New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add S3 IPv6 "dualstack" endpoint support . Option = "use_dual_stack" [bool] #7482
Conversation
088e7d4
to
cf0ec77
Compare
Why not set this option enabled by default? Endpoint is dual stacked, so it should work on IPv4 only setups too. |
I'm following AWS cli pattern here. aws cli requires |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for doing this.
I had no idea that S3 endpoints wouldn't be dual stack by default. Seems rather quaint that they aren't but I guess AWS have their reasons.
I wrote some notes inline for some improvements.
Thank you :-)
backend/s3/s3.go
Outdated
@@ -2628,6 +2628,7 @@ type Options struct { | |||
Region string `config:"region"` | |||
Endpoint string `config:"endpoint"` | |||
STSEndpoint string `config:"sts_endpoint"` | |||
DualstackEndpoint bool `config:"dualstack_endpoint"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This needs a config setting like this one
Lines 2212 to 2221 in 298c13e
}, { | |
Name: "v2_auth", | |
Help: `If true use v2 authentication. | |
If this is false (the default) then rclone will use v4 authentication. | |
If it is set then rclone will use v2 authentication. | |
Use this only if v4 signatures don't work, e.g. pre Jewel/v10 CEPH.`, | |
Default: false, | |
Advanced: true, |
docs/content/s3.md
Outdated
@@ -1126,6 +1126,19 @@ Properties: | |||
- Owner gets FULL_CONTROL. | |||
- The AuthenticatedUsers group gets READ access. | |||
|
|||
#### --s3-dualstack-endpoint |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should be auto generated from the config you need to add above :-)
backend/s3/s3.go
Outdated
@@ -2956,6 +2957,9 @@ func s3Connection(ctx context.Context, opt *Options, client *http.Client) (*s3.S | |||
r.addService("sts", opt.STSEndpoint) | |||
awsConfig.WithEndpointResolver(r) | |||
} | |||
if opt.DualstackEndpoint { | |||
awsConfig.WithUseDualStack(true) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The AWS docs say
// Deprecated: This option will continue to function for S3 and S3 Control for backwards compatibility.
// UseDualStackEndpoint should be used to enable usage of a service's dual-stack endpoint for all service clients
// moving forward. For S3 and S3 Control, when UseDualStackEndpoint is set to a non-zero value it takes higher
// precedence then this option.
UseDualStack *bool
About this option.
backend/s3/s3.go
Outdated
@@ -2628,6 +2628,7 @@ type Options struct { | |||
Region string `config:"region"` | |||
Endpoint string `config:"endpoint"` | |||
STSEndpoint string `config:"sts_endpoint"` | |||
DualstackEndpoint bool `config:"dualstack_endpoint"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we call this use_dual_stack
since it is a bool? That would fit in better with the other options.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we call this
use_dual_stack
since it is a bool? That would fit in better with the other options.
Thanks I’ll update with the feedback and thanks for catching the deprecation. There’s a v1 & v2 AWS api for GO and a couple other deprecations so this is one i missed. I’ll have the updates shortly.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Migrate to the new AWS SDK is probably something we should bite the bullet and do at some point, however that is out of scope for this PR :-)
15e9e76
to
d45e387
Compare
|
dualstack_endpoint=true enables IPv6 DNS lookup for S3 endpoints in s3.go, add Options.DualstackEndpoint to support IPv6 on S3
d45e387
to
074b4ab
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks great now - thanks!
I'll just run the CI and if it passed (modulo the thing I know will fail!) I'll merge - thank you :-)
Thank you :-) |
many thanks for all the help and guidance. I'm really happy to contribute to rclone it's been a great tool |
What is the purpose of this change?
Currently rclone hangs when IPv4 route to S3 is unavailable (e.g. no IPV4 interface or no IPV4 route to internet ). This change adds S3 IPv6 "dualstack" endpoint support . Option =
use_dual_stack
[bool] . Default S3 endpoints are IPv4 NOT IPv6See AWS docs on IPv6:
"To make a request to an S3 bucket over IPv6, you need to use a dual-stack endpoint."
Why Now?
Starting Feb, EC2 will charge for public IPv4 addresses & NAT traffic. More AWS users will be using rclone & S3 on IPV6
Steps to Reproduce
rclone ls test-s3:
ACTUAL RESULTS
rclone hangs
EXPECTED RESULTS
Files listed are visible
Testing This Change
use_dual_stack=true
in rclone.conf (see below)go run . ls test-s3:
Testing S3 Default & DualStack endpoints
Example S3 queries to default & dual-stack endpoints for example
Dualstack (both IPv4 & IPv6 lookup work)
Was the change discussed in an issue or in the forum before?
https://forum.rclone.org/t/ipv6-guide-review-with-google-drive-ec2-s3/43218
IPv6 Support Could Use Attention...
I recommend dumping all rclone endpoints and testing
dig AAAA
to see which ones currently support IPv6.Unit Testing
I've added test coverage s3.go covering enable/disable dualstack config
no broken tests
Checklist