mc replicate update

The mc replicate update command modifies an existing bucket replication rule.

Syntax

Example

The following command modifies an existing replication rule for the mydata bucket on the myminio AIStor deployment:

mc replicate update --id "c76um9h4b0t1ijr36mug"           \
   --replicate "delete,delete-marker,existing-objects"  \
   myminio/mydata

The new replication configuration synchronizes all versioned delete operations, delete marker creation, and existing objects to the remote AIStor deployment.

Syntax

The command has the following syntax:

mc [GLOBALFLAGS] replicate update                     \
                 --remote-bucket string               \
                 [--bandwidth "string"]               \
                 [--edge "string"]                    \
                 [--edge-sync-before-expiry "string"] \
                 [--healthcheck-seconds integer]      \
                 [--id "string"]                      \
                 [--limit-upload "string"]            \
                 [--limit-download "string"]          \
                 [--path "string"]                    \
                 [--priority int]                     \
                 [--proxy "string"]                   \
                 [--replicate "string"]               \
                 [--state string]                     \
                 [--storage-class "string"]           \
                 [--sync "string"]                    \
                 [--tags "string"]                    \
                 ALIAS

Brackets [] indicate optional parameters.
Parameters sharing a line are mutually dependent.
Parameters separated using the pipe | operator are mutually exclusive.

Copy the example to a text editor and modify as-needed before running the command in the terminal/shell.

Parameters

ALIAS

Required

The alias of the AIStor deployment and full path to the bucket or bucket prefix on which to modify the replication rule. For example:

mc replicate update --id "c75nrap4b0talo3ipthg" [FLAGS]

--id

Required

Specify the unique ID for a configured replication rule. Use the mc replicate ls command to list the replication rules for a bucket.

--bandwidth

Optional

Limit bandwidth rates to no more than the specified rate in KiB/s, MiB/s, or GiB/s. Valid units include:

B for bytes
K for kilobytes
G for gigabytes
T for terabytes
Ki for kibibytes
Gi for gibibytes
Ti for tebibytes

For example, to limit bandwidth rates to no more than 1 GiB/s, use the following:

--limit-upload 1Gi

If not specified, AIStor does not limit the bandwidth rate.

--edge

Optional

Set to enable to define the cluster of this rule as a cluster from the edge. Objects replicate to the target bucket with a status of REPLICA-EDGE, allowing them to further replicate from the target destination to additional replication destinations.

Exercise caution when using the --edge flag to avoid creating replication loops back to the source cluster.

If not set, edge is disabled.

--edge-sync-before-expiry

Optional

Set to enable to prevent ILM expiration rules from deleting objects until after they have replicated to the target destination.

If not set, edge-sync-before-expiry is disabled.

--healthcheck-seconds

Optional

The length of time in seconds between checks on the health of the remote bucket.

If not specified, AIStor uses an interval of 60 seconds.

--limit-download

Optional

Limit download rates to no more than a specified rate in KiB/s, MiB/s, or GiB/s. Valid units include:

B for bytes
K for kilobytes
G for gigabytes
T for terabytes
Ki for kibibytes
Gi for gibibytes
Ti for tebibytes

For example, to limit download rates to no more than 1 GiB/s, use the following:

--limit-download 1G

If not specified, AIStor uses an unlimited download rate.

--limit-upload

Optional

Limit upload rates to no more than the specified rate in KiB/s, MiB/s, or GiB/s. Valid units include:

B for bytes
K for kilobytes
G for gigabytes
T for terabytes
Ki for kibibytes
Gi for gibibytes
Ti for tebibytes

For example, to limit upload rates to no more than 1 GiB/s, use the following:

--limit-upload 1G

If not specified, AIStor uses an unlimited upload rate.

--path

Optional

Enable path-style lookup support for the remote bucket.

Valid values include:

on - use a path lookup to find the remote bucket
off - use a resource locator style (such as a domain or IP address) lookup to find the remote bucket
auto - ask AIStor to identify the correct type of lookup to use to find the remote bucket

When not defined, AIStor uses the auto value.

--priority

Optional

Specify the integer priority of the replication rule. The value must be unique among all other rules on the source bucket. Higher values imply a higher priority than all other rules.

--proxy

Optional

When defining active-active replication between buckets, do not proxy.

Valid values include:

enable - Enable proxying in active-active replication.
disable - Disable proxying in active-active replication.

By default, AIStor defaults to enable.

--remote-bucket

Optional

Specify the credentials, destination deployment, and bucket of the remote location. Value may be an alias and bucket, location based (IP or URL), or path based.

For example, a URL based target might look like the following:

--remote-bucket https://user:secret@myminio.cloudprovider.tld:9001/bucket

An alias based target might look like the following:

--remote-bucket minio-target/my-bucket

--replicate

Optional

Specify a comma-separated list of the following values to enable extended replication features:

delete - Directs AIStor to replicate DELETE operations to the destination bucket.
delete-marker - Directs AIStor to replicate delete markers to the destination bucket.
replica-metadata-sync - Directs AIStor to synchronize metadata-only changes on a replicated object back to the source. This feature only effects two-way active-active replication configurations.

Omitting this value directs AIStor to stop replicating metadata-only changes back to the source.
existing-objects - Directs AIStor to replicate objects created prior to configuring or enabling replication. AIStor by default does not synchronize existing objects to the remote target.

See Replication of existing objects for more information.

--state

Optional

Enables or disables the replication rule. Specify one of the following values:

"enable" - Enables the replication rule.
"disable" - Disables the replication rule.

Objects created while replication is disabled are not immediately eligible for replication after enabling the rule. You must explicitly enable replication of existing objects by including "existing-objects" to the list of replication features specified to mc replicate update --replicate.

See Replication of existing objects for more information.

--storage-class

Optional

Specify the AIStor storage class to apply to replicated objects.

--sync

Optional

Enable synchronous replication for this remote target.

By default, AIStor uses asynchronous replication.

--tags

Optional

Specify one or more ampersand & separated key-value pair tags which AIStor uses for filtering objects to replicate. For example:

mc replicate update --id "ID" --tags "TAG1=VALUE&TAG2=VALUE&TAG3=VALUE"

AIStor applies the replication rule to any object whose tag set contains the specified replication tags.

Global Flags

This command supports any of the global flags.

Examples

Modify an Existing Replication Rule

Use mc replicate update to modify an existing replication rule.

mc replicate update ALIAS/PATH \
   --id ID                     \
   [--FLAGS]

Replace ALIAS with the alias of the AIStor deployment.
Replace PATH with the path to the bucket or bucket prefix on which the rule exists.
Replace ID with the unique identifier for the rule to modify. Use mc replicate ls to retrieve the list of replication rules on the bucket and their corresponding identifiers.

Modifying a replication configuration rule does not affect already replicated objects. For example, modifying the --tags filter does not result in the removal of replicated objects which do not meet the filter.

Update the Credentials for an Existing Replication Rule

Use mc replicate update to modify an existing replication rule.

mc replicate update ALIAS/PATH \
   --id ID                     \
   --remote-bucket https://user:secret@minio.mycloud.tld:9001/mybucket

Replace ALIAS with the alias of the AIStor deployment.
Replace PATH with the path to the bucket or bucket prefix on which the rule exists.
Replace ID with the updated credentials, path, and bucket.

Disable or Enable an Existing Replication Rule

Use mc replicate update with the --state flag to disable or enable a replication rule.

mc replicate update ALIAS/PATH \
   --id ID \
   --state "disable"|"enable"

Replace ALIAS with the alias of the AIStor deployment.
Replace PATH with the path to the bucket or bucket prefix on which the rule exists.
Replace ID with the unique identifier for the rule to modify. Use mc replicate ls to retrieve the list of replication rules on the bucket and their corresponding identifiers.
Specify either "disable" or "enable" to the --state flag to disable or enable the replication rule.

NOTE

AIStor requires enabling existing object replication to synchronize objects written or removed after disabling a replication rule.

For rules without existing object replication, AIStor synchronizes only those write or delete operations issued while the replication rule is enabled.

Behavior

Required Permissions

AIStor strongly recommends creating users specifically for supporting bucket replication operations. See mc admin user and mc admin policy for more complete documentation on adding users and policies to a AIStor deployment.

Replication Admin

The following policy provides permissions for configuring and enabling replication on a deployment.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "admin:SetBucketTarget",
                "admin:GetBucketTarget"
            ],
            "Effect": "Allow",
            "Sid": "EnableRemoteBucketConfiguration"
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetReplicationConfiguration",
                "s3:ListBucket",
                "s3:ListBucketMultipartUploads",
                "s3:GetBucketLocation",
                "s3:GetBucketVersioning",
                "s3:GetObjectRetention",
                "s3:GetObjectLegalHold",
                "s3:PutReplicationConfiguration"
            ],
            "Resource": [
                "arn:aws:s3:::*"
            ],
            "Sid": "EnableReplicationRuleConfiguration"
        }
    ]
}

The "EnableRemoteBucketConfiguration" statement grants permission for creating a remote target for supporting replication.
The "EnableReplicationRuleConfiguration" statement grants permission for creating replication rules on a bucket.

The "arn:aws:s3:::* resource applies the replication permissions to any bucket on the source deployment. You can restrict the user policy to specific buckets as-needed.

Use the mc admin policy create to add this policy to each deployment acting as a replication source. Use mc admin user add to create a user on the deployment and mc admin policy attach to associate the policy to that new user.

Replication Remote User

The following policy provides permissions for enabling synchronization of replicated data into the deployment.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetReplicationConfiguration",
                "s3:ListBucket",
                "s3:ListBucketMultipartUploads",
                "s3:GetBucketLocation",
                "s3:GetBucketVersioning",
                "s3:GetBucketObjectLockConfiguration",
                "s3:GetEncryptionConfiguration"
            ],
            "Resource": [
                "arn:aws:s3:::*"
            ],
            "Sid": "EnableReplicationOnBucket"
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetReplicationConfiguration",
                "s3:ReplicateTags",
                "s3:AbortMultipartUpload",
                "s3:GetObject",
                "s3:GetObjectVersion",
                "s3:GetObjectVersionTagging",
                "s3:PutObject",
                "s3:PutObjectRetention",
                "s3:PutBucketObjectLockConfiguration",
                "s3:PutObjectLegalHold",
                "s3:DeleteObject",
                "s3:ReplicateObject",
                "s3:ReplicateDelete"
            ],
            "Resource": [
                "arn:aws:s3:::*"
            ],
            "Sid": "EnableReplicatingDataIntoBucket"
        }
    ]
}

The "EnableReplicationOnBucket" statement grants permission for a remote target to retrieve bucket-level configuration for supporting replication operations on all buckets in the AIStor deployment.

To restrict the policy to specific buckets, specify those buckets as an element in the Resource array similar to "arn:aws:s3:::bucketName".
The "EnableReplicatingDataIntoBucket" statement grants permission for a remote target to synchronize data into any bucket in the AIStor deployment.

To restrict the policy to specific buckets, specify those buckets as an element in the Resource array similar to "arn:aws:s3:::bucketName/*".

Use the mc admin policy create to add this policy to each deployment acting as a replication target. Use mc admin user add to create a user on the deployment and mc admin policy attach to associate the policy to that new user.

S3 Compatibility

The mc commandline tool is built for compatibility with the AWS S3 API and is tested with AIStor and AWS S3 for expected functionality and behavior.

AIStor provides no guarantees for other S3-compatible services, As their S3 API implementation is unknown and therefore unsupported.

While mc commands may work as documented, any such usage is at your own risk.