Ceph Object Gateway, S3 호환 Object Storage

Operator 설정

rook-ceph-values.yaml

rbacAggregate:
  enableOBCs: true

CephObjectStore 생성

Reference

• Rook / Object Storage Overview

apiVersion: ceph.rook.io/v1
kind: CephObjectStore
spec:
  metadataPool:
  dataPool:
  gateway:
    port: 80
    instances: 1
    priorityClassName: system-cluster-critical

• metadataPool
  • failureDomain: <crushType|osd>
    • 기본 값은 host입니다.
  • replicated
    • size: <size>
• dataPool
  • failureDomain: <crushType|osd>
    • 기본 값은 host입니다.
  • replicated
    • size: <size>
• gateway
  • port: <port>
  • instances: <replicas>
  • resources
  • placement
    • nodeAffinity
    • podAffinity
    • podAntiAffinity
    • tolerations
    • topologySpreadConstraints

StorageClass 생성

apiVersion: storage.k8s.io/v1
kind: StorageClass
# operator에 CSI_DRIVER_NAME_PREFIX를 설정하지 않았다면 operator가 속한 namespace를 사용합니다.
provisioner: <operatorNamespace>.ceph.rook.io/bucket
volumeBindingMode: Immediate
reclaimPolicy: Delete
parameters:
  objectStoreName: <cephObjectStoreName>
  objectStoreNamespace: <cephObjectStoreNamespace>

ObjectBucketClaim 생성

Reference

• Rook / Bucket Claim

apiVersion: objectbucket.io/v1alpha1
kind: ObjectBucketClaim
spec:
  generateBucketName: <bucketNamePrefix>
  storageClassName: <storageClassName>

• bucketName: <bucketName>
• generateBucketName: <bucketNamePrefix>
  • 동일한 bucketName에 대한 충돌을 방지하려는 경우 권장됩니다.
• storageClassName: <storageClassName>
• additionalConfig
  • maxObjects: "1000"
  • maxSize: "2G"

정보

ObjectBucketClaim namespace와 name이 동일한 ConfigMap, Secret이 생성됩니다. ConfigMap에는 BUCKET_HOST, BUCKET_NAME, BUCKET_PORT, BUCKET_REGION, BUCKET_SUBREGION이 저장되어 있고, Secret에는 AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY가 저장되어 있습니다.