  87 :Type: String
  88 :Default: ``no_sslv2:no_sslv3:no_tlsv1:no_tlsv1_1``
  89
  90 ``ssl_ciphers``
  91
  92 :Description: Optional list of one or more cipher strings separated by colons.
  93               The format of the string is described in openssl's ciphers(1)
  94               manual.
  95
  96 :Type: String
  97 :Default: None
  98
  99 ``tcp_nodelay``
 100
 101 :Description: If set the socket option will disable Nagle's algorithm on
 102               the connection which means that packets will be sent as soon
 103               as possible instead of waiting for a full buffer or timeout to occur.
 104
 105               ``1`` Disable Nagel's algorithm for all sockets.
 106
 107               ``0`` Keep the default: Nagel's algorithm enabled.
 108
 109 :Type: Integer (0 or 1)
 110 :Default: 0
 111
 112 ``max_connection_backlog``
 113
 114 :Description: Optional value to define the maximum size for the queue of
 115               connections waiting to be accepted. If not configured, the value
 116               from ``boost::asio::socket_base::max_connections`` will be used.
 117
 118 :Type: Integer
 119 :Default: None
 120
 121 ``request_timeout_ms``
 122
 123 :Description: The amount of time in milliseconds that Beast will wait
 124               for more incoming data or outgoing data before giving up.
 125               Setting this value to 0 will disable timeout.
 126
 127 :Type: Integer
 128 :Default: ``65000``
 129
 130 ``max_header_size``
 131
 132 :Description: The maximum number of header bytes available for a single request.
 133
 134 :Type: Integer
 135 :Default: ``16384``
 136 :Maximum: ``65536``
 137
 138
 139 Generic Options
 140 ===============
 141
 142 Some frontend options are generic and supported by all frontends:
 143
 144 ``prefix``
 145
 146 :Description: A prefix string that is inserted into the URI of all
 147               requests. For example, a swift-only frontend could supply
 148               a uri prefix of ``/swift``.
 149
 150 :Type: String
 151 :Default: None
 152
 153
 154 .. _Config Reference: ../config-ref