Sync and Share Solution on Alibaba Cloud

By Nooruddin Abbas Ali, Solutions Architect

Typical enterprises these days are using centralized storage sub-systems and technologies such as NFS, SMB and File Servers to share files across employees and partner eco-system. While these systems have existed and evolved over a decade they still suffer from some common issues:

  1. Ever expanding need for storage
  2. Lack of (or limited) authentication and fine grained authorization capabilities
  3. Version control
  4. The need for VPN or other secure connectivity in order to access documentation from outside the enterprise network (for mobile / satellite users)
  5. Limited to no support for mobile devices

The following article details the design and deployment of an open-source application known as OwnCloud. OwnCloud is an application that allows users to backup / sync their files across different devices and share these files with other users or the public. This application is very similar to the likes of Dropbox or OneDrive.

Please note that this document assumes that 2 Elastic Compute Service (ECS) instances (using Ubuntu 14.04) and 1 ApsaraDB for RDS instance (using MySQL 5.6) have already been provisioned on Alibaba Cloud. If you don’t know how to do so, visit Alibaba Cloud Getting Started to learn more.

Application Layout

As stated above for the purpose of this exercise I decided to deploy the open-source application known as OwnCloud. OwnCloud provides very similar functionality to the likes of services like Dropbox or OneDrive, which allow users to backup their files and sync them across multiple devices. With OwnCloud, we will setup our own Dropbox like service and also be able to provide some functionality in addition to what we get from the typical public services.

OwnCloud is not a very complex application, but has all the components of a typical 3 -tier application namely Web Front End, Application Layer, and Database. In order to deploy the application I utilized 2 ECS instances and 1 RDS instance. The following diagram depicts the application deployment architecture:

Reference Architecture for Production

Test Application Layout

The following table describes the application layout details:

Set up the following security Group rules:

  1. Allow Internet Ingress TCP 80,443 on ECS-Instance 1 (Deny everything else)
  2. Deny All Internet Ingress on ECS-Instance 2

Test Application Deployment

The test application deployment is a simple process. Use the following steps in order to deploy OwnCloud on Alibaba Cloud.

Setting up the Database

In order deploy OwnCloud the first step is to setup MySQL database. I have followed the following steps to configure the OwnCloud database on the ApsaraDB for RDS instance.

Log in in to the Alibaba Cloud Console

Go to Products and Services — ApsaraDB for RDS.

Select Singapore for the region in RDS Management

Next to the RDS instance name click on Manage.

Click on Database Management.

Click on Create database and enter the following details and click OK:

  1. Database name: owncloud
  2. Support character set: utf8

Click on Account Management.

Click on Create Account and enter the following details and click OK:

  1. Database Account: owncloud
  2. Authorized Database: Move owncloud to Authorized database and make sure that Read/Write is checked
  3. Password:
  4. Confirm password:

This completes the database setup.

Deploying the OwnCloud Application

Installation

The second step in setting up OwnCloud is installing the application itself. I followed the following steps to deploy the OwnCloud on ECS instance 1:

Login in to the command line for Ubuntu on Instance 1:

$ ssh root@xx.xx.xx.xx

Once logged in download the Release Key for OwnCloud software and add it to the apt-key repository:

$ cd /tmp 
$ wget http://download.opensuse.org/repositories/isv:ownCloud:community/xUbuntu_14.04/Release.key
$ sudo apt-key add - < Release.key

Add the OwnCloud repository source to Ubuntu:

$ sudo sh -c "echo 'deb http://download.opensuse.org/repositories/isv:/ownCloud:/community/xUbuntu_14.04/ /' >> /etc/apt/sources.list.d/owncloud.list"

Update the software repository:

sudo apt-get update

Install the OwnCloud application

sudo apt-get install owncloud

Make sure that the application installs successfully.

Configuration

Once the application is installed, we can proceed to the initial setup. Before the initial configuration make sure that you have connectivity to the owncloud database from the ECS-Instance 1.

On the ECS-Instance 1 run the following command:

$ mysql -h <Database-URL> -P 3306 -u owncloud -p

When prompted enter the password set up in the RDS portal.

On the mysql> prompt run the following commands to ensure connectivity to the database:

mysql> use owncloud;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed 
mysql> exit
Bye

Now go to the browser and open the following URL: http:///owncloud/

Click on the Storage and Database section and select the MySQL-MariaDB this opens up the configuration for the database.

Use the following values to perform the initial configuration after which I click Finish Setup.

Using the OwnCloud Application

Once completed, you are presented with the OwnCloud dashboard:

This is a simple view of the files available on my cloud storage for the oadmin account.

In order to start using the application I decided to create another user. Note that oadmin is an administrative user.

Creating a New User

In order to create a new user use the following steps:

Click on oadmin (username on the top right) and select Users.

Enter username: appadmin password: nand click Create.

Since we want to create a normal user with no administrative rights leave the Gourps and Group Admin settings to no group.

Now in order to see the application in action install an OwnCloud client on your desktop.

Installing the OwnCloud Desktop Client

Follow the following procedure to deploy the agent on a Linux desktop.

Run the following command to add the owncloud client repository:

$ sudo dnf config-manager --add-repo http://download.opensuse.org/repositories/isv:ownCloud:desktop/Fedora_25/isv:ownCloud:desktop.repo

The following command was used to install the client:

$ sudo dnf install owncloud-client

Once the installation is complete launch the OwnCloud desktop client in Fedora. This then takes you through the connection and account setup. Use the following values for configuring the OwnCloud Desktop Client:

At this point it provides you with an option of opening the OwnCloud in Browser or the local folder. If you chose the local folder something similar to the below opens up and in a few seconds the default files/folders from the server are synced to the desktop:

Adding External Storage to OwnCloud

In its current configuration the OwnCloud is putting all the user files in /var/www/owncloud/data folder on the ECS-Instance 1.

In order to make things more interesting lets attach an external storage to the application. For this purpose let’s run a ftp service on ECS instance 2 and then make this FTP visible to the users with various options. I followed the following steps to set this up:

On the ECS-Instance 2:

Added a user to the server for owncloud:

$ sudo adduser owncloud

Enter the password details and leave the rest as default

Create storage folders for shared storage and private user storage

$ sudo su - owncloud
$ mkdir /home/owncloud/owncloudstorage
$ mkdir /home/owncloud/oadmin
$ mkdir /home/owncloud/appuser
$ mkdir /home/owncloud/owncloudstorage

Since secure shell (ssh) is already installed on the ubuntu servers in ECS the sftp service is available by default. The remaining configuration is to be done in the Administrative web interface. Use the following steps:

Go to http:///owncloud/ and log in using oadmin credentials.

Click on oadmin (username) on the top right corner and click Admin.

On the Top left corner click on Admin and click the + App sign.

In the menu click on Not Enabled.

Find External Storage Support and press the Enable button.

Click on oadmin (username) on the top right corner and click Admin.

Click on External Storage.

Click the Add Storage dropdown and select sftp.

Enter the following details:

  1. Host: 10.27.48.132
  2. Username: owncloud
  3. Password:
  4. Remote subfolder: /home/owncloud/owncloudstorage

Click the Add Storage dropdown and select sftp

Enter the following details:

  1. Host: 10.27.48.132
  2. Username: owncloud
  3. Password:
  4. Remote subfolder: /home/owncloud/appuser
  5. Available for: appuser

Click the Add Storage dropdown and select sftp

Enter the following details:

  1. Host: 10.27.48.132
  2. Username: owncloud
  3. Password:
  4. Remote subfolder: /home/owncloud/oadmin
  5. Available for oadmin

The following should be the result. Make sure all the storage attachments are green as shown below:

If you now login in to the OwnCloud dashboard for oadmin it will see the following:

The dashboard for appuser will show a similar structure. However do note that the MyFTP folder for each user is a private folder only visible to that user. The SharefFTP folder is a shared folder and is visible to all users. If users upload any files on these folders these are now stored on the ECS — Instance 2.

Considerations

There are a few things that need to be kept in to consideration when deploying the app on the cloud:

  1. Make sure that both your ECS instance and the RDS instance are in the same Region / Zone. If not then the only way to communicate with the RDS will be by obtaining an internet facing IP for the RDS instance. This is unnecessary as we do not need to expose the Database to the internet for this application, and will also incur more costs besides being a security concern.
  2. Ensure that when you mount the External Storage you are using the intranet IP. While file transfer will work using the internet IP as well there is no need for putting the external storage traffic on the internet.
  3. Make sure when you are adding OwnCloud repositories you add them for the correct operating system version.
  4. During the installation (not configuration) of OwnCloud application it requests for a mysql admin username and password. However we are not using this configuration as our database is not sitting locally.

The following items can be improved if performing the deployment for a production setup:

  1. Mount a cloud storage to the ECS1-Instance under the Storage folder to store user files.
  2. Obtain a domain name for the Application server URL and bind it to the Internet IP for the ECS — Instance 1.
  3. Obtain a SSL certificate and run the application on https.

Reference: https://www.alibabacloud.com/blog/sync-and-share-solution-on-alibaba-cloud_594119?spm=a2c41.12228527.0.0