How to access EODATA and Object Storage using s3cmd on Linux on CREODIAS

LEGACY ARTICLE

This article is marked as a legacy document and may not reflect the latest information. Please refer to the following articles:

How to access EODATA using s3cmd on CREODIAS

How to access object storage from CREODIAS using s3cmd

You can install s3cmd using Python PIP or from your Linux repository. This article is written for Ubuntu 22.04.

Installation of s3cmd

Method 1: Installation from system repository

On Debian/Ubuntu systems, first check for updates:

$ sudo apt update

Then install install s3cmd:

$ sudo apt install s3cmd

Method 2: Installation from Python repository

This method can be used on most Linux distributions with python and pip preinstalled.

Installing with PIP:

Check if you have PIP installed:

$ pip3

If it is not installed and you are using Ubuntu:

$ sudo apt install python3-pip

$ pip3 --version

pip 22.0.2 from /usr/lib/python3/dist-packages/pip (python 3.10)

Now you should be able to install s3cmd using pip3:

$ sudo pip3 install s3cmd

s3cmd configuration for EODATA access

First, obtain access and secret key you use for accessing EODATA. You will need these credentials later. The following article contains instructions how to do it: How to get credentials used for accessing EODATA on a cloud VM on CREODIAS

Enter the following command:

$ s3cmd --configure

Refer to user manual for detailed description of all options.

You will now be prompted for providing certain details. Below are the values which you should use during the configuration. If your access key is different than CLOUDFERRO and your secret key is different than PUBLIC, just replace them.

Access Key [access]:CLOUDFERRO
Secret Key [access]:PUBLIC
Default Region [RegionOne]: default
Use "s3.amazonaws.com" for S3 Endpoint and not modify it to the target Amazon S3.
S3 Endpoint [eodata.cloudferro.com:] eodata.cloudferro.com
Use "%(bucket)s.s3.amazonaws.com" to the target Amazon S3. "%(bucket)s" and "%(location)s" vars can be used
if the target S3 system supports dns based buckets.
DNS-style bucket+hostname:port template for accessing a bucket [%(bucket)s.s3.amazonaws.com]:  <ENTER>
Encryption password is used to protect your files from reading
by unauthorized persons while in transfer to S3
Encryption password: <ENTER>
Path to GPG program [/usr/bin/gpg]: <ENTER>
When using secure HTTPS protocol all communication with Amazon S3
servers is protected from 3rd party eavesdropping. This method is
slower than plain HTTP, and can only be proxied with Python 2.7 or newer
Use HTTPS protocol [No]: Yes
On some networks all internet access must go through a HTTP proxy.
Try setting it here if you can't connect to S3 directly
HTTP Proxy server name: <ENTER>

New settings:

     Access Key: CLOUDFERRO
     Secret Key: PUBLIC
     Default Region: default
     S3 Endpoint: eodata.cloudferro.com
     DNS-style bucket+hostname:port template for accessing a bucket: %(bucket)s.s3.amazonaws.com
     Encryption password:
     Path to GPG program: /usr/bin/gpg
     Use HTTPS protocol: True
     HTTP Proxy server name: _____
     HTTP Proxy server port: 0

  Test access with supplied credentials? [Y/n] <ENTER>
  Please wait, attempting to list all buckets...
  Success. Your access key and secret key worked fine :-)
  Now verifying that encryption works...
  Not configured. Never mind.

  Save settings? [y/N]  y <ENTER>
  Configuration saved to '/home/eouser/.s3cfg'

Access Key [access]:CLOUDFERRO
Secret Key [access]:PUBLIC
Default Region [RegionOne]: default
Use "s3.amazonaws.com" for S3 Endpoint and not modify it to the target Amazon S3.
S3 Endpoint [data.cloudferro.com:] data.cloudferro.com
Use "%(bucket)s.s3.amazonaws.com" to the target Amazon S3. "%(bucket)s" and "%(location)s" vars can be used
if the target S3 system supports dns based buckets.
DNS-style bucket+hostname:port template for accessing a bucket [%(bucket)s.s3.amazonaws.com]:  <ENTER>
Encryption password is used to protect your files from reading
by unauthorized persons while in transfer to S3
Encryption password: <ENTER>
Path to GPG program [/usr/bin/gpg]: <ENTER>
When using secure HTTPS protocol all communication with Amazon S3
servers is protected from 3rd party eavesdropping. This method is
slower than plain HTTP, and can only be proxied with Python 2.7 or newer
Use HTTPS protocol [No]: False
On some networks all internet access must go through a HTTP proxy.
Try setting it here if you can't connect to S3 directly
HTTP Proxy server name: <ENTER>

New settings:

     Access Key: CLOUDFERRO
     Secret Key: PUBLIC
     Default Region: default
     S3 Endpoint: data.cloudferro.com
     DNS-style bucket+hostname:port template for accessing a bucket: %(bucket)s.s3.amazonaws.com
     Encryption password:
     Path to GPG program: /usr/bin/gpg
     Use HTTPS protocol: False
     HTTP Proxy server name: _____
     HTTP Proxy server port: 0

  Test access with supplied credentials? [Y/n] <ENTER>
  Please wait, attempting to list all buckets...
  Success. Your access key and secret key worked fine :-)
  Now verifying that encryption works...
  Not configured. Never mind.

  Save settings? [y/N]  y <ENTER>
  Configuration saved to '/home/eouser/.s3cfg'

Access Key [access]:CLOUDFERRO
Secret Key [access]:PUBLIC
Default Region [RegionOne]: default
Use "s3.amazonaws.com" for S3 Endpoint and not modify it to the target Amazon S3.
S3 Endpoint [eodata.cloudferro.com:] eodata.cloudferro.com
Use "%(bucket)s.s3.amazonaws.com" to the target Amazon S3. "%(bucket)s" and "%(location)s" vars can be used
if the target S3 system supports dns based buckets.
DNS-style bucket+hostname:port template for accessing a bucket [%(bucket)s.s3.amazonaws.com]:  <ENTER>
Encryption password is used to protect your files from reading
by unauthorized persons while in transfer to S3
Encryption password: <ENTER>
Path to GPG program [/usr/bin/gpg]: <ENTER>
When using secure HTTPS protocol all communication with Amazon S3
servers is protected from 3rd party eavesdropping. This method is
slower than plain HTTP, and can only be proxied with Python 2.7 or newer
Use HTTPS protocol [No]: Yes
On some networks all internet access must go through a HTTP proxy.
Try setting it here if you can't connect to S3 directly
HTTP Proxy server name: <ENTER>

New settings:

     Access Key: CLOUDFERRO
     Secret Key: PUBLIC
     Default Region: default
     S3 Endpoint: eodata.cloudferro.com
     DNS-style bucket+hostname:port template for accessing a bucket: %(bucket)s.s3.amazonaws.com
     Encryption password:
     Path to GPG program: /usr/bin/gpg
     Use HTTPS protocol: True
     HTTP Proxy server name: _____
     HTTP Proxy server port: 0

  Test access with supplied credentials? [Y/n] <ENTER>
  Please wait, attempting to list all buckets...
  Success. Your access key and secret key worked fine :-)
  Now verifying that encryption works...
  Not configured. Never mind.

  Save settings? [y/N]  y <ENTER>
  Configuration saved to '/home/eouser/.s3cfg'

Access Key [access]:CLOUDFERRO
Secret Key [access]:PUBLIC
Default Region [RegionOne]: default
Use "s3.amazonaws.com" for S3 Endpoint and not modify it to the target Amazon S3.
S3 Endpoint [eodata.cloudferro.com:] eodata.cloudferro.com
Use "%(bucket)s.s3.amazonaws.com" to the target Amazon S3. "%(bucket)s" and "%(location)s" vars can be used
if the target S3 system supports dns based buckets.
DNS-style bucket+hostname:port template for accessing a bucket [%(bucket)s.s3.amazonaws.com]:  <ENTER>
Encryption password is used to protect your files from reading
by unauthorized persons while in transfer to S3
Encryption password: <ENTER>
Path to GPG program [/usr/bin/gpg]: <ENTER>
When using secure HTTPS protocol all communication with Amazon S3
servers is protected from 3rd party eavesdropping. This method is
slower than plain HTTP, and can only be proxied with Python 2.7 or newer
Use HTTPS protocol [No]: Yes
On some networks all internet access must go through a HTTP proxy.
Try setting it here if you can't connect to S3 directly
HTTP Proxy server name: <ENTER>

New settings:

     Access Key: CLOUDFERRO
     Secret Key: PUBLIC
     Default Region: default
     S3 Endpoint: eodata.cloudferro.com
     DNS-style bucket+hostname:port template for accessing a bucket: %(bucket)s.s3.amazonaws.com
     Encryption password:
     Path to GPG program: /usr/bin/gpg
     Use HTTPS protocol: True
     HTTP Proxy server name: _____
     HTTP Proxy server port: 0

  Test access with supplied credentials? [Y/n] <ENTER>
  Please wait, attempting to list all buckets...
  Success. Your access key and secret key worked fine :-)
  Now verifying that encryption works...
  Not configured. Never mind.

  Save settings? [y/N]  y <ENTER>
  Configuration saved to '/home/eouser/.s3cfg'

Now you can use s3cmd commands to download satellite data. First list the contents of the current directory:

$ s3cmd ls

2017-12-11 15:30  s3://DIAS
2017-12-11 15:30  s3://EOCLOUD
2017-12-11 15:30  s3://EODATA

Then list the directory for EODATA and there you will find other folders for Earth observation images, from various satellites.

$ s3cmd ls s3://EODATA/

                       DIR   s3://EODATA/Envisat/
                       DIR   s3://EODATA/Landsat-5/
                       DIR   s3://EODATA/Landsat-7/
                       DIR   s3://EODATA/Landsat-8/
                       DIR   s3://EODATA/Sentinel-1/
                       DIR   s3://EODATA/Sentinel-2/
                       DIR   s3://EODATA/Sentinel-3/
                       DIR   s3://EODATA/Sentinel-5P/

s3cmd configuration for object storage access

In order to acquire access to Object Storage buckets via s3cmd, first you have to generate your own ec2 credentials with this tutorial How to generate and manage EC2 credentials on CREODIAS.

After the creation of credentials, remove file .s3cfg from your Home folder and then reconfigure s3cmd by entering:

s3cmd --configure

and the following values:

New settings:
Access Key: (your EC2 credentials)
Secret Key: (your EC2 credentials)
Default Region: default
S3 Endpoint: s3.waw4-1.cloudferro.com
DNS-style bucket+hostname:port template for accessing a bucket: s3.waw4-1.cloudferro.com
Encryption password: (your password)
Path to GPG program: /usr/bin/gpg
Use HTTPS protocol: Yes
HTTP Proxy server name:
HTTP Proxy server port: 0

New settings:
Access Key: (your EC2 credentials)
Secret Key: (your EC2 credentials)
Default Region: waw3-1
S3 Endpoint: s3.waw3-1.cloudferro.com
DNS-style bucket+hostname:port template for accessing a bucket: s3.waw3-1.cloudferro.com
Encryption password: (your password)
Path to GPG program: /usr/bin/gpg
Use HTTPS protocol: Yes
HTTP Proxy server name:
HTTP Proxy server port: 0

New settings:
Access Key: (your EC2 credentials)
Secret Key: (your EC2 credentials)
Default Region: default
S3 Endpoint: s3.waw3-2.cloudferro.com
DNS-style bucket+hostname:port template for accessing a bucket: s3.waw3-2.cloudferro.com
Encryption password: (your password)
Path to GPG program: /usr/bin/gpg
Use HTTPS protocol: Yes
HTTP Proxy server name:
HTTP Proxy server port: 0

New settings:
Access Key: (your EC2 credentials)
Secret Key: (your EC2 credentials)
Default Region: default
S3 Endpoint: s3.fra1-2.cloudferro.com
DNS-style bucket+hostname:port template for accessing a bucket: s3.fra1-2.cloudferro.co
Encryption password: (your password)
Path to GPG program: /usr/bin/gpg
Use HTTPS protocol: Yes
HTTP Proxy server name:
HTTP Proxy server port: 0

After this operation, you should be allowed to list and access your Object Storage.