Install the S3FS driver for one or more of your Amazon S3 buckets. The cookbook supports using an encrypted data bag to keep data safe in shared situations.
The latest community release can be found at http://community.opscode.com/cookbooks/s3fs.
It will install S3FS on your server, then it will create folders in the /mnt
directory named the same as each bucket listed in the data bag. Lastly, it will create an S3FS mount for each S3 bucket specified in your configuration.
The recipe will handle encrypted data bags, and uses the Chef::EncryptedDataBagItem.load
with default decryption key file.
- CentOS
- RHEL
- Ubuntu
- Debian
To use, create a data bag per each unique S3FS configuration. Here's an example:
{
"id": "deploy_key",
"buckets": [ "bucket1", "bucket2" ],
"access_key_id": "ABCDEFGHIJKLMNOPQRST",
"secret_access_key": "abcdefghijklmnopqrstuvwxyz01234567890ABC"
}
Then, for each node to run this configuration, use a role like this:
"run_list": [
"recipe[s3fs]",
...
],
"override_attributes": [
"s3fs": {
"data_bag": {
"name": "s3_keys",
"item": "deploy_key"
}
},
...
}
It is encouraged, however, to build a wrapper cookbook to specify the necessary attributes, rather than using roles, following the Berkshelf model.
If you have multiple AWS IAM users with different keys and multiple buckets that need mounted, you can use node['s3fs']['multi_user']
. By setting this attribute to true, it will allow you to mount multiple buckets across as many user accounts (with different keys) as you want.
Instead of using node["s3fs"]["data_bag"]["item"]
to specify which data bag item to load, you create one or more data bags under node["s3fs"]["data_bag"]["name"]
for each unique AWS IAM user you need to use. The data bag format is otherwise the same.
And example of two separate data bag items in the same data bag:
{
"id": "s3fs_iam_1",
"buckets": [ "bucket1", "bucket2" ],
"access_key_id": "ABCDEFGHIJKLMNOPQRST",
"secret_access_key": "abcdefghijklmnopqrstuvwxyz01234567890ABC"
}
{
"id": "s3fs_iam_2",
"buckets": [ "bucket1", "bucket2" ],
"access_key_id": "ABCDEFGHIJKLMNOPQRST",
"secret_access_key": "abcdefghijklmnopqrstuvwxyz01234567890ABC"
}
See attributes/default.rb
for defaults generated per platform.
node["s3fs"]["packages"]
- Set of packages needed to install S3FSnode["fuse"]["version"]
- The version of FUSE to installnode["s3fs"]["version"]
- The version of S3FS to installnode["s3fs"]["mount_root"]
- The root path for any mounted S3 bucketsnode["s3fs"]["multi_user"]
- Enable multi-user supportnode["s3fs"]["options"]
- Options to set when mounting a bucket to the filesystemnode["s3fs"]["data_bag"]["name"]
- The name of the data bag that contains an item with the buckets to mount & necessary AWS credentialsnode["s3fs"]["data_bag"]["item"]
- The name of the data bag item that contains the buckets to mount & necessary AWS credentials
The default recipe installs a set of packages necessary to build S3FS from source, installs FUSE, then builds and installs S3FS.
It then configures and mounts one of more S3 buckets, specified in a data bag's item or items, with the associated AWS credentials.
Author:: Tom Wilson [email protected]
Copyright:: 2011 Tom Wilson
see LICENSE