metadata-directive replaceを使用したStorageGRIDコピーオブジェクトが適切に動作しない
環境
- NetApp StorageGRID
- s3fs
- 格納オブジェクトの暗号化オプション が有効
- metadata-directive replaceを使用してオブジェクトをコピー
問題
metadata-directive REPLACE
を使用してオブジェクトをコピーしようとする と、 エラー・コード501
とエラー・メッセージChanging the server-side encryption of an existing object is not supported
が表示されます。
- 再現手順:
- デバッグを使用してs3fsをマウントします。
root@scspa0499453001:~# s3fs bucketnonvers /mnts3fs/ -o passwd_file=/root/custom-passwd-s3fs,allow_other,use_path_request_style,mp_umask=0022,url=http://ams.sglab.netapp.com:10456,noatime,ensure_diskfree=500 -d -d -f -o f2 -o curldbg -o no_check_certificate
- 追加のセッションを開き、次のコマンドを実行します。
cd /mnts3fs
echo foo > bar
chown nobody bar
コマンドの戻り値chown: changing ownership of 'bar': Operation not supported
- ログの例:
2023-02-09T13:07:58.178Z [CURL DBG] > PUT /bucketnonvers/bar HTTP/1.1
2023-02-09T13:07:58.178Z [CURL DBG] > User-Agent: s3fs/1.91 (commit hash unknown; OpenSSL)
2023-02-09T13:07:58.178Z [CURL DBG] > Accept: */* 2023-02-09T13:07:58.178Z[CURL DBG] > Authorization: AWS4-HMAC-SHA256 Authorization: AWS4-HMAC-SHA256 Credential=ZEHP4Q6H5C7OAA7YJX0V/20230214/us-east-1/s3/aws4_request, SignedHeaders=content-type;host;x-amz-acl;x-amz-content-sha256;x-amz-copy-source;x-amz-date;x-amz-meta-gid;x-amz-meta-mode ;x-amz-meta-mtime;x-amz-meta-uid;x-amz-metadata-directive;x-amz-server-side-encryption, Signature=c9ef32f297084d306f222d53c730f70224e90ea00327cad2aebf127ac4b2607e
2023-02-09T13:07:58.178Z [CURL DBG] > Content-Type: application/octet-stream
2023-02-09T13:07:58.178Z [CURL DBG] > host: ams.sglab.netapp.com:10456
2023-02-09T13:07:58.178Z [CURL DBG] > x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
2023-02-09T13:07:58.178Z [CURL DBG] > x-amz-copy-source: /bucketnonvers/bar
2023-02-09T13:07:58.178Z [CURL DBG] > x-amz-date: 20230209T130758Z
2023-02-09T13:07:58.178Z [CURL DBG] > x-amz-meta-atime: 1672763344
2023-02-09T13:07:58.178Z [CURL DBG] > x-amz-meta-ctime: 1675948078
2023-02-09T13:07:58.178Z [CURL DBG] > x-amz-meta-gid: 0
2023-02-09T13:07:58.178Z [CURL DBG] > x-amz-meta-mode: 33279
2023-02-09T13:07:58.178Z [CURL DBG] > x-amz-meta-mtime: 1672763344
2023-02-09T13:07:58.178Z [CURL DBG] > x-amz-meta-uid: 0
2023-02-09T13:07:58.178Z [CURL DBG] >x-amz-metadata-directive: REPLACE
2023-02-09T13:07:58.178Z [CURL DBG] >x-amz-server-side-encryption: AES256
2023-02-09T13:07:58.178Z [CURL DBG] > Content-Length: 0
2023-02-09T13:07:58.178Z [CURL DBG] > Expect: 100-continue
2023-02-09T13:07:58.178Z [CURL DBG] >
2023-02-09T13:07:58.190Z [CURL DBG] <HTTP/1.1 501 Not Implemented
2023-02-09T13:07:58.190Z [CURL DBG] < date: Tue, 14 Feb 2023 08:47:19 GMT
2023-02-09T13:07:58.190Z [CURL DBG] < content-type: application/xml
2023-02-09T13:07:58.190Z [CURL DBG] < content-length: 269
2023-02-09T13:07:58.190Z [CURL DBG] < x-amz-request-id: 1676364439425331
2023-02-09T13:07:58.190Z [CURL DBG] < x-amz-id-2: :
2023-02-09T13:07:58.190Z [CURL DBG] < x-ntap-sg-trace-id: 8ececf3a24ac7376
2023-02-09T13:07:58.190Z [CURL DBG] < strict-transport-security: max-age=16000000; includeSubDomains; preload;
2023-02-09T13:07:58.190Z [CURL DBG] * HTTP error before end of send, stop sending
2023-02-09T13:07:58.190Z [CURL DBG] < 2023-02-09T13:07:58.190Z [CURL DBG] * Closing connection 9
2023-02-09T13:07:58.191Z [INF] curl.cpp:RequestPerform(2387): HTTP response code 501 was returned, returning ENOTSUP
2023-02-09T13:07:58.191Z [DBG] curl.cpp:RequestPerform(2388): Body Text: <?xml version="1.0" encoding="UTF-8"?><Error><Code>XNotImplemented</Code><Message>Changing the server-side encryption of an existing object is not supported.</Message><Resource>/bucketnonvers/test1/test</Resource><RequestId>1675948077116669</RequestId></Error>
2023-02-09T13:0 7:58.191Z [DBG] curl_handlerpool.cpp:ReturnHandler(103): Return handler to pool unique: 144, error: -95 (Operation not supported), outsize: 16 unique: 145, opcode: STATFS (17), nodeid: 1, insize: 40, pid: 126994
- s3fsを使用してオブジェクトの名前を変更すると、新しい名前のオブジェクトのサイズは0になります。
Bycast.log
名前変更処理中にエラーが報告されます。
yyyy-mm-ddThh:mm:ss ADE: |12788853 2659044311 S3RQ %CEA 2024-10-10T09:23:47.626189| NOTICE 0089 a5153b8ae47ecb75 S3RQ: S3 error response: RequestId=1728552223024454, TraceId=a5153b8ae47ecb75, Resource=/old_name, HTTP Method=PUT, HTTP Status Code=501, ErrorMsg=XNotImplemented, ErrorType=Client, CustomErrorMessage={Changing the server-side encryption of an existing object is not supported.}, Details={<none>}
audit.log
、名前が変更されたオブジェクトをCSIZ
(コンテンツサイズ)が0で記録します。
yyyy-mm-ddThh:mm:ss [AUDT:[RSLT(FC32):SUCS][CNID(UI64):1728552228380804][TIME(UI64):22948][SAIP(IPAD):"x.x.x.x"][S3AI(CSTR):"11668991658953630201"][SACC(CSTR):"xxxx"][S3AK(CSTR):"xxxx"][SUSR(CSTR):"urn:sgws:identity::11668991658953630201:user/xxxx"][SBAI(CSTR):"00367720891877408653"][SBAC(CSTR):"xxxx"][S3BK(CSTR):"xxxx"][S3KY(CSTR):"new_name"][CBID(UI64):0x0F1AB795294167CC][UUID(CSTR):"DF3411C6-D8D4-4CD5-A74B-ABB75CB4FA07"][CSIZ(UI64):0][MTME(UI64):1728552228390371][AVER(UI32):10][ATIM(UI64):1728552228411907][ATYP(FC32):SPUT][ANID(UI32):12724111][AMID(FC32):S3RQ][ATID(UI64):14343539285219169917]]
- 新しい名前でオブジェクトを検索すると、サイズ0が表示されます。