This topic describes how to configure ossfs and perform mount operations.
Prerequisites
ossfs is installed. For more information, see Install ossfs.
Specify account information
When you use ossfs to access Object Storage Service (OSS) buckets, you must specify your account information, including the AccessKey ID and AccessKey secret. The account information must be written to the account configuration file in the $bucket_name:$access_key_id:$access_key_secret
format. When you perform mount operations, ossfs loads the account information from the account configuration file.
For information about how to create an AccessKey ID and an AccessKey secret, see Create an AccessKey pair.
The default path for the account configuration file is /etc/passwd-ossfs. You can also use the -opasswd_file=passwd-path option to specify a configuration file. The permissions of the account configuration file in the default path can be 640. The permissions of the account configuration file in a different path must be 600.
An account configuration file can contain records for multiple accounts, with each record in a separate line. When ossfs is used to mount a bucket, ossfs matches the bucket name with the correct account.
Configuration examples:
### 1. Store account information in account configuration file /etc/passwd-ossfs and set the permissions of the configuration file to 640. echo bucket-test-1:AAAI************:AAA8x************************* > /etc/passwd-ossfs echo bucket-test-2:BBBI************:BBB8x************************* >> /etc/passwd-ossfs chmod 640 /etc/passwd-ossfs ### 2. Create mount points /tmp/ossfs-1 and /tmp/ossfs-2 and mount buckets bucket-test-1 and bucket-test-2 in the China (Hangzhou) region at the two mount points, respectively. mkdir /tmp/ossfs-1 mkdir /tmp/ossfs-2 ossfs bucket-test-1 /tmp/ossfs-1 -ourl=http://oss-cn-hangzhou.aliyuncs.com ossfs bucket-test-2 /tmp/ossfs-2 -ourl=http://oss-cn-hangzhou.aliyuncs.com
When you need to mount multiple buckets at the same time, you can manage account information by using the following methods: 1. Store account information of all buckets in a single account configuration file. 2. Store account information of each bucket in a separate account configuration file and use the -opasswd_file option to specify the corresponding account configuration file for each mount operation.
Configuration examples:
## Store account information in account configuration file /etc/passwd-ossfs-3 and set the permissions of the configuration file to 600. echo bucket-test-3:CCCIbZcdVCmQ****:CCC8x0y9hxQ31coh7A5e2MZEUz**** > /etc/passwd-ossfs-3 chmod 600 /etc/passwd-ossfs-3 ## Create mount point /tmp/ossfs-3 and mount the bucket-test-3 bucket in the China (Hangzhou) region at the mount point. mkdir /tmp/ossfs-3 ossfs bucket-test-3 /tmp/ossfs-3 -ourl=http://oss-cn-hangzhou.aliyuncs.com -opasswd_file=/etc/passwd-ossfs-3 ## Store account information in account configuration file /etc/passwd-ossfs-4 and set the permissions of the configuration file to 600. echo bucket-test-4:DDDIbZcdVCmQ****:DDD8x0y9hxQ31coh7A5e2MZEUz**** > /etc/passwd-ossfs-4 chmod 600 /etc/passwd-ossfs-4 ## Create mount point /tmp/ossfs-4 and mount the bucket-test-4 bucket in the China (Hangzhou) region at the mount point. mkdir /tmp/ossfs-4 ossfs bucket-test-4 /tmp/ossfs-4 -ourl=http://oss-cn-hangzhou.aliyuncs.com -opasswd_file=/etc/passwd-ossfs-4
Use instance RAM roles
You can also mount a bucket by using ossfs based on a Resource Access Management (RAM) role of an Elastic Compute Service (ECS) instance. You can attach a RAM role to an ECS instance to access OSS from the instance by using temporary access credentials that are provided by Security Token Service (STS). STS temporary access credentials are automatically generated and updated. Applications can obtain STS temporary access credentials by using the instance metadata URL. An instance RAM role helps secure your AccessKey pair against leaks and enable fine-grained permission control and management. For more information about instance RAM roles, see Overview.
This section describes how to mount a bucket by using ossfs based on the EcsRamRoleOssTest instance RAM role:
Create a RAM role named EcsRamRoleOssTest.
For more information, see Instance RAM roles.
Grant the RAM role permissions to access OSS resources.
For more information, see Grant permissions to a RAM role. In this example, the AliyunOSSReadOnlyAccess policy is attached to the RAM role to grant read-only access to OSS. In your actual business application, you can attach a custom policy to the RAM role. For more information, see Create custom policies.
Attach the RAM role to the ECS instance.
For more information, see Instance RAM roles.
Perform a mount operation by using ossfs based on the instance metadata URL.
NoteYou can only access instance metadata in normal mode if you perform the mount operation by using ossfs based on the instance metadata URL. For more information, see Obtain instance metadata.
Log on to the ECS instance.
Include the -oram_role option in the mount operation to mount an OSS bucket.
The following example mounts a bucket named Bucket1 in the China (Hangzhou) region at the /tmp/ossfs directory. In the command,
100.100.100.200
is the default IP address for the ECS instance metadata service.ossfs bucket1 /tmp/ossfs -ourl=http://oss-cn-hangzhou.aliyuncs.com -oram_role=http://100.100.100.200/latest/meta-data/ram/security-credentials/EcsRamRoleOssTest
Configure access permissions
By default, the directory on which ossfs mounts the bucket can be accessed only by the owner of the mount point. The owner of the mount point is the user who performs the mount operation. To modify the default permission settings to allow other users or user groups to access the mount point, you can use the following options when you run ossfs:
Option | Description |
uid | Specifies the user ID (UID) of the owner of a directory. |
gid | Specifies the group ID (GID) of the owner of a directory. |
umask | Specifies the permission mask of files and directories on the mount point. For example, you can use -oumask=007 to set the permissions of files on the mount point to 770 or use -oumask=077 to set the permissions of files on the mount point to 700. |
Configuration examples:
Set the permissions to 777 to allow access from all users.
ossfs bucket_name mount_point -ourl=endpoint -oallow_other
Set the permissions of files and directories on the mount point to 770 to allow access only from users in the same group as the owner of the mount point.
ossfs bucket_name mount_point -ourl=endpoint -oumask=007
Specify the user ID and group ID in the mount operation and set the permissions to 770 to allow access from users in the same group as the specified user.
The user www is used in the example. You can run the id command to obtain the UID and GID of the user, and then specify the uid and gid option when you mount the bucket.
id www uid=1000(www) gid=1000(web) groups=1000(web) ossfs bucket_name mount_point -ourl=endpoint -oallow_other -ouid=1000 -ogid=1000 -omp_umask=007 -oumask=007
Mount a specific directory
In addition to mounting an entire bucket to a local file system, you can mount a specific directory in the bucket to a local file system by using the following command syntax:
ossfs bucket:/prefix mount_point -ourl=endpoint
When you mount a directory, make sure that the directory ${prefix}/ exists in the bucket. You can run the stat command of ossutil to check whether such a directory object exists.
The following sample command mounts the folder directory of the bucket-ossfs-test bucket in the China (Hangzhou) region on local directory /tmp/ossfs-folder.
ossfs bucket-ossfs-test:/folder /tmp/ossfs-folder -ourl=http://oss-cn-hangzhou.aliyuncs.com
Automatically mount a directory upon startup
Add information such as the bucket name, AccessKey ID, and AccessKey secret to the /etc/passwd-ossfs file and change the permissions of the file to 640.
For more information, see Install ossfs.
Enable automatic mount upon startup.
NoteThe following examples show how to enable automatic mount upon startup for common distributions and versions. For other distributions and versions, refer to the relevant documents to enable automatic mount upon startup.
Enable automatic mount upon startup by using the fstab file for Ubuntu 14.04 or later and CentOS 6.5 or later
Add the following line to the /etc/fstab file:
ossfs#bucket_name mount_point fuse _netdev,url=url,allow_other 0 0
Parameters:
Parameter
Description
bucket_name
The name of the bucket to mount.
mount_point
The local directory on which you want to mount the bucket.
url=url
The endpoint of the region in which the bucket is located.
0 0
The options for the file system.
Save the /etc/fstab file. Run the mount -a command. If no errors are reported, the settings are correctly configured.
After you complete the preceding steps, automatic mount upon startup is enabled in Ubuntu 14.04 or later. For CentOS 6.5 or later, you must also run the following command:
chkconfig netfs on
Enable automatic mount upon startup by using the script for CentOS 7.0 or later
Create the ossfs file in the /etc/init.d/ directory, and copy the content of the template to this file. Replace your_xxx with your actual information.
Run the following command to grant the execute permission to the ossfs script:
chmod a+x /etc/init.d/ossfs
After the preceding command is run, you can execute the script. If the content of the script is correct, the OSS bucket is mounted on the specified directory.
Run the following command to start the ossfs script as a service which is automatically enabled upon startup:
chkconfig ossfs on
After you complete the preceding steps, ossfs automatically mounts the bucket upon startup.
Start ossfs by using Supervisor
The following procedure uses the installation path for the user1 user who has sudo permissions. Replace the installation path with your actual installation path.
Run the following command to install Supervisor:
CentOS
sudo yum install supervisor
Ubuntu
sudo apt-get install supervisor
Create an ossfs startup script.
Run the following command to create a start_ossfs.sh file:
mkdir /home/user1/ossfs_scripts
Write the startup script.
vi /home/user1/ossfs_scripts/start_ossfs.sh
The following code is an example of start_ossfs.sh file content.
# Unmount the bucket. fusermount -u /mnt/ossfs # Mount the bucket again. You must use the -f parameter to run ossfs on the frontend. exec ossfs bucket_name mount_point -ourl=endpoint -f
Edit the supervisord.conf file.
Centos
sudo vi /etc/supervisord.conf
Ubuntu
sudo vi /etc/supervisor/supervisord.conf
Add the following content at the end of the file:
[program:ossfs] command=bash /home/user1/ossfs_scripts/start_ossfs.sh logfile=/var/log/ossfs.log log_stdout=true log_stderr=true logfile_maxbytes=1MB logfile_backups=10
Run the following command to run Supervisor:
supervisord
Check whether Supervisor runs as expected.
Run the following command to check the Supervisor process:
ps aux | grep supervisor
Run the following command to check the ossfs process:
ps aux | grep ossfs
The following figure shows sample output, in which IDs such as 2044 and 2452 are the process IDs of ossfs.
Run the following command to shut down the ossfs process:
ImportantDo not use the killall command. If you run the killall command, the command sends the SIGTERM signal to stop the ossfs process. In this case, Supervisor does not restart the ossfs process.
kill -9 processID
After the ossfs process is shut down, Supervisor restarts the ossfs process.
Run the following command to check the ossfs process:
ps aux | grep ossfs
Enable log debugging
You may encounter issues when you use ossfs. To help analyze and locate issues, you can enable the log debugging feature. You can enable log debugging by using one of the following methods:
Add the -d -odbglevel=debugoption when you mount a bucket on a local directory. ossfs writes the logs to the system logs.
CentOS
Logs are stored in /var/log/messages.
Ubuntu
Logs are stored in /var/log/syslog.
Add the -d -odbglevel=debug -f option when you mount a bucket on a local directory. ossfs will run in frontend mode and display the logs on the screen.
Unmount the mounted file system
You can unmount the OSS file system that has been mounted to the local disk by using the umount [path of the mount point]
command.
The following code provides an example on how to unmount the file system mounted on /tmp/ossfs
.
umount /tmp/ossfs