Orchestrate object storage from OpenStack for OpenShift projects #195
Description
Related nerc-project/operations#891
For a short-term solution to the above linked issue, we would like to automate the process of giving access to OpenStack's RGW for object storage when an allocation to OpenShift is approved.
- The OpenShift Resource will have a new Resource Attribute
Object Storage from OpenStack Resourcewhose value will match the Resource name of the OpenStack cluster. - When a resource allocation is approved, if the Resource is an OpenShift resource that contains the above attribute:
- Create a project in the OpenStack resource referenced above
- Project name of the OpenStack project is same as openshift namespace.
- Quotas of the OpenStack project are set to zero values. With the exception of object quota.
- Already existing quota attribute for Openstack object storage is added to allocation.
- Create an EC2 access credential for that project to access object storage
- After creating the OpenShift project
- insert a secret in the OpenShift namespace with the following values as described below and named
nerc-s3-credentials.
- insert a secret in the OpenShift namespace with the following values as described below and named
- Create a project in the OpenStack resource referenced above
- Introduce a new management command line that deals with re-provisioning secrets that have been deleted.
AWS_ENDPOINT_URL=<RGW endpoint>
AWS_ENDPOINT_URL_S3=<RGW endpoint>
AWS_ACCESS_KEY_ID=<Created EC2 ID>
AWS_SECRET_ACCESS_KEY=<Created EC2 Secret>
Metadata
Metadata
Assignees
Labels
No labels