Adding an AWS S3 namespace bucket using YAML
Add an AWS S3 namespace bucket using a YAML file.
Before you begin
- Install OpenShift Container Platform with Fusion Data Foundation operator.
- Ensure you have access to the Multicloud Object Gateway (MCG), see Accessing the Multicloud Object Gateway with your applications.
Procedure
- Create a secret with the credentials:
apiVersion: v1 kind: Secret metadata: name: <namespacestore-secret-name> type: Opaque data: AWS_ACCESS_KEY_ID: <AWS ACCESS KEY ID ENCODED IN BASE64> AWS_SECRET_ACCESS_KEY: <AWS SECRET ACCESS KEY ENCODED IN BASE64>
- namespacestore-secret-name
- Is a unique NamespaceStore name.
- AWS ACCESS KEY ID ENCODED IN BASE64
- AWS SECRET ACCESS KEY ENCODED IN BASE64
- You must provide and encode your own AWS access key ID and secret access key using
Base64
, and use the results in place of AWS ACCESS KEY ID ENCODED IN BASE64 and AWS SECRET ACCESS KEY ENCODED IN BASE64.
- Create a NamespaceStore resource using OpenShift custom resource definitions (CRDs).
A NamespaceStore represents underlying storage to be used as a
read
orwrite
target for the data in the MCG namespace buckets.To create a NamespaceStore resource, apply the following YAML:apiVersion: noobaa.io/v1alpha1 kind: NamespaceStore metadata: finalizers: - noobaa.io/finalizer labels: app: noobaa name: <resource-name> namespace: openshift-storage spec: awsS3: secret: name: <namespacestore-secret-name> namespace: <namespace-secret> targetBucket: <target-bucket> type: aws-s3
- resource-name
-
The name you want to give to the resource.
- namespacestore-secret-name
-
The secret created in the previous step.
- namespace-secret
-
The namespace where the secret can be found.
- target-bucket
-
The target bucket you created for the NamespaceStore.
- Create a namespace bucket class that defines a namespace
policy for the namespace buckets. The namespace policy requires a type of either single or multi.
-
A namespace policy of type single requires the following configuration:
apiVersion: noobaa.io/v1alpha1 kind: BucketClass metadata: labels: app: noobaa name: <my-bucket-class> namespace: openshift-storage spec: namespacePolicy: type: single: resource: <resource>
- my-bucket-class
-
The unique namespace bucket class name.
- resource
-
The name of a single NamespaceStore that defines the read and write target of the namespace bucket.
-
A namespace policy of type multi requires the following configuration:
apiVersion: noobaa.io/v1alpha1 kind: BucketClass metadata: labels: app: noobaa name: my-bucket-class namespace: openshift-storage spec: namespacePolicy: type: Multi multi: writeResource: <write-resource> readResources: - <read-resources> - <read-resources>
- my-bucket-class
-
A unique bucket class name.
- write-resource
-
The name of a single NamespaceStore that defines the
write
target of the namespace bucket. - read-resources
-
A list of the names of the NamespaceStores that defines the
read
targets of the namespace bucket.
-
- Create a bucket using an Object Bucket Class (OBC) resource. Use the bucket class defined in the earlier step using the following YAML:
apiVersion: objectbucket.io/v1alpha1 kind: ObjectBucketClaim metadata: name: <resource-name> namespace: openshift-storage spec: generateBucketName: <my-bucket> storageClassName: openshift-storage.noobaa.io additionalConfig: bucketclass: <my-bucket-class>
- resource-name
-
The name you want to give to the resource.
- my-bucket
-
The name you want to give to the bucket.
- my-bucket-class
-
The bucket class created in the previous step.
After the OBC is provisioned by the operator, a bucket is created in the MCG, and the operator creates aSecret
andConfigMap
with the same name and in the same namespace as that of the OBC.