Having trouble getting started

[koehn]

I installed the daemonset, and verified that the install-host-deps logs ran successfully on my Debian-9 nodes. So far, so good.

But it doesn't look as though my mount is working correctly and I can't tell why. It looks as though you're passing the --access-key and --secret-key command line arguments when you invoke goofys, but from what I can see those aren't valid arguments; goofys expects the access key and secret key to be in the AWS_ACCESS_KEY_ID and AWS_SECRET_KEY_ID environment variables, respectively. I'm not sure how to get at the logs that the driver is generating to see what's happening.

Thanks for the cool software! I look forward to using it once I get it working!

[jacobtomlinson]

Thanks for raiding this.

It is my understanding that goofys will take either method of passing in keys. This functionality was added by @flrossetto so perhaps he can comment.

In terms of logging I would recommend checking the kubelet logs and also you could ssh onto the kubernetes host and interact with the driver directly (it should be at /flexmnt/informaticslab~goofys-flex-volume/goofys-flex-volume). It takes two agruments, the command (mount or unmount) followed by a json string of the arguments.

E.g /flexmnt/informaticslab~goofys-flex-volume/goofys-flex-volume mount '{"bucket": "mybucket", "access-key": "myaccesskey", "secret-key": "mysecretkey"}

[koehn]

Thanks for getting back to me so quickly. I installed the version of goofys that you install via the same curl command you use to install it, and then tried manually running the following (slightly redacted) command:

$ goofys --access-key "ABCDEFGHIJKLMNOP" --secret-key "aBCDEFGHIJKLMNOPQrsTuVWxYz" --endpoint "somevalidendpoint.com" --dir-mode "0644" --file-mode "0755" som-valid-bucket-name registry
Incorrect Usage. flag provided but not defined: -access-key

NAME:
   goofys - Mount an S3 bucket locally

USAGE:
   goofys [global options] bucket[:prefix] mountpoint

VERSION:
   0.19.0-943e017724ea820eb4185419ef3c41d6f921a324

GLOBAL OPTIONS:
   -o value            Additional system-specific mount options. Be careful!
   --cache value       Directory to use for data cache. Requires catfs and `-o allow_other'. Can also pass in other catfs options (ex: --cache "--free:10%:$HOME/cache") (default: off)
   --dir-mode value    Permission bits for directories. (default: 0755) (default: 493)
   --file-mode value   Permission bits for files. (default: 0644) (default: 420)
   --uid value         UID owner of all inodes. (default: 0)
   --gid value         GID owner of all inodes. (default: 0)
   --endpoint value    The non-AWS endpoint to connect to. Possible values: http://127.0.0.1:8081/
   --profile value     Use a named profile from $HOME/.aws/credentials instead of "default"
   --use-content-type  Set Content-Type according to file extension and /etc/mime.types (default: off)

TUNING OPTIONS:
   --cheap                 Reduce S3 operation costs at the expense of some performance (default: off)
   --no-implicit-dir       Assume all directory objects ("dir/") exist (default: off)
   --stat-cache-ttl value  How long to cache StatObject results and inode attributes. (default: 1m0s)
   --type-cache-ttl value  How long to cache name -> file/dir mappings in directory inodes. (default: 1m0s)

AWS S3 OPTIONS:
   --region value         The region to connect to. Usually this is auto-detected. Possible values: us-east-1, us-west-1, us-west-2, eu-west-1, eu-central-1, ap-southeast-1, ap-southeast-2, ap-northeast-1, sa-east-1, cn-north-1 (default: "us-east-1")
   --storage-class value  The type of storage to use when writing objects. Possible values: REDUCED_REDUNDANCY, STANDARD, STANDARD_IA. (default: "STANDARD")
   --sse                  Enable basic server-side encryption at rest (SSE-S3) in S3 for all writes (default: off)
   --sse-kms key-id       Enable KMS encryption (SSE-KMS) for all writes using this particular KMS key-id. Leave blank to Use the account's CMK - customer master key (default: off)
   --acl value            The canned ACL to apply to the object. Possible values: private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control (default: off)

MISC OPTIONS:
   --help, -h     Print this help text and exit successfully.
   --debug_fuse   Enable fuse-related debugging output.
   --debug_s3     Enable S3-related debugging output.
   -f             Run goofys in foreground.
   --version, -v  print the version

Removing the --access-key and --secret-key flags from the command and setting the AWS_ACCESS_KEY_ID and AWS_SECRET_KEY_ID environment variables resulted in a successful mount.

I'll attempt to patch the code to set those variables instead, and if I'm successful I'll send you a PR.

[koehn]

I've patched the code and installed the new goofys-flex-volume on my nodes.

I'm still not getting a successful mount; can I ask what the subPath is meant to do? In the README it lists a prototype value of key/prefix; what does that refer to? I'm wondering if I configured something incorrectly.

[jacobtomlinson]

Awesome! Please feel free to raise a PR with your patch.

subPath is to set a lower mount point on the bucket. For example if you set a subpath of foo/ when all objects begging with foo/ will be mounted at the root of your mount. This is useful for mounting a "subdirectory" of your bucket.

[koehn]

PR raised!

[koehn]

Thanks for accepting my PR. Could you push a new Docker image that contains it? Otherwise the helm chart will still have the image with the old driver in it.

[jacobtomlinson]

👍 builds should be triggered automatically on Docker Hub but it looks like something went wong. I've manually triggered and it is building now.