OSS-HDFS prerequisites

更新时间:
复制 MD 格式

Before you enable the OSS-HDFS service, understand its interactions with other OSS features to prevent operational issues and data loss.

Warning
  • After you enable the OSS-HDFS service for a bucket, the service's data is stored in the bucket's.dlsdata/ directory. Do not perform write operations, such as renaming or deleting, on this directory and its objects using non-OSS-HDFS methods. This can cause service disruptions or data loss.

  • If your account has an overdue payment or if the dependent RAM roleAliyunOSSDlsDefaultRole is deleted, the HDFS background service may enter safe mode. In safe mode, all background tasks, such as audit logging, asynchronous deletion, and automatic storage tiering, are paused. The service automatically resumes after the issue is resolved.

The following table describes the risks and considerations for operations on the.dlsdata/ directory after you enable the OSS-HDFS service.

Feature

Risk

Description

References

Retention policy

Data cannot be deleted

Do not enable the OSS-HDFS service and configure a retention policy on the same bucket. Otherwise, when you delete data from the.dlsdata/ directory through OSS-HDFS, the operation may appear successful, but the data is retained for the duration of the policy and cannot be deleted even after the policy expires.

Bucket-level retention policies (BucketWorm)

Lifecycle rule

Data loss

When you create or update a lifecycle rule for a bucket with OSS-HDFS enabled, you must use theNOT element to exclude the.dlsdata/ directory. This prevents the lifecycle rule from deleting or transitioning data critical to OSS-HDFS operations.

In the Create lifecycle rule panel, set Policy to Match by Prefix, enable the NOT switch, and enter .dlsdata in the Prefix field under NOT.

If you need to manage the lifecycle of data stored in OSS-HDFS after enabling the service, use its built-in automatic storage tiering feature.

Versioning

Automatic data deletion failures and service instability

Do not enable the OSS-HDFS service and versioning on the same bucket. This can lead to service instability. To ensure stable operation, suspend versioning as soon as possible and configure a lifecycle rule to clean up delete markers.

Delete directories

Data loss

To prevent service disruption or data loss, do not delete the.dlsdata/ directory or its subdirectories in a bucket where OSS-HDFS is enabled.

Delete directories

Delete objects

Data loss

To prevent service disruption or data loss, do not delete any object within the.dlsdata/ directory in a bucket where OSS-HDFS is enabled.

Delete objects

Rename objects

Data loss

To prevent service disruption or data loss, do not rename any object within the.dlsdata/ directory in a bucket where OSS-HDFS is enabled.

Rename objects

Upload objects

Data loss

To prevent service disruption or data loss, do not upload objects to the.dlsdata/ directory using non-OSS-HDFS methods.

Simple upload

Modify the storage class of objects

Data access failures and billing changes

Avoid modifying the storage class of objects in the.dlsdata/ directory of a bucket where OSS-HDFS is enabled.

  • If you change the storage class to Infrequent Access, the data remains accessible through OSS-HDFS.

  • If you change the storage class to Archive, Cold Archive, or Deep Cold Archive, the data becomes inaccessible through OSS-HDFS. You must restore the data before you can access it.

  • Changing the storage class to Infrequent Access, Archive, or other types may be subject to limitations such as a minimum billable size (64 KB), a minimum storage duration, and data retrieval fees.

Proceed with caution to avoid impacting data access or incurring extra costs.

Bucket policy

Data access failures, automatic deletion failures, and continuous billing

To ensure that OSS-HDFS users can access the.dlsdata/ directory and its objects, do not create a bucket policy with a deny action after enabling the OSS-HDFS service. Otherwise, the OSS-HDFS service cannot read from or write to the bucket.

If you must configure a deny policy that restricts access to specific IP addresses or VPCs for security reasons, you must add the following condition to all deny statements, placing it within the Condition element. This ensures that the OSS-HDFS background service can still access the bucket through the Classic Network:

"StringNotLike":{
    "oss:ClassicIntranet":[
        "true"
    ]
}

Bucket Policy

RAM

Data access failures, automatic deletion failures, and continuous billing

When you enable the OSS-HDFS service for a bucket, theAliyunOSSDlsDefaultRole RAM role is automatically created and theAliyunOSSDlsRolePolicy policy is attached to it. To ensure users can access the.dlsdata/ directory and its objects, do not disable, modify, or delete this role or its attached policy.

Enable OSS-HDFS

Bucket inventory

Data contamination

To prevent service disruption or data contamination when configuring inventory reports for a bucket with OSS-HDFS enabled, do not set the Inventory Path to.dlsdata/.

Bucket inventory

Log shipping

Data contamination

To prevent service disruption or data contamination when configuring log shipping for a bucket with OSS-HDFS enabled, do not set the Log Prefix to.dlsdata/.

Configure log shipping

ZIP package decompression

Data contamination and data loss

To prevent service disruption, data contamination, or data loss when configuring rules for ZIP package decompression on a bucket with OSS-HDFS enabled, do not set the Destination Directory to.dlsdata/.

Upload and automatically decompress a ZIP package

Important

The OSS-HDFS service stores HDFS data and metadata in an OSS bucket. This data is stored under the .dlsdata/ path in the bucket and incurs standard OSS storage charges. For more information, see Storage capacity usage.