In the previous blog, we had discussed “OpenStack Object Storage (swift) component and how to use it and what its components are?” Now in today’s blog, we are going to discuss: “Object Storage (Swift), its resources, storage features, and Authentication”.
Therefore without wasting the time let’s start our discussion!!
Resources of the Object Storage (Swift):
An object means storage for a different type of data irrespective of their content type. The bucket is used for storing these objects which consists of the object on its own and also the metadata regarding that object.
A bucket is a logical container used for storing the objects. The buckets are created by the users or the systems when they are required inside that region. Only one compartment is connected with a bucket and its strategies are to verify which actions are performed by a user on that bucket and also to verify entire objects present in that bucket.
A namespace is a coherent commodity which acts as a high-level container for each and every bucket as well as each and every object, enabling you to manage the naming of the buckets within your occupancies. The occupancies are provided with a single exception and that namespace of Object Storage cannot be edited, which is worldwide, expanding through all the compartments as well as areas.
It is compulsory that the names of the buckets in your occupancies should be exceptional or unique but there is one more point which you must remember that if same bucket name is used by another occupancy then it doesn’t mean that you cannot use that same bucket name in your occupancy. In simple words, we can say that any other occupant cannot stop your capability of using the same bucket name inside your occupancy.
Inside an Object Storage namespace, a flat hierarchy is used for buckets and objects, at the same time it is possible to produce a directory structure for helping in traversing a big set of objects.
It is important to note that the namespace of you will use all lower case letters if you have created this namespace on the basis of your own occupancy name, even if there are capital letters present in the occupancy name. Also keep in mind that while using API, SDKs or CLI, it is recommended that not to use capital letters in your namespace.
For organizing your cloud resources the Compartments are used as an original building block. A root compartment is created especially for you when your occupancy is implemented. For managing the access you can create strategies which will define the type of actions that can be taken by the sets of users on the resources which are present in the compartments.
As mentioned earlier an object storage bucket exists only in a single compartment.
Features of the Object Storage:
- You can assign metadata which can be custom made or as per your requirement:
This feature allows you to interpret your own large metadata which serves as a key for all the different types of reasons. You can use Oracle Cloud Infrastructure i.e. (CLIs), or Software Development Kits i.e. (SDKs), or the Command Line Interface i.e. (CLIs) for assigning your own extensive metadata or custom metadata to all the objects and buckets.
- Provides Reliability:
Latest specimen of the data is provided by the Object Storage whenever a request for read is made.
- Provides Advanced Encryption Standards for encrypting the data:
In this feature, the Object Storage makes the use of an Advanced Encryption Standard (256 – bit) for encrypting the data related to the object which is present on the server. Encryption of every object is done with its unique key and every object key is encrypted with a master encryption key which can be rotated often and this encryption can be initiated by default and it is not possible to turn off.
As mentioned earlier, an Object Storage is a local service in which object data is stored evenly throughout more than one storage servers and also throughout several domains which are available. The corrupt data is severely examined by the Object Storage with the help of checksums and at the same time that corrupted data is detected and repaired automatically.
Thus the Object Storage severely examines and confirms the data iteration and if a loss of iteration is detected then object storage automatically constructs some more copies of the object data.
Various options for accessing the Object Storage:
Using any of the following options, it is possible to access Object Storage as well as on the basis of your priorities and on the basis of feasibility of the job which you want to accomplish:
- For accessing a Console, which is convenient to use, you should use supported browser or you can also use the link for that Console which is present at the top of the browsers page for signing in, then you are asked to enter your cloud occupant, user name and password.
- For getting fast access and full support regardless of the programming you can use the CLI i.e. the Command Line Interface.
- Full support is also provided by the REST API but for that programming knowledge is required. Details of endpoint and also the details of available links to the reference documents of API are provided by the API reference and Endpoints.
- The tools for interacting with the Object Storage instead of creating a framework can be offered by the Oracle Cloud Infrastructure SDKs.
Authentication and Authorization of the Object Storage:
For all the interfaces like the Console, Software Development Kits i.e. SDKs or the Command Line Interface i.e. CLI and REST API every service in the Oracle Cloud Infrastructure combines with IAM (i.e. Identity and Access Management)which is required for the authentication and authorization. For that it is necessary for an Administrator of your organization to configure groups, strategies and also the compartments which can be used for controlling which users can examine which type of services, and also which type of resources using which type of access.
For example, The strategies or policies decide who will create new users, who will construct and control the cloud network, who will present instances, which will create buckets, which will download the objects, etc.
If you are not an administrator i.e. if you are a normal user then it is required to use the resources of the Oracle Cloud Infrastructure which are owned by your company, therefore, it is necessary to contact the administrator of your organization for configuring user ID for you. Thus the administrator will decide which compartment/s should be used by you.
IP Addresses range for all the regions in the Object Storage:
The CIDR block IP range is used by the Oracle Cloud Infrastructure Object Storage for all the regions. It is 126.96.36.199/17L
List of applicable Limits on Object Storage Resources:
For viewing a list of applicable limits and usage for your occupancies requesting a limits and use according to the region it is important to have a required permission i.e. if you are present in the administrators group then you have the permission to check the limits and use and if you are not in the administrator’s group then there is an IAM i.e. Identity and Access Management Policy, which serves the necessary permissions to the users present in the group which is known as LimitsAndUsageViewers.
Use the following command for Limits And Usage Viewers for viewing the limits in tenancy:
Allow group Limits And Usage Viewers to inspect limits in tenancy
- Then open the Console >> open the User menu ( ) and select Tenancy: <your_tenancy_name>.
- Then click “Service Limits” option present on the left-hand side of the page.
It will display your resource limits and usage for that particular region. Now if the specific resource type has limits per availability of the domain, then the limit and the usage for every available domain will be displayed.
There are some other limits which include:
1. A number of Object Storage namespaces per root compartment: 1
2. Maximum size of object metadata: 2K
That’s all for today! If you find this information helpful, then do leave a comment in the comment section below. If you have any suggestions then also do not hesitate to leave a comment in the comment section below.
People also read: