Cloud storage file gateway is a storage gateway product provided by alicloud. It can meet the needs of users to access OSS object storage data through protocols such as NFS or Samba. Through simple configuration, we can also configure an FTP server based on the file gateway, which allows users to access OSS data through FTP, and realize the synchronization of OSS bucket data upload and download by FTP client.
This article will introduce how to build FTP server on the cloud storage gateway share to distribute and share the data in OSS.
Add NFS share
(Note: for how to open and create a cloud storage gateway, you can refer to How to mount OSS Bucket on Linux This article)
First, add a new NFS share for the bucket you want to access through FTP through the cloud storage file gateway management console (if you don't need to share the entire bucket, check the subdirectory when creating the share and fill in the path of the subdirectory you want to share):
When configuring sharing, if there is a lot of data that needs to be reverse synchronized from OSS to the file gateway, it is recommended to turn on the fast synchronization function, so as to ensure that the files we upload in OSS are synchronized to the file gateway in time. For the function of speed synchronization, please refer to File gateway second level synchronization OSS change object initial experience
Mount shared directory
Next, we create the / ftp directory on the linux server, and mount the newly created nfs share to the / ftp Directory:
# 1. Create the directory used by ftp server [root@csg ~]# mkdir -p /var/ftp/oss-bucket # 2. Use the showmount command to view the newly created gateway share [root@csg ~]# Showmount - e < gateway IP address > # 3. Mount the shared directory to / var / ftp / OSS bucket [root@csg ~]# Mount - t NFS < gateway IP address >: < share Path > / var / ftp / OSS bucket # 4. View the directory mount status [root@csg ~]# df -h /var/ftp/oss-bucket
Set up ftp server
1. Install ftp service
We take centos as an example to install the ftp service vsftpd:
[root@csg ~]# yum -y install vsftpd
2. Add ftp user
[root@csg ~]# useradd ftpuser1 [root@csg ~]# passwd ftpuser1
3. Configure vsftpd
[root@csg ~]# vi /etc/vsftpd/vsftpd.conf ## conventional arrangement # line 12: disable anonymous user login anonymous_enable=NO # line 82,83: allow ascii mode access ascii_upload_enable=YES ascii_download_enable=YES # line 100, 101: enable chroot chroot_local_user=YES chroot_list_enable=YES # line 103: specify chroot user list profile path chroot_list_file=/etc/vsftpd/chroot_list # line 109: enable ls recurse ls_recurse_enable=YES # line 114: if the ECS IPV4 address is used, modify the following line and close IPV6 as required listen=YES # line 123: listen_ipv6=NO # Add the following lines to the configuration file # Modify the chroot directory used. We configure it to mount the path of the file gateway NFS share (if not specified, the ftp user's home directory will be used by default instead of the NFS mount directory) local_root=/var/ftp/oss-bucket # Use local time use_localtime=YES # Close seccomp filter seccomp_sandbox=NO # Specify the client passive mode access port, which can be freely specified pasv_min_port=12001 pasv_max_port=12005
# Add chroot to allow users [root@csg ~]# vi /etc/vsftpd/chroot_list # Add ftp users allowed to chroot ftpuser1
Start vsftpd service
[root@csg ~]# systemctl start vsftpd [root@csg ~]# systemctl enable vsftpd
If the firewall is turned on, you need to add rules to allow ftp port access:
[root@csg ~]# firewall-cmd --add-service=ftp --permanent success [root@csg ~]# firewall-cmd --reload success
If selinux is enabled, you need to allow ftp access
[root@csg ~]# setsebool -P ftpd_full_access on
Access ftp/sftp server
After configuration, we can use the ftp client to access the deployed ftp server. Take the fileZilla client as an example, use the user ftp user1 to log in to the ftp server, and try to upload an f file to the ftp server:
Figure: log in and upload files to ftp server
After the upload is successful, log in to the OSS console and view the file just uploaded in the directory corresponding to the shared bucket configured by the cloud storage gateway. The function of uploading to OSS through FTP client is realized
Figure: accessing the newly uploaded file of ftp client in OSS console
Similarly, after the file gateway opens the fast synchronization or reverse synchronization function, the file gateway can also reverse synchronize the data update on OSS, so that the FTP client can obtain the list of newly uploaded files on OSS and download the newly uploaded files in OSS.
By building FTP server based on NFS share of cloud storage gateway, users can use FTP to access data in OSS, realize the function of uploading data to OSS and downloading data in OSS with FTP client, and make file sharing and distribution more convenient.