Arbutus object storage clients: Difference between revisions
No edit summary |
No edit summary |
||
Line 12: | Line 12: | ||
== s3cmd == | == s3cmd == | ||
=== installing s3cmd === | |||
Depending on your Linux distribution, the <code>s3cmd</code> command can be installed using the appropriate <code>yum</code> or <code>apt</code> command: | Depending on your Linux distribution, the <code>s3cmd</code> command can be installed using the appropriate <code>yum</code> or <code>apt</code> command: | ||
Line 18: | Line 18: | ||
<code>$ sudo apt install s3cmd </code> | <code>$ sudo apt install s3cmd </code> | ||
To configure the s3cmd tool use the command:</br> | To configure the <code>s3cmd</code> tool use the command:</br> | ||
<code>$ s3cmd --configure</code> | <code>$ s3cmd --configure</code> | ||
Line 53: | Line 53: | ||
</pre> | </pre> | ||
=== Create buckets === | |||
The next task is to make a bucket. Buckets contain files. Bucket names must be globally unique across the Arbutus object storage solution. Therefore, you will need to create a uniquely named bucket which will not conflict with other users. For example, the buckets "s3://test/" and "s3://data" are likely already taken. Consider creating buckets reflective of your project, for example "s3://def-test-bucket1" or "s3://atlas_project_bucket". Bucket names can only use the characters A-Z, a-z, 0-9, ., - and _. | The next task is to make a bucket. Buckets contain files. Bucket names must be globally unique across the Arbutus object storage solution. Therefore, you will need to create a uniquely named bucket which will not conflict with other users. For example, the buckets "s3://test/" and "s3://data" are likely already taken. Consider creating buckets reflective of your project, for example "s3://def-test-bucket1" or "s3://atlas_project_bucket". Bucket names can only use the characters A-Z, a-z, 0-9, ., - and _. | ||
Line 63: | Line 64: | ||
<code>$ s3cmd info s3://BUCKET_NAME/</code> | <code>$ s3cmd info s3://BUCKET_NAME/</code> | ||
=== Upload files === | |||
To upload a file to the bucket, use the command: | To upload a file to the bucket, use the command: | ||
Line 69: | Line 71: | ||
Buckets can have Access Control Lists (ACLs) and policies which govern who can access what resources in the object store. These features are quite sophisticated. Here are two simple examples of using ACLs using the tool's <code>setacl</code> command. | Buckets can have Access Control Lists (ACLs) and policies which govern who can access what resources in the object store. These features are quite sophisticated. Here are two simple examples of using ACLs using the tool's <code>setacl</code> command. | ||
=== ACLs and Policies === | |||
<code>$ s3cmd setacl --acl-public s3://BUCKET_NAME</code> | <code>$ s3cmd setacl --acl-public s3://BUCKET_NAME</code> | ||
Line 81: | Line 84: | ||
== WinSCP == | == WinSCP == | ||
=== Installing WinSCP === | |||
WinSCP can be installed https://winscp.net/ | WinSCP can be installed https://winscp.net/ | ||
=== Configuring WinSCP === | |||
Under "New Session", make the following configurations: | Under "New Session", make the following configurations: | ||
<ul> | <ul> | ||
Line 101: | Line 106: | ||
[[File:WinSCP resolve error.png|400px|thumb|center|WinSCP resolve error]] | [[File:WinSCP resolve error.png|400px|thumb|center|WinSCP resolve error]] | ||
=== Using WinSCP === | |||
Click on the "Login" button and use the WinSCP GUI to create buckets and to transfer files: | |||
[[File:WinSCP transfers.png|800px|thumb|center|WinSCP file transfer screen]] | [[File:WinSCP transfers.png|800px|thumb|center|WinSCP file transfer screen]] | ||
[[Category:CC-Cloud]] | [[Category:CC-Cloud]] |
Revision as of 18:01, 9 January 2022
This is not a complete article: This is a draft, a work in progress that is intended to be published into an article, which may or may not be ready for inclusion in the main wiki. It should not necessarily be considered factual or authoritative.
Arbutus Object Storage Clients[edit]
For information on obtaining Arbutus Object Storage, please see the Object Storage User Guide
This page describes how to configure and use two common object storage clients:
- s3cmd
- WinSCP
It is important to note that Arbutus Object Storage does not use Amazon's DNS-style buckets/Virtual Hosts which these clients assume by default. They need to be configured not to use this approach.
s3cmd[edit]
installing s3cmd[edit]
Depending on your Linux distribution, the s3cmd
command can be installed using the appropriate yum
or apt
command:
$ sudo yum install s3cmd
$ sudo apt install s3cmd
To configure the s3cmd
tool use the command:
$ s3cmd --configure
And make the following configurations with the keys provided by the Arbutus team:
Enter new values or accept defaults in brackets with Enter. Refer to user manual for detailed description of all options. Access key and Secret key are your identifiers for Amazon S3. Leave them empty for using the env variables. Access Key []: 20_DIGIT_ACCESS_KEY Secret Key []: 40_DIGIT_SECRET_KEY Default Region [US]: Use "s3.amazonaws.com" for S3 Endpoint and not modify it to the target Amazon S3. S3 Endpoint []: object-arbutus.cloud.computecanada.ca Use "%(bucket)s.s3.amazonaws.com" to the target Amazon S3. "%(bucket)s" and "%(location)s" vars can be used if the target S3 system supports dns based buckets. DNS-style bucket+hostname:port template for accessing a bucket []: object-arbutus.cloud.computecanada.ca Encryption password is used to protect your files from reading by unauthorized persons while in transfer to S3 Encryption password []: PASSWORD Path to GPG program []: /usr/bin/gpg When using secure HTTPS protocol all communication with Amazon S3 servers is protected from 3rd party eavesdropping. This method is slower than plain HTTP, and can only be proxied with Python 2.7 or newer Use HTTPS protocol []: Yes On some networks all internet access must go through a HTTP proxy. Try setting it here if you can't connect to S3 directly HTTP Proxy server name:
Create buckets[edit]
The next task is to make a bucket. Buckets contain files. Bucket names must be globally unique across the Arbutus object storage solution. Therefore, you will need to create a uniquely named bucket which will not conflict with other users. For example, the buckets "s3://test/" and "s3://data" are likely already taken. Consider creating buckets reflective of your project, for example "s3://def-test-bucket1" or "s3://atlas_project_bucket". Bucket names can only use the characters A-Z, a-z, 0-9, ., - and _.
To create a bucket, use the tool's mb
(make bucket) command:
$ s3cmd mb s3://BUCKET_NAME/
To see the status of a bucket, use the command:
$ s3cmd info s3://BUCKET_NAME/
Upload files[edit]
To upload a file to the bucket, use the command:
$ s3cmd put --guess-mime-type FILE_NAME.dat s3://BUCKET_NAME/FILE_NAME.dat
Buckets can have Access Control Lists (ACLs) and policies which govern who can access what resources in the object store. These features are quite sophisticated. Here are two simple examples of using ACLs using the tool's setacl
command.
ACLs and Policies[edit]
$ s3cmd setacl --acl-public s3://BUCKET_NAME
The result of this command is that anyone can access the bucket and the files in the bucket. Files can be accessed via URLs such as https://object-arbutus.cloud.computecanada.ca/BUCKET_NAME/FILE_NAME.dat.
The second ACL example limits access to the bucket by the owner:
$ s3cmd setacl --acl-privte s3://BUCKET_NAME
Other more sophisticated examples can be found in the s3cmd man page.
WinSCP[edit]
Installing WinSCP[edit]
WinSCP can be installed https://winscp.net/
Configuring WinSCP[edit]
Under "New Session", make the following configurations:
- File protocol: Amazon S3
- Host name: object-arbutus.cloud.computecanada.ca
- Port number: 443
- Access key ID: 20_DIGIT_ACCESS_KEY provided by the Arbutus team
and "Save" these settings as shown below
Next, follow the "Edit" button's "Advanced..." settings to "Environment" to "S3" to "Protocol options" to "URL style:" which must changed from "Virtual Host" to "Path" as shown below:
This setting is important, otherwise you will see hostname resolution errors, like this:
Using WinSCP[edit]
Click on the "Login" button and use the WinSCP GUI to create buckets and to transfer files: