Using MCG or Noobaa as a backup storage location
Create an MCG or Noobaa S3 target backup storage location.
Procedure
- Log in to Red Hat® OpenShift® Container Platform.
- Go to Storage > Object Bucket Claims.
- In the Create ObjectBucketClaim page, create an Object Bucket claim
with the following details: capture credential details.
- ObjectBucketClaim Name
- Enter the name of the Object Bucket Claim. If you do not enter a value, a generic name gets generated.
- StorageClass
- Select
openshift-storage.noobaa.io
class. It defines the object storage service and the bucket provision.
- BucketClass
- Select
noobaa-default-bucket-class
.
- Click Create.
- Note down the Object Bucket Claim credentials like Endpoint, Bucket Name, Access Key, Secret key.
- Extract the certificate from an S3 compliant service to a file. Use the
openssl
command to extract the certificate into the filetls.crt
.Note: Ensure that the file name must betls.crt
.openssl s_client -connect <s3-service-name>-<s3-service-namespace>.apps.<fusion-hostname>.<domainname>:443 -showcerts \ | sed -n '/BEGIN CERTIFICATE/,/END CERTIFICATE/p' > tls.crt
For example, use theopenssl
command to extract the certificate from theMCG/Noobaa
service.export s3_url=$(oc get routes.route.openshift.io -n openshift-storage s3 -o jsonpath='{.spec.host}'):443 echo $s3_url openssl s_client -connect $s3_url -showcerts \ | sed -n '/BEGIN CERTIFICATE/,/END CERTIFICATE/p' > tls.crt
- Run the OC command to create a generic secret in the IBM
Storage Fusion namespace by using the
tls.crt
file.oc create secret generic <secret-name> --type=opaque --from-file=tls.crt -n <fusion-namespace>
For example, in the default IBM Storage Fusion namespaceibm-spectrum-fusion-ns
:oc create secret generic bsl-cert --type=opaque --from-file=tls.crt -n ibm-spectrum-fusion-ns
- Log in to IBM Storage Fusion user interface.
- From the menu, click Backup & restore > Locations.
- In the Locations page, click Add location.
The Add a backup location wizard page is displayed.
- Enter the Login credentials and Certificate
settings to create a backup storage location. In the Secret Name for Certificate field, enter the secret name created in step 7.
- After the backup storage location is created, go to the Locations page and check whether the status is Connected.