search

grafana / mimir

Grafana Mimir provides horizontally scalable, highly available, multi-tenant, long-term storage for Prometheus.
https://grafana.com/oss/mimir/
GNU Affero General Public License v3.0
4.16k stars 535 forks source link

The bucket you are attempting to access must be addressed using COS virtual-styled domain #7512

Closed east4ming closed 8 months ago

east4ming commented 8 months ago

Describe the bug

I use Tencent Cloud COS(S3 compatible storage) as the storage backend, configured as follows:

mimir:
  structuredConfig:
    common:
      storage:
        backend: s3
        s3:
          endpoint: cos.ap-shanghai.myqcloud.com
          region: ap-shanghai
          secret_access_key: 'xxxxx' # This is a secret injected via an environment variable
          access_key_id: 'xxxxx' # This is a secret injected via an environment variable

    blocks_storage:
      s3:
        bucket_name: mimir-blocks-xxxxx
    alertmanager_storage:
      s3:
        bucket_name: mimir-alertmanager-xxxxx
    ruler_storage:
      s3:
        bucket_name: mimir-ruler-xxxxx

After startup, the error is reported as follows:

ts=2024-03-01T06:41:37.611006741Z caller=sanity_check.go:41 level=error msg="Unable to successfully connect to configured object storage" err="alertmanager storage: unable to successfully send a request to object storage: The bucket you are attempting to access must be addressed using COS virtual-styled domain"

To Reproduce

Steps to reproduce the behavior:

  1. Config Mimir Helm , using Tencent Cloud COS(S3 compatible storage) ,like above
  2. Helm install
  3. pod CrashLoopBackOff/Error

Expected behavior

Support virtual-style s3 config. Or can my configuration be modified to fix this problem?

Environment

Additional Context

Domain name compliance issues | COS | TencentCloud

On this page, there is the following description:

path-style domain name related issues

1. Does COS bucket support path-style domain names?

To ensure the security and stability of the overall service, path-style domain names are not supported for buckets created after January 1, 2024. Buckets created before January 1, 2024 will not be affected. Path-style domain names are supported, but virtual-hosted-style domain names are recommended to be used first.

And, I created these buckets after January 1, 2024.

narqo commented 8 months ago

We need to add a new configuration to pass BucketLookupType (through the virtual-hosted option's value in objstore).

That is, today Mimir works with s3 API via minio-go (which lays underneath the objstore package). The client's default befaviour assumes that only a sub-set of cloud providers support virtual-hosted style buckets, thus for Tencent's COS, the client automatically falls back to path-style.