Object Storage

Object Storage offers a scalable storage service which can be used by applications compatible with the Amazon S3 protocol.

The CERN Object Store is built upon Ceph and operated by the IT Storage Group

Quota

Access to the Object Storage service requires an explicit quota request for shared projects. Please use the "Request quota change" button on the Horizon web interface to request resources. Note that quota will not be granted for "Personal" OpenStack tenants.

Credentials

After quota has been granted, S3 credentials can be created via the openstack CLI.

First, configure the openstack environment using the appropriate openstack project:

unset OS_PROJECT_ID;
unset OS_TENANT_ID;
unset OS_TENANT_NAME;
export OS_PROJECT_NAME="PUT PROJECT HERE";

Next, create and view the keys:

S3_HOST=$(openstack catalog show s3 -f json -c endpoints | jq --raw-output '.endpoints[] | select(.interface | contains("public")) | .url' | cut -f3 -d/)
ACCESS_KEY=$(openstack ec2 credentials create -f value -c access)
SECRET_KEY=$(openstack ec2 credentials show $ACCESS_KEY -f value -c secret)

echo $S3_HOST
echo $ACCESS_KEY
echo $SECRET_KEY

Use the above host and keys in your S3-compatible application. Please note that, although the generation of the credentials is instantaneous, it can take up to 15mn before the key gets propagated - you will be denied access in the mean time.

Using Object Storage

Here are some examples using object storage from the command line:

• s3cmd
• aws cli
• openstack common client

Privacy Policy

Object Storage is backed by Ceph, whose Privacy Policy is available here.