FSOBJCFG

FSOBJCFG

Section: FSCLI (1)
Updated: April 2019

NAME

fsobjcfg – Configure or report all Object Storage components in Quantum storage system.

SYNOPSIS

fsobjcfg -a -i host_address [-p port_number] [-e http|https] [-U username -P password] [-v provider] [-B] appliance_alias
fsobjcfg -m [-i host_address] [-p port_number] [-e http|https] [-U username [-P password]] [-B] appliance_alias
fsobjcfg -d appliance_alias
fsobjcfg -a -n controller_alias [-s streams[:readstreams]] [-B] appliance_alias
fsobjcfg -m -s streams[:readstreams] [-B] -n controller_alias
fsobjcfg -d -n controller_alias
fsobjcfg -a -o iopath_alias -i connection_endpoint [-e http|https] [-t mediatype] [-u PATH|VHOST] [-B] -n controller_alias
fsobjcfg -m -o iopath_alias [-i connection_endpoint] [-e http|https] [-t mediatype] [-u PATH|VHOST] [-B] -n controller_alias
fsobjcfg -d -o iopath_alias -n controller_alias
fsobjcfg -a -b namespace [-c copy] [-C class] [-f mediaid] [-t mediatype] [-U username -P password] [-K keyfile] [-I uuid] [-S signing_type] [-O storageclass] [-D duration] [-Y authentication_type] [-G y|n] [-J y|n] [-B] appliance_alias
fsobjcfg -a -b namespace -t AWS -Y STS_PUBLIC|STS_GOVCLOUD -R role -U username -P password [-c copy] [-C class] [-f mediaid] [-D duration] [-O storageclass] [-S signing_type] [-Z authentication_endpoint] [-G y|n] [-J y|n] [-B] appliance_alias
fsobjcfg -a -b namespace -t AWS -Y CAP -R role -A CAP_agency -M CAP_mission [-c copy] [-C class] [-f mediaid] [-D duration] [-O storageclass] [-S signing_type] [-G y|n] [-J y|n] [-B] appliance_alias
fsobjcfg -m [-b namespace] [-c copy] [-C class] [-t mediatype] [-U username] [-P password] [-K keyfile] [-D duration] [-O storageclass] [-S signing_type] [-Y authentication_type] [-G y|n] [-J y|n] [-B] [-X] -f mediaid
fsobjcfg -m [-t AWS] [-Y STS_PUBLIC|STS_GOVCLOUD] [-b namespace] [-c copy] [-C class] [-U username] [-P password] [-R role] [-D duration] [-O storageclass] [-S signing_type] [-Z authentication_endpoint] [-G y|n] [-J y|n] [-B] -f mediaid
fsobjcfg -m [-t AWS] [-Y CAP] [-b namespace] [-c copy] [-C class] [-A CAP_agency] [-M CAP_mission] [-R role] [-D duration] [-O storageclass] [-S signing_type] [-G y|n] [-J y|n] [-B] -f mediaid
fsobjcfg -d -f mediaid
fsobjcfg -r -f mediaid
fsobjcfg -q -f mediaid
fsobjcfg -V awsregionsfile
fsobjcfg [-l] [-F type]

DESCRIPTION

The fsobjcfg(1) command adds, modifies, deletes, and reports configuration settings for Object Storage components in the Quantum storage system. Object Storage components are: Appliances, Controllers, IO Paths, and Namespaces. These components and their attributes provide the addressing information required to form the URL to store and retrieve objects from the Object Storage.

The URL to the Objects in the Object Storage consists of an Internet Address and optional TCP/IP Port Number, and the Namespace. The IO Path is a complete TCP/IP connection endpoint. The Namespace component provides the location within Object Storage where the data is stored. A URL looks like :

AXR
http://10.64.68.22:8090/namespace/bucketname/objectid
S3 or QVAULT
http://10.64.68.22:7070/bucketname/objectid

Object Storage Namespaces are used by the Tertiary Manager software as secondary storage similar to tape or Storage Disk media.

For any fsobjcfg(1) command option, the Tertiary Manager software can be active or inactive.

Submitting the fsobjcfg(1) command with no options or –l option generates a report showing all Quantum Object Storage components that are currently configured.

The fschstate(1) command can be used to change the state of an Object Storage component once it has been configured.

OPTIONS

-a
Add a new Object Storage component. If the command is invoked and any of the required parameters are omitted, an error message is returned. The error message identifies the field that was not entered.
-m
Modify an Object Storage component. The component alias cannot be modified.
-d
Delete an Object Storage component. A component cannot be deleted if it has children components still configured. A namespace component can not be deleted if it contains any stored copies. The fsrminfo(1) command can be used to purge any data prior to removing a namespace component from the configuration.
-r
Refresh the space available capacity for the specified media. It is typically used to reenable storage of data after an out-of-space condition has been encountered with a media and actions have already been taken to address the out-of-space issue on the appliance.
-q
Run a connectivity test to the specified media to ensure that the media is reachable and that the authentication, connection, and signing information configured for the media is valid. This test will also return the Object Storage system’s server header string, which usually includes the server name and version, if available.
appliance_alias
Appliance Alias. This is a variable string of up to 256 characters and is case sensitive. Duplicates are not allowed. This command is normally the name you have given to your Object Storage device. The appliance_alias is used to uniquely identify a single system.
-i connection_endpoint
Connection_endpoint of either the management GUI or IO Data Path of the Object Storage device.
The connection_endpoint given in the appliance configuration is used to access the appliance management GUI. For the appliance, the port number is given as a separate option.
The connection_endpoint given in the IO Path configuration is used to access the appliance namespace and its objects. For the iopath, the port number is a part of the connection endpoint if it is needed. connection_endpoint can either be DNS hostname e.g. host.abc.com or an Internet Protocol address e.g. 10.65.166.123, or an Internet Protocol address and port number e.g. 10.65.166.123:8080. If the port number is not given in the connection endpoint, port 80 is the default.
For the AWS media type, the connection_endpoint must specify an AWS region endpoint. If the endpoint is newly supported by Amazon, support within the Quantum storage system can be enabled by adding this endpoint along with its region name to the AWS regions configuration file (/usr/cvfs/config/awsregions.json) and then restarting the Quantum storage system.
Duplicate connection endpoints are not allowed.
-u PATH | VHOST
There are 2 ways to format a URL, PATH style and VHOST style. A PATH style URL looks like:
http://ip-address:port/namespace-name/object-id
A VHOST style URL looks like:
http://namespace-name.ip-address:port/object-id
Using a VHOST style URL requires additional address resolution setup on the calling host and target Object Storage system. For more information on VHOST URLs, please refer to the following link:
http://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html.
Please refer to the S3 setup instructions provided by the specific vendor.
The default is PATH style URL. VHOST style URLs are supported for S3 compatible media only and is not supported for AXR and Azure media.
-p port_numbers
This is the TCP/IP port number that you have configured for the management GUI. Specify the singular VIP(Virtual IP) for the management GUI.
-e http | https
Network protocol to use when accessing the management GUI or Client Daemons on Object Storage systems. Management GUI port can either be http or https. Each iopath references a Client Daemon. Each iopath can either be http or https. Verify with your Administrator the configured http/https port numbers.
Https is a layering of http on top of SSL/TLS. SNSM, via libcurl, uses an OpenSSL implementation of the SSL and TLS protocols.
Libcurl is configured at build time to set the correct default location for Certificate Authority (CA) Root certificates for OpenSSL use. This default varies depending on the OS distribution. You can override the default directory that holds the individual certificates with FS_OBJSTORAGE_CAPATH. You can also override the default certificate file bundle with FS_OBJSTORAGE_CACERT. Note that /opt/quantum/openssl/bin/c_rehash must be run on the overriding directory that holds the individual certificates to create the necessary symlinks to the individual certificate files for OpenSSL use. This action is not needed when overriding the certificate bundle file.
The FS_OBJSTORAGE_SSL_VERIFY_PEERHOST indicates the type of verification to be used: either peer or both peer and host verification. The default is peer and host verification. Note that wildcards in the hostname used in the Common Name (CN) in the certificate are incompatible with host verification. You must change the host verification to peer if wildcards are used.
If you overrode the default CA Root certificate(s) location set by libcurl, make sure that each DDM host is also re-configured accordingly.
-n controller_alias
This is normally the name you have given to your Object Storage controllers. Duplicates are not allowed. controller_alias is a variable string of up to 256 characters and is case sensitive.
-s streams[:readstreams]
streams specifies the maximum number of I/O streams per controller. This allows the number of concurrent I/O operations per controller to be adjusted. The maximum stream count must be greater than zero.
readstreams can be specified to reserve a subset of streams for file retrieves. The number of retrieves can exceed this count but the reserved streams cannot be used for non-retrieve requests. If the readstreams count is equal to the streams count, streams will not be made available for store requests.
If the -s option is not specified, the current default is used and streams are not reserved specifically for retrieves. Use the display option to see the default configured values.
-o iopath_alias
The I/O path alias. Duplicates are not allowed. iopath_alias is a string of up to 256 characters and is case sensitive.
-b namespace
This corresponds to the namespace that you have created on Object Storage system. Duplicates within the same appliance are not allowed. Namespace is a string of up to 256 characters and is case sensitive. A namespace can only be associated with either the AXR or the S3 Object Storage API. This is persistent and can not be modified.
-v provider
This identifies the provider of the appliance. The appliance provider determines the format of provider-specific REST headers. The following provider types are supported by Tertiary Manager software:

AWS
AZURE
GOOGLE
LATTUS
QCV1
QVV1
S3COMPATIBLE
-t mediatype
The object storage media type. This is assigned to a namespace and an iopath. Namespaces and iopaths are associated with a specific Object Storage API. The following object storage media types are supported by Tertiary Manager software:

AWS
AXR
AZURE
GOOGLE
GOOGLES3
QVAULT
S3
S3COMPAT
If -t is not specified, the media type will default to AXR. Connectivity tests are only performed for AXR iopaths.
-S signing_type
Used to specify the signing type for the requests sent to the Object Storage and/or authentication server. The following signing types are supported:

V2
V4
AZURE
The default is V4 for AWS, Q-Cloud, and S3 compatible media, V2 for GOOGLES3 and Lattus S3 media, and AZURE for Azure media. This option is not valid for AXR and Google media. When configuring V4, chunked mode is preferable and should be used if supported by the object storage system. For object storage which does not support chunked mode, such as AWS Snowball, you must specify the full payload mode signing option, -J, for the object storage bucket.
-U username
If permissions have been configured on the appliance system which require username/password authentication, the same credentials must be specified here. If no permissions have been configured on the appliance, they should not be configured here either. To remove the username/password combination during modification specify none for the username. For media types AWS (not using CAP authentication), S3COMPAT, AZURE and GOOGLES3, the username is required and must be defined in the bucket (namespace) configuration. The username can be a maximum of 256 characters and consist of any ASCII character. The username is also known as the Access Key Id for S3 compatible media, or the Storage Account Name for Azure media.
-P password
If permissions have been configured on the appliance system which require username/password authentication, the same credentials must be specified here. If no permissions have been configured on the appliance, they should not be configured here either. For media types AWS (not using CAP authentication), S3COMPAT, AZURE and GOOGLES3, the password is required and must be defined in the bucket (namespace) configuration. The password can be a maximum of 256 characters and consist of any ASCII character. The password is also known as the Secret Access Key for S3 compatible media, or the Storage Access Key for Azure media.
-f mediaid
Media identifier is a name that uniquely identifies a specific namespace amongst multiple Object Storage systems. Media identifier is a variable string of 16 characters.
-I uuid
Uuid uniquely identifies a specific namespace amongst multiple Lattus systems. Uuid, if given must conform to RFC 4122 – A Universally Unique IDentifier (UUID) URN Namespace.
-K keyfile
Specifies the location of the private key file containing the credentials for the service account which manages your media. The private key file must be created and downloaded from the Google Cloud service account associated with the specified media and must be in JSON format. This option is valid only for GOOGLE media.
-Y authentication_type
An authentication type is required for all Object Storage media except for AXR and GOOGLE. The following authentication types are supported:

STANDARD
STS_PUBLIC
STS_GOVCLOUD
CAP
If this option is not specified, the authentication type will be set to STANDARD.
The STANDARD type applies to all media and authenticates with a user name and password for Object Storage access. For S3 compatible media the user name and password are the Access Key Id and Secret Access Key. For Azure media, the user name and password are the Storage Account Name and Storage Access Key.
The STS_PUBLIC type uses the AWS Security Token Service (STS) to obtain temporary credentials for access to Object Storage in the AWS public cloud. This authentication type applies only to AWS media and requires a role, username and password be specified.
The STS_GOVCLOUD type uses the AWS Security Token Service (STS) to obtain temporary credentials for access to Object Storage in the AWS GovCloud. This authentication type applies only to AWS media and requires a role, username and password be specified.
The CAP type uses the AWS Commercial Cloud Services (C2S) Access Portal (CAP) to obtain temporary credentials for access to Object Storage in the AWS Private Cloud for the Federal Government. This authentication type applies only to AWS media and requires a role, CAP mission, and CAP agency be specified. Furthermore, it requires the specification of the following sysparms in /usr/adic/TSM/config/fs_sysparm_override:
FS_OBJSTORAGE_CAPATH which sets the directory where the issuer’s certificate authority (CA) can be found, if it is not already included in the operating system’s default trusted root certificate file. Note, the certificate should be in PEM format. For example, the certificate can be copied to /usr/cvfs/config/ssl and configured as follows:

FS_OBJSTORAGE_CAPATH=/usr/cvfs/config/ssl;
Note, if your customized CA PEM file contains more than one certificate, we recommend that you append the content of your customized CA PEM file to your operating system’s default CA bundle and to NOT use sysparm FS_OBJSTORAGE_CAPATH to set the location of your customized CA PEM file. Otherwise, you could split your CA PEM file into multiple CA PEM files, each of which contains a single CA certificate, and use sysparm FS_OBJSTORAGE_CAPATH to set the location of your newly split single certificate CA PEM files.
FS_OBJSTORAGE_CLIENTCERT which sets the location of the X.509 client certificate installed on the system for the CAP server to authenticate. Note that the certificate should be in PEM format. For example, the client certificate can be copied to /usr/cvfs/config/ssl/client-cert-filepath, and configured as follows:

FS_OBJSTORAGE_CLIENTCERT=/usr/cvfs/config/ssl/client-cert-filepath;
FS_OBJSTORAGE_C2S_CAP_HOSTPORT which sets the connection endpoint for the CAP server and can be configured as follows:

FS_OBJSTORAGE_C2S_CAP_HOSTPORT=cap-portal:port;
FS_OBJSTORAGE_CLIENTKEY which sets the location of the client private key if the client private key is kept separately from (i.e. not included in) the client certificate file. This parameter can be configured as follows:

FS_OBJSTORAGE_CLIENTKEY=/usr/cvfs/config/ssl/client-key-filename;
FS_OBJSTORAGE_CLIENTKEY_PASS which specifies the passphrase used to protect the client private key and can be configured as follows:

FS_OBJSTORAGE_CLIENTKEY_PASS=passphrase;
Make sure to run the following command to generate the hash for your certificates: opt/quantum/openssl/bin/c_rehash /usr/cvfs/config/ssl. Restart TSM to allow the system parameter changes to take effect.
-Z authentication_endpoint
Specifies an authentication endpoint which overrides the default endpoint for the public or GovCloud STS server. This option is valid only with the STS_PUBLIC and STS_GOVCLOUD authentication types. If the endpoint is newly supported by Amazon, support within the Quantum storage system can be enabled by adding this endpoint along with its region name to the AWS regions configuration file (/usr/cvfs/config/awsregions.json).
-O storageclass
Defines the storage class for AWS, Azure and GOOGLES3 media only. The following storage classes are supported:

azure_block_blob
Azure Block Blob storage class. Blobs in this storage class are in either Cool or Hot tier. Cool or Hot tier is an attribute of the container, defined by the user during configuration of the container on Azure.
azure_block_blob_archive
Data written to this tier must be rehydrated before it can be read. Note: this tier feature only applies to Azure Blob storage and General Purpose v2 (GPv2) accounts. General Purpose v1 (GPv1) accounts do not support tiering. For more information, check the Azure documentation on Blob storage tiers.
glacier
AWS Glacier storage class using standard retrievals to access data within 3-5 hours
glacier_bulk
AWS Glacier storage class using bulk retrievals to access data within a day
glacier_exp
AWS Glacier storage class using expedited retrievals to access data within 1-5 minutes
standard
AWS Standard storage class
standard_ia
AWS Standard – Infrequent Access storage class
By default, this is set to standard for all AWS, GOOGLES3, and Q-Cloud Archive media, glacier for Q-Cloud Vault media, and azure_block_blob for Azure media. standard is the only valid storage class for GOOGLES3.
Note, the cost of retrieval from a Glacier storage class will vary by retrieval time, with the quickest retrieval type having the highest cost. Please refer to the AWS Glacier documentation for current pricing.
-R role
For STS_PUBLIC and STS_GOVCLOUD authentication, use the Amazon Resource Name (ARN) of the role to assume. For CAP authentication, use the Identity and Access Management (IAM) role associated with the target C2S account. A role is required by AWS STS and the CAP servers to obtain temporary credentials. This option is valid only with the STS_PUBLIC, STS_GOVCLOUD, and CAP authentication types.
-D duration
The duration, in seconds, of the role session or OAuth credentials before expiration. The value must be in the range 900 to 3600. A default value of 3600 seconds is used if a duration is not specified. This option is valid only for the STS_PUBLIC, STS_GOVCLOUD, and CAP authentication types and for GOOGLE media.
-A CAP_agency
The agency associated with the target C2S account. This option is valid only for the CAP authentication type.
-M CAP_mission
The mission associated with the target C2S account. This option is valid only for the CAP authentication type.
-c copy
Used to specify the copy number for the namespace or media being configured. If not specified when adding a namespace, the copy number will be set to 1.
-C class
Used to specify the policy class for the namespace or media being configured. If not specified when adding a namespace, no policy class association will be set for the media, and the media can be used by any and multiple policy classes. When modifying a namespace, the associated policy class can be changed as long as the media is blank. To remove the policy class association for a media so that it can be used by multiple policy classes, use the fschmedstate(1) command with the -b option.
-l
As part of the report, show the configured username for all configured appliances and namespaces.
-G y | n
Specify whether the Object Storage server supports batch delete operation.
-J y | n
Enable the AWS V4 full payload signing mode for store operation. If this option is not specified or ‘n’ is specified, the chunked transfer mode will be used. For performance reasons, full payload transfers with V4 signing should only be used for those storage systems, such as AWS Snowball, which do not support chunked mode V4 signing.
-B
During addition and modification, the path to the component is verified for connectivity. If connectivity cannot be made, a warning message will be given and the command will fail. By specifying the -B option, the connectivity verification will still occur, but the command will not fail if the connectivity cannot be verified.
-X
For conversion from AXR to S3, if the media has active objects, this option is required to force the change of the media name and/or type.
-V awsregionsfile
Validates that the specified AWS region configuration file is correctly formatted.
-F type
Sets the output format to the specified type. Valid values are TEXT (default), XML, or JSON.
TEXT is the “legacy” textual format.
XML (Extensible Markup Language) is a set of rules for encoding documents in machine-readable form. XML’s design goals emphasize simplicity, generality, and usability over the Internet. It is a textual data format. Although the design of XML focuses on documents, it is widely used for the representation of arbitrary data structures, for example in web services. You may validate the XML output using the XSD (see fsxsd(1) for details). See http://en.wikipedia.org/wiki/XML for more information.
JSON (JavaScript Object Notation) is a lightweight text-based open standard designed for human-readable data interchange. It is derived from the JavaScript programming language for representing simple data structures and associative arrays, called objects. Despite its relationship to JavaScript, it is language-independent, with parsers available for virtually every programming language. The JSON format is often used for serializing and transmitting structured data over a network connection. It is primarily used to transmit data between a server and web application, serving as an alternative to XML. See http://json.org for more information.

RESTRICTIONS

The host address, port numbers, and namespace must be accessible when performing add, modify, or delete operations. The command automatically performs connectivity tests. If using https, the host address must match one of the names in the connecting server’s SSL Certificate during SSL/TLS authentication.

EXAMPLES

Configure a Webscale Object Storage destination, followed by a namespace corresponding to bucket web-bucket, specifying media type S3COMPAT, V4 signing, and standard authentication :

fsobjcfg -a -i webscale-server-hostname -v S3COMPATIBLE -p 443 \
     -e https webscale
fsobjcfg -a -n websctl -s 48 webscale
fsobjcfg -a -o webspath -i webscale-server-hostname:8082 -e https \
     -u PATH -t S3COMPAT -n websctl
fsobjcfg -a -b web-bucket -t S3COMPAT -c 1 -f WS0001 -U username \
     -P password -S V4 -Y STANDARD webscale

Configure an Azure Object Storage destination, followed by a namespace corresponding to Azure container az-container, specifying media type AZURE, Azure signing, standard authentication, and the Azure Block Blob storage class. The dafault is Azure Block Blob:

fsobjcfg -a -i blob.core.windows.net -v AZURE -p 443 -e https azure
fsobjcfg -a -n azurectl -s 48 azure
fsobjcfg -a -o azurepath -i blob.core.windows.net -e https -u PATH \
     -t AZURE -n azurectl
fsobjcfg -a -b az-container -t AZURE -c 1 -f AZ0001 -U username \
     -P password -O azure_block_blob -S AZURE -Y STANDARD azure
fsobjcfg -a -b az-container -t AZURE -c 2 -f AZ0002 -U username \
     -P password -O azure_block_blob_archive -S AZURE -Y STANDARD azure

Configure an AWS Object Storage destination, followed by a namespace corresponding to AWS bucket, bucket-1, requesting V4 signing, standard authentication, and the standard storage class :

fsobjcfg -a -i s3.amazonaws.com -v AWS -p 443 -e https aws
fsobjcfg -a -n awsctl -s 48 aws
fsobjcfg -a -o awspath -i s3-us-west-2.amazonaws.com -e https \
      -u VHOST -t AWS -n awsctl
fsobjcfg -a -b bucket-1 -t AWS -c 1 -f AWS0001 -U username \
      -P password -O standard -S V4 -Y STANDARD aws

Configure an AWS GovCloud Object Storage destination, followed by a namespace corresponding to AWS bucket govbucket-1, requesting V4 signing, AWS STS GovCloud authentication, and the standard storage class :

fsobjcfg -a -i s3-us-gov-west-1.amazonaws.com -v AWS -p 443 \
     -e https awsgov
fsobjcfg -a -n awsctl -s 48 awsgov
fsobjcfg -a -o awspath -i s3-us-gov-west-1.amazonaws.com -e https \
     -u VHOST -t AWS -n awsctl
fsobjcfg -a -b govbucket-1 -t AWS -c 1 -f AWS0000 -U username \
     -P password -O standard -S V4 -Y STS_GOVCLOUD -D 3600 \
     -R arn:aws-us-gov:iam::123456789012:role/gov-role awsgov

Configure a Commercial Cloud Services Object Storage destination, followed by a namespace corresponding to AWS bucket c2sbucket-1, requesting V4 signing, CAP authentication and the AWS Glacier storage class :

showsysparm FS_OBJSTORAGE_C2S_CAP_HOSTPORT
FS_OBJSTORAGE_C2S_CAP_HOSTPORT=ec2-12-34-567-89.us-west-2.compute.amazonaws.com:443

showsysparm FS_OBJSTORAGE_CLIENTCERT
FS_OBJSTORAGE_CLIENTCERT=/root/ec2-client.pem

fsobjcfg -a -i s3.amazonaws.com -v AWS -p 443 -e https awsc2s
fsobjcfg -a -n awsctl -s 48 awsc2s
fsobjcfg -a -o awspath -i c2sbucket-1_region_endpoint -e https \
       -u VHOST -t AWS -n awsctl
fsobjcfg -a -b c2sbucket-1 -t AWS -c 1 -f C2S0001 -O glacier -S V4 \
       -Y CAP -R myrole -D 3600 -M mission -A agency awsc2s

Configure a GOOGLES3 Object Storage destination, followed by a namespace corresponding to GOOGLE bucket googbucket-1 :

fsobjcfg -a -i storage.googleapis.com -v GOOGLE -p 443 \
       -e https google
fsobjcfg -a -n googlectl google
fsobjcfg -a -o googlepath -i storage.googleapis.com -e https \
       -u VHOST -t GOOGLES3 -n googlectl
fsobjcfg -a -b googbucket-1 -t GOOGLES3 -c 1 \
       -U username -P password google

Configure a GOOGLE Object Storage destination, followed by a namespace corresponding to GOOGLE bucket google-0 :

fsobjcfg -a -i storage.googleapis.com -v GOOGLE -p 443 \
       -e https google
fsobjcfg -a -n googlectl google
fsobjcfg -a -o googlepath -i storage.googleapis.com -e https \
       -u VHOST -t GOOGLE -n googlectl
fsobjcfg -a -b google-0 -t GOOGLE -f GGL0000 -c 1 -D 3600 \
       -K /keys/StorNext-1d5684e5cf83.json google

FILES

/usr/cvfs/config/awsregions.json
/usr/adic/TSM/config/fs_sysparm.README
/usr/adic/TSM/config/fs_sysparm

SEE ALSO

fschstate(1), fschmedstate(1), fsrminfo(1), fsazure(1)