Closed jindov closed 7 years ago
Update output when run verify repo with S3SignerType API:
{"error":{"root_cause":[{"type":"repository_verification_exception","reason":"[esrepo] path is not accessible on master node"}],"type":"repository_verification_exception","reason":"[esrepo] path is not accessible on master node","caused_by":{"type":"i_o_exception","reason":"Unable to upload object tests-mVhkDiISRfuIJ66t-pwM3Q/master.dat-temp","caused_by":{"type":"amazon_client_exception","reason":"Unable to execute HTTP request: Read timed out","caused_by":{"type":"socket_timeout_exception","reason":"Read timed out"}}}},"status":500}
My PR solves this issue with ceph.
See my comment on the PR. This PR last year should have fixed the issue: elastic/elasticsearch#13360. However, that is marked as 2.1, but I'm not sure it was actually backported. I can't find it anywhere in 2.x. @xuzha Can you check this?
Oh actually it looks like there was a backport, but it was not exactly the same as master. I think the warning you saw is a red herring, because it is trying to register an already registered type (on master it skips S3SignerType because it has statically registered it).
In 2.x is slightly different. Taking a look, but I think the S3SignerType
is the right type to use for ceph .
I agree it is the right type. But with the 2.x change, it looks like it will still try to register S3SignerType
even though it is always registered (which gets the IAE and prints the warning).
The warning is actually don't stop user to setup the S3SignerType
, we just overwrite the Signer by calling configuration.setSignerOverride(signer)
. It is not register it, right ?
true, aws sdk java 1.10.33 (which is used now) is registering it.
As you explain above, I cannot use s3 ceph to store my snapshot with this s3 repository plugin? I've upgraded to the latest version of elasticsearch, 2.2
Same question here. Anyone have backup to cloud working with S3SignerType with ES 2.2.1 or 2.3.5? In both I have "[S3SignerType] may not be supported" and amazonaws.services.s3.model.AmazonS3Exception: Gateway Time-out (Service: Amazon S3; Status Code: 504; Error Code: 504 Gateway Time-out; Request ID: null), S3 Extended Request ID: null
I'm currently using ES 2.4.1 with cloud-aws plugin version:
_cat/plugins?v
name component version type
node-1 cloud-aws 2.4.1 j
After some digging it seems that the correct signer is: S3SignerType
(at least with this current configuration)
I'm able create the repository but it always fails verification with the following error:
{
"error": {
"root_cause": [
{
"type": "repository_verification_exception",
"reason": "[ceph_repo1] path [es-snapshots] is not accessible on master node"
}
],
"type": "repository_verification_exception",
"reason": "[ceph_repo1] path [es-snapshots] is not accessible on master node",
"caused_by": {
"type": "i_o_exception",
"reason": "Unable to upload object es-snapshots/tests-ZG71SQBeTWmAgce_0GNF8Q/master.dat-temp",
"caused_by": {
"type": "amazon_s3_exception",
"reason": "null (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: tx00000000000000006b8fe-00583f3b24-6c2f8-default)"
}
}
},
"status": 500
}
The bucket exist check succeeds with response 200
however the PUT
fails with a 403
.
Is this a plugin issue or is related to permissions?
I'm able to create directories/buckets using s3cmd
and the same access_key and secret_key configured in the elasticsearch.yml.
Does anyone have any ideas?
UPDATE: The problem was not in the plugin and was in the ACCESS_KEY/SECRET and END_POINT. Once the setup was pointing to the correct CEPH instance everything just worked.
As @jogura confirmed (and thanks a lot for the update), it seems that CEPH can be used with S3 plugin. So I'm closing this issue.
This is my config in elasticsearch.yml for connecting to aws:
When I start elasticsearch with enabling debug log, it notice:
However, with this signer, I can connect to s3-ceph and verify snapshot repo with this command:
curl -XPUT 'http://localhost:9200/_snapshot/mysnap?verify=false' -d '{"type":"s3","settings":{"access_key":"my-key","secret_key":"my-secret-key","bucket":"esrepo","endpoint":"s3.mydomain.net","protocol":"http"}}'
It's connected okey but I can't put anything to repo, it time out and hang on: curl -XPUT 'http://localhost:9200/_snapshot/mysnap/snapshot1?wait_for_completion=true'
And when I restart elasticsearch with changing in API type from S3SignerType to AWS3SignerType
I use 1 key for 2 case but AWS3SignerType cannot to access to S3-ceph API so I cannot do anything
Please help me, if u need to more log, inform me
I run this system with es 2.1, latest cloud-aws plugin, jdk 8 (java version "1.8.0_65")