Google Git
Sign in
apache / james-site / a92fa6ef34b4ad4bdd3caff9c602c28281ff6677 / . / content / server / config-blobstore.html
blob: 30c114d714accd4b595197c1ace1c5f75a3ec1c9 [file] [log] [blame]
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Generated by Apache Maven Doxia at 2021-11-12 -->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Apache James Project &#x2013; Apache James Server 3 - Blob Configuration</title>
<style type="text/css" media="all">
@import url("../css/james.css");
@import url("../css/maven-base.css");
@import url("../css/maven-theme.css");
@import url("../css/site.css");
@import url("../js/jquery/css/custom-theme/jquery-ui-1.8.5.custom.css");
@import url("../js/jquery/css/print.css");
@import url("../js/fancybox/jquery.fancybox-1.3.4.css");
</style>
<script type="text/javascript" src="../js/jquery/js/jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="../js/jquery/js/jquery-ui-1.8.5.custom.min.js"></script>
<script type="text/javascript" src="../js/fancybox/jquery.fancybox-1.3.4.js"></script>
<link rel="stylesheet" href="../css/print.css" type="text/css" media="print" />
<meta name="Date-Revision-yyyymmdd" content="20211112" />
<meta http-equiv="Content-Language" content="en" />
<!-- Google Analytics -->
<script type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-1384591-1']);
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script').item(0); s.parentNode.insertBefore(ga, s);
})();
</script>
</head>
<body class="composite">
<div id="banner">
<a href="../index.html" id="bannerLeft" title="james-logo.png">
<img src="../images/logos/james-logo.png" alt="James Project" />
</a>
<a href="https://www.apache.org/index.html" id="bannerRight">
<img src="images/logos/asf_logo_small.png" alt="The Apache Software Foundation" />
</a>
<div class="clear">
<hr/>
</div>
</div>
<div id="breadcrumbs">
<div class="xleft">
<span id="publishDate">Last Published: 2021-11-12</span>
</div>
<div class="xright"> <a href="../index.html" title="Home">Home</a>
|
<a href="../documentation.html" title="James">James</a>
|
<a href="../mime4j/index.html" title="Mime4J">Mime4J</a>
|
<a href="../jsieve/index.html" title="jSieve">jSieve</a>
|
<a href="../jspf/index.html" title="jSPF">jSPF</a>
|
<a href="../jdkim/index.html" title="jDKIM">jDKIM</a>
</div>
<div class="clear">
<hr/>
</div>
</div>
<div id="leftColumn">
<div id="navcolumn">
<h5>James components</h5>
<ul>
<li class="collapsed">
<a href="../documentation.html" title="About James">About James</a>
</li>
<li class="expanded">
<a href="../server/index.html" title="Server">Server</a>
<ul>
<li class="none">
<a href="../server/advantages.html" title="Advantages">Advantages</a>
</li>
<li class="none">
<a href="../server/objectives.html" title="Objectives">Objectives</a>
</li>
<li class="expanded">
<a href="../server/quick-start.html" title="User Manual">User Manual</a>
<ul>
<li class="collapsed">
<a href="../server/features.html" title="1. Features">1. Features</a>
</li>
<li class="none">
<a href="../server/packaging.html" title="2. Packaging">2. Packaging</a>
</li>
<li class="collapsed">
<a href="../server/install.html" title="3. Install James">3. Install James</a>
</li>
<li class="expanded">
<a href="../server/config.html" title="4. Configure James">4. Configure James</a>
<ul>
<li class="none">
<a href="../server/config-listeners.html" title="Additional mailbox listeners">Additional mailbox listeners</a>
</li>
<li class="none">
<a href="../server/config-antispam.html" title="Anti Spam">Anti Spam</a>
</li>
<li class="none">
<a href="../server/config-blob-export.html" title="Blob Export">Blob Export</a>
</li>
<li class="none">
<strong>BlobStore</strong>
</li>
<li class="none">
<a href="../server/config-cassandra.html" title="Cassandra">Cassandra</a>
</li>
<li class="none">
<a href="../server/config-elasticsearch.html" title="ElasticSearch">ElasticSearch</a>
</li>
<li class="none">
<a href="../server/config-vault.html" title="Deleted Messages Vault">Deleted Messages Vault</a>
</li>
<li class="none">
<a href="../server/config-dnsservice.html" title="DNS Service">DNS Service</a>
</li>
<li class="none">
<a href="../server/config-domainlist.html" title="Domain List">Domain List</a>
</li>
<li class="none">
<a href="../server/config-fetchmail.html" title="FetchMail">FetchMail</a>
</li>
<li class="none">
<a href="../server/config-guice.html" title="Guice">Guice</a>
</li>
<li class="none">
<a href="../server/config-imap4.html" title="IMAP4">IMAP4</a>
</li>
<li class="none">
<a href="../server/config-jmap.html" title="JMAP">JMAP</a>
</li>
<li class="none">
<a href="../server/config-mailrepositorystore.html" title="Mail Repository Stores">Mail Repository Stores</a>
</li>
<li class="none">
<a href="../server/config-mailbox.html" title="Mailbox">Mailbox</a>
</li>
<li class="none">
<a href="../server/config-mailetcontainer.html" title="Mailet Container">Mailet Container</a>
</li>
<li class="none">
<a href="../server/config-healthcheck.html" title="Periodical Health Checks">Periodical Health Checks</a>
</li>
<li class="none">
<a href="../server/config-pop3.html" title="POP3">POP3</a>
</li>
<li class="none">
<a href="../server/config-quota.html" title="Quota">Quota</a>
</li>
<li class="none">
<a href="../server/config-rabbitmq.html" title="RabbitMQ">RabbitMQ</a>
</li>
<li class="none">
<a href="../server/config-recipientrewritetable.html" title="Recipient Rewrite">Recipient Rewrite</a>
</li>
<li class="none">
<a href="../server/config-smtp-lmtp.html" title="SMTP LMTP">SMTP LMTP</a>
</li>
<li class="none">
<a href="../server/config-sieve.html" title="Sieve">Sieve</a>
</li>
<li class="none">
<a href="../server/config-ssl-tls.html" title="SSL/TLS">SSL/TLS</a>
</li>
<li class="none">
<a href="../server/config-system.html" title="System">System</a>
</li>
<li class="none">
<a href="../server/config-spring-jpa-postgres.html" title="Spring JPA Postgres">Spring JPA Postgres</a>
</li>
<li class="none">
<a href="../server/config-users.html" title="Users">Users</a>
</li>
<li class="none">
<a href="../server/config-webadmin.html" title="WebAdmin">WebAdmin</a>
</li>
</ul>
</li>
<li class="collapsed">
<a href="../server/manage.html" title="5. Manage">5. Manage</a>
</li>
<li class="collapsed">
<a href="../server/monitor.html" title="6. Monitor">6. Monitor</a>
</li>
<li class="collapsed">
<a href="../server/upgrade.html" title="7. Upgrade">7. Upgrade</a>
</li>
<li class="collapsed">
<a href="../server/dev.html" title="8. Developers Corner">8. Developers Corner</a>
</li>
</ul>
</li>
<li class="none">
<a href="../mail.html#James_Mailing_lists" title="Mailing Lists">Mailing Lists</a>
</li>
<li class="none">
<a href="../server/release-notes.html" title="Release Notes">Release Notes</a>
</li>
<li class="none">
<a href="../server/apidocs/index.html" title="Javadoc">Javadoc</a>
</li>
<li class="none">
<a href="https://issues.apache.org/jira/browse/JAMES" title="Issue Tracker">Issue Tracker</a>
</li>
<li class="none">
<a href="https://github.com/apache/james-project" title="Sources">Sources</a>
</li>
<li class="none">
<a href="../server/rfcs.html" title="RFCs">RFCs</a>
</li>
<li class="none">
<a href="../download.cgi#Apache_James_Server" title="Download releases">Download releases</a>
</li>
</ul>
</li>
<li class="collapsed">
<a href="../mailet/index.html" title="Mailets">Mailets</a>
</li>
<li class="collapsed">
<a href="../mailbox/index.html" title="Mailbox">Mailbox</a>
</li>
<li class="collapsed">
<a href="../protocols/index.html" title="Protocols">Protocols</a>
</li>
<li class="collapsed">
<a href="../mpt/index.html" title="MPT">MPT</a>
</li>
</ul>
<h5>Apache Software Foundation</h5>
<ul>
<li>
<strong>
<a title="ASF" href="http://www.apache.org/">ASF</a>
</strong>
</li>
<li>
<a title="Get Involved" href="http://www.apache.org/foundation/getinvolved.html">Get Involved</a>
</li>
<li>
<a title="FAQ" href="http://www.apache.org/foundation/faq.html">FAQ</a>
</li>
<li>
<a title="License" href="http://www.apache.org/licenses/" >License</a>
</li>
<li>
<a title="Sponsorship" href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a>
</li>
<li>
<a title="Thanks" href="http://www.apache.org/foundation/thanks.html">Thanks</a>
</li>
<li>
<a title="Security" href="http://www.apache.org/security/">Security</a>
</li>
</ul>
<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
<img class="poweredBy" alt="Built by Maven" src="../images/logos/maven-feather.png" />
</a>
</div>
</div>
<div id="bodyColumn">
<div id="contentBox">
<section>
<h2><a name="BlobStore_Configuration"></a>BlobStore Configuration</h2>
<p>
BlobStore is the dedicated component to store blobs, non-indexable content.
James uses the BlobStore for storing blobs which are usually mail contents, attachments, deleted mails...
You can choose the underlying implementation of BlobStore to fit with your James setup.
It could be the implementation on top of Cassandra or file storage service like Openstack Swift, AWS S3.
This configuration is only applicable with Guice products.
</p>
<p>
Consult <a class="externalLink" href="https://github.com/apache/james-project/blob/master/server/apps/distributed-app/sample-configuration/blob.properties">blob.properties</a>
in GIT to get some examples and hints.
</p>
<p>
Blobs storing configuration
</p>
<dl>
<dt><b>implementation</b></dt>
<dd>cassandra: use cassandra based BlobStore</dd>
<dd>s3: use AWS S3 based BlobStore</dd>
<dd><b>WARNING</b>: JAMES-3591 Cassandra is not made to store large binary content, its use will be suboptimal compared to
alternatives (namely S3 compatible BlobStores backed by for instance S3, MinIO or Ozone)
</dd>
<dd>
The generated startup warning log can be deactivated via the cassandra.blob.store.disable.startup.warning environment
variable being positioned to false.
</dd>
<dt><b>deduplication/enable</b></dt>
<dd>Mandatory. Supported value: true and false.</dd>
<dd>If you choose to enable deduplication, the mails with the same content will be stored only once.</dd>
<dd>Warning: Once this feature is enabled, there is no turning back as turning it off will lead to the deletion of all</dd>
<dd>the mails sharing the same content once one is deleted.</dd>
<dd>This feature also requires a garbage collector mechanism to effectively drop blobs. A first implementation
based on bloom filters can be used and triggered using the WebAdmin REST API. See
<a href="manage-webadmin.html#Running_blob_garbage_collection">Running blob garbage collection</a>.
In order to avoid concurrency issues upon garbage collection, we slice the blobs in generation, the two more recent
generations are not garbage collected.</dd>
<dd><b>deduplication.gc.generation.duration</b></dd>
<dd>Allow controlling the duration of one generation. Longer implies better deduplication
but deleted blobs will live longer. Duration, defaults on 30 days, the default unit is in days.</dd>
<dd><b>deduplication.gc.generation.family</b></dd>
<dd>Every time the duration is changed, this integer counter must be incremented to avoid
conflicts. Defaults to 1.</dd>
<dd>Upgrade note: If you are upgrading from James 3.5 or older, the deduplication was enabled.</dd>
</dl>
<section>
<h3><a name="Cassandra_BlobStore_Cache"></a>Cassandra BlobStore Cache</h3>
<p>A Cassandra cache can be enabled to reduce latency when reading small blobs frequently.
A dedicated keyspace with a replication factor of one is then used.
Cache eviction policy is TTL based.
Only blobs below a given threshold will be stored.
To be noted that blobs are stored within a single Cassandra row, hence a low threshold should be used.
</p>
<dl>
<dt><b>cache.enable</b></dt>
<dd>DEFAULT: false, optional, must be a boolean. Whether the cache should be enabled.</dd>
</dl>
<dl>
<dt><b>cache.cassandra.ttl</b></dt>
<dd>DEFAULT: 7 days, optional, must be a duration. Cache eviction policy is TTL based. </dd>
</dl>
<dl>
<dt><b>cache.cassandra.timeout</b></dt>
<dd>DEFAULT: 100ms, optional, must be a duration, cannot exceed 1 hour.
Timeout after which this cache should be bypassed.</dd>
</dl>
<dl>
<dt><b>cache.sizeThresholdInBytes</b></dt>
<dd>DEFAULT: 8192, optional, must be a positive integer. Unit: bytes.
Supported units: bytes, Kib, MiB, GiB, TiB
Maximum size of stored objects expressed in bytes.</dd>
</dl>
</section>
<section>
<h3><a name="Encryption_choice"></a>Encryption choice</h3>
<p>
Data can be optionally encrypted with a symmetric key using AES before being stored in the blobStore. As many user relies
on third party for object storage, a compromised third party will not escalate to a data disclosure. Of course, a
performance price have to be paid, as encryption takes resources.
</p>
<dl>
<dt><b>encryption.aes.enable</b></dt>
<dd>Optional boolean, defaults to false</dd>
</dl>
<p>If AES encryption is enabled, then the following properties MUST be present:</p>
<dl>
<dt><b>encryption.aes.password</b></dt>
<dd>String</dd>
</dl>
<dl>
<dt><b>encryption.aes.salt</b></dt>
<dd>Hexadecimal string.</dd>
</dl>
<p><b>WARNING:</b> Once chosen this choice can not be reverted, all the data is either clear or encrypted. Mixed encryption
is not supported.</p>
<p>
Here is an example of how you can generate the above values (be mindful to customize the byte lengths in order to add
enough entropy.
</p>
<div>
<pre>
# Password generation
openssl rand -base64 64
# Salt generation
generate salt with : openssl rand -hex 16
</pre></div>
</section>
<section>
<h3><a name="ObjectStorage_BlobStore_Buckets_Configuration"></a>ObjectStorage BlobStore Buckets Configuration</h3>
<dl>
<dt><b>objectstorage.bucketPrefix</b></dt>
<dd>
Bucket is an concept in James and similar to Containers in Swift or Buckets in AWS S3.
BucketPrefix is the prefix of bucket names in James BlobStore
</dd>
<dt><b>objectstorage.namespace</b></dt>
<dd>
BlobStore default bucket name. Most of blobs storing in BlobStore are inside the default bucket.
Unless a special case like storing blobs of deleted messages.
</dd>
</dl>
</section>
<section>
<h3><a name="ObjectStorage_Underlying_Service_Configuration"></a>ObjectStorage Underlying Service Configuration</h3>
</section><section>
<h3><a name="ObjectStorage_AWS_S3_Configuration"></a>ObjectStorage AWS S3 Configuration</h3>
<dl>
<dt><b>objectstorage.s3.endPoint</b></dt>
<dd>S3 service endpoint</dd>
<dt><b>objectstorage.s3.region</b></dt>
<dd>S3 region</dd>
<dt><b>objectstorage.s3.accessKeyId</b></dt>
<dd><a class="externalLink" href="https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys">S3 access key id</a></dd>
<dt><b>objectstorage.s3.secretKey</b></dt>
<dd><a class="externalLink" href="https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys">S3 access key secret</a></dd>
<dt><b>objectstorage.s3.http.concurrency</b></dt>
<dd>Allow setting the number of concurrent HTTP requests allowed by the Netty driver.</dd>
</dl>
</section>
</section>
</div>
</div>
<div class="clear">
<hr/>
</div>
<div id="footer">
<div class="xright">Copyright &#169; 2006-2021
<a href="https://www.apache.org/">The Apache Software Foundation</a>.
All Rights Reserved.
</div>
<div class="clear">
<hr/>
</div>
</div>
</body>
</html>