- Connection to DRACOON is only possible with OpenIO Version 18.04 or later. (DRACOON only supports S3 signature version 4, which is only available since OpenIO Version 18.04.)
- To enable the DRACOON environment to send S3 requests to OpenIO, the OpenIO Swift Gateway must be installed.
- The S3 Object Storage must be publicly accessible over the Internet to be used with DRACOON.
Settings for OpenIO
A new account in an existing namespace <NAMESPACE> can be created with the openio command line tool:
openio account create AUTH_<ACCOUNT> --oio-ns <NAMESPACE>
Note: You must also specify a value for <ACCOUNT>.
The following describes the configuration of OpenIO using the command line tool awscli. This can be installed with pip, a package manager for Python, on Windows, Linux, and macOS. To be able to log on to OpenIO via awscli, the credentials are stored in the file ~/.aws/credentials, for example:
[default]
aws_access_key_id=<ACCOUNT>:<TENANT>
aws_secret_access_key=<SECRET_ACCESS_KEY>
region=<REGION>
s3 =
signature_version = s3v4
Note: You must specify values for <TENANT>
and <SECRET_ACCESS_KEY>
. It is important that the user with whom the DRACOON later connects to OpenIO has administrative rights for his account. In our example, the user is stored in the file proxy-server.conf as admin:
[filter:tempauth]
use = egg:oioswift#tempauth
user_<ACCOUNT>_<TENANT> = <SECRET_ACCESS_KEY> .admin
Note: TempAuth (alternatively: Keystone) is used for authentication.
To connect the OpenIO to your DRACOON, you must first create a bucket in the desired region (object buckets are called containers in OpenIO).
aws --endpoint-url <YourS3Endpoint> s3api create-bucket --bucket <YourS3Bucket> --region <REGION>
To configure the CORS (Cross-Origin Resource Sharing) header, you must first create the following temporary file cors.json:
{
"CORSRules": [
{
"AllowedOrigins": ["https://<YOUR_URL>"],
"AllowedHeaders": ["*"],
"AllowedMethods": ["GET", "PUT", "POST", "DELETE"],
"MaxAgeSeconds": 3000
}
]
}
Afterward, you can import it with the following command:
aws --endpoint-url <YourS3Endpoint> s3api put-bucket-cors --bucket <YourS3Bucket> --cors-configuration file://cors.json
The S3 storage can now be activated in DRACOON.
Settings in DRACOON
You must own the Configuration Manager role to specify the following settings.
- Log on to the DRACOON Web App, in the Toolbox, click System Settings > Storage, and then select the Configure S3 checkbox.
- Enter the URL of your S3 endpoint.
- Enter the Access Key and the Secret Key that you saved in the file ~/.aws/credentials, for example, above (<ACCOUNT>:<TENANT> or <SECRET_ACCESS_KEY>).
- Enter the region of your bucket.
- Finally, enter the name of your bucket and click Save.
- After a short wait, you will be informed whether the configuration was successful or not by a notification in the upper right corner of the Web App:
Your NetApp StorageGRID is now successfully connected to your DRACOON.
Comments
0 comments
Article is closed for comments.