Add cosi docs

[fanzy618]

Summary by CodeRabbit

• Documentation
  • Added a comprehensive COSI documentation suite: introduction, core concepts, install/uninstall, and How‑To/Functions overviews.
  • Added step‑by‑step guides for Ceph RGW and MinIO BucketClass creation, credential preparation, and Bucket/BucketClaim provisioning with UI and YAML examples.
  • Documented BucketClaim workflow, resource interaction, access control, per-workload credentials, quotas, verification, and cleanup guidance.

[coderabbitai]

Walkthrough

Adds a new docs set under docs/en/configure/storage/cosi that introduces COSI, its concepts, installation, usage guides for BucketClass (MinIO/Ceph), BucketClaims/BucketRequests, and Ceph access-control how-tos, including UI and YAML workflows, examples, and troubleshooting.

Changes

Cohort / File(s)	Summary
Overview & Concepts docs/en/configure/storage/cosi/index.mdx, docs/en/configure/storage/cosi/intro.mdx, docs/en/configure/storage/cosi/cosi-concepts.mdx	New landing, intro, and concepts pages defining COSI, BucketClass, Bucket, BucketClaim, scopes, fields (e.g., deletionPolicy, driverName), and the resource interaction workflow.
Install / Uninstall docs/en/configure/storage/cosi/install.mdx	Installation and uninstallation guide for ACP COSI and backend plugins (Ceph/MinIO), prerequisites, constraints, and procedural steps.
Functions — BucketClass (MinIO & Ceph) docs/en/configure/storage/cosi/functions/bucket_class_minio.mdx, docs/en/configure/storage/cosi/functions/bucket_class_ceph.mdx	Step-by-step guides to create BucketClass for MinIO and Ceph RGW: prerequisites, credential Secret preparation (auto/manual), UI and YAML examples, parameters, and verification commands.
Functions — Bucket Requests / Index docs/en/configure/storage/cosi/functions/bucket_request.mdx, docs/en/configure/storage/cosi/functions/index.mdx	Guide to create BucketClaims/Bucket Requests (UI & YAML), expected status flow, deletion notes, and a functions index page.
How To — Ceph Access Control & Index docs/en/configure/storage/cosi/how_to/access_control_ceph.mdx, docs/en/configure/storage/cosi/how_to/index.mdx	How-to for least-privilege access and quotas with Ceph RGW using CephObjectStoreUser, BucketClass/BucketClaim, BucketAccessClass/BucketAccess; includes workflows, troubleshooting, quota controls, and cleanup.

Sequence Diagram(s)

sequenceDiagram
  participant Admin
  participant App
  participant K8sAPI as K8s API
  participant COSI
  participant Driver
  participant ObjStore as Object Store
  participant Secret
  participant Pod

  Admin->>K8sAPI: Create BucketClass
  App->>K8sAPI: Create BucketClaim (refs BucketClass)
  K8sAPI-->>COSI: Event: BucketClaim created
  COSI->>Driver: Provision bucket (request)
  Driver->>ObjStore: Create bucket
  ObjStore-->>Driver: Bucket created
  Driver-->>COSI: Provision details
  COSI->>K8sAPI: Create/Bind Bucket & Secret
  Pod->>K8sAPI: Mount Secret
  Pod-->>ObjStore: Access bucket with creds

Loading

sequenceDiagram
  participant Admin
  participant K8sAPI as K8s API
  participant COSI
  participant Driver
  participant ObjStore as Object Store
  participant Workload

  Admin->>K8sAPI: Create BucketAccessClass / BucketAccess
  K8sAPI-->>COSI: Event: BucketAccess
  COSI->>Driver: Mint scoped credentials/policy
  Driver->>ObjStore: Create policy/keys
  ObjStore-->>Driver: Return credentials
  Driver-->>COSI: BucketInfo + creds
  COSI->>K8sAPI: Create Secret with BucketInfo
  Workload->>K8sAPI: Consume Secret to access bucket

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

I thump through docs and YAML rows,
Buckets sprout where the cabbage grows.
MinIO breezes, Ceph tides hum,
Claims tie bows, credentials come.
A rabbit hops—COSI fields, yum! 🥕

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d19c643 and ceb8dbb.

📒 Files selected for processing (2)

• docs/en/configure/storage/cosi/functions/bucket_class_minio.mdx (1 hunks)
• docs/en/configure/storage/cosi/how_to/access_control_ceph.mdx (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• docs/en/configure/storage/cosi/how_to/access_control_ceph.mdx
• docs/en/configure/storage/cosi/functions/bucket_class_minio.mdx

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch add-cosi-docs

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🔭 Outside diff range comments (1)

docs/en/configure/storage/cosi/functions/index.mdx (1)

8-8: Stray character likely to break formatting.

The lone “8” appears accidental. Please remove.

-8
+

🧹 Nitpick comments (19)

docs/en/configure/storage/cosi/index.mdx (1)

1-3: Add front matter for navigation ordering.

To align with sibling pages (which use weight), add a weight front matter block.

+---
+weight: 5
+---
+
 # Object Storage
 
 <Overview />

docs/en/configure/storage/cosi/intro.mdx (1)

20-22: Scope the limitation to the platform/release.

Avoid broad claims about COSI overall. Scope to your platform to prevent confusion.

 * COSI is currently in alpha.
-* At present, COSI only supports Ceph RGW and MinIO drivers.
+* In Alauda Container Platform, this feature currently supports the Ceph RGW and MinIO drivers.
 * Integration with legacy object storage buckets might require additional manual configurations.

docs/en/configure/storage/cosi/install.mdx (3)

24-24: Reduce repetitive phrasing.

Replace repeated “you want to” for variety and clarity.

-* Plugins are scoped to the current cluster only. You must install the required plugins individually on each cluster where you want to enable COSI features.
+* Plugins are scoped to the current cluster only. You must install the required plugins individually on each cluster where you intend to enable COSI features.

---

41-41: Tighten step wording.

Avoid repetition; keep the instruction concise.

-4. Locate the plugin you want to uninstall and select **Uninstall** from the **⋮** menu to start the uninstallation process.
+4. Locate the plugin to uninstall and select **Uninstall** from the **⋮** menu to start the uninstallation process.

---

44-45: Use an admonition for the uninstall order note.

Align with the existing admonition style used above.

-**Important:** Before uninstalling the **Alauda Container Platform COSI** plugin, you must first uninstall the **Alauda Container Platform COSI for Ceph** and/or **Alauda Container Platform COSI for MinIO**.
+:::warning
+Before uninstalling the **Alauda Container Platform COSI** plugin, you must first uninstall the **Alauda Container Platform COSI for Ceph** and/or **Alauda Container Platform COSI for MinIO**.
+:::

docs/en/configure/storage/cosi/how_to/access_control_ceph.mdx (2)

15-17: Fix typo in prerequisites.

Change “plugings” to “plugins”.

-* COSI plugings installed.
+* COSI plugins installed.

---

126-129: Add an explicit example to decode BucketInfo.

Concrete commands help users quickly verify credentials.

 The driver writes a Secret named in `credentialsSecretName`. Decode `.data.BucketInfo` (base64) to get `secretS3.endpoint`, `accessKeyID`, and `accessSecretKey` for your S3 client.
 
 > **Tip**: Issue **distinct** credentials per Deployment/Job to simplify rotation and revocation without disrupting other workloads.
+
+Example:
+
+```bash
+kubectl -n app-a get secret my-bucket-readonly-credentials \
+  -o jsonpath='{.data.BucketInfo}' | base64 -d | jq
+```

docs/en/configure/storage/cosi/functions/bucket_class_ceph.mdx (2)

27-27: Add missing space after period.

Minor readability fix.

-| **Internal Ceph** | Ceph cluster deployed and managed **inside** the platform by the Rook Operator.See *[create a storage service](/storage/storagesystem_ceph/installation/create_service_stand.mdx)* for details. |
+| **Internal Ceph** | Ceph cluster deployed and managed **inside** the platform by the Rook Operator. See *[create a storage service](/storage/storagesystem_ceph/installation/create_service_stand.mdx)* for details. |

---

31-33: Pluralize the section title (two plug-ins installed).

Two plug-ins are installed in Step 2, so the header should reflect plural.

-## Step 2 – Install the COSI Plug‑in
+## Step 2 – Install the COSI Plug‑ins

docs/en/configure/storage/cosi/functions/bucket_class_minio.mdx (1)

16-17: Align plug-in naming with the install guide.

Elsewhere you use “Alauda Container Platform COSI” and “Alauda Container Platform COSI for MinIO”. Here you reference “acp‑cosi” and “acp‑cosi‑minio”. Please standardize on one naming style across the docs.

docs/en/configure/storage/cosi/functions/index.mdx (3)

1-3: Add a title in front matter for navigation/SEO consistency.

Consider adding a title. Many doc generators rely on it for sidebars and metadata.

 ---
+title: Functions
 weight: 50
 ---

---

5-5: Heading-label alignment with section name.

This page lives under “functions”, but the H1 is “Guides”. Consider aligning to avoid confusion.

-# Guides
+# Functions

---

7-7: Ensure is globally available or import as needed.

If your MDX setup doesn’t auto-register shared components, you’ll need an explicit import.

+import Overview from '@site/src/components/Overview';
 
 <Overview />

docs/en/configure/storage/cosi/functions/bucket_request.mdx (6)

1-3: Add a title to front matter for consistent rendering and SEO.

Helps sidebar, breadcrumbs, and page metadata.

 ---
+title: Create a Bucket Request
 weight: 20
 ---

---

7-7: Styling/clarity: remove double space and consider linking terminology.

• Remove the extra space after “Request”.
• Consider linking “Object Storage Class” to the BucketClass concepts page for clarity.

-Use a **Bucket Request**  to dynamically create a bucket based on an **Object Storage Class** and automatically bind the two.
+Use a **Bucket Request** to dynamically create a bucket based on an **Object Storage Class** and automatically bind the two.

Optionally:

• Link Object Storage Class to its conceptual doc.
• Mention the underlying CRD (BucketRequest) in backticks for power users.

---

11-14: Polish prerequisites and fix internal link.

• Prefer consistent plugin naming style.
• Internal links typically omit file extensions; use the route path to avoid 404s.

-* **Install** the **Alauda Container Platform COSI** cluster.
-* **Install** either the **Alauda Container Platform COSI for Ceph** or the **Alauda Container Platform COSI for MinIO** cluster plugin package, depending on which object storage solution you plan to use.
+* Install the Alauda Container Platform COSI cluster.
+* Install either the “ACP COSI for Ceph” or “ACP COSI for MinIO” plugin package, depending on your object storage backend.
 
-For detailed installation steps, see **[Installing](/configure/storage/cosi/install.mdx)**.
+For detailed installation steps, see [Installing](/configure/storage/cosi/install).

---

26-30: Table inside ordered list may render poorly in MDX; also refine phrasing.

• Some MDX engines don’t render tables well when nested under list items. Consider moving the table outside the list or converting to bullet points.
• Minor style fix (avoid split infinitive and tighten wording).

Option A: Move table outside the list.

-4. Configure the parameters as follows.
-
-   | Parameter                | Description                                                                               |
-   | ------------------------ | ----------------------------------------------------------------------------------------- |
-   | **Name**                 | The name of the bucket request.                                                           |
-   | **Object Storage Class** | The Object Storage Class used to dynamically create the bucket and establish the binding. |
+4. Configure the following parameters.
+
+| Parameter                | Description                                                                            |
+| ------------------------ | -------------------------------------------------------------------------------------- |
+| **Name**                 | Name of the bucket request.                                                            |
+| **Object Storage Class** | Object Storage Class used to create the bucket and to establish the binding.           |

Option B: Use bullets:

-4. Configure the parameters as follows.
-
-   | Parameter                | Description                                                                               |
-   | ------------------------ | ----------------------------------------------------------------------------------------- |
-   | **Name**                 | The name of the bucket request.                                                           |
-   | **Object Storage Class** | The Object Storage Class used to dynamically create the bucket and establish the binding. |
+4. Configure:
+   - Name: Name of the bucket request.
+   - Object Storage Class: The class used to create the bucket and establish the binding.

---

31-31: Add follow-up step to discover credentials/endpoints.

After status is Available, users typically need endpoint, bucket name, and credentials (Secret). Consider adding where to find these in the UI or via kubectl.

Example addition:

-5. Click **Create**. Wait until the status becomes `Available`, which indicates the request has been fulfilled and the binding is complete.
+5. Click **Create**. Wait until the status becomes `Available`, which indicates the request has been fulfilled and the binding is complete.  
+   Next, retrieve the bucket endpoint and credentials from the bucket request details (or the generated Secret) to configure your clients.

---

16-35: Optional: Add a CLI/YAML alternative for completeness.

Consider including a minimal BucketRequest YAML example and kubectl commands for users who prefer GitOps/CLI.

I can draft a concise YAML + kubectl flow aligned with your CRD schema if you confirm the group/version/kind you expose (e.g., objectstorage.k8s.io/v1alpha1, BucketRequest).

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 75fe49b and d19c643.

📒 Files selected for processing (10)

• docs/en/configure/storage/cosi/cosi-concepts.mdx (1 hunks)
• docs/en/configure/storage/cosi/functions/bucket_class_ceph.mdx (1 hunks)
• docs/en/configure/storage/cosi/functions/bucket_class_minio.mdx (1 hunks)
• docs/en/configure/storage/cosi/functions/bucket_request.mdx (1 hunks)
• docs/en/configure/storage/cosi/functions/index.mdx (1 hunks)
• docs/en/configure/storage/cosi/how_to/access_control_ceph.mdx (1 hunks)
• docs/en/configure/storage/cosi/how_to/index.mdx (1 hunks)
• docs/en/configure/storage/cosi/index.mdx (1 hunks)
• docs/en/configure/storage/cosi/install.mdx (1 hunks)
• docs/en/configure/storage/cosi/intro.mdx (1 hunks)

🧰 Additional context used

🪛 LanguageTool

docs/en/configure/storage/cosi/functions/bucket_request.mdx

[style] ~29-~29: Try moving the adverb to make the sentence clearer.
Context: ...rage Class** | The Object Storage Class used to dynamically create the bucket and establish the binding. | 5. Click ...

(SPLIT_INFINITIVE)

docs/en/configure/storage/cosi/install.mdx

[style] ~24-~24: You have already used this phrasing in nearby sentences. Consider replacing it to add variety to your writing.
Context: ... individually on each cluster where you want to enable COSI features. * The **Alauda Co...

(REP_WANT_TO_VB)

---

[style] ~41-~41: You have already used this phrasing in nearby sentences. Consider replacing it to add variety to your writing.
Context: ...emove plugins. 4. Locate the plugin you want to uninstall and select Uninstall from...

(REP_WANT_TO_VB)

🔇 Additional comments (6)

docs/en/configure/storage/cosi/how_to/index.mdx (1)

1-7: Looks good and consistent with the docs pattern.

Front matter, heading, and Overview usage are consistent.

docs/en/configure/storage/cosi/cosi-concepts.mdx (1)

1-104: Clear and accurate concepts.

Content aligns with COSI resource roles and your driver usage. No changes needed.

docs/en/configure/storage/cosi/install.mdx (1)

42-42: Verify post-uninstall status label.

“Ready” as a post-uninstall status may confuse users (could be “Uninstalled”, “Removed”, etc.). Please confirm the exact UI status label.

Could you confirm the precise status text shown in the UI after a successful uninstall? If it’s not “Ready,” we should update the doc to match the UI to avoid confusion.

docs/en/configure/storage/cosi/functions/bucket_class_ceph.mdx (1)

27-27: Internal link verified
The target file docs/en/storage/storagesystem_ceph/installation/create_service_stand.mdx exists, so the link in docs/en/configure/storage/cosi/functions/bucket_class_ceph.mdx is correct and requires no changes.

docs/en/configure/storage/cosi/functions/bucket_request.mdx (2)

18-23: Verify UI labels: “Bucket Claims” vs “Bucket Requests”.

The nav says “Storage > Bucket Claims” while the action is “Create a Bucket Request”. Confirm these labels match the current UI to avoid user confusion. If the list is “Bucket Requests”, adjust accordingly.

If needed:

-2. In the left navigation, click **Storage > Bucket Claims**.
+2. In the left navigation, click **Storage > Bucket Requests**.

---

33-35: Clarify “Delete bucket policy” behavior and use proper admonitions

Please verify the actual UI label and its effect before updating the docs:

• Does Delete bucket policy only remove the access policy (no data loss)?
• Or does it delete the entire bucket (and all objects)?

Then update accordingly:

• If it only removes the policy, remove the data-loss warning.
• If it deletes the bucket, rename the action to Delete bucket and be explicit.
• Wrap messaging in GitBook admonitions for visibility.

Suggested diff:

-From the bucket request details page, click **Actions** (upper-right) to **Delete bucket policy** if needed. **Warning:** deleting the bucket policy clears all data in the bucket. Proceed with caution and confirm data backup and security requirements before deletion.
+From the bucket request details page, click **Actions** (upper-right) to perform deletion operations.
+
+> Note  
+> Confirm the action label and its effect:  
+> - **Delete bucket policy** typically removes only the access policy and does not delete objects.  
+> - If the operation actually deletes the bucket (and all data), rename it to **Delete bucket** in both UI and docs.
+
+> Warning  
+> Deleting a bucket permanently removes all objects. Ensure backups and compliance checks before proceeding.