Enabling Container Mode with an existing system

About this task

The conversion process is only needed if one or more standard vaults exist in the system and there's a desire for them to be container vaults. Before you enable Container Mode and initiating a vault conversion, it is highly recommended that you familiarize yourself with the differences in how the system operates in Container Mode. Moving from a system that uses vault level I/O to one that uses container level I/O is a significant change. It cannot be undone.

Standard vaults are not converted directly to container vaults. Instead, access pools are selected for conversion. When an access pool is selected, all of its vaults are converted from standard to container vaults. If a single vault is deployed to multiple access pools, it is not possible to convert only a subset of the access pools. All of them must be converted. An alternative option is to remove one or more of the access pools from the vault's deployments before you start a conversion.

During the conversion process, the Cloud Object Storage Manager does not allow configuration changes to be made.

I/O to existing vaults do not operate any differently when the conversion process is ongoing. If the vault is being converted to a container vault as a part of the process, any I/O initiated while the vault was a standard vault (before conversion, for example) succeeds normally, even if the vault becomes a container vault before the I/O is completed. After the vault is converted into a container vault, traditional vault level I/O will no longer be possible: container level I/O must be used.

Procedure

  1. Create a service vault.
    The service vault is needed for Container Mode. It is used to store metadata that is related to containers, storage accounts, and access keys. It must be created, but needs to be created only one time.
  2. Configure the Service API.
  3. Specify the ACL behavior for converted containers.
    For more information, see Access control list.
  4. Ensure that the bucket owner is correct.
  5. Optional: containermodeguide_containermode_restrictowneroperations.html.
  6. Ensure that all vaults that are deployed to the selected access pool satisfy all Conversion compatibility requirements.
  7. Configure the Container Mode conversion options:
    • DNS-compliant only containers.
    • Create only container vaults.
    • Whether to transfer IP access control and hard quota to container vault or container.
  8. Progressively convert standard vaults into container vaults

What to do next

After an access pool is converted, each of its deployed vaults will be container vaults. New I/O at the vault level is no longer possible on the vaults. Objects must be accessed by using container I/O methods, which require the use of account access keys. To ensure a smooth conversion, you should start the system by using access keys for vault I/O before you convert to Container Mode. Only container vaults can be deployed to the access pool.