public inbox for pbs-devel@lists.proxmox.com
 help / color / mirror / Atom feed
From: Christian Ebner <c.ebner@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [RFC v2 proxmox-backup 16/42] api/bin: add endpoint and command to check s3 client connection
Date: Thu, 29 May 2025 16:31:41 +0200	[thread overview]
Message-ID: <20250529143207.694497-17-c.ebner@proxmox.com> (raw)
In-Reply-To: <20250529143207.694497-1-c.ebner@proxmox.com>

Adds a dedicated api endpoint and a proxmox-backup-manager command to
check if the configured S3 client can reach the bucket.

Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
 src/api2/admin/mod.rs                 |  2 +
 src/api2/admin/s3.rs                  | 72 +++++++++++++++++++++++++++
 src/bin/proxmox-backup-manager.rs     |  1 +
 src/bin/proxmox_backup_manager/mod.rs |  2 +
 src/bin/proxmox_backup_manager/s3.rs  | 34 +++++++++++++
 5 files changed, 111 insertions(+)
 create mode 100644 src/api2/admin/s3.rs
 create mode 100644 src/bin/proxmox_backup_manager/s3.rs

diff --git a/src/api2/admin/mod.rs b/src/api2/admin/mod.rs
index a1c49f8e2..7694de4b9 100644
--- a/src/api2/admin/mod.rs
+++ b/src/api2/admin/mod.rs
@@ -9,6 +9,7 @@ pub mod gc;
 pub mod metrics;
 pub mod namespace;
 pub mod prune;
+pub mod s3;
 pub mod sync;
 pub mod traffic_control;
 pub mod verify;
@@ -19,6 +20,7 @@ const SUBDIRS: SubdirMap = &sorted!([
     ("metrics", &metrics::ROUTER),
     ("prune", &prune::ROUTER),
     ("gc", &gc::ROUTER),
+    ("s3", &s3::ROUTER),
     ("sync", &sync::ROUTER),
     ("traffic-control", &traffic_control::ROUTER),
     ("verify", &verify::ROUTER),
diff --git a/src/api2/admin/s3.rs b/src/api2/admin/s3.rs
new file mode 100644
index 000000000..229bcc535
--- /dev/null
+++ b/src/api2/admin/s3.rs
@@ -0,0 +1,72 @@
+//! S3 bucket operations
+
+use anyhow::{Context, Error};
+use hyper::Body;
+use serde_json::Value;
+
+use proxmox_router::{list_subdirs_api_method, Permission, Router, RpcEnvironment, SubdirMap};
+use proxmox_schema::*;
+use proxmox_sortable_macro::sortable;
+
+use pbs_api_types::{S3ClientConfig, S3ClientSecretsConfig, PRIV_SYS_MODIFY, S3_CLIENT_ID_SCHEMA};
+
+#[api(
+    input: {
+        properties: {
+            "s3-client-id": {
+                schema: S3_CLIENT_ID_SCHEMA ,
+            },
+        },
+    },
+    access: {
+        permission: &Permission::Privilege(&[], PRIV_SYS_MODIFY, false),
+    },
+)]
+/// Perform basic sanity check for given s3 client configuration
+pub async fn check(s3_client_id: String, _rpcenv: &mut dyn RpcEnvironment) -> Result<Value, Error> {
+    let (config, _digest) = pbs_config::s3::config()?;
+    let config: S3ClientConfig = config
+        .lookup("s3client", &s3_client_id)
+        .context("config lookup failed")?;
+    let (secrets, _secrets_digest) = pbs_config::s3::secrets_config()?;
+    let secrets: S3ClientSecretsConfig = secrets
+        .lookup("s3secrets", &s3_client_id)
+        .context("secrets lookup failed")?;
+
+    let options = pbs_s3_client::S3ClientOptions {
+        host: config.host,
+        port: config.port,
+        bucket: config.bucket,
+        region: config.region.unwrap_or_default(),
+        fingerprint: config.fingerprint,
+        access_key: config.access_key,
+        secret_key: secrets.secret_key,
+    };
+
+    let test_object_key = ".s3-client-test";
+    let client = pbs_s3_client::S3Client::new(options).context("client creation failed")?;
+    client.head_bucket().await.context("head object failed")?;
+    client
+        .put_object(test_object_key.into(), Body::empty())
+        .await
+        .context("put object failed")?;
+    client
+        .get_object(test_object_key.into())
+        .await
+        .context("get object failed")?;
+    client
+        .delete_object(test_object_key.into())
+        .await
+        .context("delete object failed")?;
+
+    Ok(Value::Null)
+}
+
+#[sortable]
+const S3_OPERATION_SUBDIRS: SubdirMap = &[("check", &Router::new().get(&API_METHOD_CHECK))];
+
+const S3_OPERATION_ROUTER: Router = Router::new()
+    .get(&list_subdirs_api_method!(S3_OPERATION_SUBDIRS))
+    .subdirs(S3_OPERATION_SUBDIRS);
+
+pub const ROUTER: Router = Router::new().match_all("s3-client-id", &S3_OPERATION_ROUTER);
diff --git a/src/bin/proxmox-backup-manager.rs b/src/bin/proxmox-backup-manager.rs
index d4363e717..68d87c676 100644
--- a/src/bin/proxmox-backup-manager.rs
+++ b/src/bin/proxmox-backup-manager.rs
@@ -677,6 +677,7 @@ async fn run() -> Result<(), Error> {
         .insert("garbage-collection", garbage_collection_commands())
         .insert("acme", acme_mgmt_cli())
         .insert("cert", cert_mgmt_cli())
+        .insert("s3", s3_commands())
         .insert("subscription", subscription_commands())
         .insert("sync-job", sync_job_commands())
         .insert("verify-job", verify_job_commands())
diff --git a/src/bin/proxmox_backup_manager/mod.rs b/src/bin/proxmox_backup_manager/mod.rs
index 9b5c73e9a..312a6db6b 100644
--- a/src/bin/proxmox_backup_manager/mod.rs
+++ b/src/bin/proxmox_backup_manager/mod.rs
@@ -26,6 +26,8 @@ mod prune;
 pub use prune::*;
 mod remote;
 pub use remote::*;
+mod s3;
+pub use s3::*;
 mod subscription;
 pub use subscription::*;
 mod sync;
diff --git a/src/bin/proxmox_backup_manager/s3.rs b/src/bin/proxmox_backup_manager/s3.rs
new file mode 100644
index 000000000..a92d3d1b2
--- /dev/null
+++ b/src/bin/proxmox_backup_manager/s3.rs
@@ -0,0 +1,34 @@
+use pbs_api_types::S3_CLIENT_ID_SCHEMA;
+use proxmox_router::{cli::*, RpcEnvironment};
+use proxmox_schema::api;
+
+use proxmox_backup::api2;
+
+use anyhow::Error;
+use serde_json::Value;
+
+#[api(
+    input: {
+        properties: {
+            "s3-client-id": {
+                schema: S3_CLIENT_ID_SCHEMA,
+            },
+        },
+    },
+)]
+/// Perform basic sanity checks for given S3 client configuration
+async fn check(s3_client_id: String, rpcenv: &mut dyn RpcEnvironment) -> Result<Value, Error> {
+    api2::admin::s3::check(s3_client_id, rpcenv).await?;
+    Ok(Value::Null)
+}
+
+pub fn s3_commands() -> CommandLineInterface {
+    let cmd_def = CliCommandMap::new().insert(
+        "check",
+        CliCommand::new(&API_METHOD_CHECK)
+            .arg_param(&["s3-client-id"])
+            .completion_cb("s3-client-id", pbs_config::s3::complete_s3_client_id),
+    );
+
+    cmd_def.into()
+}
-- 
2.39.5



_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel


  parent reply	other threads:[~2025-05-29 14:32 UTC|newest]

Thread overview: 47+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-05-29 14:31 [pbs-devel] [RFC v2 proxmox/bookworm-stable proxmox-backup 00/42] S3 storage backend for datastores Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox/bookworm-stable 1/42] pbs-api-types: add types for S3 client configs and secrets Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox/bookworm-stable 2/42] pbs-api-types: extend datastore config by backend config enum Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 03/42] api: fix minor formatting issues Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 04/42] bin: sort submodules alphabetically Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 05/42] datastore: ignore missing owner file when removing group directory Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 06/42] verify: refactor verify related functions to be methods of worker Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 07/42] s3 client: add crate for AWS S3 compatible object store client Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 08/42] s3 client: implement AWS signature v4 request authentication Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 09/42] s3 client: add dedicated type for s3 object keys Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 10/42] s3 client: add type for last modified timestamp in responses Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 11/42] s3 client: add helper to parse http date headers Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 12/42] s3 client: implement methods to operate on s3 objects in bucket Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 13/42] config: introduce s3 object store client configuration Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 14/42] api: config: implement endpoints to manipulate and list s3 configs Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 15/42] api: datastore: check S3 backend bucket access on datastore create Christian Ebner
2025-05-29 14:31 ` Christian Ebner [this message]
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 17/42] datastore: allow to get the backend for a datastore Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 18/42] api: backup: store datastore backend in runtime environment Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 19/42] api: backup: conditionally upload chunks to S3 object store backend Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 20/42] api: backup: conditionally upload blobs " Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 21/42] api: backup: conditionally upload indices " Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 22/42] api: backup: conditionally upload manifest " Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 23/42] sync: pull: conditionally upload content to S3 backend Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 24/42] api: reader: fetch chunks based on datastore backend Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 25/42] datastore: local chunk reader: read chunks based on backend Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 26/42] verify worker: add datastore backed to verify worker Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 27/42] verify: implement chunk verification for stores with s3 backend Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 28/42] datastore: create namespace marker in S3 backend Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 29/42] datastore: create/delete protected marker file on S3 storage backend Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 30/42] datastore: prune groups/snapshots from S3 object store backend Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 31/42] datastore: get and set owner for S3 " Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 32/42] datastore: implement garbage collection for s3 backend Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 33/42] ui: add S3 client edit window for configuration create/edit Christian Ebner
2025-05-29 14:31 ` [pbs-devel] [RFC v2 proxmox-backup 34/42] ui: add S3 client view for configuration Christian Ebner
2025-05-29 14:32 ` [pbs-devel] [RFC v2 proxmox-backup 35/42] ui: expose the S3 client view in the navigation tree Christian Ebner
2025-05-29 14:32 ` [pbs-devel] [RFC v2 proxmox-backup 36/42] ui: add s3 bucket selector and allow to set s3 backend Christian Ebner
2025-05-29 14:32 ` [pbs-devel] [RFC v2 proxmox-backup 37/42] tools: lru cache: add removed callback for evicted cache nodes Christian Ebner
2025-05-29 14:32 ` [pbs-devel] [RFC v2 proxmox-backup 38/42] tools: async lru cache: implement insert, remove and contains methods Christian Ebner
2025-05-29 14:32 ` [pbs-devel] [RFC v2 proxmox-backup 39/42] datastore: add local datastore cache for network attached storages Christian Ebner
2025-05-29 14:32 ` [pbs-devel] [RFC v2 proxmox-backup 40/42] api: backup: use local datastore cache on S3 backend chunk upload Christian Ebner
2025-05-29 14:32 ` [pbs-devel] [RFC v2 proxmox-backup 41/42] api: reader: use local datastore cache on S3 backend chunk fetching Christian Ebner
2025-05-29 14:32 ` [pbs-devel] [RFC v2 proxmox-backup 42/42] api: backup: add no-cache flag to bypass local datastore cache Christian Ebner
2025-06-04 11:58 ` [pbs-devel] [RFC v2 proxmox/bookworm-stable proxmox-backup 00/42] S3 storage backend for datastores Lukas Wagner
2025-06-06  7:40   ` Christian Ebner
2025-06-06 11:12 ` Lukas Wagner
2025-06-16 14:27 ` [pbs-devel] superseded: " Christian Ebner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250529143207.694497-17-c.ebner@proxmox.com \
    --to=c.ebner@proxmox.com \
    --cc=pbs-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal