Sync and Share Solution on Alibaba Cloud

By Nooruddin Abbas Ali, Solutions Architect

Typical enterprises these days are using centralized storage sub-systems and technologies such as NFS, SMB and File Servers to share files across employees and partner eco-system. While these systems have existed and evolved over a decade they still suffer from some common issues:

  1. Ever expanding need for storage
  2. Lack of (or limited) authentication and fine grained authorization capabilities
  3. Version control
  4. The need for VPN or other secure connectivity in order to access documentation from outside the enterprise network (for mobile / satellite users)
  5. Limited to no support for mobile devices

The following article details the design and deployment of an open-source application known as OwnCloud. OwnCloud is an application that allows users to backup / sync their files across different devices and share these files with other users or the public. This application is very similar to the likes of Dropbox or OneDrive.

Please note that this document assumes that 2 Elastic Compute Service (ECS) instances (using Ubuntu 14.04) and 1 ApsaraDB for RDS instance (using MySQL 5.6) have already been provisioned on Alibaba Cloud. If you don’t know how to do so, visit Alibaba Cloud Getting Started to learn more.

Application Layout

OwnCloud is not a very complex application, but has all the components of a typical 3 -tier application namely Web Front End, Application Layer, and Database. In order to deploy the application I utilized 2 ECS instances and 1 RDS instance. The following diagram depicts the application deployment architecture:

Reference Architecture for Production

Test Application Layout

The following table describes the application layout details:

Set up the following security Group rules:

  1. Allow Internet Ingress TCP 80,443 on ECS-Instance 1 (Deny everything else)
  2. Deny All Internet Ingress on ECS-Instance 2

Test Application Deployment

Setting up the Database

Log in in to the Alibaba Cloud Console

Go to Products and Services — ApsaraDB for RDS.

Select Singapore for the region in RDS Management

Next to the RDS instance name click on Manage.

Click on Database Management.

Click on Create database and enter the following details and click OK:

  1. Database name: owncloud
  2. Support character set: utf8

Click on Account Management.

Click on Create Account and enter the following details and click OK:

  1. Database Account: owncloud
  2. Authorized Database: Move owncloud to Authorized database and make sure that Read/Write is checked
  3. Password:
  4. Confirm password:

This completes the database setup.

Deploying the OwnCloud Application

Installation

Login in to the command line for Ubuntu on Instance 1:

$ ssh root@xx.xx.xx.xx

Once logged in download the Release Key for OwnCloud software and add it to the apt-key repository:

$ cd /tmp 
$ wget http://download.opensuse.org/repositories/isv:ownCloud:community/xUbuntu_14.04/Release.key
$ sudo apt-key add - < Release.key

Add the OwnCloud repository source to Ubuntu:

$ sudo sh -c "echo 'deb http://download.opensuse.org/repositories/isv:/ownCloud:/community/xUbuntu_14.04/ /' >> /etc/apt/sources.list.d/owncloud.list"

Update the software repository:

sudo apt-get update

Install the OwnCloud application

sudo apt-get install owncloud

Make sure that the application installs successfully.

Configuration

On the ECS-Instance 1 run the following command:

$ mysql -h <Database-URL> -P 3306 -u owncloud -p

When prompted enter the password set up in the RDS portal.

On the mysql> prompt run the following commands to ensure connectivity to the database:

mysql> use owncloud;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> exit
Bye

Now go to the browser and open the following URL: http:///owncloud/

Click on the Storage and Database section and select the MySQL-MariaDB this opens up the configuration for the database.

Use the following values to perform the initial configuration after which I click Finish Setup.

Using the OwnCloud Application

This is a simple view of the files available on my cloud storage for the oadmin account.

In order to start using the application I decided to create another user. Note that oadmin is an administrative user.

Creating a New User

Click on oadmin (username on the top right) and select Users.

Enter username: appadmin password: nand click Create.

Since we want to create a normal user with no administrative rights leave the Gourps and Group Admin settings to no group.

Now in order to see the application in action install an OwnCloud client on your desktop.

Installing the OwnCloud Desktop Client

Run the following command to add the owncloud client repository:

$ sudo dnf config-manager --add-repo http://download.opensuse.org/repositories/isv:ownCloud:desktop/Fedora_25/isv:ownCloud:desktop.repo

The following command was used to install the client:

$ sudo dnf install owncloud-client

Once the installation is complete launch the OwnCloud desktop client in Fedora. This then takes you through the connection and account setup. Use the following values for configuring the OwnCloud Desktop Client:

At this point it provides you with an option of opening the OwnCloud in Browser or the local folder. If you chose the local folder something similar to the below opens up and in a few seconds the default files/folders from the server are synced to the desktop:

Adding External Storage to OwnCloud

In order to make things more interesting lets attach an external storage to the application. For this purpose let’s run a ftp service on ECS instance 2 and then make this FTP visible to the users with various options. I followed the following steps to set this up:

On the ECS-Instance 2:

Added a user to the server for owncloud:

$ sudo adduser owncloud

Enter the password details and leave the rest as default

Create storage folders for shared storage and private user storage

$ sudo su - owncloud
$ mkdir /home/owncloud/owncloudstorage
$ mkdir /home/owncloud/oadmin
$ mkdir /home/owncloud/appuser
$ mkdir /home/owncloud/owncloudstorage

Since secure shell (ssh) is already installed on the ubuntu servers in ECS the sftp service is available by default. The remaining configuration is to be done in the Administrative web interface. Use the following steps:

Go to http:///owncloud/ and log in using oadmin credentials.

Click on oadmin (username) on the top right corner and click Admin.

On the Top left corner click on Admin and click the + App sign.

In the menu click on Not Enabled.

Find External Storage Support and press the Enable button.

Click on oadmin (username) on the top right corner and click Admin.

Click on External Storage.

Click the Add Storage dropdown and select sftp.

Enter the following details:

  1. Host: 10.27.48.132
  2. Username: owncloud
  3. Password:
  4. Remote subfolder: /home/owncloud/owncloudstorage

Click the Add Storage dropdown and select sftp

Enter the following details:

  1. Host: 10.27.48.132
  2. Username: owncloud
  3. Password:
  4. Remote subfolder: /home/owncloud/appuser
  5. Available for: appuser

Click the Add Storage dropdown and select sftp

Enter the following details:

  1. Host: 10.27.48.132
  2. Username: owncloud
  3. Password:
  4. Remote subfolder: /home/owncloud/oadmin
  5. Available for oadmin

The following should be the result. Make sure all the storage attachments are green as shown below:

If you now login in to the OwnCloud dashboard for oadmin it will see the following:

The dashboard for appuser will show a similar structure. However do note that the MyFTP folder for each user is a private folder only visible to that user. The SharefFTP folder is a shared folder and is visible to all users. If users upload any files on these folders these are now stored on the ECS — Instance 2.

Considerations

  1. Make sure that both your ECS instance and the RDS instance are in the same Region / Zone. If not then the only way to communicate with the RDS will be by obtaining an internet facing IP for the RDS instance. This is unnecessary as we do not need to expose the Database to the internet for this application, and will also incur more costs besides being a security concern.
  2. Ensure that when you mount the External Storage you are using the intranet IP. While file transfer will work using the internet IP as well there is no need for putting the external storage traffic on the internet.
  3. Make sure when you are adding OwnCloud repositories you add them for the correct operating system version.
  4. During the installation (not configuration) of OwnCloud application it requests for a mysql admin username and password. However we are not using this configuration as our database is not sitting locally.

The following items can be improved if performing the deployment for a production setup:

  1. Mount a cloud storage to the ECS1-Instance under the Storage folder to store user files.
  2. Obtain a domain name for the Application server URL and bind it to the Internet IP for the ECS — Instance 1.
  3. Obtain a SSL certificate and run the application on https.

Reference: https://www.alibabacloud.com/blog/sync-and-share-solution-on-alibaba-cloud_594119?spm=a2c41.12228527.0.0

Follow me to keep abreast with the latest technology news, industry insights, and developer trends.