在 Azure 上运行的 CentOS 7 虚拟机中,我无法使用 s3fs 挂载 AWS S3 存储桶。在 s3fs 检查存储桶是否存在之前,存储桶位置的路径部分已被删除:
s3fs version 1.90(unknown) : s3fs -f -o dbglevel=debug,endpoint=eu-west-1,profile=customer,bucket=company-sftp:/Customer/dev /srv/test_s3/
s3fs_logger.cpp:LowSetLogLevel(240): change debug level from [CRT] to [DBG]
s3fs.cpp:set_mountpoint_attribute(4094): PROC(uid=1000, gid=1000) - MountPoint(uid=1000, gid=0, mode=40755)
s3fs.cpp:s3fs_init(3382): init v1.90(commit:unknown) with OpenSSL
s3fs.cpp:s3fs_check_service(3516): check services.
curl.cpp:CheckBucket(3388): check a bucket.
curl_handlerpool.cpp:GetHandler(81): Get handler from pool: rest = 31
curl.cpp:ResetHandle(1945): The CURLOPT_SSL_ENABLE_ALPN option could not be unset. S3 server does not support ALPN, then this option should be disabled to maximize performance. you need to use libcurl 7.36.0 or later.
curl.cpp:ResetHandle(1948): The S3FS_CURLOPT_KEEP_SENDING_ON_ERROR option could not be set. For maximize performance you need to enable this option and you should use libcurl 7.51.0 or later.
curl_util.cpp:prepare_url(254): URL is https://s3.amazonaws.com/company-sftp/
curl_util.cpp:prepare_url(287): URL changed is https://company-sftp.s3.amazonaws.com/
curl.cpp:RequestPerform(2283): connecting to URL https://company-sftp.s3.amazonaws.com/
curl.cpp:insertV4Headers(2680): computing signature [GET] [/] [] []
curl_util.cpp:url_to_host(331): url is https://s3.amazonaws.com
curl.cpp:RequestPerform(2363): HTTP response code 403, returning EPERM. Body Text: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>[...]</RequestId><HostId>[...]</HostId></Error>
“客户”配置文件包含只能访问存储桶的 /Customer/dev 部分的 IAM 用户的凭证。
使用相同的 S3 存储桶和凭据,在 Ubuntu 20.04.3 上使用 sshfs 1.86-1(和 libcurl 7.68.0-1ubuntu2.7)时我没有得到相同的行为:
s3fs -f /home/dleborgne/s3 -o dbglevel=debug,endpoint=eu-west-1,profile=customer,bucket=company-sftp:/Customer/dev
[CRT] s3fs.cpp:set_s3fs_log_level(297): change debug level from [CRT] to [DBG]
[INF] s3fs.cpp:set_mountpoint_attribute(4400): PROC(uid=1000, gid=1000) - MountPoint(uid=1000, gid=1000, mode=40755)
[INF] s3fs.cpp:s3fs_init(3493): init v1.86(commit:unknown) with GnuTLS(gcrypt)
[INF] s3fs.cpp:s3fs_check_service(3828): check services.
[INF] curl.cpp:CheckBucket(3413): check a bucket.
[DBG] curl.cpp:GetHandler(289): Get handler from pool: rest = 31
[INF] curl.cpp:prepare_url(4703): URL is https://s3.amazonaws.com/company-sftp/Customer/dev/
[INF] curl.cpp:prepare_url(4736): URL changed is https://company-sftp.s3.amazonaws.com/Customer/dev/
[DBG] curl.cpp:RequestPerform(2384): connecting to URL https://company-sftp.s3.amazonaws.com/Customer/dev/
[INF] curl.cpp:insertV4Headers(2753): computing signature [GET] [/Customer/dev/] [] []
[INF] curl.cpp:url_to_host(99): url is https://s3.amazonaws.com
[INF] curl.cpp:RequestPerform(2416): HTTP response code 200
在一种情况下(Ubuntu 上的 s3fs 1.86),s3fs 检查使用凭证,https://company-sftp.s3.amazonaws.com/Customer/dev/而在另一种情况下(CentOS 上的 s3fs 1.90),它使用修剪的 urlhttps://company-sftp.s3.amazonaws.com/并失败。
我对这种差异感到困惑,欢迎任何想法。
答案1
我这边也有同样的问题。
我猜测,URL 处理存在问题,您可以查看日志行:
RHEL / CentOS 无法运行
URL is https://s3.amazonaws.com/company-sftp/
URL changed is https://company-sftp.s3.amazonaws.com/
computing signature [GET] [/] [] []
Ubuntu,正在运行
URL is https://s3.amazonaws.com/company-sftp/Customer/dev/
URL changed is https://company-sftp.s3.amazonaws.com/Customer/dev/
computing signature [GET] [/Customer/dev/] [] []