Creating the S3 cluster


  • After the S3 cluster deployment, you can change only the replication redundancy scheme. Changing the encoding redundancy scheme is disabled, because it may decrease cluster performance. Re-encoding demands a significant amount of cluster resources for a long period of time. If you still want to change the redundancy scheme, contact the technical support team.


  • A clear understanding of the concept Storage policies.
  • The storage cluster has at least one disk with the Storage role.

To set up object storage services on cluster nodes

Admin panel

  1. In the left menu, click Storage services > S3.
  2. Select one or more nodes, and then click Create S3 cluster on the right pane. To create a highly available S3 cluster, select at least three nodes.

    The nodes are displayed with small icons representing their roles within a cluster.

  3. If the node network interfaces are not configured, click the cogwheel icon, select the networks as required, and then click Apply.

  4. On the Volume parameters pane, select the desired tier, failure domain, and data redundancy mode. Click Proceed.

  5. Specify the external (publicly resolvable) DNS name for the S3 endpoint that will be used by the end users to access the object storage. For example, Click Proceed.

    Configure your DNS server according to the example suggested in the admin panel.

  6. From the drop-down list, select an S3 endpoint protocol: HTTP, HTTPS or both.

    It is recommended to use only HTTPS for production deployments.

    Click Proceed.

    You can change the protocol settings later. To do that, on the S3 > Nodes screen, click Protocol settings on the right pane.

  7. If required, click Configure Notary and specify Notary DNS name and Notary user key.

    You can also change the protocol settings later. To do that, on the S3 > Nodes screen, click Notary settings on the right pane.

  8. Click Done to create the S3 cluster.

To check if the S3 cluster is successfully deployed and can be accessed by users, visit https://<S3_DNS_name> or http://<S3_DNS_name> in your browser. You should receive the following XML response:


To start using the S3 storage, you will also need to create at least one S3 user.

Command-line interface

Use the following command:

vinfra service s3 cluster create [--tier {0,1,2,3}] [--failure-domain {0,1,2,3,4}]
                                 [--replicas <norm> | --encoding <M>+<N>]
                                 [--self-signed | --no-ssl | --cert-file <cert_file>]
                                 [--insecure] [--key-file <key_file>] [--password]
                                 --nodes <nodes> --s3gw-domain <domain>
--tier {0,1,2,3}
Storage tier (default: 0)
--failure-domain {0,1,2,3,4}
Storage failure domain (default: 0)
--replicas <norm>

Storage replication mapping in the format:

  • norm: the number of replicas to maintain (default: 1)
--encoding <M>+<N>

Storage erasure encoding mapping in the format:

  • M: the number of data blocks
  • N: the number of parity blocks
Generate a new self-signed certificate (default)
Do not generate a self-signed certificate
--cert-file <cert_file>
Path to a file with the new certificate
Allow insecure connections in addition to secure ones (only used with the --cert-file and --self-signed options)
--key-file <key_file>
Path to a file with the private key (only used with the --cert-file option)
Read certificate password from stdin (only used with the --cert-file option)
--nodes <nodes>
A comma-separated list of node hostnames or IDs
--s3gw-domain <domain>
DNS name S3 endpoint

For example, to create the S3 cluster from nodes node001 and node002 with a self-signed certificate, run:

# vinfra service s3 cluster create --nodes node001,node002 --tier 0 --failure-domain 1 \
--encoding 1+2 --self-signed --s3gw-domain

This command also specifies the tier, failure domain, redundancy mode, and domain name.

You can view the S3 storage details in the vinfra service s3 show output:

# vinfra service s3 show
| Field          | Value                                      |
| failure_domain | 1                                          |
| id             | 0100000000000002                           |
| name           | cluster1                                   |
| nodes          | - id: ca334b1d-20a1-1241-96a5-eb9acadb8ecd |
|                | - id: ab36b523-91dc-e78d-53a7-88baed44541e |
| np             |                                            |
| nusers         | 0                                          |
| protocol       | scheme: https                              |
| redundancy     | m: 1                                       |
|                | n: 2                                       |
|                | type: raid6                                |
| s3gw_domain    |                            |
| tier           | 0                                          |