3.1. Requirements for Integration via REST API¶
Any operation or management request must be authenticated with a signed request via Signature Version 2 or 4 of the Amazon S3 protocol of the corresponding S3 system user. You can create system users on any storage node in the cluster with the ostor-s3-admin create-user -S command and parameter -e specifying the user email address:
# ostor-s3-admin create-user -S -e user@example.com
UserEmail:user@example.com
UserId:a14040e0b2ef8b28
KeyPair[0]:S3AccessKeyId:a14040e0b2ef8b28FZZ8
KeyPair[0]:S3SecretAccessKey:dbwTnQTW602aAAdq8DQVFzB6yrTCFTNiGB8C8RFA
Flags:system
With this user you will authenticate further REST API requests managing the S3 cluster. You can create multiple system accounts for different management operations.
3.1.1. Configuration¶
The examples will use cURL for authentication as well as GET, PUT, POST, and DELETE operations run in Bash. You can simplify signature creation if you create a sane environment first. Create a file ~/.s3_environment replacing s3_key with your S3AcessKeyId and s3_secret with your S3SecretAccessKey and the following content:
# s3 login variables.
s3_key="a14040e0b2ef8b28FZZ8"
s3_secret="dbwTnQTW602aAAdq8DQVFzB6yrTCFTNiGB8C8RFA"
# Sign s3 requests and run curl.
function s3_curl() {
# Parse command line.
[ -z "${2}" ] && {
echo "Usage: ${FUNCNAME[0]} <request_type> <s3_url>"
return 1
}
# Prepare signature.
s3_url="${2%/*}"
s3_host="${s3_url##*://}"
s3_query="${2##*/}"
s3_date="$(date -R)"
# Generate signature.
s3_signature="$(echo -en "${1}\n\n\n${s3_date}\n/${s3_query%%&*}" |\
openssl sha1 -hmac ${s3_secret} -binary | base64)"
# Call.
curl -H "Host: ${s3_host}" \
-H "Accept: */*" \
-H "Date: ${s3_date}" \
-H "Authorization: AWS ${s3_key}:${s3_signature}" \
-X "${1}" \
"${s3_url}/${s3_query}"
}
You need to load the file into your default environment to make the s3_curl function available. Once the file is loaded, you can use it for all further S3 requests. Load the file with the following command:
# source ~/.s3_environment
3.1.2. Statistics¶
You need to have statistics collection enabled on your S3 gateway. The S3 gateway will save the statistics as regular storage objects. On each S3 storage node, create a file /var/lib/ostor/local/gw.conf with the following contents:
# Enable usage statistics collection.
S3_GW_COLLECT_STAT=1
Restart the S3 storage service to apply the configuration changes. Run the following command on all S3 storage nodes:
# systemctl restart ostor-agentd.service