Adding an IBM COS namespace bucket using YAML
Add an IBM COS namespace bucket using a YAML file.
Before you begin
- Install OpenShift Container Platform with Fusion Data Foundation operator.
- Access to the Multicloud Object Gateway (MCG), see Accessing the Multicloud Object Gateway with your applications.
Procedure
- Create a secret with the credentials:
apiVersion: v1 kind: Secret metadata: name: <namespacestore-secret-name> type: Opaque data: IBM_COS_ACCESS_KEY_ID: <IBM COS ACCESS KEY ID ENCODED IN BASE64> IBM_COS_SECRET_ACCESS_KEY: <IBM COS SECRET ACCESS KEY ENCODED IN BASE64>
- namespacestore-secret-name
-
A unique NamespaceStore name.
- IBM COS ACCESS KEY ID ENCODED IN BASE64
- IBM COS SECRET ACCESS KEY ENCODED IN BASE64
- You must provide and encode your own IBM COS access key ID and secret access key using
Base64
, and use the results in place of IBM COS ACCESS KEY ID ENCODED IN BASE64 and IBM COS SECRET ACCESS KEY ENCODED IN BASE64
- Create a NamespaceStore resource using OpenShift custom resource definitions (CRDs).
A NamespaceStore represents underlying storage to be used as a
read
orwrite
target for the data in the MCG namespace buckets.To create a NamespaceStore resource, apply the following YAML:apiVersion: noobaa.io/v1alpha1 kind: NamespaceStore metadata: finalizers: - noobaa.io/finalizer labels: app: noobaa name: bs namespace: openshift-storage spec: s3Compatible: endpoint: <IBM COS ENDPOINT> secret: name: <namespacestore-secret-name> namespace: <namespace-secret> signatureVersion: v2 targetBucket: <target-bucket> type: ibm-cos
- IBM COS ENDPOINT
-
The appropriate IBM COS endpoint.
- namespacestore-secret-name
-
The secret created in step 1.
- namespace-secret
-
The namespace where the secret can be found.
- target-bucket
-
The target bucket you created for the NamespaceStore.
- Create a namespace bucket class that defines a namespace
policy for the namespace buckets. The namespace policy requires a type of either single or multi.
-
A namespace policy of type single requires the following configuration:
apiVersion: noobaa.io/v1alpha1 kind: BucketClass metadata: labels: app: noobaa name: <my-bucket-class> namespace: openshift-storage spec: namespacePolicy: type: single: resource: <resource>
- my-bucket-class
-
The unique namespace bucket class name.
- resource
-
The name of a single NamespaceStore that defines the read and write target of the namespace bucket.
-
A namespace policy of type multi requires the following configuration:
apiVersion: noobaa.io/v1alpha1 kind: BucketClass metadata: labels: app: noobaa name: my-bucket-class namespace: openshift-storage spec: namespacePolicy: type: Multi multi: writeResource: <write-resource> readResources: - <read-resources> - <read-resources>
- my-bucket-class
-
A unique bucket class name.
- write-resource
-
The name of a single NamespaceStore that defines the
write
target of the namespace bucket. - read-resources
-
A list of the names of the NamespaceStores that defines the
read
targets of the namespace bucket.
-
- Create a bucket using an Object Bucket Class (OBC) resource. Use the bucket class defined in the earlier step using the following YAML:
apiVersion: objectbucket.io/v1alpha1 kind: ObjectBucketClaim metadata: name: <resource-name> namespace: openshift-storage spec: generateBucketName: <my-bucket> storageClassName: openshift-storage.noobaa.io additionalConfig: bucketclass: <my-bucket-class>
- resource-name
-
The name you want to give to the resource.
- my-bucket
-
The name you want to give to the bucket.
- my-bucket-class
-
The bucket class created in the previous step.
After the OBC is provisioned by the operator, a bucket is created in the MCG, and the operator creates aSecret
andConfigMap
with the same name and in the same namespace as that of the OBC.