Create buckets using the Portworx Object Service
This page describes how to create and provide access to a Portworx Bucket Claim using either AWS S3 or Pure FlashBlade.
AWS S3
Use the following steps to get started with dynamically provisioned buckets.
Provision a new bucket
Create a new file named
pxbucketclass.yaml
, replacingregion
andobject.portworx.io/endpoint
with your desired AWS S3 region and endpoint:apiVersion: object.portworx.io/v1alpha1
kind: PXBucketClass
metadata:
name: pbclass-s3
region: us-west-1
deletionPolicy: Delete
parameters:
object.portworx.io/backend-type: S3Driver
object.portworx.io/endpoint: s3.us-west-1.amazonaws.comCreate the PXBucketClass object:
kubectl apply -f pxbucketclass.yaml
Create a new file named
pxbucketclaim.yaml
:apiVersion: object.portworx.io/v1alpha1
kind: PXBucketClaim
metadata:
name: s3-pbc
namespace: default
spec:
bucketClassName: pbclass-s3Create the PXBucketClaim object:
kubectl apply -f pxbucketclaim.yaml
Once the bucket is provisioned, its
PROVISIONED
state will be listed astrue
in theCustomResource
:kubectl get pxbucketclaim
NAME PROVISIONED BUCKETID BACKENDTYPE
s3-pbc true px-os-06663fb0-d1bb-4b8a-914c-ac6595c2b721 S3Driver
Provide Access to the PXBucketClaim
Create a new file named
pxbucketaccess.yaml
:apiVersion: object.portworx.io/v1alpha1
kind: PXBucketAccess
metadata:
name: s3-pba
namespace: default
spec:
bucketClassName: pbclass-s3
bucketClaimName: s3-pbcOnce the bucket access is granted, its
ACCESSGRANTED
state will be marked astrue
in the CustomResource:kubectl get pxbucketaccess
NAME ACCESSGRANTED CREDENTIALSSECRETNAME BUCKETID BACKENDTYPE
s3-pba true px-os-credentials-s3-pba px-os-06663fb0-d1bb-4b8a-914c-ac6595c2b721 S3DriverA secret
px-os-credentials-s3-pba
is created with all nessesary bucket info:kubectl get secret px-os-credentials-s3-pba -o yaml
apiVersion: v1
data:
access-key-id: <access-key-id>
bucket-id: <bucket-id>
endpoint: <endpoint>
region: <region>
secret-access-key: <secret-access-key>
kind: Secret
metadata:
creationTimestamp: "2022-08-03T21:27:25Z"
finalizers:
- finalizers.object.portworx.io/access-secret
name: px-os-credentials-s3-pba
namespace: default
resourceVersion: "16022682"
uid: 49aecbbd-c911-48cf-95ea-9e9d30aba97c
type: Opaque
Pure FlashBlade
Use the following steps to get started with dynamically provisioned buckets.
Provision a new bucket
Create a new file named
pxbucketclass.yaml
, removingregion
and replacingobject.portworx.io/endpoint
with your desired Pure FlashBlade endpoint:apiVersion: object.portworx.io/v1alpha1
kind: PXBucketClass
metadata:
name: pbclass-fb
deletionPolicy: Delete
parameters:
object.portworx.io/backend-type: PureFBDriver
object.portworx.io/endpoint: fb.s3.example.comCreate the PXBucketClass object:
kubectl apply -f pxbucketclass.yaml
Create a new file named
pxbucketclaim.yaml
:apiVersion: object.portworx.io/v1alpha1
kind: PXBucketClaim
metadata:
name: fb-pbc
namespace: default
spec:
bucketClassName: pbclass-fbCreate the PXBucketClaim object:
kubectl apply -f pxbucketclaim.yaml
Once the bucket is provisioned, its
PROVISIONED
state will be listed astrue
in the CustomResource:kubectl get pxbucketclaim
NAME PROVISIONED BUCKETID BACKENDTYPE
fb-pbc true px-os-06663fb0-d1bb-4b8a-914c-ac6595c2b721 PureFBDriver
Provide access to the PXBucketClaim
Create a new file named
pxbucketaccess.yaml
:apiVersion: object.portworx.io/v1alpha1
kind: PXBucketAccess
metadata:
name: fb-pba
namespace: default
spec:
bucketClassName: pbclass-fb
bucketClaimName: fb-pbcOnce the bucket access is granted, its
ACCESSGRANTED
state will be marked astrue
in the CustomResource:kubectl get pxbucketaccess
NAME ACCESSGRANTED CREDENTIALSSECRETNAME BUCKETID BACKENDTYPE
fb-pba true px-os-credentials-fb-pba px-os-06663fb0-d1bb-4b8a-914c-ac6595c2b721 PureFBDriverA secret
px-os-credentials-fb-pba
is created with all nessesary bucket info:kubectl get secret px-os-credentials-fb-pba -o yaml
apiVersion: v1
data:
access-key-id: <access-key-id>
bucket-id: <bucket-id>
endpoint: <endpoint>
secret-access-key: <secret-access-key>
kind: Secret
metadata:
creationTimestamp: "2022-08-03T21:27:25Z"
finalizers:
- finalizers.object.portworx.io/access-secret
name: px-os-credentials-fb-pba
namespace: default
resourceVersion: "16022682"
uid: 49aecbbd-c911-48cf-95ea-9e9d30aba97c
type: Opaque