Adding an AWS S3 namespace bucket using YAML

Add an AWS S3 namespace bucket using a YAML file.

1. Create a secret with the credentials:

   apiVersion: v1
   kind: Secret
   metadata:
     name: <namespacestore-secret-name>
     type: Opaque
   data:
     AWS_ACCESS_KEY_ID: <AWS ACCESS KEY ID ENCODED IN BASE64>
     AWS_SECRET_ACCESS_KEY: <AWS SECRET ACCESS KEY ENCODED IN BASE64>

   namespacestore-secret-name

   Is a unique NamespaceStore name.

   AWS ACCESS KEY ID ENCODED IN BASE64

   AWS SECRET ACCESS KEY ENCODED IN BASE64

   You must provide and encode your own AWS access key ID and secret access key using Base64, and use the results in place of AWS ACCESS KEY ID ENCODED IN BASE64 and AWS SECRET ACCESS KEY ENCODED IN BASE64.

2. Create a NamespaceStore resource using OpenShift custom resource definitions (CRDs).

   A NamespaceStore represents underlying storage to be used as a read or write target for the data in the MCG namespace buckets.

   To create a NamespaceStore resource, apply the following YAML:

   apiVersion: noobaa.io/v1alpha1
   kind: NamespaceStore
   metadata:
     finalizers:
     - noobaa.io/finalizer
     labels:
       app: noobaa
     name: <resource-name>
     namespace: openshift-storage
   spec:
     awsS3:
       secret:
         name: <namespacestore-secret-name>
         namespace: <namespace-secret>
       targetBucket: <target-bucket>
     type: aws-s3

   resource-name

   The name you want to give to the resource.

   namespacestore-secret-name

   The secret created in the previous step.

   namespace-secret

   The namespace where the secret can be found.

   target-bucket

   The target bucket you created for the NamespaceStore.

3. Create a namespace bucket class that defines a namespace policy for the namespace buckets.
   The namespace policy requires a type of either single or multi.

   • A namespace policy of type single requires the following configuration:

     apiVersion: noobaa.io/v1alpha1
     kind: BucketClass
     metadata:
       labels:
         app: noobaa
       name: <my-bucket-class>
       namespace: openshift-storage
     spec:
       namespacePolicy:
         type:
         single:
           resource: <resource>

     my-bucket-class

     The unique namespace bucket class name.

     resource

     The name of a single NamespaceStore that defines the read and write target of the namespace bucket.

   • A namespace policy of type multi requires the following configuration:

     apiVersion: noobaa.io/v1alpha1
     
     kind: BucketClass
     metadata:
       labels:
         app: noobaa
       name: my-bucket-class
       namespace: openshift-storage
     spec:
       namespacePolicy:
         type: Multi
         multi:
           writeResource: <write-resource>
           readResources:
           - <read-resources>
           - <read-resources>

     my-bucket-class

     A unique bucket class name.

     write-resource

     The name of a single NamespaceStore that defines the write target of the namespace bucket.

     read-resources

     A list of the names of the NamespaceStores that defines the read targets of the namespace bucket.

4. Create a bucket using an Object Bucket Class (OBC) resource.
   Use the bucket class defined in the earlier step using the following YAML:

   apiVersion: objectbucket.io/v1alpha1
   kind: ObjectBucketClaim
   metadata:
     name: <resource-name>
     namespace: openshift-storage
   spec:
     generateBucketName: <my-bucket>
     storageClassName: openshift-storage.noobaa.io
     additionalConfig:
       bucketclass: <my-bucket-class>

   resource-name

   The name you want to give to the resource.

   my-bucket

   The name you want to give to the bucket.

   my-bucket-class

   The bucket class created in the previous step.

   After the OBC is provisioned by the operator, a bucket is created in the MCG, and the operator creates a Secret and ConfigMap with the same name and in the same namespace as that of the OBC.