DCM4CHEE-ARC-LIGHT: How to Configure Cloud as storage instead of FileSystem as storage

[Deepak Jayanth]

Hello,

I'm running the docker version of Dcm4chee-arc-light.

I tried to configure dcm4chee for using cloud as a primary storage instead of filesystem. But i got error when i tried to upload dicom images via STOW.

I tried to modify the entries on ldap 

DN: dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org

=> changed dcmStorageID from "fs1" to "amazon1"

created a new entry of "amazon1" with the following values to connect to amazon via S3

dcmStorageID=amazon1,dicomDeviceName=dcm4chee-arc,cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org

dcmURI: //s3:9020

dcmProperty: jclouds.endpoint=http://<awss3 url>

dcmProperty: container=dcm4chee-arc-light

dcmProperty: credential=<mycredential>

dcmProperty: identity=<myidentity>

< Rest of the parameters i copied from entry for fs1 >

Now when i send dicom images via STOW i get the following errors

IOException during read of (3033,3030) #532528 @ 725: java.io.EOFException

null@<MY IP>->DCM4CHEE: Failed to encode received object:: java.io.EOFException

Where i'm i making mistake?   

Thanks,

Deepak

PS: 

Currently the wiki has "HOWTOs" for configuring file system as primary storage 

https://github.com/dcm4che/dcm4chee-arc-light/wiki/How-to-configure-the-Storage-Directory

I tried to configure ldap myself for a cloud storage based on CloudStorage.java.

Are there any Wiki to configure a cloud provider as a storage?

[Deepak Jayanth]

Update: I have  figured out the reason behind the error i was getting. Thought of posting here incase anybody gets a similar error in future.

Basically i had two errors.  I resolved via the following way.

1) I used "/bin/bash" instead of "/bin/sh" when using curl to store objects via STOW-RS.

2) I used "jclouds:aws-s3"  as the dcmURI in ldap configuration for dcmStorageID

[ss...@zoomcare.com]

Hi,

What do the properties "identity" and "credential" mean? 

That is to say, are they referring to "Access Key ID" and "Secret Access Key"?

Thanks!

[gunterze]

In the case of Amazon S3, your identity is the Access Key ID and credential is the Secret Access Key. (s. https://jclouds.apache.org/start/blobstore/ )

By the way, we plan to improve support of cloud storage by adding a retrieve cache until end of this year.

gunter

[ss...@zoomcare.com]

Thank you for clarifying, the link gave very good context!

Following Deepak's earlier notes and the clarification on the meaning of identity/credential as it relates to Amazon S3 (and the how to guide on manual switch of file system), I was able to create a new cloud storage and manually switch the dcm4che archive to use the cloud storage as the primary storage.

By default, my test S3 bucket have permission for "sysadmin".

In order for DCM4CHEE-ARC-LIGHT to upload to the bucket with my identity/credential, I added another permission for "Any Autehnticated AWS User" (List/Upload/Delete/View Perm/Edit Perm).

Question

DCM4CHEE-ARC-LIGHT successfully uploaded to the bucket, however in the UI, when I try to click "Show Attributes from file" view/download the DICOM object, I get "Access Denied". 

Looking into the actual DICOM object in the S3 bucket, I see that the permission is back to default "sysadmin" only, and does not inherit the permission of the bucket, which have the additional "Any Authenticated AWS User" permission added.

When I manually add the extra permission to the actual DICOM object in S3, DCM4CHEE-ARC-LIGHT successfully display/download results.

Is DCM4CHEE-ARC-LIGHT suppose to adjust permission of the actual uploaded objects?

That is to say, might there be a missing configuration that I needed to set?

Or, this is something to configure on the S3 bucket side?

Thanks!!

Srey Seng

[gunterze]

It worked for me with attached bucket permissions.

[ss...@zoomcare.com]

There were permission policy that had to be sorted out on my S3 bucket side. 

In short, storing and retrieving works as expected now, thanks!