How to use cloud storage gateway to build FTP server to access OSS storage

background

Cloud storage file gateway is a storage gateway product provided by alicloud. It can meet the needs of users to access OSS object storage data through protocols such as NFS or Samba. Through simple configuration, we can also configure an FTP server based on the file gateway, which allows users to access OSS data through FTP, and realize the synchronization of OSS bucket data upload and download by FTP client.

This article will introduce how to build FTP server on the cloud storage gateway share to distribute and share the data in OSS.

Preparation

Add NFS share

(Note: for how to open and create a cloud storage gateway, you can refer to How to mount OSS Bucket on Linux This article)

First, add a new NFS share for the bucket you want to access through FTP through the cloud storage file gateway management console (if you don't need to share the entire bucket, check the subdirectory when creating the share and fill in the path of the subdirectory you want to share):

When configuring sharing, if there is a lot of data that needs to be reverse synchronized from OSS to the file gateway, it is recommended to turn on the fast synchronization function, so as to ensure that the files we upload in OSS are synchronized to the file gateway in time. For the function of speed synchronization, please refer to File gateway second level synchronization OSS change object initial experience

Mount shared directory

Next, we create the / ftp directory on the linux server, and mount the newly created nfs share to the / ftp Directory:

# 1. Create the directory used by ftp server
[root@csg ~]# mkdir -p /var/ftp/oss-bucket

# 2. Use the showmount command to view the newly created gateway share
[root@csg ~]# Showmount - e < gateway IP address >

# 3. Mount the shared directory to / var / ftp / OSS bucket
[root@csg ~]# Mount - t NFS < gateway IP address >: < share Path > / var / ftp / OSS bucket

# 4. View the directory mount status
[root@csg ~]# df -h /var/ftp/oss-bucket

Set up ftp server

1. Install ftp service

We take centos as an example to install the ftp service vsftpd:

[root@csg ~]# yum -y install vsftpd

2. Add ftp user

[root@csg ~]# useradd ftpuser1
[root@csg ~]# passwd ftpuser1

3. Configure vsftpd

[root@csg ~]# vi /etc/vsftpd/vsftpd.conf
## conventional arrangement
# line 12: disable anonymous user login
anonymous_enable=NO
# line 82,83: allow ascii mode access
ascii_upload_enable=YES
ascii_download_enable=YES
# line 100, 101: enable chroot
chroot_local_user=YES
chroot_list_enable=YES
# line 103: specify chroot user list profile path
chroot_list_file=/etc/vsftpd/chroot_list
# line 109: enable ls recurse
ls_recurse_enable=YES
# line 114: if the ECS IPV4 address is used, modify the following line and close IPV6 as required
listen=YES
# line 123: 
listen_ipv6=NO

# Add the following lines to the configuration file
# Modify the chroot directory used. We configure it to mount the path of the file gateway NFS share (if not specified, the ftp user's home directory will be used by default instead of the NFS mount directory)
local_root=/var/ftp/oss-bucket

# Use local time
use_localtime=YES
# Close seccomp filter
seccomp_sandbox=NO

# Specify the client passive mode access port, which can be freely specified
pasv_min_port=12001
pasv_max_port=12005
# Add chroot to allow users
[root@csg ~]# vi /etc/vsftpd/chroot_list
# Add ftp users allowed to chroot
ftpuser1

Start vsftpd service

[root@csg ~]# systemctl start vsftpd
[root@csg ~]# systemctl enable vsftpd

If the firewall is turned on, you need to add rules to allow ftp port access:

[root@csg ~]# firewall-cmd --add-service=ftp --permanent
success
[root@csg ~]# firewall-cmd --reload
success

If selinux is enabled, you need to allow ftp access

[root@csg ~]# setsebool -P ftpd_full_access on

Access ftp/sftp server

After configuration, we can use the ftp client to access the deployed ftp server. Take the fileZilla client as an example, use the user ftp user1 to log in to the ftp server, and try to upload an f file to the ftp server:

Figure: log in and upload files to ftp server

After the upload is successful, log in to the OSS console and view the file just uploaded in the directory corresponding to the shared bucket configured by the cloud storage gateway. The function of uploading to OSS through FTP client is realized

Figure: accessing the newly uploaded file of ftp client in OSS console

Similarly, after the file gateway opens the fast synchronization or reverse synchronization function, the file gateway can also reverse synchronize the data update on OSS, so that the FTP client can obtain the list of newly uploaded files on OSS and download the newly uploaded files in OSS.

summary

By building FTP server based on NFS share of cloud storage gateway, users can use FTP to access data in OSS, realize the function of uploading data to OSS and downloading data in OSS with FTP client, and make file sharing and distribution more convenient.

Tags: Operation & Maintenance ftp vsftpd firewall Linux

Posted on Tue, 04 Feb 2020 04:32:44 -0800 by TomatoLover