Setting up a Credentials File for Connecting to a Cold Tier Using the CLI or REST API
Describes how to create a credential file, with examples for AWS and Microsoft Azure.
Set up a credentials file on the host you plan to use for creating the cold
tier if you are planning on using the credential
option
(and not pass the credentials on the command-line using the
credential_str
option).
For example, your credentials.txt
file for AWS should look similar to the
following sample file:
{
"bucketName" : "defaultbucket3",
"region": "us-east-1",
"credentials" : {
"accessKey" : "AB956CDE8F2GO7H9I4J2",
"secretKey" : "5K1LmN92e65oPQRsTUvOfSbURxyEtYl2MmAocGi"
}
}
The sample for Microsoft Azure is as follows:
maprcli tier create -name tier_azure_1 -type cold -url https://myobjectpools1.blob.core.windows.net -credential ~/creds_azure.txt
$ cat creds_azure.txt
{
"bucketName" : "bucket4",
"credentials" : {
"accessKey" : "myobjectpools1",
"secretKey" : "N6GKkDPttqNc6rfTzhb2JNKwvdr9EraN89Mg8WaodrvPBeINBTZwhQu+Q3vX4ENeW+RQN42f+P8nXN0YasZWNA=="
}
}
The
credentials file (.txt
file) contains the following
properties in JSON format:
- bucketName
- The name of the bucket on the tier. If the bucket does not already exist on the
tier, the command to create the tier attempts to create the bucket using the credentials
in the credentials file. You can modify the name of the bucket only by using the
-force
option with thetier modify
command - region
- The S3 region to create the bucket on. Use the information in the following table to
specify region information.
You can modify the region only by using theVendor Default Value Notes AWS us-east-1 Specify region information as defined here. On AWS, each region can have a different URL. The URL must be provided with the
maprcli tier create
command.NOTEBecause bucket names are unique across regions, make sure you specify the correct region for a given bucket in the credentials file. For example, suppose a bucket called myBucket3 in us-east-1; you cannot offload data to myBucket3 by specifying us-west-1 as the region in the credentials file.GCS us-east-1 Specify region information as described here. HDP N/A Not required. If specified, Data Fabric ignores the value. IBM us-east-region Not required. If specified, Data Fabric ignores the value. Azure-Blobs N/A Not required. The region of the storage account is determined from the URL and data is offloaded into that region. Minio us-east-1 If you specify region, export the MINIO_REGION
environment variable on the minio server as described in the Configuration Guide.Scality us-east-region Not required. If specified, Data Fabric ignores the value. -force
option with thetier modify
command. - accessKey and secretKey
- The credentials for accessing the tier. TIPFor Azure Blobs, the storage account name is the access key.
NOTE
Once the tier is created, Data Fabric does not require this
file because CLDB stores the bucket, region, and credentials information.