Project

General

Profile

Feature #43446

Feature #39478: mgr/dashboard: new RGW workflows & RGW enhancements

Feature #39477: mgr/dashboard: add/edit missing RGW bucket info

mgr/dashboard: create bucket with x-amz-bucket-object-lock-enabled

Added by Robert Sander 3 months ago. Updated 24 days ago.

Status:
Pending Backport
Priority:
Normal
Assignee:
Category:
dashboard/rgw
Target version:
% Done:

0%

Source:
Community (user)
Tags:
Backport:
nautilus
Reviewed:
Affected Versions:
Pull request ID:

Description

Please implement the possibility to create S3 buckets with x-amz-bucket-object-lock-enabled: true as is now possible thanks to issue #37763

screenshot.gif View (178 KB) Volker Theile, 03/03/2020 02:05 PM


Related issues

Copied to mgr - Backport #44656: nautilus: mgr/dashboard: create bucket with x-amz-bucket-object-lock-enabled New

History

#1 Updated by Volker Theile about 1 month ago

Any idea how this should be implemented from a enduser perspective? Is it enough to add a checkbox in the bucket create dialog?

#2 Updated by Volker Theile about 1 month ago

  • Status changed from New to Need More Info

#3 Updated by Volker Theile about 1 month ago

I requested some infos if this feature is availabale via Admin OPS API (https://github.com/ceph/ceph/pull/26538#issuecomment-591371832). If not, then i do not see any chance to implement that in the Dashboard.

#4 Updated by Volker Theile about 1 month ago

  • Subject changed from Dashboard: create bucket with x-amz-bucket-object-lock-enabled to mgr/dashboard: create bucket with x-amz-bucket-object-lock-enabled

#5 Updated by Robert Sander about 1 month ago

Volker Theile wrote:

Any idea how this should be implemented from a enduser perspective? Is it enough to add a checkbox in the bucket create dialog?

IMHO a checkbox would be fully sufficient.

#6 Updated by Lenz Grimmer about 1 month ago

Robert sent me the following additional information in an email:

we made progress on how to create an S3 bucket with the Object Lock feature.

s3cmd announces that it can send additional headers with the create bucket request but this seems not to work:

s3cmd --add-header=x-amz-bucket-object-lock-enabled:true mb s3://lockedbucket

Instead I created a small Python script using the boto module and this code:

conn = boto.connect_s3(…)
conn.create_bucket(bucketname, headers = {'x-amz-bucket-object-lock-enabled': 'true'})

The bucket created with create_bucket() now has the feature enabled. With this code we get the status of the enabled feature:

for bucket in conn.get_all_buckets():
    print bucket.name, bucket.get_versioning_status()

#7 Updated by Lenz Grimmer about 1 month ago

  • Status changed from Need More Info to New

#8 Updated by Lenz Grimmer about 1 month ago

  • Tags set to feature-gap, administration
  • Backport set to nautilus

#9 Updated by Volker Theile about 1 month ago

To make it correct we should support the following options for buckets (with enabled versioning):

- Enable/disable locking
- Select the locking mode: retention periods and/or legal holds
- Allow to set the retention period

#10 Updated by Volker Theile about 1 month ago

  • File screenshot.gif View added
  • Status changed from New to In Progress
  • Assignee set to Volker Theile

The UI may look like this:

The locking configuration is only available after the bucket has been created because it can only be enabled when versioning is on (and this is only possible in the 'Edit' mode).

#11 Updated by Robert Sander about 1 month ago

Volker Theile wrote:

The locking configuration is only available after the bucket has been created because it can only be enabled when versioning is on.

I think you need to create the bucket with "x-amz-bucket-object-lock-enabled: true" because otherwise you will not be able to set the features. But I may be wrong.

#12 Updated by Volker Theile about 1 month ago

It comes out that once object locking is enabled, it can NOT be disabled anymore.

The PR https://github.com/ceph/ceph/pull/26538/files#diff-fcc53db6b28c98131b0f269ddf31f6b5R38 is telling something different, but i am not able to disable locking by sending the header {'x-amz-bucket-object-lock-enabled': 'false'}.

Because of that i need to rethink how to implement that feature. Adding a checkbox in the 'Create' dialog seems to be ok because i was able to enable the locking (via sending the {'x-amz-bucket-object-lock-enabled': 'true'} header) without versioning enabled.

#13 Updated by Volker Theile 27 days ago

  • Pull request ID set to 33821

#14 Updated by Alfonso Martínez 26 days ago

  • Parent task set to #39477

#15 Updated by Lenz Grimmer 24 days ago

  • Status changed from In Progress to Pending Backport
  • Target version set to v15.0.0

#16 Updated by Nathan Cutler 19 days ago

  • Copied to Backport #44656: nautilus: mgr/dashboard: create bucket with x-amz-bucket-object-lock-enabled added

Also available in: Atom PDF