Authors: Phil Newman, Rahul Sharma, and Patrick Heinen

Reference: https://objectivefs.com/howto/how-to-use-ofs-with-on-premise-object-store

ObjectiveFS is a distributed POSIX file system that leverages S3 such as StorageGRID for durable cloud storage.  In this blog we will explain how to setup the ObjectiveFS software to connect to StorageGRID.

At the time of writing this document, ObjectiveFS has not been through official testing and is therefore not subject to official support.  As with all untested applications, mileage may vary and any customers considering this product for production use should do so at their own risk and only after robust testing within their environment.

ObjectiveFS Considerations

ObjectiveFS is a distributed shared POSIX filesystem that connects direct to any S3 compliant object store. Once installed you can mount the filesystem like any other disk.

While ObjectiveFS was built for AWS S3, with minor changes it can work with any S3 compliant object store such as StorageGRID

ObjectiveFS currently does not support the use of HTTPS S3 endpoints (planned for future release), so we need to configure our StorageGRID system to serve HTTP. For customers that require encryption we will show you how to use Stunnel. Files stored to object are hashed and encrypted by ObjectiveFS.

  • Install ObjectiveFS on your host

https://objectivefs.com/install

[root@rhel1 /]# yum install objectivefs-6.7.2-1.x86_64.rpm

  • Or offline mode

[root@rhel1 /]# rpm -i objectivefs-6.7.2-1.x86_64.rpm

  • Check the default install location

[root@rhel1 /]# ls /sbin/mount.objectivefs
/sbin/mount.objectivefs
[root@rhel1 /]# ls /sbin/mount.objectivefs -al
-rwxr-xr-x 1 root root 532656 Nov 18 23:05 /sbin/mount.objectivefs
[root@rhel1 /]# ls /sbin/mount.objectivefs

  • Run the configuration

[root@rhel1 /]# mount.objectivefs config

Note: Region is the endpoint for StorageGRID

[root@rhel1 /]# /sbin/mount.objectivefs config
Creating config in /etc/objectivefs.env
Enter Objectivefs license: XXXX-YYYY-ZZZZ
Enter Access Key Id: 1234567890123
Enter Secret Access Key: AzSDII76h3d4jbsomfnkd8kgmealebsa
Enter Default Region (optional): http://dc1-g1.demp.netapp.com:8084
Creating:
/etc/objectivefs.env
/etc/objectivefs.env/OBJECTIVEFS_LICENSE
/etc/objectivefs.env/AWS_ACCESS_KEY_ID
/etc/objectivefs.env/AWS_SECRET_ACCESS_KEY
/etc/objectivefs.env/AWS_DEFAULT_REGION
ObjectiveFS was successfully configured.
[root@rhel1 /]#

Note1 : ObjectiveFS only supports HTTP to connect to a local object storage as configured above. If you are using the StorageGRID provided load balancer you must configure endpoints to support HTTP vs the default HTTPS.  You can also use a 3rd party load balancer such as F5, HAproxy, etc.

Note2: ObjectiveFS by default supports virtual-host style format to access the objects which needs to be enabled on StorageGRID. You must configure DNS appropriately for wild card names, *.demo.netapp.com in our example.

  • This will create the config files within the default location /etc/objectivefs.env
  • Now configure virtual-host style format within StorageGRID

GMI->Configuration->Domain Name

Add the Node names for the load balancer or your s3 endpoint to the config

  • Create a new bucket

[root@rhel1 /]# ls /sbin/mount.objectivefs create mybucket
Passphrase (for http://dc1-g1.demo.netapp.com:8084/mybucket):
Verify passphrase (for http://dc1-g1.demo.netapp.com:8084/mybucket):
NOTE: 2 PUT, 2 LIST, 0 GET, 0 DELETE, 1.515kB IN, 992.0 B OUT, CACHE [0.0% HIT, 0.0% META, 0.0% DATA, 2.544 kB OS], DISK [0.0% HIT]
NOTE: Successfully created filesystem: http://dc1-g1.demo.netapp.com:8084/mybucket in the region
[root@rhel1 /]#

NOTE: If this step fails you will need to create a new file ‘PATHSYTLE’ in the install directory of /etc/objectivefs.env with the contents of ‘1’. This error is caused by invalid domain names and certificates.

  • Mount the bucket

[root@rhel1 /]# mkdir /mnt/mybucket
[root@rhel1 /]#
[root@rhel1 /]# mount.objectivefs mybucket /mnt/mybucket
passphrase (for http://dc1-g1.demo.netapp.com:8084/mybucket):
[root@rhel1 /]# ls /mnt/mybucket
README
[root@rhel1 /]# echo ‘TEST DATA’ > /mnt/mybucket/testfile.txt
[root@rhel1 /]#
[root@rhel1 /]# ls /mnt/mybucket
README testfile.txt

How to setup stunnel and connect to StorageGRID via HTTPs

If you require to encrypt your traffic on the wire ObjectiveFS supports stunnel:

https://objectivefs.com/howto/how-to-set-up-stunnel

  • Install stunnel on a Linux host

[root@rhel1 /]# yum install stunnel

  • Create /etc/stunnel/stunnel.conf file

[root@rhel1 /]#cat /etc/stunnel/stunnel.conf
sslVersion = TLSv1.2
fips = no
[s3]
client=yes
delay=yes
accept=127.0.0.1:8086
connect=dc1-g1.demo.netapp.com:8082

Note: Use TLSv1.2 to talk to StorageGRID

Start stunnel – run ‘stunnel’

  • Now we will configure ObjectiveFS to talk to the local IP address on 8086 port

[root@rhel1 /]# ls /sbin/mount.objectivefs config
Creating config in /etc/objectivefs.env
Enter Objectivefs license: XXXX-YYYY-ZZZZ
Enter Access Key Id: 1234567890123
Enter Secret Access Key: AzSDII76h3d4jbsomfnkd8kgmealebsa
Enter Default Region (optional): http://127.0.0.1:8086
Creating:
/etc/objectivefs.env
/etc/objectivefs.env/OBJECTIVEFS_LICENSE
/etc/objectivefs.env/AWS_ACCESS_KEY_ID
/etc/objectivefs.env/AWS_SECRET_ACCESS_KEY
/etc/objectivefs.env/AWS_DEFAULT_REGION
ObjectiveFS was successfully configured.
[root@rhel1 /]#

  • Create Bucket

[root@rhel1 /]# ls /sbin/mount.objectivefs create mybucket10
Passphrase (for http://127.0.0.1:8086/mybucket10):
Verify passphrase (for http://127.0.0.1:8086/mybucket10):
NOTE: 2 PUT, 2 LIST, 0 GET, 0 DELETE, 1.515kB IN, 992.0 B OUT, CACHE [0.0% HIT, 0.0% META, 0.0% DATA, 2.544 kB OS], DISK [0.0% HIT]
NOTE: Successfully created filesystem: http://127.0.0.1:8086/mybucket10): in the region
[root@rhel1 /]#

  • Mount the bucket

[root@rhel1 /]# mkdir /mnt/mybucket10
[root@rhel1 /]#
[root@rhel1 /]# mount.objectivefs mybucket10 /mnt/mybucket10
passphrase (for http://127.0.0.1:8086/mybucket10):
[root@rhel1 /]# ls /mnt/mybucket10
README
[root@rhel1 /]# echo ‘TEST DATA’ > /mnt/mybucket10/testfile.txt
[root@rhel1 /]#
[root@rhel1 /]# ls /mnt/mybucket10
README testfile.txt

For troubleshooting use tail  /var/log/secure -f to review the logs for stunnel.

You can use an S3 client such as AWS CLI or S3browser to view the stored objects. NOTE: files / objects are encrypted and not readable except by ObjectiveFS.

 

Phil Newman
Experienced Technical Pre-Sales, joined 3 successful Start-ups in the past 12 years, all acquired by large corporates (HP, Dell and IBM respectively). Skills are centred around Storage (Object, File and Block), with knowledge of both Linux and Windows operating system, with good knowledge of networks, routers and scripting. Have always managed to maintain a hands-on knowledge of products, by running with on-site installs, and having a working lab at home to understand the technologies properly
Rahul Sharma
Rahul Sharma is a Solutions Architect at NetApp. He is based out of the UK and spends most of his time with customers helping them on their journey to public or hybrid cloud.

He hold industry accreditation on VMware, AWS, Azure and GCP platforms.
Patrick Heinen

Pin It on Pinterest