Help Center> Object Storage Service> Best Practices> Accessing OBS from an ECS over the Intranet> Procedure> Scenario 2: Using obsutil on a Linux ECS to Access OBS over an Intranet
Updated on 2023-07-24 GMT+08:00

Scenario 2: Using obsutil on a Linux ECS to Access OBS over an Intranet

obsutil is a command line tool that can run Windows, macOS, and Linux operating systems. This section describes how to configure an intranet DNS server for a Huawei Cloud Linux ECS to access OBS over the intranet.

You need to download obsutil over the Internet. Alternatively, you can download obsutil on a cloud server that can access the Internet and then transfer the downloaded obsutil to the current cloud server for installation.

Process

Figure 1 Process of using obsutil on a Linux ECS to access OBS over an intranet

Procedure

  1. Log in to a Linux ECS.

    1. Log in to Huawei Cloud and click Console.
    2. On the homepage of the console, choose Compute > Elastic Cloud Server.
    3. Select an ECS and log in to it.

      The login method varies depending on the authentication method set during the Linux ECS purchase. For details about how to log in, see Logging In to an ECS.

  2. Check whether the intranet DNS is configured on the Linux ECS.

    1. Log in to the Linux ECS and open the CLI.
    2. Run the cat /etc/resolv.conf command to check whether the IP address following nameserver in the first line is the intranet DNS address of the region where the current ECS resides.

      Huawei Cloud provides different intranet DNS server addresses for different regions. For details, see What Are the Private DNS Servers Provided by the Huawei Cloud DNS Service?

      • If no, go to 3.
      • If yes, go to 5.

  3. Configure the intranet DNS.

    Change the DNS server address of the ECS to the intranet DNS provided by Huawei Cloud. To do this, you can change the DNS address of the VPC subnet or change the local DNS configuration.

    • Method 1: Change the DNS server address of the VPC subnet.

      Locate the VPC where the ECS resides and change the DNS server address of the VPC subnet to the intranet DNS address. This way, ECSs in the VPC can use the intranet DNS for resolution and thereby you can access OBS over the Huawei Cloud intranet. For details, see Modifying a Subnet.

    • Method 2: Modify the local DNS settings.

      In this example, an ECS running 64-bit CentOS 6.x is used as an example to describe how to modify the local DNS settings.

      1. Open the CLI.
      2. Run the following command to open the /etc/resolv.conf file:
        vi /etc/resolv.conf
      3. Press i to enter the editing mode. In the /etc/resolv.conf file, add the intranet DNS server address before the existing DNS server address in the following format:
        nameserver Intranet DNS server address
        • Intranet DNS server address: Select the intranet DNS server address based on the region where the ECS resides. For details, see What Are the Private DNS Servers Provided by the Huawei Cloud DNS Service?
        • The IP address of the new DNS server must come before all existing DNS IP addresses.
        • DNS servers are selected in the sequence of nameserver. A new DNS server is selected only when the previous DNS server is faulty, unavailable, or cannot resolve the requested domain name. Therefore, if you want to switch to access over a public network, change the DNS address in the first line to a public one or add a new public DNS address before the existing DNS addresses.
      4. Press Esc and enter :wq! to save the settings and close the file.

        The modified DNS server address takes effect immediately after you save the modifications made to the /etc/resolv.conf file.

  4. Check whether OBS is accessed over the intranet.

    For details, see How Do I Determine Whether OBS Is Accessed from the Intranet?

  5. Download obsutil.

    For details about the latest version of obsutil and download link, see Download and Installation.

  6. Configure obsutil.

    Before using, you need to configure the interconnection between obsutil and OBS. Parameters include OBS endpoints and access keys (AK and SK). For details, see Initializing Configurations.

    The OBS endpoint needs to be chosen according to the region where the ECS resides. For details about OBS regions and endpoints, see Regions and Endpoints.

  7. Use obsutil to access OBS.

    After obsutil is successfully configured, you can access OBS over the intranet from the Linux ECS to perform basic data access operations and configure other advanced settings.

    Common operations include:

    For details about how to use obsutil, see Object Storage Service Tools Guide (obsutil).