search

minio / minio

MinIO is a high-performance, S3 compatible object store, open sourced under GNU AGPLv3 license.
https://min.io/download?license=agpl&platform=linux
GNU Affero General Public License v3.0
48.6k stars 5.55k forks source link

MinIO gateway can not use for tencent COS #13799

Closed dytttf closed 3 years ago

dytttf commented 3 years ago

Is your feature request related to a problem? Please describe. I can not use minio gateway s3 to proxy tencent's COS. command like this

docker run -e MINIO_ROOT_USER=xxx -e MINIO_ROOT_PASSWORD=xxx -e _MINIO_SERVER_DEBUG=on -p 9100:9000 --rm -it --network host minio/minio gateway s3 https://cos.ap-beijing.myqcloud.com

And debug information is:

WARNING: Published ports are discarded when using host network mode
---------START-HTTP---------
GET /probe-bucket-sign-3j5yjwown2y6/?location= HTTP/1.1
Host: cos.ap-beijing.myqcloud.com
User-Agent: MinIO (linux; amd64) minio-go/v7.0.16
Authorization: AWS4-HMAC-SHA256 Credential=AKIDdHgofFZcNs77rKXT9YgY8SVIp54mRqzr/20211201/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20211201T053946Z
Accept-Encoding: gzip

HTTP/1.1 400 Bad Request
Content-Length: 433
Connection: keep-alive
Content-Type: application/xml
Date: Wed, 01 Dec 2021 05:39:46 GMT
Server: tencent-cos
X-Amz-Request-Id: NjFhNzBhYTJfOTBjOTJhMDlfY2M0Ml83Njk3NTI2
X-Amz-Trace-Id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc1NGE1MWY0MzY2NTg1MzM1OTY3MDliYzY2YTQ0ZThhMGZhMmZhNWQxZWNhYTcyMjkwODc3MmY0YzdjMzg3NDU5

<?xml version='1.0' encoding='utf-8' ?>
<Error>
        <Code>InvalidURI</Code>
        <Message>Could not parse the specified URI.</Message>
        <Resource>cos.ap-beijing.myqcloud.com/probe-bucket-sign-3j5yjwown2y6</Resource>
        <RequestId>NjFhNzBhYTJfOTBjOTJhMDlfY2M0Ml83Njk3NTI2</RequestId>
        <TraceId>OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc1NGE1MWY0MzY2NTg1MzM1OTY3MDliYzY2YTQ0ZThhMGZhMmZhNWQxZWNhYTcyMjkwODc3MmY0YzdjMzg3NDU5</TraceId>
</Error>

---------END-HTTP---------
ERROR Unable to initialize gateway backend: Could not parse the specified URI.

Describe the solution you'd like The reason is tencent COS force bucket name as this rule: "{BucketName-APPID}.cos.{Region}.myqcloud.com" and AppId only support number. But minio gateway detect s3 server use this code to generate bucket name:

probeBucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "probe-bucket-sign-")

this is not match COS bucket name rules, So, COS server return a HTTP 400 response and cause to gateway launch failed.

Describe alternatives you've considered I suggest special treatment for cos bucket name or add a environment variable to define "probeBucketName"

harshavardhana commented 3 years ago

---------START-HTTP--------- GET /probe-bucket-sign-3j5yjwown2y6/?location= HTTP/1.1 Host: cos.ap-beijing.myqcloud.com User-Agent: MinIO (linux; amd64) minio-go/v7.0.16 Authorization: AWS4-HMAC-SHA256 Credential=AKIDdHgofFZcNs77rKXT9YgY8SVIp54mRqzr/20211201/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=REDACTED X-Amz-Content-Sha256: UNSIGNED-PAYLOAD X-Amz-Date: 20211201T053946Z Accept-Encoding: gzip

HTTP/1.1 400 Bad Request Content-Length: 433 Connection: keep-alive Content-Type: application/xml Date: Wed, 01 Dec 2021 05:39:46 GMT Server: tencent-cos X-Amz-Request-Id: NjFhNzBhYTJfOTBjOTJhMDlfY2M0Ml83Njk3NTI2 X-Amz-Trace-Id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc1NGE1MWY0MzY2NTg1MzM1OTY3MDliYzY2YTQ0ZThhMGZhMmZhNWQxZWNhYTcyMjkwODc3MmY0YzdjMzg3NDU5

<?xml version='1.0' encoding='utf-8' ?>

InvalidURI Could not parse the specified URI. cos.ap-beijing.myqcloud.com/probe-bucket-sign-3j5yjwown2y6 NjFhNzBhYTJfOTBjOTJhMDlfY2M0Ml83Njk3NTI2 OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc1NGE1MWY0MzY2NTg1MzM1OTY3MDliYzY2YTQ0ZThhMGZhMmZhNWQxZWNhYTcyMjkwODc3MmY0YzdjMzg3NDU5

AWS S3 supports both path style and DNS style - it is advised that Tencent be fixed here.

MinIO gateway works fine with AWS S3 and MinIO. This is sufficient enough criteria for us.

ciiiii commented 3 years ago

@dytttf How do you handle this problem, I have the same question.

dytttf commented 3 years ago

I am waiting for Tencent dev team answer. if Tencent do not change this rule, I will fork minio code, and re build.

ciiiii commented 3 years ago

@dytttf Fine, but I don't think Tencent cloud will modify the rule, maybe I'll rebuild directly.