-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(postgres): allow users to configure postgres to read from S3 #44
Conversation
can you give me an example of how to test this? |
@jchauncey I haven't fleshed this out fully after thinking this through. I'll write out some documentation on how we can test this in a minute. :) |
deis/charts#123 is related. It introduced a secret containing user-provided object storage connection / auth details. |
If a user wishes to set up an external S3 storage endpoint, they can configure wal-e to use this endpoint by setting S3_URL in the envinronment. Typically this would be done by editing the kubernetes replication controller manifest to inject the URL into the environment.
This allows the user to overwrite these values with environment variables.
All righty, this should be ready to review. Follow the steps in the OP to test. |
Can you maybe ask for bucket name instead and derive the URL from the region and the bucket name? Reason I ask is because what is supposed to become the Deis-wide config for object-storage options currently seems to ask for bucket name instead of URL: https://github.com/deis/charts/blob/master/deis-dev/tpl/objectstorage.toml#L29-L35 |
I think I can fix this up in the future to not require S3_URL at which point boto3 will derive the URL from the region and bucket name, but I don't think I can reasonably do that right now. I can open a ticket for that post-beta though! |
AWS_ACCESS_KEY_ID=$(cat access-key-id) | ||
fi | ||
if [ "$AWS_SECRET_ACCESS_KEY" == "" ]; then | ||
AWS_SECRET_ACCESS_KEY=$(cat access-secret-key) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should these key/filesnames change to match the keys that the object storage secret already managed by the chart is using?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FYI @kmala volunteered to refactor this PR on top of deis/charts#123 so we don't have users required to configure object storage in two places |
closing in favour of #46 |
If a user wishes to set up an external S3 storage endpoint, they can overwrite the following environment variables:
https://s3-us-west-1.amazonaws.com
)TESTING:
install Deis, and observe that a
db_wal
bucket was created in your S3 region with database backups.closes #33