nbdkit-S3-plugin(1) | NBDKIT | nbdkit-S3-plugin(1) |
nbdkit-S3-plugin - expose data in Amazon S3 or Ceph buckets as block device
nbdkit S3 [access-key=...] [secret-key=...] [session-token=...] [endpoint-url=...] [size=NN object-size=NN] bucket=BUCKET key=STRING
"nbdkit-S3-plugin" is a plugin for nbdkit(1) which lets you open objects stored in Amazon S3 or Ceph as disk images.
This plugin uses the Python Amazon Web Services SDK called Boto3.
nbdkit S3 endpoint-url=https://ceph.example.com \ bucket=MY-BUCKET key=disk.img
Provides read only block device holding the data contained in the "disk.img" object.
nbdkit S3 endpoint-url=https://ceph.example.com \ size=50G object-size=128k \ bucket=MY-BUCKET key=disk
Provides a read-write block device with size 50G, whose contents are stored multiple in objects of size 128k, prefixed with disk/
Object names will have the form key/%16x, where %16x is the 16-digit hexadecimal block number. If there are existing objects under such name that do not have the expected size, the plugin will crash.
It is highly recommended that clients do their utmost to issue requests that exactly match the object size: Smaller write requests will incur a performance penalty due to the need for read-modify-write cycles (thus also incurring latency from two network round-trips). Larger read and write requests will incur a performance penalty because of sequential execution.
The nbdkit-blocksize-filter(1) can be used to alleviate the impact of requests larger than the object size, but does not help if the client issues requests smaller than the block size.
The nbdkit-stats-filter(1) can be used to investigate what block sizes and alignments are used by the client.
When connecting through the Linux kernel's NBD module, consider setting "/sys/block/nbd<X>/queue/max_sectors_kb" to match the object size.
Although AWS credentials can be passed to nbdkit on the command line, this is not secure since a user on the same machine could read them using ps(1).
A better way is to pass the credentials through the ~/.aws/credentials file. This takes the form:
[default] aws_access_key_id = XXX aws_secret_access_key = YYY [profile] aws_access_key_id = XXX aws_secret_access_key = YYY
Different profiles from the file can be selected by setting the "AWS_PROFILE" environment variable.
There is much more information about credentials in the Boto3 documentation.
s3fs-fuse (https://github.com/s3fs-fuse/s3fs-fuse) and s3backer (https://github.com/archiecobbs/s3backer) provide similar functionality but are based on FUSE (rather than NBD). They provide a regular file (backed by S3) which can then be loopback-mounted to provide a block device. s3backer also supports to optionally encrypt and compress objects.
In theory, NBD should provide better performance than FUSE, because:
However, for high-bandwith network connections s3backer and s3fs-fuse may be faster because they are written in C rather than Python.
Use "nbdkit --dump-config" to find the location of $plugindir.
"nbdkit-S3-plugin" first appeared in nbdkit 1.24.
nbdkit(1), nbdkit-plugin(3), nbdkit-python-plugin(3), https://pypi.org/project/boto3/, https://boto3.amazonaws.com/v1/documentation/api/latest/index.html, https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html.
Richard W.M. Jones
Nikolaus Rath
Copyright (C) 2020-2022 Red Hat Inc.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
THIS SOFTWARE IS PROVIDED BY RED HAT AND CONTRIBUTORS ''AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
2023-01-04 | nbdkit-1.32.5 |