Project

General

Profile

Bug #70858

Add Advanced Settings to S3 Cloud Credentials in new UI

Added by IT IGP almost 3 years ago. Updated over 2 years ago.

Status:
Done
Priority:
No priority
Assignee:
Lola Yang
Category:
GUI (new)
Target version:
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
No
Needs Doc:
No
Needs Merging:
No
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

We have configured a S3 cloud credentials with the endpoint URL

[mybucket].s3.eu-central-1.amazonaws.com

Trying to create a cloud sync task you get the error message:

Error: 14
[EFAULT] 2019/01/18 16:46:14 ERROR : : error listing: AuthorizationHeaderMalformed: The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'eu-central-1' status code: 400, request id: 694FE4F3592EB6F4, host id: BxgNszJ9akb46DBWcG91WQfAvcyNy0nNqjMnbGmzlZt...

Info:
When using s3fs on the console i can mount a s3 bucket wihtout a problem:
s3fs [mybucket] /mnt/buck2/ -o dbglevel=info -o curldbg -f

Debug output shows, s3fs also gets a 400 Bad Request "The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'eu-central-1'". But afterwards it changes the URL:
[INF]       curl.cpp:prepare_url(4253): URL is https://s3-eu-central-1.amazonaws.com/[mybucket]/
[INF]       curl.cpp:prepare_url(4285): URL changed is https://[mybucket].s3-eu-central-1.amazonaws.com/
[INF]       curl.cpp:insertV4Headers(2400): computing signature [GET] [/] [] []
[INF]       curl.cpp:url_to_host(101): url is https://s3-eu-central-1.amazonaws.com

Alternatively, when using -o endpoint=eu-central-1 it is possible to choose the correct region first place.
Screenshot_1.png (48.3 KB) Screenshot_1.png IT IGP, 01/18/2019 07:50 AM
Screenshot_17.png (12.5 KB) Screenshot_17.png IT IGP, 01/22/2019 04:09 PM
Screenshot_18.png (10 KB) Screenshot_18.png IT IGP, 01/22/2019 04:09 PM
s3_advanced.png (26.3 KB) s3_advanced.png Bonnie Follweiler, 03/07/2019 07:17 AM
49870
50345
50353
59565

Related issues

Copied to FreeNAS - Bug #79896: Clarify endpoint URL tooltip in new UIClosed

History

#1 Updated by IT IGP almost 3 years ago

  • Subject changed from Cloud Sync Task Amazon S3 missing region setting, assumes us-east-1, cannot use other region/endpoint to Cloud Sync Task/Credentials Amazon S3 missing region setting, assumes us-east-1, cannot use other region/endpoint

#2 Updated by Anonymous almost 3 years ago

  • Assignee changed from Release Council to Vladimir Vinogradenko

#3 Updated by Anonymous almost 3 years ago Private

Vladimir: is there anything that needs to be done on the middleware side for this? If so please do so and create a UI ticket for us when this is finished for us to implement on our side.

#4 Updated by Vladimir Vinogradenko almost 3 years ago

  • Status changed from Unscreened to Blocked
  • Needs Doc changed from Yes to No

You don't have to set any endpoint URL, FreeNAS will get region automatically using https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETlocation.html

Please clear "Endpoint URL" field and also uncheck any other checkboxes on the AWS credentials page and try again.

#5 Updated by Dru Lavigne almost 3 years ago

  • Reason for Blocked set to Need additional information from Author

#6 Updated by IT IGP almost 3 years ago

50345
50353

i see. leaving it blank solved the issue. maybe you could add

"using AWS leave this field empty - the available buckets are fetched dynamically and presented to you for selection during creation of a cloud sync task" to the tooltip / documentation. especially given the links to amazon docs how this endpoint should be formatted, this is quite confusing :/

maybe also add a checkbox to allow for non-amazon usecase and have the endpoint by default disabled?

also, if you just add the bucket name as endpoint, the error message is also quite confusing after some long timeout ;)

#7 Updated by Vladimir Vinogradenko almost 3 years ago

  • Status changed from Blocked to Unscreened
  • Assignee changed from Vladimir Vinogradenko to Lola Yang
  • Reason for Blocked deleted (Need additional information from Author)
  • Needs Doc changed from No to Yes

Lola, please hide all S3 credential fields except "Access Key ID" and "Secret Access Key" under "additional settings" spoiler or something like that.

Also please work with docs team on proposed tooltip and/or documentation changes.

#8 Updated by Dru Lavigne almost 3 years ago

  • Category changed from Middleware to GUI (new)
  • Target version changed from Backlog to 11.2-U3

#9 Updated by Lola Yang almost 3 years ago

  • Status changed from Unscreened to In Progress

#11 Updated by Anonymous almost 3 years ago

  • Status changed from In Progress to Ready for Testing
  • Needs Merging changed from Yes to No

#12 Updated by Dru Lavigne almost 3 years ago

  • Subject changed from Cloud Sync Task/Credentials Amazon S3 missing region setting, assumes us-east-1, cannot use other region/endpoint to Add Advanced Settings to S3 Cloud Credentials in new UI
  • Private changed from Yes to No

#14 Updated by Aaron St. John over 2 years ago

#15 Updated by Aaron St. John over 2 years ago

  • Needs Doc changed from Yes to No

#16 Updated by Bonnie Follweiler over 2 years ago

59565

#18 Updated by Dru Lavigne over 2 years ago

  • Copied to Bug #79896: Clarify endpoint URL tooltip in new UI added

Also available in: Atom PDF