Ceph bucket

From UVOO Tech Wiki
Revision as of 15:31, 21 February 2025 by Busk (talk | contribs) (Created page with "Ceph Bucket ceph-bucket storage class WF ``` Workflow of ceph-bucket in Rook-Ceph 1. Define a CephObjectStore (Ceph RGW) Before creating a bucket, you must have a CephObjectSt...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Ceph Bucket ceph-bucket storage class WF 

Workflow of ceph-bucket in Rook-Ceph
1. Define a CephObjectStore (Ceph RGW)
Before creating a bucket, you must have a CephObjectStore, which represents the Ceph RGW (RADOS Gateway) instance running in your cluster.

Example CephObjectStore:

yaml
Copy
Edit
apiVersion: ceph.rook.io/v1
kind: CephObjectStore
metadata:
  name: my-store
  namespace: rook-ceph
spec:
  gateway:
    port: 80
    securePort: 443
    instances: 1
  metadataPool:
    replicated:
      size: 3
  dataPool:
    replicated:
      size: 3
This creates an RGW instance that will be responsible for serving S3 requests.

2. Create a CephObjectStoreUser
A user is required to interact with the S3 storage.

Example CephObjectStoreUser:

yaml
Copy
Edit
apiVersion: ceph.rook.io/v1
kind: CephObjectStoreUser
metadata:
  name: my-user
  namespace: rook-ceph
spec:
  store: my-store
  displayName: "My Object Store User"
Once applied, a Kubernetes secret is created that holds the access credentials (AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY).

3. Define a CephBucket (via ObjectBucketClaim)
To dynamically create a bucket, use an ObjectBucketClaim (OBC), which is managed by Rook's Object Bucket (OB) controller.

Example ObjectBucketClaim:

yaml
Copy
Edit
apiVersion: objectbucket.io/v1alpha1
kind: ObjectBucketClaim
metadata:
  name: my-bucket
  namespace: default
spec:
  generateBucketName: my-bucket
  storageClassName: rook-ceph-bucket
The storageClassName should match the Ceph Rook Object Store's storage class.
The bucket name is dynamically generated and bound to a CephBucket.
This creates:

A CephBucket in Ceph RGW.
A Secret containing the S3 credentials.
A ConfigMap with the S3 endpoint and bucket details.
4. Accessing the CephBucket
Once the ObjectBucketClaim is created, check the secret and config map:

bash
Copy
Edit
kubectl get secrets my-bucket -o yaml
kubectl get configmap my-bucket -o yaml
These contain:

S3 Endpoint (AWS_ENDPOINT)
Bucket Name
Access & Secret Key
You can then use tools like AWS CLI, MinIO Client, or S3 SDKs to interact with the bucket.

Example AWS CLI usage:

bash
Copy
Edit
export AWS_ACCESS_KEY_ID=<your-access-key>
export AWS_SECRET_ACCESS_KEY=<your-secret-key>
aws --endpoint-url=http://rook-ceph-rgw.default.svc:80 s3 ls
Summary
CephObjectStore = Ceph RGW service (S3-compatible).
CephObjectStoreUser = S3 user with access keys.
ObjectBucketClaim = Dynamically creates a CephBucket and credentials.
Rook-Ceph handles storage provisioning and lifecycle.
Retrieved from "https://tech.uvoo.io/index.php?title=Ceph_bucket&oldid=5509"