Object Storage Service (OSS) is a massive, secure, cost-effective, and highly reliable cloud storage service. You can mount an OSS bucket to Function Compute, which lets your function interact with OSS as if it were a local file system. This simplifies resource access and data processing workflows.
Limits
A Function Compute function supports up to five NAS and five OSS mount targets in the same region.
The local directories for NAS and OSS mount targets must be unique within the function's runtime environment.
For more information about configuring NAS mount targets, see Configure a NAS file system.
Prerequisites
Object Storage Service (OSS)
Function Compute
The OSS mount feature requires a RAM role that grants your function permission to access OSS. For details, see Grant a function permissions to access other cloud services by using a function role.
Procedure
Step 1: Configure an OSS mount target
Log in to the Function Compute console. In the navigation pane on the left, choose .
In the top navigation bar, select a region. On the Functions page, click the name of the target function.
On the function details page, click the Configuration tab. Click Advanced Settings to the right of Modify. In the Advanced Settings panel, find the Storage section, turn on the switch for Mount OSS, configure the parameters, and then click Deploy.
Parameter
Description
Example
OSS Mount Target: Configure the OSS mount target.
Bucket
Select an existing bucket. To create a new one, click Create OSS Bucket to open the OSS console. For information about fees associated with OSS, see OSS billing overview.
example-bucket
Bucket Subdirectory
Specify a subdirectory in the bucket. This must be an absolute path. If you leave this empty or set it to /, the root directory of the bucket is mounted.
/files
OSS Endpoint
When you select a bucket, the system automatically selects its endpoint. You can select Custom Endpoint to modify the endpoint address. For a list of OSS endpoints by region, see Regions and endpoints.
NoteIf the bucket and your Function Compute function are in the same region, use an internal endpoint.
If the bucket is in a different region, use a public endpoint. This incurs outbound data transfer fees.
Default Endpoint
Local directory of a function
Specify a local directory in the function's runtime environment. The directory must be a subdirectory of /home, /mnt, or /data.
/mnt/oss
Permissions on the local directory of the function
Select the permissions for the local directory. You can select Read-only or Read and Write.
Read/write
NoteThe OSS mount feature depends on the function's network configuration. If your function is configured to access only a VPC and Allow Default NIC to Access Internet is set to No, the function must be able to access the internet through the specified VPC to use a public OSS endpoint. For details, see Configure a static public IP address.
Step 2: Access files in the mounted directory
After you configure the OSS mount target, you can access files in the mounted directory as if they were local.
On the function details page, click the Code tab. Write your code in the editor, and then click Deploy.
The following code provides an example.
import os def handler(event, context): # Mount directory mount_path = '/mnt/oss' # List files in the mount directory files = os.listdir(mount_path) print("Files in OSS mount:", files) # Read a specific file from the mount directory file_path = os.path.join(mount_path, 'example.txt') if os.path.exists(file_path): with open(file_path, 'r') as file: content = file.read() print("Content of example.txt:", content) else: print("example.txt does not exist.") # Write a file to the mount directory write_path = os.path.join(mount_path, 'output.txt') with open(write_path, 'w') as file: file.write("Hello, OSS mount!") print("Wrote to output.txt in OSS mount.") return "Function execution completed."NoteIn the code, replace
example.txtwith the name of an actual file that exists in your mounted OSS directory.After the code is deployed, click Code on the Test Function tab.
After the execution is complete, you can view the results at the bottom of the Code tab. The Log Output tab shows the content of the
example.txtfile read from the OSS directory. You can also go to the OSS console to verify that theoutput.txtfile was written to the corresponding mounted directory.
FAQ
OSS mount error: bucket not found
Verify that the OSS access endpoint and bucket name are correct.
OSS mount error: host resolv error or deadline exceeded
Verify that the endpoint address is correct.
The
host resolv erroroccurs if the endpoint address cannot be resolved.Internal endpoints cannot be used across regions. Using an internal endpoint for a function in a different region causes a connection timeout, resulting in the
deadline exceedederror.
Mount error: invalid credentials
Verify that the RAM role configured for your function has the necessary permissions to access OSS. For details, see Grant a function permissions to access other cloud services by using a function role. The required permissions are as follows:
Read-only: Requires the
oss:ListObjectsandoss:GetObjectpermissions.Read and Write: Requires the
oss:ListObjects,oss:GetObject,oss:PutObject,oss:DeleteObject,oss:ListParts, andoss:AbortMultipartUploadpermissions.
The oss:ListObjects action is performed at the bucket level. Therefore, when you grant access to a specific bucket, the permission policy must include a resource ARN at the bucket level, such as acs:oss:*:*:bucketName. For more information, see OSS Resource.
Input/output error on reading mounted files.
Check the storage class of your OSS bucket. If the storage class is Archive or Cold Archive, objects in the bucket are in a frozen state and must be restored before they can be accessed. Set the storage class of your OSS bucket to Standard.
How to view files in the local directory
On the function details page, click the Instance tab. In the list of instances that are in the Running state, select an instance and click Connect to Instance in the Actions column.
After you connect to the instance, you can run commands to view information about the files in the configured local directory. For example:
Error accessing mount target: Transport endpoint is not connected
This error occurs when the OSS mount feature fails due to insufficient memory, which may be caused by low memory specifications or high memory usage. Increase the memory specification for your function based on your business needs. A minimum of 512 MB is recommended when using an OSS mount target.
Data persistence in function directories
Data written to a function's directory is deleted when the function instance is destroyed. To ensure data persistence, you can mount a NAS file system or an OSS bucket. For details, see Configure a NAS file system and Configure an OSS mount.
Read-only access for a bucket
Read/write access for a bucket
Read-only access for a subdirectory
Read/write access for a subdirectory
Files appear empty during write operations
When you write to a file through an OSS mount target, the system typically uploads the content to OSS only after you explicitly call the flush() method or close the file.
Slow performance for compression or file transfer
OSS does not natively support file system APIs. When you mount an OSS bucket as a directory, Function Compute emulates file system API behavior by combining and wrapping OSS APIs. For example, because OSS does not support random writes, modifying an existing file on an OSS mount target requires Function Compute to download the entire source file from OSS, modify it, and then re-upload it.
Performance is generally good for operations where file system APIs correspond directly to OSS API functions, such as sequential file reads and writes. However, operations that require combining multiple OSS APIs, such as the random read and write operations used in file compression or decompression, involve numerous interactions with OSS and are therefore slower than on a local file system.
Synchronization between function instances
No. Function instances are independent of each other, so access to an OSS mount target is not synchronized between them. For example, if instance A creates a file in the mount target, instance B might not see that file immediately.