This PR supports user-defined S3 endpoint.
By default, users should use AWS S3 for the state storage.
However, users may want to save the cluster state storage inside private cloud, through their own S3 services, such as Minio.
With this PR, by setting environment variable "S3_ENDPOINT", kops will use the s3 service running on this specific s3 endpoint, instead of using AWS S3 by default. Accordingly, users should also update AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY to the corresponding credentials for this specific s3 service. It's the user's responsibility to setup their own s3 services.
*Update: Need to discuss whether we want AWS_ACCESS_KEY_ID or S3_ACCESS_KEY_ID. The reason for the latter is because another S3 server https://github.com/scality/S3 is using SCALITY_ACCESS_KEY_ID.
For example, one should start a Minio service on certain node by:
docker run -d \
--name minio \
-p 9000:9000 \
-v /root/minio-data:/export \
minio/minio server /export
When using this Minio service as the state store, one should just set:
export S3_ENDPOINT=http:/[IP address of the Minio node]:9000
We assume that users who use their own user-defined S3 service, will not run the cluster with AWS EC2 service neither. Thus the credential information can be overwritten by the user-defined s3 service.
msterin
commented
7 years ago
This PR supports user-defined S3 endpoint. By default, users should use AWS S3 for the state storage. However, users may want to save the cluster state storage inside private cloud, through their own S3 services, such as Minio.
With this PR, by setting environment variable "S3_ENDPOINT", kops will use the s3 service running on this specific s3 endpoint, instead of using AWS S3 by default. Accordingly, users should also update AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY to the corresponding credentials for this specific s3 service. It's the user's responsibility to setup their own s3 services.
*Update: Need to discuss whether we want AWS_ACCESS_KEY_ID or S3_ACCESS_KEY_ID. The reason for the latter is because another S3 server https://github.com/scality/S3 is using SCALITY_ACCESS_KEY_ID.
For example, one should start a Minio service on certain node by:
Then create bucket:
./mc config host add myminio http://127.0.0.1:9000 $accessKey $secretAccessKey /mc mb myminio/[bucketname]When using this Minio service as the state store, one should just set:
export S3_ENDPOINT=http:/[IP address of the Minio node]:9000We assume that users who use their own user-defined S3 service, will not run the cluster with AWS EC2 service neither. Thus the credential information can be overwritten by the user-defined s3 service.