Skip to main content
Version: 3.2

Create buckets using the Portworx Object Service in Rancher

This page describes how to create and provide access to a Portworx Bucket Claim using AWS S3

AWS S3

Use the following steps to get started with dynamically provisioned buckets.

Provision a new bucket

  1. Create a new file named pxbucketclass.yaml, replacing region and object.portworx.io/endpoint with your desired AWS S3 region and endpoint:

    apiVersion: object.portworx.io/v1alpha1
    kind: PXBucketClass
    metadata:
      name: pbclass-s3
    region: us-west-1
    deletionPolicy: Delete
    parameters:
      object.portworx.io/backend-type: S3Driver
      object.portworx.io/endpoint: s3.us-west-1.amazonaws.com

  2. Create the PXBucketClass object:

    kubectl apply -f pxbucketclass.yaml

  3. Create a new file named pxbucketclaim.yaml:

    apiVersion: object.portworx.io/v1alpha1
    kind: PXBucketClaim
    metadata:
      name: s3-pbc
      namespace: default
    spec:
      bucketClassName: pbclass-s3

  4. Create the PXBucketClaim object:

    kubectl apply -f pxbucketclaim.yaml

  5. Once the bucket is provisioned, its PROVISIONED state will be listed as true in the CustomResource:

    kubectl get pxbucketclaim

    NAME     PROVISIONED   BUCKETID                                     BACKENDTYPE
    s3-pbc   true          px-os-xxxxxxxx-xxxx-xxxx-xxxx-ac6595c2b721   S3Driver

Provide Access to the PXBucketClaim

  1. Create a new file named pxbucketaccess.yaml:

    apiVersion: object.portworx.io/v1alpha1
    kind: PXBucketAccess
    metadata:
      name: s3-pba
      namespace: default
    spec:
      bucketClassName: pbclass-s3
      bucketClaimName: s3-pbc

  2. Once the bucket access is granted, its ACCESSGRANTED state will be marked as true in the CustomResource:

kubectl get pxbucketaccess

NAME     ACCESSGRANTED   CREDENTIALSSECRETNAME      BUCKETID                                     BACKENDTYPE
s3-pba   true            px-os-credentials-s3-pba   px-os-xxxxxxxx-xxxx-xxxx-xxxx-ac6595c2b721   S3Driver
  1. A secret px-os-credentials-s3-pba is created with all nessesary bucket info:

kubectl get secret px-os-credentials-s3-pba -o yaml

apiVersion: v1
data:
  access-key-id: <access-key-id>
  bucket-id: <bucket-id>
  endpoint: <endpoint>
  region: <region>
  secret-access-key: <secret-access-key>
kind: Secret
metadata:
  creationTimestamp: "2022-08-03T21:27:25Z"
  finalizers:
  - finalizers.object.portworx.io/access-secret
  name: px-os-credentials-s3-pba
  namespace: default
  resourceVersion: "16022682"
  uid: xxxxxxxx-xxxx-xxxx-xxxx-9e9d30aba97c
type: Opaque