mirror of
https://github.com/s3fs-fuse/s3fs-fuse.git
synced 2026-04-25 05:16:00 +03:00
[GH-ISSUE #1150] S3FS 'iam_role' option usage in On Premises machine - mount failure #602
Labels
No labels
bug
bug
dataloss
duplicate
enhancement
feature request
help wanted
invalid
need info
performance
pull-request
question
question
testing
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/s3fs-fuse#602
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @amitwac on GitHub (Sep 9, 2019).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/1150
Additional Information
The following information is very important in order to help us to help you. Omission of the following details may delay your support request or receive no attention at all.
Keep in mind that the commands we provide to retrieve information are oriented to GNU/Linux Distributions, so you could need to use others if you use s3fs on macOS or BSD
Version of s3fs being used (s3fs --version)
1.85
Version of fuse being used (pkg-config --modversion fuse, rpm -qi fuse, dpkg -s fuse)
2.9.2
Kernel information (uname -r)
3.10.0-514.el7.x86_64
GNU/Linux Distribution, if applicable (cat /etc/os-release)
NAME="Red Hat Enterprise Linux Server"
VERSION="7.3 (Maipo)"
ID="rhel"
ID_LIKE="fedora"
VERSION_ID="7.3"
PRETTY_NAME="Red Hat Enterprise Linux Server 7.3 (Maipo)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:7.3:GA:server"
HOME_URL="https://www.redhat.com/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 7"
REDHAT_BUGZILLA_PRODUCT_VERSION=7.3
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="7.3"
s3fs command line used, if applicable
s3fs -o iam_role="s3fs-onprem-role" -o url="https://s3.dualstack.us-east-1.amazonaws.com" -o endpoint=us-east-1 -o dbglevel=info -o curldbg ams-demo-cc /s3fs-mount/
/etc/fstab entry, if applicable
s3fs syslog messages (grep s3fs /var/log/syslog, journalctl | grep s3fs, or s3fs outputs)
if you execute s3fs with dbglevel, curldbg option, you can get detail debug messages
Sep 9 12:28:11 s3fs[17206]: s3fs.cpp:set_s3fs_log_level(296): change debug level from [CRT] to [INF]
Sep 9 12:28:11 s3fs[17206]: PROC(uid=0, gid=0) - MountPoint(uid=0, gid=0, mode=40755)
Sep 9 12:28:11 s3fs[17207]: init v1.85(commit:unknown) with OpenSSL
Sep 9 12:28:11 s3fs[17207]: check services.
Sep 9 12:28:11 s3fs[17207]: [IAM role=s3fs-onprem-role]
Sep 9 12:28:11 s3fs[17207]: curl.cpp:ResetHandle(1855): The CURLOPT_SSL_ENABLE_ALPN option could not be unset. S3 server does not support ALPN, then this option should be disabled to maximize performance. you need to use libcurl 7.36.0 or later.
Sep 9 12:28:11 s3fs[17207]: curl.cpp:ResetHandle(1858): The S3FS_CURLOPT_KEEP_SENDING_ON_ERROR option could not be set. For maximize performance you need to enable this option and you should use libcurl 7.51.0 or later.
Sep 9 12:28:11 s3fs[17207]: * About to connect() to 169.254.169.254 port 80 (#0)
Sep 9 12:28:11 s3fs[17207]: * Trying 169.254.169.254...
Sep 9 12:28:11 s3fs[17207]: * Connected to 169.254.169.254 (169.254.169.254) port 80 (#0)
Sep 9 12:28:11 s3fs[17207]: > GET /latest/meta-data/iam/security-credentials/s3fs-onprem-role HTTP/1.1
Sep 9 12:28:11 s3fs[17207]: > User-Agent: s3fs/1.85 (commit hash unknown; OpenSSL)
Sep 9 12:28:11 s3fs[17207]: > Host: 169.254.169.254
Sep 9 12:28:11 s3fs[17207]: > Accept: /
Sep 9 12:28:11 s3fs[17207]: >
Sep 9 12:28:54 s3fs[17207]: * HTTP 1.0, assume close after body
Sep 9 12:28:54 s3fs[17207]: < HTTP/1.0 504 Gateway Timeout
Sep 9 12:28:54 s3fs[17207]: < Server: Zscaler/5.7
Sep 9 12:28:54 s3fs[17207]: < Content-Type: text/html
Sep 9 12:28:54 s3fs[17207]: < Connection: close
Sep 9 12:28:54 s3fs[17207]: <
Sep 9 12:28:54 s3fs[17207]: * Closing connection 0
Sep 9 12:28:54 s3fs[17207]: curl.cpp:RequestPerform(2272): HTTP response code 504, returning EIO. Body Text: <html><head></head>#015#012
Gateway Timeout
#015#012Server error - server 169.254.169.254 is unreachable at this moment.
#015#012</html>Please retry the request or contact your administrator.
Sep 9 12:28:54 s3fs[17207]: Pool full: destroy the oldest handler
Sep 9 12:28:54 s3fs[17207]: s3fs.cpp:s3fs_check_service(3798): Failed to check IAM role name(s3fs-onprem-role).
Sep 9 12:28:54 s3fs[17207]: s3fs.cpp:s3fs_exit_fuseloop(3440): Exiting FUSE event loop due to errors
Sep 9 12:28:54 s3fs[17207]: destroy
Details about issue
When I uses 'iam_role' option to mount s3 bucket on my local setup (on premises test VM), the mount command fails.
Is the option only supported on an EC2 instance ? If I need to use the option on a local machine, then what I need to do ?
@gaul commented on GitHub (Feb 3, 2020):
I believe
iam_roleonly works when you run inside Amazon EC2. Please reopen if this understanding is incorrect.