Closed koehn closed 5 years ago
Thanks for raiding this.
It is my understanding that goofys
will take either method of passing in keys. This functionality was added by @flrossetto so perhaps he can comment.
In terms of logging I would recommend checking the kubelet logs and also you could ssh onto the kubernetes host and interact with the driver directly (it should be at /flexmnt/informaticslab~goofys-flex-volume/goofys-flex-volume
). It takes two agruments, the command (mount
or unmount
) followed by a json string of the arguments.
E.g
/flexmnt/informaticslab~goofys-flex-volume/goofys-flex-volume mount '{"bucket": "mybucket", "access-key": "myaccesskey", "secret-key": "mysecretkey"}
Thanks for getting back to me so quickly. I installed the version of goofys
that you install via the same curl
command you use to install it, and then tried manually running the following (slightly redacted) command:
$ goofys --access-key "ABCDEFGHIJKLMNOP" --secret-key "aBCDEFGHIJKLMNOPQrsTuVWxYz" --endpoint "somevalidendpoint.com" --dir-mode "0644" --file-mode "0755" som-valid-bucket-name registry
Incorrect Usage. flag provided but not defined: -access-key
NAME:
goofys - Mount an S3 bucket locally
USAGE:
goofys [global options] bucket[:prefix] mountpoint
VERSION:
0.19.0-943e017724ea820eb4185419ef3c41d6f921a324
GLOBAL OPTIONS:
-o value Additional system-specific mount options. Be careful!
--cache value Directory to use for data cache. Requires catfs and `-o allow_other'. Can also pass in other catfs options (ex: --cache "--free:10%:$HOME/cache") (default: off)
--dir-mode value Permission bits for directories. (default: 0755) (default: 493)
--file-mode value Permission bits for files. (default: 0644) (default: 420)
--uid value UID owner of all inodes. (default: 0)
--gid value GID owner of all inodes. (default: 0)
--endpoint value The non-AWS endpoint to connect to. Possible values: http://127.0.0.1:8081/
--profile value Use a named profile from $HOME/.aws/credentials instead of "default"
--use-content-type Set Content-Type according to file extension and /etc/mime.types (default: off)
TUNING OPTIONS:
--cheap Reduce S3 operation costs at the expense of some performance (default: off)
--no-implicit-dir Assume all directory objects ("dir/") exist (default: off)
--stat-cache-ttl value How long to cache StatObject results and inode attributes. (default: 1m0s)
--type-cache-ttl value How long to cache name -> file/dir mappings in directory inodes. (default: 1m0s)
AWS S3 OPTIONS:
--region value The region to connect to. Usually this is auto-detected. Possible values: us-east-1, us-west-1, us-west-2, eu-west-1, eu-central-1, ap-southeast-1, ap-southeast-2, ap-northeast-1, sa-east-1, cn-north-1 (default: "us-east-1")
--storage-class value The type of storage to use when writing objects. Possible values: REDUCED_REDUNDANCY, STANDARD, STANDARD_IA. (default: "STANDARD")
--sse Enable basic server-side encryption at rest (SSE-S3) in S3 for all writes (default: off)
--sse-kms key-id Enable KMS encryption (SSE-KMS) for all writes using this particular KMS key-id. Leave blank to Use the account's CMK - customer master key (default: off)
--acl value The canned ACL to apply to the object. Possible values: private, public-read, public-read-write, authenticated-read, aws-exec-read, bucket-owner-read, bucket-owner-full-control (default: off)
MISC OPTIONS:
--help, -h Print this help text and exit successfully.
--debug_fuse Enable fuse-related debugging output.
--debug_s3 Enable S3-related debugging output.
-f Run goofys in foreground.
--version, -v print the version
Removing the --access-key
and --secret-key
flags from the command and setting the AWS_ACCESS_KEY_ID
and AWS_SECRET_KEY_ID environment variables resulted in a successful mount.
I'll attempt to patch the code to set those variables instead, and if I'm successful I'll send you a PR.
I've patched the code and installed the new goofys-flex-volume
on my nodes.
I'm still not getting a successful mount; can I ask what the subPath
is meant to do? In the README it lists a prototype value of key/prefix
; what does that refer to? I'm wondering if I configured something incorrectly.
Awesome! Please feel free to raise a PR with your patch.
subPath
is to set a lower mount point on the bucket. For example if you set a subpath of foo/
when all objects begging with foo/
will be mounted at the root of your mount. This is useful for mounting a "subdirectory" of your bucket.
PR raised!
Thanks for accepting my PR. Could you push a new Docker image that contains it? Otherwise the helm chart will still have the image with the old driver in it.
👍 builds should be triggered automatically on Docker Hub but it looks like something went wong. I've manually triggered and it is building now.
I installed the daemonset, and verified that the
install-host-deps
logs ran successfully on my Debian-9 nodes. So far, so good.But it doesn't look as though my mount is working correctly and I can't tell why. It looks as though you're passing the
--access-key
and--secret-key
command line arguments when you invokegoofys
, but from what I can see those aren't valid arguments;goofys
expects the access key and secret key to be in theAWS_ACCESS_KEY_ID
andAWS_SECRET_KEY_ID
environment variables, respectively. I'm not sure how to get at the logs that the driver is generating to see what's happening.Thanks for the cool software! I look forward to using it once I get it working!