How to run docker against Azure Storage?

gaul / s3proxy

Access other storage backends via the S3 API

Apache License 2.0

1.75k stars 228 forks source link

How to run docker against Azure Storage? #404

Open AArnott opened 2 years ago

AArnott commented 2 years ago

I'm trying to piece together from the wiki and the dockerfile how to run the s3proxy against an Azure Blob Storage account. This is what I have:

docker run \
    --publish 80:80 \
    --env S3PROXY_AUTHORIZATION=none \
    --env JCLOUDS_PROVIDER=azureblob \
    --env JCLOUDS_ENDPOINT=arnottmedia.core.windows.net \
    --env JCLOUDS_IDENTITY=arnottmedia \
    --env JCLOUDS_CREDENTIAL=9qaV... \
    andrewgaul/s3proxy

But this fails when accessing http://localhost:80 with this error:

HTTP ERROR 400 endpoint.getHost() is null for /arnottmedia.core.windows.net/?comp=list&include=metadata

I tried with the endpoint set to just arnottmedia as well, to no avail. I don't know what to put for identity because Azure only offers 'keys' (no IDs).

Any suggestions?

timuralp commented 2 years ago

There are two ways to configure Azure Blob access. One possibility is using the Azure tenant ID, client ID, and password. The settings would look like:

jclouds.provider=azureblob
jclouds.identity=<client ID>
jclouds.credential=<password>
jclouds.azureblob.tenantId=<tenand ID>
jclouds.azureblob.account=<storage account>
jclouds.azureblob.auth=azureAd

The other method is via Azure storage Keys, which uses the key and storage account name and looks like:

jclouds.provider=azureblob
jclouds.credential=<key>
jclouds.identity=<storage account>

I don't think you need to specify the endpoint -- S3Proxy should infer it from the storage account name that was passed in.

AArnott commented 2 years ago

Thanks. I tried the latter, and it still gives me that same getHost error message

docker run \
    --publish 80:80 \
    --env S3PROXY_AUTHORIZATION=none \
    --env JCLOUDS_PROVIDER=azureblob \
    --env JCLOUDS_IDENTITY=arnottmedia \
    --env JCLOUDS_CREDENTIAL=9qaV... \
    andrewgaul/s3proxy

timuralp commented 2 years ago

@AArnott Thanks for testing it out. Looks like the -Djclouds.endpoint="" is not handled properly by the underlying jclouds library, resulting in an empty string for the endpoint and hence the above error. Two workarounds until the jclouds issue is fixed:

define the endpoint explicitly, e.g.: -Djclouds.endpoint="https://arnottmedia.blob.core.windows.net"
use a property file and change the run-docker-container.sh script

Option 1 is probably easiest. I'll open a corresponding jclouds issue and reference it in the fix. Thanks for the report!

timuralp commented 2 years ago

jclouds PR: https://github.com/apache/jclouds/pull/135