AIStore & Amazon S3 Compatibility
AIStore & Amazon S3 Compatibility
AIStore (AIS) is a lightweight, distributed object storage system designed to scale linearly with each added storage node. It provides a uniform API across various storage backends while maintaining high performance for AI/ML and data analytics workloads.
AIS integrates with Amazon S3 on three fronts:
-
Backend storage – via the backend provider abstraction, AIStore can be utiized to access (and cache or reliably store in-cluster) a remote cloud bucket such as
s3://my-bucket(aws://is accepted as an alias). This provides seamless access to existing S3 data. -
Front‑end compatibility – every gateway speaks the S3 REST API. The default endpoint is
http(s)://gw-host:port/s3, but you can enable theS3-API-via-Rootfeature flag to serve requests at the cluster root (http(s)://gw-host:port/). The same API works uniformly across all bucket types—nativeais://, cloud‑backeds3://,gs://, and more. -
Presigned request offload – AIS can receive a presigned S3 URL, execute it, and store the resulting object in the cluster. This lets you leverage S3’s authentication while using AIS for storage.
Which interface should I use?
AIS exposes a pure S3 surface for seamless compatibility and a native API for advanced, cluster‑aware workloads. The table below helps decide which path fits your scenario:
Table of Contents
- Quick Start
- S3 Clients: Two Distinct Types
- Configuring Clients
- Using s3cmd with AIS
- Supported Operations
- Use Native Bucket Inventory
- Deleting nonexistent object
- Compatibility Matrix
- Boto3 Examples
- FAQs & Troubleshooting
- Further reading
Environment assumption – Local Playground
The CLI examples below use
localhost:8080, which is the default endpoint when running AIS in the Local Playground.For other deployment modes (including Kubernetes Playground, Docker Compose, bare-metal cluster, or Kubernetes for production deployments) — replace the
host:portwith any AIS gateway endpoint.See Deployment Options and the main project Features list for a broader overview.
Quick Start
Quick start with aws CLI
Quick start with s3cmd
One‑liner (HTTP):
Tip — use a cluster‑specific
.s3cfgso you can drop the--host*flags. See the Example .s3cfg section below.
S3 Clients: Two Distinct Types
Basic facts first:
- AIS provides an S3-compatible API - there is no need for AIS-specific S3 clients.
- All AIS clients are expected to follow standard HTTP semantics.
- In particular, any client that implements standard HTTP redirect handling is fully supported.
The last point drives the distinction between two kinds of S3 clients:
- those that follow
307 Temporary Redirectby resending the original request - same method, URI taken verbatim from theLocationheader; - and those that don’t.
For the first kind, everything just works. The redirected Location URI carries the proxy’s signature and all query parameters the designated target needs to authenticate the request.
Conforming redirect handling - see RFC 9110 Location, Redirection 3xx, 307 Temporary Redirect - preserves both the method and the URI as given. AIStore’s signed redirects depend on exactly this behavior.
Known-good clients include:
- Python clients that drive the S3 API directly via
urllib3with redirect handling enabled; - AWS SDK for Go v2, which follows
307responses to theLocationURI verbatim; - Boto3 and other botocore-based applications using the AIStore botocore redirect patch.
Clients that reconstruct S3 endpoints
The second kind does not follow Location verbatim. Following S3 service conventions rather than HTTP RFC, these clients treat the XML <Endpoint> element as a reusable service address and re-derive the request themselves; some additionally refuse to redirect specific methods (notably HEAD).
A reconstructed request drops the signed query parameters. It may also arrive directly at a storage node’s public endpoint, bypassing the proxy altogether.
Either way, the receiving node cannot distinguish it from unsigned direct access. When the cluster requires proxy mediation—because AuthN or intra-cluster signing is configured—the node must reject it.
With the feature described below disabled, such requests fail with AccessDenied (403) or InvalidRequest (400).
The S3-Redirect-Rebuild cluster feature exists to support these clients anyway. It is a compatibility mode and an explicit security tradeoff - not an alternative signing mechanism.
When S3-Redirect-Rebuild is enabled:
- the XML
<Endpoint>reverts to its legacy form - barehost:port/s3(otherwise,<Endpoint>carries the same full signed URI asLocation); HEAD(object)is reverse-proxied to the designated target instead of redirected - HEAD responses carry no body and, hence, no<Endpoint>to rebuild from;- storage nodes accept unsigned S3 requests on their public endpoints - which, accordingly, must be reachable from the clients;
- proxy mediation, and any authorization enforced exclusively by the proxy, no longer protect those requests.
Correspondingly, S3-Redirect-Rebuild cannot coexist with AuthN or auth.intra_cluster: configuration validation rejects the combination.
The feature is disabled by default. Deployments that require strict proxy mediation and authenticated intra-cluster traffic must leave it disabled and use clients that follow the HTTP Location URI.
Configuring Clients
Finding the AIS endpoint
Choose any gateway’s host:port and append /s3, e.g. 10.10.0.1:51080/s3. All gateways accept reads and writes, so you can connect to any of them.
In fact, AIS gateways are completely equivalent, API-wise.
Checksum considerations
Amazon S3’s ETag is MD5 (or a multipart hash); AIS defaults to xxhash for better performance. To avoid client mismatch warnings, set MD5 per bucket:
Setting the checksum type to MD5 ensures compatibility with S3 clients that validate checksums, though it comes with a minor performance cost compared to xxhash.
HTTPS vs HTTP
Enable TLS in ais.json (net.http.use_https=true) or pass --no-ssl/--insecure flags when using tools. By default, AIS uses HTTP, while many S3 clients expect HTTPS.
Using s3cmd with AIS
Interactive s3cmd --configure transcript
During the test, enter your AIS endpoint when prompted:
Example .s3cfg
Edit your ~/.s3cfg file to include these lines (replace with your actual gateway endpoint):
This configuration allows you to run s3cmd commands without having to specify the host parameters each time.
Multipart uploads with s3cmd
For large files, use multipart uploads to improve reliability and performance:
The optimal chunk size depends on your network conditions and file size, but 8-16MB chunks work well for most cases.
Authentication (JWT) tips
When AIStore Authentication is enabled, each request must include a JWT Bearer token in the Authorization header.
However, s3cmd’s built-in AWS signer overwrites any --add-header values, so you need to patch the client directly.
Edit the sign() method of the S3Request class in s3cmd/S3/S3.py.
Add the following line to override the Authorization header:
Replace <token> with your actual JWT token. This modification ensures the token is included in every request.
Supported Operations
PUT / GET / HEAD
Regular verbs work with aws, s3cmd, or the native ais CLI:
Range reads
S3 API supports byte range requests for partial object downloads:
This would download only the first 100 bytes of the file.
Multipart uploads with aws CLI
Example parts.json:
Presigned S3 requests
Presigned URLs allow temporary access to objects without sharing credentials:
-
Enable feature:
-
Generate URL (typically done on the system with AWS credentials):
-
Replace the host with
AIS_ENDPOINT/s3and add header when using path style:
This allows AIS to handle the authenticated S3 request on behalf of the client.
Use Native Bucket Inventory
The older S3-specific inventory integration has been removed in v4.4.
Use native bucket inventory (NBI) for fast, inventory-backed listing of large remote buckets, including (but not limited to) s3 buckets.
Note that S3-compatible clients may request NBI-backed listing via Ais-Bucket-Inventory: true, and optionally select a specific inventory via Ais-Inv-Name.
Deleting nonexistent object
AIStore does not emulate S3’s silent-success delete semantics. In AIS, deleting a missing object is reported as “not found” - with a single exception: when the bucket has an S3 backend. This does not violate HTTP idempotency: a repeated DELETE still has the same intended effect on server state, even though the response differs.
When the bucket does have an S3 backend and the object is missing, we return whatever the backend gives us - which, for S3, is 204 (no error).
Apart from this single exception, returning an error on delete of a nonexistent object is an intentional semantic choice for consistency with the rest of AIS.
Compatibility Matrix
Not yet supported: Regions, CORS, Website hosting, CloudFront; full ACL parity (AIS uses its own ACL model).
Boto3 Examples
Python applications can use Boto3 (the AWS SDK for Python) to connect to AIStore. Since AIStore implements S3 API compatibility, most standard Boto3 S3 operations work with minimal changes.
Prerequisites
For Boto3 to work with AIStore, you need to patch Boto3’s redirect handling:
This patch modifies Boto3’s HTTP client behavior to handle AIStore’s redirect-based load balancing. For details, see the Boto3 compatibility documentation.
Client Initialization
Basic Bucket Operations
Object Operations
Multipart Upload Example
For large files, you can use multipart uploads: