address review comments and fix merge result

grafana · Nov 15, 2024 · 747401d · 747401d
1 parent 99a0cf3
commit 747401d
Show file tree

Hide file tree

Showing 7 changed files with 77 additions and 67 deletions.
diff --git a/docs/sources/shared/configuration.md b/docs/sources/shared/configuration.md
@@ -5846,6 +5846,18 @@ The `swift_storage_config` block configures the connection to OpenStack Object S
 # CLI flag: -<prefix>.swift.internal
 [internal: <boolean> | default = false]
 
+# OpenStack Swift application credential id
+# CLI flag: -<prefix>.swift.application-credential-id
+[application_credential_id: <string> | default = ""]
+
+# OpenStack Swift application credential name
+# CLI flag: -<prefix>.swift.application-credential-name
+[application_credential_name: <string> | default = ""]
+
+# OpenStack Swift application credential secret
+# CLI flag: -<prefix>.swift.application-credential-secret
+[application_credential_secret: <string> | default = ""]
+
 # OpenStack Swift authentication API version. 0 to autodetect.
 # CLI flag: -<prefix>.swift.auth-version
 [auth_version: <int> | default = 0]
@@ -5922,11 +5934,62 @@ The `swift_storage_config` block configures the connection to OpenStack Object S
 # CLI flag: -<prefix>.swift.request-timeout
 [request_timeout: <duration> | default = 5s]
 
-http_config:
+http:
+  # The time an idle connection will remain idle before closing.
+  # CLI flag: -<prefix>.swift.idle-conn-timeout
+  [idle_conn_timeout: <duration> | default = 1m30s]
+
+  # The amount of time the client will wait for a servers response headers.
+  # CLI flag: -<prefix>.swift.response-header-timeout
+  [response_header_timeout: <duration> | default = 2m]
+
+  # If the client connects via HTTPS and this option is enabled, the client will
+  # accept any certificate and hostname.
+  # CLI flag: -<prefix>.swift.insecure-skip-verify
+  [insecure_skip_verify: <boolean> | default = false]
+
+  # Maximum time to wait for a TLS handshake. 0 means no limit.
+  # CLI flag: -<prefix>.swift.tls-handshake-timeout
+  [tls_handshake_timeout: <duration> | default = 10s]
+
+  # The time to wait for a server's first response headers after fully writing
+  # the request headers if the request has an Expect header. 0 to send the
+  # request body immediately.
+  # CLI flag: -<prefix>.swift.expect-continue-timeout
+  [expect_continue_timeout: <duration> | default = 1s]
+
+  # Maximum number of idle (keep-alive) connections across all hosts. 0 means no
+  # limit.
+  # CLI flag: -<prefix>.swift.max-idle-connections
+  [max_idle_connections: <int> | default = 100]
+
+  # Maximum number of idle (keep-alive) connections to keep per-host. If 0, a
+  # built-in default value is used.
+  # CLI flag: -<prefix>.swift.max-idle-connections-per-host
+  [max_idle_connections_per_host: <int> | default = 100]
+
+  # Maximum number of connections per host. 0 means no limit.
+  # CLI flag: -<prefix>.swift.max-connections-per-host
+  [max_connections_per_host: <int> | default = 0]
+
   # Path to the CA certificates to validate server certificate against. If not
   # set, the host's root CA certificates are used.
   # CLI flag: -<prefix>.swift.http.tls-ca-path
   [tls_ca_path: <string> | default = ""]
+
+  # Path to the client certificate, which will be used for authenticating with
+  # the server. Also requires the key path to be configured.
+  # CLI flag: -<prefix>.swift.http.tls-cert-path
+  [tls_cert_path: <string> | default = ""]
+
+  # Path to the key for the client certificate. Also requires the client
+  # certificate to be configured.
+  # CLI flag: -<prefix>.swift.http.tls-key-path
+  [tls_key_path: <string> | default = ""]
+
+  # Override the expected name on the server certificate.
+  # CLI flag: -<prefix>.swift.http.tls-server-name
+  [tls_server_name: <string> | default = ""]
 ```
 
 ### table_manager

diff --git a/pkg/storage/bucket/client.go b/pkg/storage/bucket/client.go
@@ -156,7 +156,7 @@ func (cfg *Config) configureTransport(backend string, rt http.RoundTripper) erro
 	case Azure:
 		cfg.Azure.Transport = rt
 	case Swift:
-		cfg.Swift.Transport = rt
+		cfg.Swift.HTTP.Transport = rt
 	case Filesystem:
 		// do nothing
 	default:

diff --git a/pkg/storage/bucket/http/config.go b/pkg/storage/bucket/http/config.go
@@ -6,21 +6,17 @@ import (
 	"time"
 )
 
-// NOTE some of the fields are hidden in the documentation due to this struct
-// being by the old Swift storage backend. The hidden fields can be unhidden
-// when we deprecate the old clients.
-
 // Config stores the http.Client configuration for the storage clients.
 type Config struct {
-	IdleConnTimeout       time.Duration `yaml:"idle_conn_timeout" doc:"hidden"`
-	ResponseHeaderTimeout time.Duration `yaml:"response_header_timeout" doc:"hidden"`
-	InsecureSkipVerify    bool          `yaml:"insecure_skip_verify" doc:"hidden"`
+	IdleConnTimeout       time.Duration `yaml:"idle_conn_timeout"`
+	ResponseHeaderTimeout time.Duration `yaml:"response_header_timeout"`
+	InsecureSkipVerify    bool          `yaml:"insecure_skip_verify"`
 
-	TLSHandshakeTimeout   time.Duration `yaml:"tls_handshake_timeout" doc:"hidden"`
-	ExpectContinueTimeout time.Duration `yaml:"expect_continue_timeout" doc:"hidden"`
-	MaxIdleConns          int           `yaml:"max_idle_connections" doc:"hidden"`
-	MaxIdleConnsPerHost   int           `yaml:"max_idle_connections_per_host" doc:"hidden"`
-	MaxConnsPerHost       int           `yaml:"max_connections_per_host" doc:"hidden"`
+	TLSHandshakeTimeout   time.Duration `yaml:"tls_handshake_timeout"`
+	ExpectContinueTimeout time.Duration `yaml:"expect_continue_timeout"`
+	MaxIdleConns          int           `yaml:"max_idle_connections"`
+	MaxIdleConnsPerHost   int           `yaml:"max_idle_connections_per_host"`
+	MaxConnsPerHost       int           `yaml:"max_connections_per_host"`
 
 	// Allow upstream callers to inject a round tripper
 	Transport http.RoundTripper `yaml:"-"`
@@ -31,9 +27,9 @@ type Config struct {
 // TLSConfig configures the options for TLS connections.
 type TLSConfig struct {
 	CAPath     string `yaml:"tls_ca_path" category:"advanced"`
-	CertPath   string `yaml:"tls_cert_path" category:"advanced" doc:"hidden"`
-	KeyPath    string `yaml:"tls_key_path" category:"advanced" doc:"hidden"`
-	ServerName string `yaml:"tls_server_name" category:"advanced" doc:"hidden"`
+	CertPath   string `yaml:"tls_cert_path" category:"advanced"`
+	KeyPath    string `yaml:"tls_key_path" category:"advanced"`
+	ServerName string `yaml:"tls_server_name" category:"advanced"`
 }
 
 // RegisterFlags registers the flags for the storage HTTP client.

diff --git a/pkg/storage/bucket/s3/config.go b/pkg/storage/bucket/s3/config.go
@@ -73,7 +73,7 @@ type Config struct {
 	MaxRetries           int                 `yaml:"max_retries"`
 
 	SSE         SSEConfig   `yaml:"sse"`
-	HTTP        http.Config `yaml:"http_config"`
+	HTTP        http.Config `yaml:"http"`
 	TraceConfig TraceConfig `yaml:"trace"`
 }
 

diff --git a/pkg/storage/bucket/swift/bucket_client.go b/pkg/storage/bucket/swift/bucket_client.go
@@ -53,9 +53,7 @@ func NewBucketClient(cfg Config, _ string, logger log.Logger) (objstore.Bucket,
 		// Hard-coded defaults.
 		ChunkSize:              swift.DefaultConfig.ChunkSize,
 		UseDynamicLargeObjects: false,
-		HTTPConfig:             exthttp.DefaultHTTPConfig,
 	}
-	bucketConfig.HTTPConfig.Transport = cfg.Transport
 
 	return swift.NewContainerFromConfig(logger, &bucketConfig, false, nil)
 }
diff --git a/pkg/storage/chunk/client/openstack/swift_thanos_object_client.go b/pkg/storage/chunk/client/openstack/swift_thanos_object_client.go
diff --git a/pkg/storage/factory.go b/pkg/storage/factory.go
@@ -714,9 +714,6 @@ func internalNewObjectClient(storeName, component string, cfg Config, clientMetr
 			}
 			swiftCfg = (openstack.SwiftConfig)(nsCfg)
 		}
-		if cfg.UseThanosObjstore {
-			return openstack.NewSwiftThanosObjectClient(context.Background(), cfg.ObjectStore, component, util_log.Logger, cfg.Hedging)
-		}
 		return openstack.NewSwiftObjectClient(swiftCfg, cfg.Hedging)
 
 	case types.StorageTypeFileSystem: