Skip to main content
Version: 3.1

Create buckets using the Portworx Object Service

This page describes how to create and provide access to a Portworx Bucket Claim using either AWS S3 or Pure FlashBlade.

AWS S3

Use the following steps to get started with dynamically provisioned buckets.

Provision a new bucket

  1. Create a new file named pxbucketclass.yaml, replacing region and object.portworx.io/endpoint with your desired AWS S3 region and endpoint:

    apiVersion: object.portworx.io/v1alpha1
    kind: PXBucketClass
    metadata:
    name: pbclass-s3
    region: us-west-1
    deletionPolicy: Delete
    parameters:
    object.portworx.io/backend-type: S3Driver
    object.portworx.io/endpoint: s3.us-west-1.amazonaws.com
  2. Create the PXBucketClass object:

    kubectl apply -f pxbucketclass.yaml
  3. Create a new file named pxbucketclaim.yaml:

    apiVersion: object.portworx.io/v1alpha1
    kind: PXBucketClaim
    metadata:
    name: s3-pbc
    namespace: default
    spec:
    bucketClassName: pbclass-s3
  4. Create the PXBucketClaim object:

    kubectl apply -f pxbucketclaim.yaml
  5. Once the bucket is provisioned, its PROVISIONED state will be listed as true in the CustomResource:

    kubectl get pxbucketclaim
    NAME     PROVISIONED   BUCKETID                                     BACKENDTYPE
    s3-pbc true px-os-06663fb0-d1bb-4b8a-914c-ac6595c2b721 S3Driver

Provide Access to the PXBucketClaim

  1. Create a new file named pxbucketaccess.yaml:

    apiVersion: object.portworx.io/v1alpha1
    kind: PXBucketAccess
    metadata:
    name: s3-pba
    namespace: default
    spec:
    bucketClassName: pbclass-s3
    bucketClaimName: s3-pbc
  2. Once the bucket access is granted, its ACCESSGRANTED state will be marked as true in the CustomResource:

    kubectl get pxbucketaccess
    NAME     ACCESSGRANTED   CREDENTIALSSECRETNAME      BUCKETID                                     BACKENDTYPE
    s3-pba true px-os-credentials-s3-pba px-os-06663fb0-d1bb-4b8a-914c-ac6595c2b721 S3Driver
  3. A secret px-os-credentials-s3-pba is created with all nessesary bucket info:

    kubectl get secret px-os-credentials-s3-pba -o yaml
    apiVersion: v1
    data:
    access-key-id: <access-key-id>
    bucket-id: <bucket-id>
    endpoint: <endpoint>
    region: <region>
    secret-access-key: <secret-access-key>
    kind: Secret
    metadata:
    creationTimestamp: "2022-08-03T21:27:25Z"
    finalizers:
    - finalizers.object.portworx.io/access-secret
    name: px-os-credentials-s3-pba
    namespace: default
    resourceVersion: "16022682"
    uid: 49aecbbd-c911-48cf-95ea-9e9d30aba97c
    type: Opaque

Pure FlashBlade

Use the following steps to get started with dynamically provisioned buckets.

Provision a new bucket

  1. Create a new file named pxbucketclass.yaml, removing region and replacing object.portworx.io/endpoint with your desired Pure FlashBlade endpoint:

    apiVersion: object.portworx.io/v1alpha1
    kind: PXBucketClass
    metadata:
    name: pbclass-fb
    deletionPolicy: Delete
    parameters:
    object.portworx.io/backend-type: PureFBDriver
    object.portworx.io/endpoint: fb.s3.example.com
  2. Create the PXBucketClass object:

    kubectl apply -f pxbucketclass.yaml
  3. Create a new file named pxbucketclaim.yaml:

    apiVersion: object.portworx.io/v1alpha1
    kind: PXBucketClaim
    metadata:
    name: fb-pbc
    namespace: default
    spec:
    bucketClassName: pbclass-fb
  4. Create the PXBucketClaim object:

    kubectl apply -f pxbucketclaim.yaml
  5. Once the bucket is provisioned, its PROVISIONED state will be listed as true in the CustomResource:

    kubectl get pxbucketclaim
    NAME     PROVISIONED   BUCKETID                                     BACKENDTYPE
    fb-pbc true px-os-06663fb0-d1bb-4b8a-914c-ac6595c2b721 PureFBDriver

Provide access to the PXBucketClaim

  1. Create a new file named pxbucketaccess.yaml:

    apiVersion: object.portworx.io/v1alpha1
    kind: PXBucketAccess
    metadata:
    name: fb-pba
    namespace: default
    spec:
    bucketClassName: pbclass-fb
    bucketClaimName: fb-pbc
  2. Once the bucket access is granted, its ACCESSGRANTED state will be marked as true in the CustomResource:

    kubectl get pxbucketaccess
    NAME     ACCESSGRANTED   CREDENTIALSSECRETNAME      BUCKETID                                     BACKENDTYPE
    fb-pba true px-os-credentials-fb-pba px-os-06663fb0-d1bb-4b8a-914c-ac6595c2b721 PureFBDriver
  3. A secret px-os-credentials-fb-pba is created with all nessesary bucket info:

    kubectl get secret px-os-credentials-fb-pba -o yaml
    apiVersion: v1
    data:
    access-key-id: <access-key-id>
    bucket-id: <bucket-id>
    endpoint: <endpoint>
    secret-access-key: <secret-access-key>
    kind: Secret
    metadata:
    creationTimestamp: "2022-08-03T21:27:25Z"
    finalizers:
    - finalizers.object.portworx.io/access-secret
    name: px-os-credentials-fb-pba
    namespace: default
    resourceVersion: "16022682"
    uid: 49aecbbd-c911-48cf-95ea-9e9d30aba97c
    type: Opaque
Was this page helpful?