Portworx
PORTWORX.COM

Create buckets using the Portworx Object Service

This page describes how to create and provide access to a Portworx Bucket Claim using either AWS S3 or Pure FlashBlade.

AWS S3

Use the following steps to get started with dynamically provisioned buckets.

Provision a new bucket

  1. Create a new file named pxbucketclass.yaml, replacing region and object.portworx.io/endpoint with your desired AWS S3 region and endpoint:

    apiVersion: object.portworx.io/v1alpha1
kind: PXBucketClass
metadata:
  name: pbclass-s3
region: us-west-1
deletionPolicy: Delete
parameters:
  object.portworx.io/backend-type: S3Driver
  object.portworx.io/endpoint: s3.us-west-1.amazonaws.com

  2. Create the PXBucketClass object:

    kubectl apply -f pxbucketclass.yaml

  3. Create a new file named pxbucketclaim.yaml:

    apiVersion: object.portworx.io/v1alpha1
kind: PXBucketClaim
metadata:
  name: s3-pbc
  namespace: default
spec:
  bucketClassName: pbclass-s3

  4. Create the PXBucketClaim object:

    kubectl apply -f pxbucketclaim.yaml

  5. Once the bucket is provisioned, its PROVISIONED state will be listed as true in the CustomResource:

    kubectl get pxbucketclaim
    NAME     PROVISIONED   BUCKETID                                     BACKENDTYPE
s3-pbc   true          px-os-06663fb0-d1bb-4b8a-914c-ac6595c2b721   S3Driver

Provide Access to the PXBucketClaim

  1. Create a new file named pxbucketaccess.yaml:

    apiVersion: object.portworx.io/v1alpha1
kind: PXBucketAccess
metadata:
  name: s3-pba
  namespace: default
spec:
  bucketClassName: pbclass-s3
  bucketClaimName: s3-pbc

  2. Once the bucket access is granted, its ACCESSGRANTED state will be marked as true in the CustomResource:

    kubectl get pxbucketaccess
    NAME     ACCESSGRANTED   CREDENTIALSSECRETNAME      BUCKETID                                     BACKENDTYPE
s3-pba   true            px-os-credentials-s3-pba   px-os-06663fb0-d1bb-4b8a-914c-ac6595c2b721   S3Driver

  3. A secret px-os-credentials-s3-pba is created with all nessesary bucket info:

    kubectl get secret px-os-credentials-s3-pba -o yaml
    apiVersion: v1
data:
  access-key-id: <access-key-id>
  bucket-id: <bucket-id>
  endpoint: <endpoint>
  region: <region>
  secret-access-key: <secret-access-key>
kind: Secret
metadata:
  creationTimestamp: "2022-08-03T21:27:25Z"
  finalizers:
  - finalizers.object.portworx.io/access-secret
  name: px-os-credentials-s3-pba
  namespace: default
  resourceVersion: "16022682"
  uid: 49aecbbd-c911-48cf-95ea-9e9d30aba97c
type: Opaque

Pure FlashBlade

Use the following steps to get started with dynamically provisioned buckets.

Provision a new bucket

  1. Create a new file named pxbucketclass.yaml, removing region and replacing object.portworx.io/endpoint with your desired Pure FlashBlade endpoint:

    apiVersion: object.portworx.io/v1alpha1
kind: PXBucketClass
metadata:
  name: pbclass-fb
deletionPolicy: Delete
parameters:
  object.portworx.io/backend-type: PureFBDriver
  object.portworx.io/endpoint: fb.s3.example.com

  2. Create the PXBucketClass object:

    kubectl apply -f pxbucketclass.yaml

  3. Create a new file named pxbucketclaim.yaml:

    apiVersion: object.portworx.io/v1alpha1
kind: PXBucketClaim
metadata:
  name: fb-pbc
  namespace: default
spec:
  bucketClassName: pbclass-fb

  4. Create the PXBucketClaim object:

    kubectl apply -f pxbucketclaim.yaml

  5. Once the bucket is provisioned, its PROVISIONED state will be listed as true in the CustomResource:

    kubectl get pxbucketclaim
    NAME     PROVISIONED   BUCKETID                                     BACKENDTYPE
fb-pbc   true          px-os-06663fb0-d1bb-4b8a-914c-ac6595c2b721   PureFBDriver

Provide access to the PXBucketClaim

  1. Create a new file named pxbucketaccess.yaml:

    apiVersion: object.portworx.io/v1alpha1
kind: PXBucketAccess
metadata:
  name: fb-pba
  namespace: default
spec:
  bucketClassName: pbclass-fb
  bucketClaimName: fb-pbc

  2. Once the bucket access is granted, its ACCESSGRANTED state will be marked as true in the CustomResource:

    kubectl get pxbucketaccess
    NAME     ACCESSGRANTED   CREDENTIALSSECRETNAME      BUCKETID                                     BACKENDTYPE
fb-pba   true            px-os-credentials-fb-pba   px-os-06663fb0-d1bb-4b8a-914c-ac6595c2b721   PureFBDriver

  3. A secret px-os-credentials-fb-pba is created with all nessesary bucket info:

    kubectl get secret px-os-credentials-fb-pba -o yaml
    apiVersion: v1
data:
  access-key-id: <access-key-id>
  bucket-id: <bucket-id>
  endpoint: <endpoint>
  secret-access-key: <secret-access-key>
kind: Secret
metadata:
  creationTimestamp: "2022-08-03T21:27:25Z"
  finalizers:
  - finalizers.object.portworx.io/access-secret
  name: px-os-credentials-fb-pba
  namespace: default
  resourceVersion: "16022682"
  uid: 49aecbbd-c911-48cf-95ea-9e9d30aba97c
type: Opaque
arrow_back_ios Previous
Install Portworx Object service
Next arrow_forward_ios
Import existing buckets using the Portworx Object Service
Last edited: Monday, Jun 26, 2023
Questions? Visit the Portworx forum.