25.2. S3_PING Configuration Options
Red Hat JBoss Data Grid works with Amazon Web Services in two ways:
- In Library mode, use JGroups'
jgroups-ec2.xml
file (see Section 24.3.2.3, “jgroups-ec2.xml” for details) or use theS3_PING
protocol. - In Remote Client-Server mode, use JGroups'
S3_PING
protocol.
In Library and Remote Client-Server mode, there are three ways to configure the
S3_PING
protocol for clustering to work in Amazon AWS:
- Use Private S3 Buckets. These buckets use Amazon AWS credentials.
- Use Pre-Signed URLs. These pre-assigned URLs are assigned to buckets with private write and public read rights.
- Use Public S3 Buckets. These buckets do not have any credentials.
25.2.1. Using Private S3 Buckets
This configuration requires access to a private bucket that can only be accessed with the appropriate AWS credentials. To confirm that the appropriate permissions are available, confirm that the user has the following permissions for the bucket:
- List
- Upload/Delete
- View Permissions
- Edit Permissions
Ensure that the
S3_PING
configuration includes the following properties:
- either the
location
or theprefix
property to specify the bucket, but not both. If theprefix
property is set,S3_PING
searches for a bucket with a name that starts with the prefix value. If a bucket with the prefix at the beginning of the name is found,S3_PING
uses that bucket. If a bucket with the prefix is not found,S3_PING
creates a bucket using the AWS credentials and names it based on the prefix and a UUID (the naming format is {prefix value}-{UUID}). - the
access_key
andsecret_access_key
properties for the AWS user.
Note
If a
403
error displays when using this configuration, verify that the properties have the correct values. If the problem persists, confirm that the system time in the EC2 node is correct. Amazon S3 rejects requests with a time stamp that is more than 15
minutes old compared to their server's times for security purposes.
Example 25.1. Start the Red Hat JBoss Data Grid Server with a Private Bucket
Run the following command from the top level of the server directory to start the Red Hat JBoss Data Grid server using a private S3 bucket:
bin/clustered.sh -Djboss.bind.address={server_ip_address} -Djboss.bind.address.management={server_ip_address} -Djboss.default.jgroups.stack=s3 -Djgroups.s3.bucket={s3_bucket_name} -Djgroups.s3.access_key={access_key} -Djgroups.s3.secret_access_key={secret_access_key}
- Replace {server_ip_address} with the server's IP address.
- Replace {s3_bucket_name} with the appropriate bucket name.
- Replace {access_key} with the user's access key.
- Replace {secret_access_key} with the user's secret access key.