Testing PBS 4.0.14 with Wasabi

[petemcdonnell]

I need some help with an access issue that I can't figure out myself.

I just upgraded my primary PBS server to the latest PBS version as of this post. All went well with the upgrade (Thanks Proxmox! ). I then created a trial account on wasabi, created a bucket and a user to access it.
I can add the S3 compatible storage object no problem. When I try to create the datastore, I get an error "Error: failed to access bucket: bucket does not exist or no permission to access it (400)". I am however, selecting the bucket from the drop down list making me think that the access to enumerate buckets is working.
To test access to the bucket itself, I accessed it using winscp and the same endpiont, access-key and secret key, and I can read/write, upload/download files, etc no problem.

I have logging enabled for my bucket, and when I look at the logs, I do not see 400 errors.

Any assistance would be appreciated! Thanks!

 

[Onslow]

I have found a similar issue described at https://forum.proxmox.com/threads/s3-not-showing-on-my-4-0-11-pbs.169329/
Maybe it'll direct you to a solution?

Edit: also, in other posts and on Reddit, folks mention enabling "path style", whatever it is

 

[p-user]

Try the option Provider Quirks with the S3 configuration, there is only one option for the moment. Sometimes this fixes weird problems.

 

[Chris]

I need some help with an access issue that I can't figure out myself.

I just upgraded my primary PBS server to the latest PBS version as of this post. All went well with the upgrade (Thanks Proxmox! ). I then created a trial account on wasabi, created a bucket and a user to access it.
I can add the S3 compatible storage object no problem. When I try to create the datastore, I get an error "Error: failed to access bucket: bucket does not exist or no permission to access it (400)". I am however, selecting the bucket from the drop down list making me think that the access to enumerate buckets is working.
To test access to the bucket itself, I accessed it using winscp and the same endpiont, access-key and secret key, and I can read/write, upload/download files, etc no problem.

I have logging enabled for my bucket, and when I look at the logs, I do not see 400 errors.

Any assistance would be appreciated! Thanks!

Please share your endpoint configuration, retracting access and secret key. You can get it by cat /etc/proxmox-backup/s3.cfg on you PBS host.

A few things to check:

• If the bucket name is not part of the endpoint url, make sure to set the path-style flag to true. To understand the differences between path style and vhost style bucket addressing see https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#path-style-access
• Make sure you did set the correct region. The region is part of the request authentication, so required to be set correctly.
• Make sure you did not set a port if the default 443 is used. If explicitly set, the port will be included in the http requests host header, which some S3 implementation do not accept.
• Make sure to set a fingerprint if self signed certificates are used (which is not the case for you, just mentioning this for completeness).
• Set the provider quirks if your provider does not support some features, e.g. the If-None-Match http header for put requests is not implemented by all providers

 

[petemcdonnell]

Try the option Provider Quirks with the S3 configuration, there is only one option for the moment. Sometimes this fixes weird problems.

Thanks for the suggestion. I did try this with no change in behaviour.

 

[petemcdonnell]

Please share your endpoint configuration, retracting access and secret key. You can get it by cat /etc/proxmox-backup/s3.cfg on you PBS host.

A few things to check:

• If the bucket name is not part of the endpoint url, make sure to set the path-style flag to true. To understand the differences between path style and vhost style bucket addressing see https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#path-style-access
• Make sure you did set the correct region. The region is part of the request authentication, so required to be set correctly.
• Make sure you did not set a port if the default 443 is used. If explicitly set, the port will be included in the http requests host header, which some S3 implementation do not accept.
• Make sure to set a fingerprint if self signed certificates are used (which is not the case for you, just mentioning this for completeness).
• Set the provider quirks if your provider does not support some features, e.g. the If-None-Match http header for put requests is not implemented by all providers

Thank you for the list of things to check! Starting with the configuration, here it is:

root@xxx:~# cat /etc/proxmox-backup/s3.cfg
s3-endpoint: wasabi
        access-key xxx
        endpoint s3.ca-central-1.wasabisys.com
        region ca-central-1
        secret-key xxx

I've now set path-style to true in that config file and wow - I'm past the error that I had initially!

Now on to further testing

Thanks and have a great day!