All Products
Search
Document Center

Object Storage Service:Configure ossfs and perform mount operations

Last Updated:Nov 25, 2024

This topic describes how to configure ossfs and perform mount operations.

Prerequisites

ossfs is installed. For more information, see Install ossfs.

Specify account information

When you use ossfs to access Object Storage Service (OSS) buckets, you must specify your account information, including the AccessKey ID and AccessKey secret. The account information must be written to the account configuration file in the $bucket_name:$access_key_id:$access_key_secret format. When you perform mount operations, ossfs loads the account information from the account configuration file.

Note

For information about how to create an AccessKey ID and an AccessKey secret, see Create an AccessKey pair.

The default path for the account configuration file is /etc/passwd-ossfs. You can also use the -opasswd_file=passwd-path option to specify a configuration file. The permissions of the account configuration file in the default path can be 640. The permissions of the account configuration file in a different path must be 600.

  • An account configuration file can contain records for multiple accounts, with each record in a separate line. When ossfs is used to mount a bucket, ossfs matches the bucket name with the correct account.

    Configuration examples:

    ### 1. Store account information in account configuration file /etc/passwd-ossfs and set the permissions of the configuration file to 640.
    echo bucket-test-1:AAAI************:AAA8x************************* > /etc/passwd-ossfs
    echo bucket-test-2:BBBI************:BBB8x************************* >> /etc/passwd-ossfs
    chmod 640 /etc/passwd-ossfs
    
    ### 2. Create mount points /tmp/ossfs-1 and /tmp/ossfs-2 and mount buckets bucket-test-1 and bucket-test-2 in the China (Hangzhou) region at the two mount points, respectively.
    mkdir /tmp/ossfs-1
    mkdir /tmp/ossfs-2
    ossfs bucket-test-1 /tmp/ossfs-1 -ourl=http://oss-cn-hangzhou.aliyuncs.com
    ossfs bucket-test-2 /tmp/ossfs-2 -ourl=http://oss-cn-hangzhou.aliyuncs.com
  • When you need to mount multiple buckets at the same time, you can manage account information by using the following methods: 1. Store account information of all buckets in a single account configuration file. 2. Store account information of each bucket in a separate account configuration file and use the -opasswd_file option to specify the corresponding account configuration file for each mount operation.

    Configuration examples:

    ## Store account information in account configuration file /etc/passwd-ossfs-3 and set the permissions of the configuration file to 600.
    echo bucket-test-3:CCCIbZcdVCmQ****:CCC8x0y9hxQ31coh7A5e2MZEUz**** > /etc/passwd-ossfs-3
    chmod 600 /etc/passwd-ossfs-3
    
    ## Create mount point /tmp/ossfs-3 and mount the bucket-test-3 bucket in the China (Hangzhou) region at the mount point. 
    mkdir /tmp/ossfs-3
    ossfs bucket-test-3 /tmp/ossfs-3 -ourl=http://oss-cn-hangzhou.aliyuncs.com -opasswd_file=/etc/passwd-ossfs-3
    
    ## Store account information in account configuration file /etc/passwd-ossfs-4 and set the permissions of the configuration file to 600.
    echo bucket-test-4:DDDIbZcdVCmQ****:DDD8x0y9hxQ31coh7A5e2MZEUz**** > /etc/passwd-ossfs-4
    chmod 600 /etc/passwd-ossfs-4
    
    ## Create mount point /tmp/ossfs-4 and mount the bucket-test-4 bucket in the China (Hangzhou) region at the mount point.
    mkdir /tmp/ossfs-4
    ossfs bucket-test-4 /tmp/ossfs-4 -ourl=http://oss-cn-hangzhou.aliyuncs.com -opasswd_file=/etc/passwd-ossfs-4

Use instance RAM roles

You can also mount a bucket by using ossfs based on a Resource Access Management (RAM) role of an Elastic Compute Service (ECS) instance. You can attach a RAM role to an ECS instance to access OSS from the instance by using temporary access credentials that are provided by Security Token Service (STS). STS temporary access credentials are automatically generated and updated. Applications can obtain STS temporary access credentials by using the instance metadata URL. An instance RAM role helps secure your AccessKey pair against leaks and enable fine-grained permission control and management. For more information about instance RAM roles, see Overview.

This section describes how to mount a bucket by using ossfs based on the EcsRamRoleOssTest instance RAM role:

  1. Create a RAM role named EcsRamRoleOssTest.

    For more information, see Instance RAM roles.

  2. Grant the RAM role permissions to access OSS resources.

    For more information, see Grant permissions to a RAM role. In this example, the AliyunOSSReadOnlyAccess policy is attached to the RAM role to grant read-only access to OSS. In your actual business application, you can attach a custom policy to the RAM role. For more information, see Create custom policies.

  3. Attach the RAM role to the ECS instance.

    For more information, see Instance RAM roles.

  4. Perform a mount operation by using ossfs based on the instance metadata URL.

    Note

    You can only access instance metadata in normal mode if you perform the mount operation by using ossfs based on the instance metadata URL. For more information, see Obtain instance metadata.

    1. Log on to the ECS instance.

    2. Include the -oram_role option in the mount operation to mount an OSS bucket.

      The following example mounts a bucket named Bucket1 in the China (Hangzhou) region at the /tmp/ossfs directory. In the command, 100.100.100.200 is the default IP address for the ECS instance metadata service.

      ossfs bucket1 /tmp/ossfs -ourl=http://oss-cn-hangzhou.aliyuncs.com -oram_role=http://100.100.100.200/latest/meta-data/ram/security-credentials/EcsRamRoleOssTest

Configure access permissions

By default, the directory on which ossfs mounts the bucket can be accessed only by the owner of the mount point. The owner of the mount point is the user who performs the mount operation. To modify the default permission settings to allow other users or user groups to access the mount point, you can use the following options when you run ossfs:

Option

Description

uid

Specifies the user ID (UID) of the owner of a directory.

gid

Specifies the group ID (GID) of the owner of a directory.

umask

Specifies the permission mask of files and directories on the mount point. For example, you can use -oumask=007 to set the permissions of files on the mount point to 770 or use -oumask=077 to set the permissions of files on the mount point to 700.

Configuration examples:

  • Set the permissions to 777 to allow access from all users.

    ossfs bucket_name mount_point -ourl=endpoint -oallow_other
  • Set the permissions of files and directories on the mount point to 770 to allow access only from users in the same group as the owner of the mount point.

    ossfs bucket_name mount_point -ourl=endpoint -oumask=007
  • Specify the user ID and group ID in the mount operation and set the permissions to 770 to allow access from users in the same group as the specified user.

    The user www is used in the example. You can run the id command to obtain the UID and GID of the user, and then specify the uid and gid option when you mount the bucket.

    id www
    uid=1000(www) gid=1000(web) groups=1000(web)
    ossfs bucket_name mount_point -ourl=endpoint -oallow_other -ouid=1000 -ogid=1000 -omp_umask=007 -oumask=007

Mount a specific directory

In addition to mounting an entire bucket to a local file system, you can mount a specific directory in the bucket to a local file system by using the following command syntax:

ossfs bucket:/prefix mount_point -ourl=endpoint

When you mount a directory, make sure that the directory ${prefix}/ exists in the bucket. You can run the stat command of ossutil to check whether such a directory object exists.

The following sample command mounts the folder directory of the bucket-ossfs-test bucket in the China (Hangzhou) region on local directory /tmp/ossfs-folder.

ossfs bucket-ossfs-test:/folder /tmp/ossfs-folder -ourl=http://oss-cn-hangzhou.aliyuncs.com

Automatically mount a directory upon startup

  1. Add information such as the bucket name, AccessKey ID, and AccessKey secret to the /etc/passwd-ossfs file and change the permissions of the file to 640.

    For more information, see Install ossfs.

  2. Enable automatic mount upon startup.

    Note

    The following examples show how to enable automatic mount upon startup for common distributions and versions. For other distributions and versions, refer to the relevant documents to enable automatic mount upon startup.

    Enable automatic mount upon startup by using the fstab file for Ubuntu 14.04 or later and CentOS 6.5 or later

    1. Add the following line to the /etc/fstab file:

      ossfs#bucket_name mount_point fuse _netdev,url=url,allow_other 0 0

      Parameters:

      Parameter

      Description

      bucket_name

      The name of the bucket to mount.

      mount_point

      The local directory on which you want to mount the bucket.

      url=url

      The endpoint of the region in which the bucket is located.

      0 0

      The options for the file system.

    2. Save the /etc/fstab file. Run the mount -a command. If no errors are reported, the settings are correctly configured.

    3. After you complete the preceding steps, automatic mount upon startup is enabled in Ubuntu 14.04 or later. For CentOS 6.5 or later, you must also run the following command:

      chkconfig netfs on

    Enable automatic mount upon startup by using the script for CentOS 7.0 or later

    1. Create the ossfs file in the /etc/init.d/ directory, and copy the content of the template to this file. Replace your_xxx with your actual information.

    2. Run the following command to grant the execute permission to the ossfs script:

      chmod a+x /etc/init.d/ossfs

      After the preceding command is run, you can execute the script. If the content of the script is correct, the OSS bucket is mounted on the specified directory.

    3. Run the following command to start the ossfs script as a service which is automatically enabled upon startup:

      chkconfig ossfs on
    4. After you complete the preceding steps, ossfs automatically mounts the bucket upon startup.

Start ossfs by using Supervisor

Important

The following procedure uses the installation path for the user1 user who has sudo permissions. Replace the installation path with your actual installation path.

  1. Run the following command to install Supervisor:

    CentOS

    sudo yum install supervisor

    Ubuntu

    sudo apt-get install supervisor
  2. Create an ossfs startup script.

    1. Run the following command to create a start_ossfs.sh file:

      mkdir /home/user1/ossfs_scripts
    2. Write the startup script.

      vi /home/user1/ossfs_scripts/start_ossfs.sh

      The following code is an example of start_ossfs.sh file content.

      # Unmount the bucket.
      fusermount -u /mnt/ossfs
      # Mount the bucket again. You must use the -f parameter to run ossfs on the frontend. 
      exec ossfs bucket_name mount_point -ourl=endpoint -f
  3. Edit the supervisord.conf file.

    Centos

    sudo vi /etc/supervisord.conf

    Ubuntu

    sudo vi /etc/supervisor/supervisord.conf

    Add the following content at the end of the file:

    [program:ossfs]
    command=bash /home/user1/ossfs_scripts/start_ossfs.sh
    logfile=/var/log/ossfs.log
    log_stdout=true
    log_stderr=true
    logfile_maxbytes=1MB
    logfile_backups=10
  4. Run the following command to run Supervisor:

    supervisord
  5. Check whether Supervisor runs as expected.

    1. Run the following command to check the Supervisor process:

      ps aux | grep supervisor
    2. Run the following command to check the ossfs process:

      ps aux | grep ossfs

      The following figure shows sample output, in which IDs such as 2044 and 2452 are the process IDs of ossfs.

      Dingtalk_20231225172213.jpg

    3. Run the following command to shut down the ossfs process:

      Important

      Do not use the killall command. If you run the killall command, the command sends the SIGTERM signal to stop the ossfs process. In this case, Supervisor does not restart the ossfs process.

      kill -9 processID

      After the ossfs process is shut down, Supervisor restarts the ossfs process.

    4. Run the following command to check the ossfs process:

      ps aux | grep ossfs

Enable log debugging

You may encounter issues when you use ossfs. To help analyze and locate issues, you can enable the log debugging feature. You can enable log debugging by using one of the following methods:

  • Add the -d -odbglevel=debugoption when you mount a bucket on a local directory. ossfs writes the logs to the system logs.

    • CentOS

      Logs are stored in /var/log/messages.

    • Ubuntu

      Logs are stored in /var/log/syslog.

  • Add the -d -odbglevel=debug -f option when you mount a bucket on a local directory. ossfs will run in frontend mode and display the logs on the screen.

Unmount the mounted file system

You can unmount the OSS file system that has been mounted to the local disk by using the umount [path of the mount point] command.

The following code provides an example on how to unmount the file system mounted on /tmp/ossfs.

umount /tmp/ossfs