- When the cluster is registered but either license or api-key
are available in the config, and when `--airgap` is not passed
to the command, try to automatically fetch and store the other
both.
- Add `--api-key` flag to `mc support diag`
- Use header-based auth with subnet
- Introduce a common function to initialize/check connectivity with subnet
- Make the health report upload function generic so that it can be used
by other commands like profile in future
- Add a global variable for airgapped mode
- Add more examples to `mc license register`
When the account api key is passed to `mc license register` via the
`--api-key` flag and after the registration is successful, save it to
minio config, so that it can be used automatically in subsequent calls.
Also stop extracting and storing api key from the response of SUBNET
register api.
Instead of asking the user to
- open the subnet register page
- paste the registered token
- copy the generated license token
- paste it back on mc
Now we will simply ask the user to visit a subnet URL (which contains
the registration token as a query parameter). On visiting this page,
subnet will automatically register the cluster and generate a license
for it.
User can then optionally update the license on mc using
the `mc license update` command
Currently we only extract the `api_key` from SUBNET's registration api
response and store it in the minio subnet config. The response contains
license also, and it can be useful in getting information about the
subscription. So this PR enhances the register command to extract and
store the license also.
- Remove the get/set options under `callhome`
- Move logs settings to a separate command (`mc support logs`)
- Provide toggle options (`enable, disable, status`) for both the
commands
In case of logs (`mc support logs enable|disable|status`),
`enable` configures minio to push logs to SUBNET in real-time by
configuring the webhook `logger_webhook:subnet`
`disable` disables the webhook
`status` displays whether it is enabled or disabled
In the case of call home (`mc support callhome enable|disable|status`),
`enable` configures minio to automatically push callhome info to SUBNET
every 24hrs by setting the config `callhome enable=on`
`disable` disables callhome by setting `enable=off`
`status` displays whether it is enabled or disabled
Change the success message on cluster registration to `{alias}
registered successfully`.
When the `mc support register` command is run for an already registered
cluster, show the message `{alias} updated successfully` to indicate
that updated information about the cluster was sent to SUBNET.
When there is no SUBNET webhook configured in the cluster (which is the
default state), the `mc support callhome get` command fails as it tries
to fetch the `logger_webhook:subnet` setting which doesn't exist.
Fixed by ignoring the specific error that says the sub-system target
doesn't exist, and printing `logs=off` in such cases.
Earlier the `support diag` command used to work even when the cluster
was not registered with SUBNET. In such cases, it used to pass the value
of `--name` flag as the cluster name to be set on SUBNET.
Now it errors out if the cluster is not registered. i.e. It expects the
cluster to be already registered with SUBNET, which means it already has
a name. Hence the `--name` flag is meaningless.
Removing the code that used this flag, and marking it as hidden and
deprecated.
* Add `mc support callhome get` command
Will print all the callhome settings (currently just `logs=on|off`)
* Rename retrieveCallhomeSetting to printCallhomeSetting
As it doesn't need to return anything, and only prints the setting.
minio now supports storing the proxy to be used for connecting to subnet
in the `subnet proxy` config. So mc can use it if available when
communicating with subnet during cluster registration or diagnostics
upload.
The earlier approach of using a license token for communicating with
SUBNET is being replaced with a simpler mechanism of API keys. Unlike
the license which is a JWT token, these API keys will be simple UUID
tokens, and don't have any embedded information in them. SUBNET would
generate the API key on cluster registration, and return in the API
response. mc then stores it in the `subnet api_key` config of minio,
to be used for subsequent communication with SUBNET.
In case the api_key is not available in the config, but the cluster's
license is available, it will be used as auth in the subnet API call,
and api_key will be set after the call succeeds. This will help in
smooth migration from older versions of MinIO.
- reach subnet, upon failure provide `--airgap` command line
to allow them to upload report manually.
- use a proper httpClient when reaching out to subnet
with a 10sec timeout, and also support custom proxies
with self signed certs.
- also fix some error messages and cleanup help with correct
wording and grammar.
Subnet doesn't return `ContentLength` in it's api response, and hence
using it as the limit with `LimitReader` doesn't work. Fixed by using a
sufficiently large (1 MiB) limit.
By default, it will run in `online` mode and try to register the cluster
on subnet. If the subnet license is not available in minio/mc config, it
will
- ask the user for login credentials
- use the credentials for authentication and call the registration api
- get the license from response of the api and store it in config
- use the stored license for any subsequent calls
In case the user belongs to multiple organizations in subnet, they will
be prompted to choose the appropriate organization from the list.
If the client machine is in an airgapped environment, user can choose to
use the `--offline` flag when running the command. In this case, it will
- generate and print the registration token
- ask the user to paste it in the subnet registration screen
- accept the license generated by subnet and store it in config
As part of this work, the `health` sub-command is also enhanced to:
- run in `online` mode by default, which tries to upload the health
report to subnet. Here the user will be prompted for subnet credentials
(if license not available in config) _before_ generating the health
report as it is a long running process.
- support a new flag `--offline` which can be used when subnet is not
reachable. When used, the health report will be generated in a local
json.gz file, which can then be uploaded on subnet.
The examples in help text of both the sub-commands are enhanced to list
multiple use cases.
When saving license to config, first preference is given to minio
config. If the minio server supports the `subnet license` key, the
license will be stored here. In case it is an older version of minio
that doesn't support this key, then the license will be stored in mc
host config.
