minimanta's Introduction

Mini Manta

A small object store service that implements portions of the Manta API in a single zone. Unlike Manta, this service provides no resiliency beyond that provided by the underlying ZFS pool. There are not multiple copies. There is no HA.

This service is for those who want or need the convenience of Manta, without the overhead of installing a full Manta.

Some good use cases:

Manta backing for imgapi
Triton SDC log uploads to manta
People who wanta manta-like experience at home, but don't have the necessary hardware to devote to a manta installation.

Requirements

A joyent or joyent-minimal brand zone instance on SmartOS.
- A delegated dataset is recomended
node.js version 10.x or earlier
nginx installed (for mime type lookup).
- Alternatively, provide your own mime.types file.

Getting started

git clone https://github.com/arekinath/minimanta.git
cd minimanta
make install

Authentication

User keys are stored in the user's keys directory under the manta root. It will be the same path as the keyId value from the auth header. E.g., if config.json specifies root as /manta, then for a user fbulsara, with a key id b8:74:38:e8:69:75:30:9d:c7:cd:7e:d9:a6:e1:01:c8, copy their id_ecdsa.pub to

/manta/fbulsara/keys/b8:74:38:e8:69:75:30:9d:c7:cd:7e:d9:a6:e1:01:c8

After a users's first key is created, they can use that key to authenticate and PUT or DELETE keys for self-service key management.

Operators

Operator accounts can read/write any object in manta via the API. To designate an operator, you need to edit the minimanta.json file in the resource fork of the user's manta directory. To designate a user, fbulsara, as an operator run:

runat /manta/fbulsara vi minimanta.json

Add the key "operator":true, save and exit. The user can now read/write any directory or object.

Supported API Surface

minimanta implements the directory object API only. The following Manta cli commands are expected to work.

mchattr
mfind
mget
minfo
mls
mmd5
mmkdir
mput
mrm
mrmdir
msign
muntar

See the Manta API Storage Reference for details about the API. Note that there may be undocumented divergences or bugs in behavior.

Unsupported API Surface

The following are not (nor will they ever be) supported:

jobs
snaplinks
multi-part upload
garbage collection (because deletes are processed in real time by removing objects from the filesystem)
RBAC (and thus cross-account authorization)
multiple copies

This is not an exhaustive list.

TLS

Minimanta itself does not do TLS. It is recomended to use nginx as a front end load balancer that handles TLS authentication. You can have an added benefit of enabling caching in nginx to speed up reads of frequently accessed files.

An example nginx config is provided in the examples directory.

You may also use a different front end such as Apache or HAproxy.

Bugs

Probably some.

minimanta's People

Contributors

Stargazers

Watchers

minimanta's Issues

Empty minimanta.json in resource fork crashes server

While syncing files to a minimanta instance, I kept seeing occasional BadGatewayError and ECONNRESET errors. Looking at the service's logs, I saw:

Uncaught SyntaxError: Unexpected end of input

FROM
ReadStream.<anonymous> (/root/minimanta/lib/fstor.js:402:15)
ReadStream.emit (events.js:72:20)
endReadableNT (_stream_readable.js:923:12)
nextTickCallbackWith2Args (node.js:511:9)
process._tickDomainCallback (node.js:466:17)
[ Aug 26 21:10:54 Stopping because process dumped core. ]
[ Aug 26 21:10:54 Executing stop method (:kill). ]
[ Aug 26 21:10:54 Executing start method ("/opt/local/bin/node --abort_on_uncaught_exception /root/minimanta/server.js 8083 &"). ]
[ Aug 26 21:10:54 Method "start" exited with status 0. ]

Looking at the core dump:

-bash-4.3$ pfexec mdb /zones/c601c16b-c8c7-4efd-c6d3-afd8d3981397/cores/core.node.306953
Loading modules: [ libumem.so.1 libc.so.1 ld.so.1 ]
> ::load v8   
mdb_v8 version: 1.3.0 (release, from 28f2bfa)
V8 version: 4.5.103.47
Autoconfigured V8 support from target
C++ symbol demangling enabled
> ::jsstack -v
native: v8::base::OS::Abort+9
native: v8::internal::Runtime_ParseJson+0x53f
        (1 internal frame elided)
js:     parse
          file: native json.js
          posn: position 549
          this: 1df2324a1a21 (JSObject: JSON)
          arg1: 1df232404291 (<unknown subclass>: String)
          arg2: 1df2324041b9 (Oddball: "undefined")
          
             35 }
             36 }
             37 }
             38 return %_CallFunction(j,k,m,l);
             39 }
             40 function JSONParse(r,l){
             41 var t=%ParseJson(((typeof(%IS_VAR(r))==='string')?r:$nonStringToString(r)));
             42 if((%_ClassOf(l)==='Function')){
             43 return Revive({'':t},'',l);
             44 }else{
             45 return t;
             46 }
             47 }
             48 function SerializeArray(u,v,w,x,y){
             49 if(!%PushIfAbsent(w,u))throw MakeTypeError(17);
             50 var z=x;
             51 x+=y;
             52 var A=new d();
             53 var B=u.length;
          
        (1 internal frame elided)
> 1df232404291::jsprint
""

This would seem to suggest that we have somehow created an empty minimanta.json file in the resource fork.

Recommend Projects

arekinath / minimanta Goto Github PK