mirror of
https://github.com/rclone/rclone.git
synced 2024-11-23 15:25:06 +08:00
846 lines
25 KiB
Markdown
846 lines
25 KiB
Markdown
---
|
||
title: "Oracle Object Storage"
|
||
description: "Rclone docs for Oracle Object Storage"
|
||
type: page
|
||
versionIntroduced: "v1.60"
|
||
---
|
||
|
||
# {{< icon "fa fa-cloud" >}} Oracle Object Storage
|
||
- [Oracle Object Storage Overview](https://docs.oracle.com/en-us/iaas/Content/Object/Concepts/objectstorageoverview.htm)
|
||
- [Oracle Object Storage FAQ](https://www.oracle.com/cloud/storage/object-storage/faq/)
|
||
- [Oracle Object Storage Limits](https://docs.oracle.com/en-us/iaas/Content/Resources/Assets/whitepapers/oci-object-storage-best-practices.pdf)
|
||
|
||
Paths are specified as `remote:bucket` (or `remote:` for the `lsd` command.) You may put subdirectories in
|
||
too, e.g. `remote:bucket/path/to/dir`.
|
||
|
||
Sample command to transfer local artifacts to remote:bucket in oracle object storage:
|
||
|
||
`rclone -vvv --progress --stats-one-line --max-stats-groups 10 --log-format date,time,UTC,longfile --fast-list --buffer-size 256Mi --oos-no-check-bucket --oos-upload-cutoff 10Mi --multi-thread-cutoff 16Mi --multi-thread-streams 3000 --transfers 3000 --checkers 64 --retries 2 --oos-chunk-size 10Mi --oos-upload-concurrency 10000 --oos-attempt-resume-upload --oos-leave-parts-on-error sync ./artifacts remote:bucket -vv`
|
||
|
||
## Configuration
|
||
|
||
Here is an example of making an oracle object storage configuration. `rclone config` walks you
|
||
through it.
|
||
|
||
Here is an example of how to make a remote called `remote`. First run:
|
||
|
||
rclone config
|
||
|
||
This will guide you through an interactive setup process:
|
||
|
||
|
||
```
|
||
n) New remote
|
||
d) Delete remote
|
||
r) Rename remote
|
||
c) Copy remote
|
||
s) Set configuration password
|
||
q) Quit config
|
||
e/n/d/r/c/s/q> n
|
||
|
||
Enter name for new remote.
|
||
name> remote
|
||
|
||
Option Storage.
|
||
Type of storage to configure.
|
||
Choose a number from below, or type in your own value.
|
||
[snip]
|
||
XX / Oracle Cloud Infrastructure Object Storage
|
||
\ (oracleobjectstorage)
|
||
Storage> oracleobjectstorage
|
||
|
||
Option provider.
|
||
Choose your Auth Provider
|
||
Choose a number from below, or type in your own string value.
|
||
Press Enter for the default (env_auth).
|
||
1 / automatically pickup the credentials from runtime(env), first one to provide auth wins
|
||
\ (env_auth)
|
||
/ use an OCI user and an API key for authentication.
|
||
2 | you’ll need to put in a config file your tenancy OCID, user OCID, region, the path, fingerprint to an API key.
|
||
| https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm
|
||
\ (user_principal_auth)
|
||
/ use instance principals to authorize an instance to make API calls.
|
||
3 | each instance has its own identity, and authenticates using the certificates that are read from instance metadata.
|
||
| https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm
|
||
\ (instance_principal_auth)
|
||
/ use workload identity to grant Kubernetes pods policy-driven access to Oracle Cloud
|
||
4 | Infrastructure (OCI) resources using OCI Identity and Access Management (IAM).
|
||
| https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contenggrantingworkloadaccesstoresources.htm
|
||
\ (workload_identity_auth)
|
||
5 / use resource principals to make API calls
|
||
\ (resource_principal_auth)
|
||
6 / no credentials needed, this is typically for reading public buckets
|
||
\ (no_auth)
|
||
provider> 2
|
||
|
||
Option namespace.
|
||
Object storage namespace
|
||
Enter a value.
|
||
namespace> idbamagbg734
|
||
|
||
Option compartment.
|
||
Object storage compartment OCID
|
||
Enter a value.
|
||
compartment> ocid1.compartment.oc1..aaaaaaaapufkxc7ame3sthry5i7ujrwfc7ejnthhu6bhanm5oqfjpyasjkba
|
||
|
||
Option region.
|
||
Object storage Region
|
||
Enter a value.
|
||
region> us-ashburn-1
|
||
|
||
Option endpoint.
|
||
Endpoint for Object storage API.
|
||
Leave blank to use the default endpoint for the region.
|
||
Enter a value. Press Enter to leave empty.
|
||
endpoint>
|
||
|
||
Option config_file.
|
||
Full Path to OCI config file
|
||
Choose a number from below, or type in your own string value.
|
||
Press Enter for the default (~/.oci/config).
|
||
1 / oci configuration file location
|
||
\ (~/.oci/config)
|
||
config_file> /etc/oci/dev.conf
|
||
|
||
Option config_profile.
|
||
Profile name inside OCI config file
|
||
Choose a number from below, or type in your own string value.
|
||
Press Enter for the default (Default).
|
||
1 / Use the default profile
|
||
\ (Default)
|
||
config_profile> Test
|
||
|
||
Edit advanced config?
|
||
y) Yes
|
||
n) No (default)
|
||
y/n> n
|
||
|
||
Configuration complete.
|
||
Options:
|
||
- type: oracleobjectstorage
|
||
- namespace: idbamagbg734
|
||
- compartment: ocid1.compartment.oc1..aaaaaaaapufkxc7ame3sthry5i7ujrwfc7ejnthhu6bhanm5oqfjpyasjkba
|
||
- region: us-ashburn-1
|
||
- provider: user_principal_auth
|
||
- config_file: /etc/oci/dev.conf
|
||
- config_profile: Test
|
||
Keep this "remote" remote?
|
||
y) Yes this is OK (default)
|
||
e) Edit this remote
|
||
d) Delete this remote
|
||
y/e/d> y
|
||
```
|
||
|
||
See all buckets
|
||
|
||
rclone lsd remote:
|
||
|
||
Create a new bucket
|
||
|
||
rclone mkdir remote:bucket
|
||
|
||
List the contents of a bucket
|
||
|
||
rclone ls remote:bucket
|
||
rclone ls remote:bucket --max-depth 1
|
||
|
||
## Authentication Providers
|
||
|
||
OCI has various authentication methods. To learn more about authentication methods please refer [oci authentication
|
||
methods](https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdk_authentication_methods.htm)
|
||
These choices can be specified in the rclone config file.
|
||
|
||
Rclone supports the following OCI authentication provider.
|
||
|
||
User Principal
|
||
Instance Principal
|
||
Resource Principal
|
||
Workload Identity
|
||
No authentication
|
||
|
||
### User Principal
|
||
|
||
Sample rclone config file for Authentication Provider User Principal:
|
||
|
||
[oos]
|
||
type = oracleobjectstorage
|
||
namespace = id<redacted>34
|
||
compartment = ocid1.compartment.oc1..aa<redacted>ba
|
||
region = us-ashburn-1
|
||
provider = user_principal_auth
|
||
config_file = /home/opc/.oci/config
|
||
config_profile = Default
|
||
|
||
Advantages:
|
||
- One can use this method from any server within OCI or on-premises or from other cloud provider.
|
||
|
||
Considerations:
|
||
- you need to configure user’s privileges / policy to allow access to object storage
|
||
- Overhead of managing users and keys.
|
||
- If the user is deleted, the config file will no longer work and may cause automation regressions that use the user's credentials.
|
||
|
||
### Instance Principal
|
||
|
||
An OCI compute instance can be authorized to use rclone by using it's identity and certificates as an instance principal.
|
||
With this approach no credentials have to be stored and managed.
|
||
|
||
Sample rclone configuration file for Authentication Provider Instance Principal:
|
||
|
||
[opc@rclone ~]$ cat ~/.config/rclone/rclone.conf
|
||
[oos]
|
||
type = oracleobjectstorage
|
||
namespace = id<redacted>fn
|
||
compartment = ocid1.compartment.oc1..aa<redacted>k7a
|
||
region = us-ashburn-1
|
||
provider = instance_principal_auth
|
||
|
||
Advantages:
|
||
|
||
- With instance principals, you don't need to configure user credentials and transfer/ save it to disk in your compute
|
||
instances or rotate the credentials.
|
||
- You don’t need to deal with users and keys.
|
||
- Greatly helps in automation as you don't have to manage access keys, user private keys, storing them in vault,
|
||
using kms etc.
|
||
|
||
Considerations:
|
||
|
||
- You need to configure a dynamic group having this instance as member and add policy to read object storage to that
|
||
dynamic group.
|
||
- Everyone who has access to this machine can execute the CLI commands.
|
||
- It is applicable for oci compute instances only. It cannot be used on external instance or resources.
|
||
|
||
### Resource Principal
|
||
|
||
Resource principal auth is very similar to instance principal auth but used for resources that are not
|
||
compute instances such as [serverless functions](https://docs.oracle.com/en-us/iaas/Content/Functions/Concepts/functionsoverview.htm).
|
||
To use resource principal ensure Rclone process is started with these environment variables set in its process.
|
||
|
||
export OCI_RESOURCE_PRINCIPAL_VERSION=2.2
|
||
export OCI_RESOURCE_PRINCIPAL_REGION=us-ashburn-1
|
||
export OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM=/usr/share/model-server/key.pem
|
||
export OCI_RESOURCE_PRINCIPAL_RPST=/usr/share/model-server/security_token
|
||
|
||
Sample rclone configuration file for Authentication Provider Resource Principal:
|
||
|
||
[oos]
|
||
type = oracleobjectstorage
|
||
namespace = id<redacted>34
|
||
compartment = ocid1.compartment.oc1..aa<redacted>ba
|
||
region = us-ashburn-1
|
||
provider = resource_principal_auth
|
||
|
||
### Workload Identity
|
||
Workload Identity auth may be used when running Rclone from Kubernetes pod on a Container Engine for Kubernetes (OKE) cluster.
|
||
For more details on configuring Workload Identity, see [Granting Workloads Access to OCI Resources](https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contenggrantingworkloadaccesstoresources.htm).
|
||
To use workload identity, ensure Rclone is started with these environment variables set in its process.
|
||
|
||
export OCI_RESOURCE_PRINCIPAL_VERSION=2.2
|
||
export OCI_RESOURCE_PRINCIPAL_REGION=us-ashburn-1
|
||
|
||
### No authentication
|
||
|
||
Public buckets do not require any authentication mechanism to read objects.
|
||
Sample rclone configuration file for No authentication:
|
||
|
||
[oos]
|
||
type = oracleobjectstorage
|
||
namespace = id<redacted>34
|
||
compartment = ocid1.compartment.oc1..aa<redacted>ba
|
||
region = us-ashburn-1
|
||
provider = no_auth
|
||
|
||
### Modification times and hashes
|
||
|
||
The modification time is stored as metadata on the object as
|
||
`opc-meta-mtime` as floating point since the epoch, accurate to 1 ns.
|
||
|
||
If the modification time needs to be updated rclone will attempt to perform a server
|
||
side copy to update the modification if the object can be copied in a single part.
|
||
In the case the object is larger than 5Gb, the object will be uploaded rather than copied.
|
||
|
||
Note that reading this from the object takes an additional `HEAD` request as the metadata
|
||
isn't returned in object listings.
|
||
|
||
The MD5 hash algorithm is supported.
|
||
|
||
### Multipart uploads
|
||
|
||
rclone supports multipart uploads with OOS which means that it can
|
||
upload files bigger than 5 GiB.
|
||
|
||
Note that files uploaded *both* with multipart upload *and* through
|
||
crypt remotes do not have MD5 sums.
|
||
|
||
rclone switches from single part uploads to multipart uploads at the
|
||
point specified by `--oos-upload-cutoff`. This can be a maximum of 5 GiB
|
||
and a minimum of 0 (ie always upload multipart files).
|
||
|
||
The chunk sizes used in the multipart upload are specified by
|
||
`--oos-chunk-size` and the number of chunks uploaded concurrently is
|
||
specified by `--oos-upload-concurrency`.
|
||
|
||
Multipart uploads will use `--transfers` * `--oos-upload-concurrency` *
|
||
`--oos-chunk-size` extra memory. Single part uploads to not use extra
|
||
memory.
|
||
|
||
Single part transfers can be faster than multipart transfers or slower
|
||
depending on your latency from oos - the more latency, the more likely
|
||
single part transfers will be faster.
|
||
|
||
Increasing `--oos-upload-concurrency` will increase throughput (8 would
|
||
be a sensible value) and increasing `--oos-chunk-size` also increases
|
||
throughput (16M would be sensible). Increasing either of these will
|
||
use more memory. The default values are high enough to gain most of
|
||
the possible performance without using too much memory.
|
||
|
||
{{< rem autogenerated options start" - DO NOT EDIT - instead edit fs.RegInfo in backend/oracleobjectstorage/oracleobjectstorage.go then run make backenddocs" >}}
|
||
### Standard options
|
||
|
||
Here are the Standard options specific to oracleobjectstorage (Oracle Cloud Infrastructure Object Storage).
|
||
|
||
#### --oos-provider
|
||
|
||
Choose your Auth Provider
|
||
|
||
Properties:
|
||
|
||
- Config: provider
|
||
- Env Var: RCLONE_OOS_PROVIDER
|
||
- Type: string
|
||
- Default: "env_auth"
|
||
- Examples:
|
||
- "env_auth"
|
||
- automatically pickup the credentials from runtime(env), first one to provide auth wins
|
||
- "user_principal_auth"
|
||
- use an OCI user and an API key for authentication.
|
||
- you’ll need to put in a config file your tenancy OCID, user OCID, region, the path, fingerprint to an API key.
|
||
- https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm
|
||
- "instance_principal_auth"
|
||
- use instance principals to authorize an instance to make API calls.
|
||
- each instance has its own identity, and authenticates using the certificates that are read from instance metadata.
|
||
- https://docs.oracle.com/en-us/iaas/Content/Identity/Tasks/callingservicesfrominstances.htm
|
||
- "workload_identity_auth"
|
||
- use workload identity to grant OCI Container Engine for Kubernetes workloads policy-driven access to OCI resources using OCI Identity and Access Management (IAM).
|
||
- https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contenggrantingworkloadaccesstoresources.htm
|
||
- "resource_principal_auth"
|
||
- use resource principals to make API calls
|
||
- "no_auth"
|
||
- no credentials needed, this is typically for reading public buckets
|
||
|
||
#### --oos-namespace
|
||
|
||
Object storage namespace
|
||
|
||
Properties:
|
||
|
||
- Config: namespace
|
||
- Env Var: RCLONE_OOS_NAMESPACE
|
||
- Type: string
|
||
- Required: true
|
||
|
||
#### --oos-compartment
|
||
|
||
Object storage compartment OCID
|
||
|
||
Properties:
|
||
|
||
- Config: compartment
|
||
- Env Var: RCLONE_OOS_COMPARTMENT
|
||
- Provider: !no_auth
|
||
- Type: string
|
||
- Required: true
|
||
|
||
#### --oos-region
|
||
|
||
Object storage Region
|
||
|
||
Properties:
|
||
|
||
- Config: region
|
||
- Env Var: RCLONE_OOS_REGION
|
||
- Type: string
|
||
- Required: true
|
||
|
||
#### --oos-endpoint
|
||
|
||
Endpoint for Object storage API.
|
||
|
||
Leave blank to use the default endpoint for the region.
|
||
|
||
Properties:
|
||
|
||
- Config: endpoint
|
||
- Env Var: RCLONE_OOS_ENDPOINT
|
||
- Type: string
|
||
- Required: false
|
||
|
||
#### --oos-config-file
|
||
|
||
Path to OCI config file
|
||
|
||
Properties:
|
||
|
||
- Config: config_file
|
||
- Env Var: RCLONE_OOS_CONFIG_FILE
|
||
- Provider: user_principal_auth
|
||
- Type: string
|
||
- Default: "~/.oci/config"
|
||
- Examples:
|
||
- "~/.oci/config"
|
||
- oci configuration file location
|
||
|
||
#### --oos-config-profile
|
||
|
||
Profile name inside the oci config file
|
||
|
||
Properties:
|
||
|
||
- Config: config_profile
|
||
- Env Var: RCLONE_OOS_CONFIG_PROFILE
|
||
- Provider: user_principal_auth
|
||
- Type: string
|
||
- Default: "Default"
|
||
- Examples:
|
||
- "Default"
|
||
- Use the default profile
|
||
|
||
### Advanced options
|
||
|
||
Here are the Advanced options specific to oracleobjectstorage (Oracle Cloud Infrastructure Object Storage).
|
||
|
||
#### --oos-storage-tier
|
||
|
||
The storage class to use when storing new objects in storage. https://docs.oracle.com/en-us/iaas/Content/Object/Concepts/understandingstoragetiers.htm
|
||
|
||
Properties:
|
||
|
||
- Config: storage_tier
|
||
- Env Var: RCLONE_OOS_STORAGE_TIER
|
||
- Type: string
|
||
- Default: "Standard"
|
||
- Examples:
|
||
- "Standard"
|
||
- Standard storage tier, this is the default tier
|
||
- "InfrequentAccess"
|
||
- InfrequentAccess storage tier
|
||
- "Archive"
|
||
- Archive storage tier
|
||
|
||
#### --oos-upload-cutoff
|
||
|
||
Cutoff for switching to chunked upload.
|
||
|
||
Any files larger than this will be uploaded in chunks of chunk_size.
|
||
The minimum is 0 and the maximum is 5 GiB.
|
||
|
||
Properties:
|
||
|
||
- Config: upload_cutoff
|
||
- Env Var: RCLONE_OOS_UPLOAD_CUTOFF
|
||
- Type: SizeSuffix
|
||
- Default: 200Mi
|
||
|
||
#### --oos-chunk-size
|
||
|
||
Chunk size to use for uploading.
|
||
|
||
When uploading files larger than upload_cutoff or files with unknown
|
||
size (e.g. from "rclone rcat" or uploaded with "rclone mount" they will be uploaded
|
||
as multipart uploads using this chunk size.
|
||
|
||
Note that "upload_concurrency" chunks of this size are buffered
|
||
in memory per transfer.
|
||
|
||
If you are transferring large files over high-speed links and you have
|
||
enough memory, then increasing this will speed up the transfers.
|
||
|
||
Rclone will automatically increase the chunk size when uploading a
|
||
large file of known size to stay below the 10,000 chunks limit.
|
||
|
||
Files of unknown size are uploaded with the configured
|
||
chunk_size. Since the default chunk size is 5 MiB and there can be at
|
||
most 10,000 chunks, this means that by default the maximum size of
|
||
a file you can stream upload is 48 GiB. If you wish to stream upload
|
||
larger files then you will need to increase chunk_size.
|
||
|
||
Increasing the chunk size decreases the accuracy of the progress
|
||
statistics displayed with "-P" flag.
|
||
|
||
|
||
Properties:
|
||
|
||
- Config: chunk_size
|
||
- Env Var: RCLONE_OOS_CHUNK_SIZE
|
||
- Type: SizeSuffix
|
||
- Default: 5Mi
|
||
|
||
#### --oos-max-upload-parts
|
||
|
||
Maximum number of parts in a multipart upload.
|
||
|
||
This option defines the maximum number of multipart chunks to use
|
||
when doing a multipart upload.
|
||
|
||
OCI has max parts limit of 10,000 chunks.
|
||
|
||
Rclone will automatically increase the chunk size when uploading a
|
||
large file of a known size to stay below this number of chunks limit.
|
||
|
||
|
||
Properties:
|
||
|
||
- Config: max_upload_parts
|
||
- Env Var: RCLONE_OOS_MAX_UPLOAD_PARTS
|
||
- Type: int
|
||
- Default: 10000
|
||
|
||
#### --oos-upload-concurrency
|
||
|
||
Concurrency for multipart uploads.
|
||
|
||
This is the number of chunks of the same file that are uploaded
|
||
concurrently.
|
||
|
||
If you are uploading small numbers of large files over high-speed links
|
||
and these uploads do not fully utilize your bandwidth, then increasing
|
||
this may help to speed up the transfers.
|
||
|
||
Properties:
|
||
|
||
- Config: upload_concurrency
|
||
- Env Var: RCLONE_OOS_UPLOAD_CONCURRENCY
|
||
- Type: int
|
||
- Default: 10
|
||
|
||
#### --oos-copy-cutoff
|
||
|
||
Cutoff for switching to multipart copy.
|
||
|
||
Any files larger than this that need to be server-side copied will be
|
||
copied in chunks of this size.
|
||
|
||
The minimum is 0 and the maximum is 5 GiB.
|
||
|
||
Properties:
|
||
|
||
- Config: copy_cutoff
|
||
- Env Var: RCLONE_OOS_COPY_CUTOFF
|
||
- Type: SizeSuffix
|
||
- Default: 4.656Gi
|
||
|
||
#### --oos-copy-timeout
|
||
|
||
Timeout for copy.
|
||
|
||
Copy is an asynchronous operation, specify timeout to wait for copy to succeed
|
||
|
||
|
||
Properties:
|
||
|
||
- Config: copy_timeout
|
||
- Env Var: RCLONE_OOS_COPY_TIMEOUT
|
||
- Type: Duration
|
||
- Default: 1m0s
|
||
|
||
#### --oos-disable-checksum
|
||
|
||
Don't store MD5 checksum with object metadata.
|
||
|
||
Normally rclone will calculate the MD5 checksum of the input before
|
||
uploading it so it can add it to metadata on the object. This is great
|
||
for data integrity checking but can cause long delays for large files
|
||
to start uploading.
|
||
|
||
Properties:
|
||
|
||
- Config: disable_checksum
|
||
- Env Var: RCLONE_OOS_DISABLE_CHECKSUM
|
||
- Type: bool
|
||
- Default: false
|
||
|
||
#### --oos-encoding
|
||
|
||
The encoding for the backend.
|
||
|
||
See the [encoding section in the overview](/overview/#encoding) for more info.
|
||
|
||
Properties:
|
||
|
||
- Config: encoding
|
||
- Env Var: RCLONE_OOS_ENCODING
|
||
- Type: Encoding
|
||
- Default: Slash,InvalidUtf8,Dot
|
||
|
||
#### --oos-leave-parts-on-error
|
||
|
||
If true avoid calling abort upload on a failure, leaving all successfully uploaded parts for manual recovery.
|
||
|
||
It should be set to true for resuming uploads across different sessions.
|
||
|
||
WARNING: Storing parts of an incomplete multipart upload counts towards space usage on object storage and will add
|
||
additional costs if not cleaned up.
|
||
|
||
|
||
Properties:
|
||
|
||
- Config: leave_parts_on_error
|
||
- Env Var: RCLONE_OOS_LEAVE_PARTS_ON_ERROR
|
||
- Type: bool
|
||
- Default: false
|
||
|
||
#### --oos-attempt-resume-upload
|
||
|
||
If true attempt to resume previously started multipart upload for the object.
|
||
This will be helpful to speed up multipart transfers by resuming uploads from past session.
|
||
|
||
WARNING: If chunk size differs in resumed session from past incomplete session, then the resumed multipart upload is
|
||
aborted and a new multipart upload is started with the new chunk size.
|
||
|
||
The flag leave_parts_on_error must be true to resume and optimize to skip parts that were already uploaded successfully.
|
||
|
||
|
||
Properties:
|
||
|
||
- Config: attempt_resume_upload
|
||
- Env Var: RCLONE_OOS_ATTEMPT_RESUME_UPLOAD
|
||
- Type: bool
|
||
- Default: false
|
||
|
||
#### --oos-no-check-bucket
|
||
|
||
If set, don't attempt to check the bucket exists or create it.
|
||
|
||
This can be useful when trying to minimise the number of transactions
|
||
rclone does if you know the bucket exists already.
|
||
|
||
It can also be needed if the user you are using does not have bucket
|
||
creation permissions.
|
||
|
||
|
||
Properties:
|
||
|
||
- Config: no_check_bucket
|
||
- Env Var: RCLONE_OOS_NO_CHECK_BUCKET
|
||
- Type: bool
|
||
- Default: false
|
||
|
||
#### --oos-sse-customer-key-file
|
||
|
||
To use SSE-C, a file containing the base64-encoded string of the AES-256 encryption key associated
|
||
with the object. Please note only one of sse_customer_key_file|sse_customer_key|sse_kms_key_id is needed.'
|
||
|
||
Properties:
|
||
|
||
- Config: sse_customer_key_file
|
||
- Env Var: RCLONE_OOS_SSE_CUSTOMER_KEY_FILE
|
||
- Type: string
|
||
- Required: false
|
||
- Examples:
|
||
- ""
|
||
- None
|
||
|
||
#### --oos-sse-customer-key
|
||
|
||
To use SSE-C, the optional header that specifies the base64-encoded 256-bit encryption key to use to
|
||
encrypt or decrypt the data. Please note only one of sse_customer_key_file|sse_customer_key|sse_kms_key_id is
|
||
needed. For more information, see Using Your Own Keys for Server-Side Encryption
|
||
(https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm)
|
||
|
||
Properties:
|
||
|
||
- Config: sse_customer_key
|
||
- Env Var: RCLONE_OOS_SSE_CUSTOMER_KEY
|
||
- Type: string
|
||
- Required: false
|
||
- Examples:
|
||
- ""
|
||
- None
|
||
|
||
#### --oos-sse-customer-key-sha256
|
||
|
||
If using SSE-C, The optional header that specifies the base64-encoded SHA256 hash of the encryption
|
||
key. This value is used to check the integrity of the encryption key. see Using Your Own Keys for
|
||
Server-Side Encryption (https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm).
|
||
|
||
Properties:
|
||
|
||
- Config: sse_customer_key_sha256
|
||
- Env Var: RCLONE_OOS_SSE_CUSTOMER_KEY_SHA256
|
||
- Type: string
|
||
- Required: false
|
||
- Examples:
|
||
- ""
|
||
- None
|
||
|
||
#### --oos-sse-kms-key-id
|
||
|
||
if using your own master key in vault, this header specifies the
|
||
OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of a master encryption key used to call
|
||
the Key Management service to generate a data encryption key or to encrypt or decrypt a data encryption key.
|
||
Please note only one of sse_customer_key_file|sse_customer_key|sse_kms_key_id is needed.
|
||
|
||
Properties:
|
||
|
||
- Config: sse_kms_key_id
|
||
- Env Var: RCLONE_OOS_SSE_KMS_KEY_ID
|
||
- Type: string
|
||
- Required: false
|
||
- Examples:
|
||
- ""
|
||
- None
|
||
|
||
#### --oos-sse-customer-algorithm
|
||
|
||
If using SSE-C, the optional header that specifies "AES256" as the encryption algorithm.
|
||
Object Storage supports "AES256" as the encryption algorithm. For more information, see
|
||
Using Your Own Keys for Server-Side Encryption (https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm).
|
||
|
||
Properties:
|
||
|
||
- Config: sse_customer_algorithm
|
||
- Env Var: RCLONE_OOS_SSE_CUSTOMER_ALGORITHM
|
||
- Type: string
|
||
- Required: false
|
||
- Examples:
|
||
- ""
|
||
- None
|
||
- "AES256"
|
||
- AES256
|
||
|
||
#### --oos-description
|
||
|
||
Description of the remote
|
||
|
||
Properties:
|
||
|
||
- Config: description
|
||
- Env Var: RCLONE_OOS_DESCRIPTION
|
||
- Type: string
|
||
- Required: false
|
||
|
||
## Backend commands
|
||
|
||
Here are the commands specific to the oracleobjectstorage backend.
|
||
|
||
Run them with
|
||
|
||
rclone backend COMMAND remote:
|
||
|
||
The help below will explain what arguments each command takes.
|
||
|
||
See the [backend](/commands/rclone_backend/) command for more
|
||
info on how to pass options and arguments.
|
||
|
||
These can be run on a running backend using the rc command
|
||
[backend/command](/rc/#backend-command).
|
||
|
||
### rename
|
||
|
||
change the name of an object
|
||
|
||
rclone backend rename remote: [options] [<arguments>+]
|
||
|
||
This command can be used to rename a object.
|
||
|
||
Usage Examples:
|
||
|
||
rclone backend rename oos:bucket relative-object-path-under-bucket object-new-name
|
||
|
||
|
||
### list-multipart-uploads
|
||
|
||
List the unfinished multipart uploads
|
||
|
||
rclone backend list-multipart-uploads remote: [options] [<arguments>+]
|
||
|
||
This command lists the unfinished multipart uploads in JSON format.
|
||
|
||
rclone backend list-multipart-uploads oos:bucket/path/to/object
|
||
|
||
It returns a dictionary of buckets with values as lists of unfinished
|
||
multipart uploads.
|
||
|
||
You can call it with no bucket in which case it lists all bucket, with
|
||
a bucket or with a bucket and path.
|
||
|
||
{
|
||
"test-bucket": [
|
||
{
|
||
"namespace": "test-namespace",
|
||
"bucket": "test-bucket",
|
||
"object": "600m.bin",
|
||
"uploadId": "51dd8114-52a4-b2f2-c42f-5291f05eb3c8",
|
||
"timeCreated": "2022-07-29T06:21:16.595Z",
|
||
"storageTier": "Standard"
|
||
}
|
||
]
|
||
|
||
|
||
### cleanup
|
||
|
||
Remove unfinished multipart uploads.
|
||
|
||
rclone backend cleanup remote: [options] [<arguments>+]
|
||
|
||
This command removes unfinished multipart uploads of age greater than
|
||
max-age which defaults to 24 hours.
|
||
|
||
Note that you can use --interactive/-i or --dry-run with this command to see what
|
||
it would do.
|
||
|
||
rclone backend cleanup oos:bucket/path/to/object
|
||
rclone backend cleanup -o max-age=7w oos:bucket/path/to/object
|
||
|
||
Durations are parsed as per the rest of rclone, 2h, 7d, 7w etc.
|
||
|
||
|
||
Options:
|
||
|
||
- "max-age": Max age of upload to delete
|
||
|
||
### restore
|
||
|
||
Restore objects from Archive to Standard storage
|
||
|
||
rclone backend restore remote: [options] [<arguments>+]
|
||
|
||
This command can be used to restore one or more objects from Archive to Standard storage.
|
||
|
||
Usage Examples:
|
||
|
||
rclone backend restore oos:bucket/path/to/directory -o hours=HOURS
|
||
rclone backend restore oos:bucket -o hours=HOURS
|
||
|
||
This flag also obeys the filters. Test first with --interactive/-i or --dry-run flags
|
||
|
||
rclone --interactive backend restore --include "*.txt" oos:bucket/path -o hours=72
|
||
|
||
All the objects shown will be marked for restore, then
|
||
|
||
rclone backend restore --include "*.txt" oos:bucket/path -o hours=72
|
||
|
||
It returns a list of status dictionaries with Object Name and Status
|
||
keys. The Status will be "RESTORED"" if it was successful or an error message
|
||
if not.
|
||
|
||
[
|
||
{
|
||
"Object": "test.txt"
|
||
"Status": "RESTORED",
|
||
},
|
||
{
|
||
"Object": "test/file4.txt"
|
||
"Status": "RESTORED",
|
||
}
|
||
]
|
||
|
||
|
||
Options:
|
||
|
||
- "hours": The number of hours for which this object will be restored. Default is 24 hrs.
|
||
|
||
{{< rem autogenerated options stop >}}
|
||
|
||
## Tutorials
|
||
### [Mounting Buckets](/oracleobjectstorage/tutorial_mount/)
|