Using MCG or Noobaa as a backup storage location

Create an MCG or Noobaa S3 target backup storage location.

Procedure

  1. Log in to Red Hat® OpenShift® Container Platform.
  2. Go to Storage > Object Bucket Claims.
  3. In the Create ObjectBucketClaim page, create an Object Bucket claim with the following details: capture credential details.
    ObjectBucketClaim Name
    Enter the name of the Object Bucket Claim. If you do not enter a value, a generic name gets generated.
    StorageClass
    Select openshift-storage.noobaa.io class. It defines the object storage service and the bucket provision.
    BucketClass
    Select noobaa-default-bucket-class.
  4. Click Create.
  5. Note down the Object Bucket Claim credentials like Endpoint, Bucket Name, Access Key, Secret key.
  6. Extract the certificate from an S3 compliant service to a file. Use the openssl command to extract the certificate into the file tls.crt.
    Note: Ensure that the file name must be tls.crt.
    
    openssl s_client -connect <s3-service-name>-<s3-service-namespace>.apps.<fusion-hostname>.<domainname>:443 -showcerts \ | sed -n '/BEGIN CERTIFICATE/,/END CERTIFICATE/p' > tls.crt
    For example, use the opensslcommand to extract the certificate from the MCG/Noobaa service.
    
    export s3_url=$(oc get routes.route.openshift.io -n openshift-storage s3 -o jsonpath='{.spec.host}'):443
    echo $s3_url
    openssl s_client -connect $s3_url -showcerts \ | sed -n '/BEGIN CERTIFICATE/,/END CERTIFICATE/p' > tls.crt
  7. Run the OC command to create a generic secret in the IBM Storage Fusion namespace by using the tls.crt file.
    oc create secret generic <secret-name> --type=opaque --from-file=tls.crt -n <fusion-namespace>
    For example, in the default IBM Storage Fusion namespace ibm-spectrum-fusion-ns:
    oc create secret generic bsl-cert --type=opaque --from-file=tls.crt -n ibm-spectrum-fusion-ns
    
  8. Log in to IBM Storage Fusion user interface.
  9. From the menu, click Backup & restore > Locations.
  10. In the Locations page, click Add location.
    The Add a backup location wizard page is displayed.
  11. Enter the Login credentials and Certificate settings to create a backup storage location.
    In the Secret Name for Certificate field, enter the secret name created in step 7.
  12. After the backup storage location is created, go to the Locations page and check whether the status is Connected.