FrostFS S3 Protocol Gateway
Find a file
Angira Kekteeva 3e4fc52428 [] Add AccessKeyID filter
Signed-off-by: Angira Kekteeva <kira@nspcc.ru>
2022-09-06 13:47:20 +03:00
.docker [] Update go version to 1.19 2022-08-30 15:54:33 +03:00
.github/workflows [] Update go version to 1.19 2022-08-30 15:54:33 +03:00
api [] Add AccessKeyID filter 2022-09-06 13:47:20 +03:00
authmate [] Sync using oid.ID 2022-07-22 15:19:16 +03:00
cmd [] Add AccessKeyID filter 2022-09-06 13:47:20 +03:00
config [] Update docs 2022-08-16 17:49:15 +03:00
creds [] Sync using oid.Address 2022-07-22 15:19:16 +03:00
docs [] Update configuration docs 2022-08-19 10:31:26 +03:00
internal [] Return added node id in AddVersion 2022-08-29 18:24:00 +03:00
.dockerignore [] Add docker/* target in Makefile 2022-06-16 11:12:42 +03:00
.gitignore [] Update gitignore 2022-07-22 15:19:16 +03:00
.golangci.yml [] Replace golint by revive 2021-10-01 12:25:54 +03:00
CHANGELOG.md [] Update go version to 1.19 2022-08-30 15:54:33 +03:00
CONTRIBUTING.md [] Add CONTRIBUTING guide 2022-07-06 10:49:46 +03:00
CREDITS.md Add credits 2022-07-14 12:08:52 +03:00
go.mod [] Update SDK 2022-08-29 15:03:04 +03:00
go.sum [] Update SDK 2022-08-29 15:03:04 +03:00
help.mk Refactoring Makefile 2021-02-08 12:45:18 +03:00
LICENSE [] Change NeoFS S3 Gateway license to AGPLv3 2021-09-20 10:38:28 +03:00
Makefile [] Fix commit abbrev length in version 2022-09-06 13:44:46 +03:00
README.md [] Improve wallet path param 2022-08-03 22:25:59 +03:00
syncTree.sh [] Fix sync tree script 2022-07-22 15:19:16 +03:00
updateTestsResult.sh [] Support repeating tests in resulting file 2022-06-07 17:37:05 +03:00
VERSION Release v0.23.0 2022-08-01 22:12:34 +03:00

NeoFS S3 Gateway

NeoFS S3 gateway provides API compatible with Amazon S3 cloud storage service.

Installation

go get -u github.com/nspcc-dev/neofs-s3-gw

Or you can call make to build it from the cloned repository (the binary will end up in bin/neofs-s3-gw with authmate helper in bin/neofs-s3-authmate). To build binaries in clean docker environment, call make docker/all.

Other notable make targets:

dep          Check and ensure dependencies
image        Build clean docker image
dirty-image  Build dirty docker image with host-built binaries
format       Run all code formatters
lint         Run linters
version      Show current version

Or you can also use a Docker image provided for released (and occasionally unreleased) versions of gateway (:latest points to the latest stable release).

Execution

Minimalistic S3 gateway setup needs:

  • NeoFS node(s) address (S3 gateway itself is not a NeoFS node) Passed via -p parameter or via S3_GW_PEERS_<N>_ADDRESS and S3_GW_PEERS_<N>_WEIGHT environment variables (gateway supports multiple NeoFS nodes with weighted load balancing).
  • a wallet used to fetch key and communicate with NeoFS nodes Passed via --wallet parameter or S3_GW_WALLET_PATH environment variable.

These two commands are functionally equivalent, they run the gate with one backend node, some keys and otherwise default settings:

$ neofs-s3-gw -p 192.168.130.72:8080 --wallet wallet.json

$ S3_GW_PEERS_0_ADDRESS=192.168.130.72:8080 \
  S3_GW_WALLET=wallet.json \
  neofs-s3-gw

It's also possible to specify uri scheme (grpc or grpcs) when using -p or environment variables:

$ neofs-s3-gw -p grpc://192.168.130.72:8080 --wallet wallet.json

$ S3_GW_PEERS_0_ADDRESS=grpcs://192.168.130.72:8080 \
  S3_GW_WALLET=wallet.json \
  neofs-s3-gw

AWS SDK Compatibility

To match signature of the request you must not include the following headers to SignedHeaders:

  • User-Agent
  • X-Amzn-Trace-Id

AWS SDK JAVA v1

Using aws-sdk-java you can get the following error:

Exception in thread "main" com.amazonaws.services.s3.model.AmazonS3Exception: 
The request signature we calculated does not match the signature you provided. Check your key and signing method.

To solve this problem you should configure client properly:

RequestHandler2 handler = new RequestHandler2() {
   @Override
   public void beforeAttempt(HandlerBeforeAttemptContext context) {
      context.getRequest().getHeaders().remove("User-Agent");
      super.beforeAttempt(context);
   }
};

AmazonS3 s3Client = AmazonS3ClientBuilder.standard()
   .withRequestHandlers(handler)
   .enablePathStyleAccess()
   // ...
   .build()

Documentation

Credits

Please see CREDITS for details.