noobaa

NooBaa is a highly customizable and dynamic data gateway for Kubernetes (S3-compatible)

View on GitHub

NooBaa CRD

NooBaa CRD represents a single installation of NooBaa that includes a set of sub-resources (backing-stores, bucket-classes, and buckets) and has a lifecycle as a single integrated system.

Definitions

Reconcile

The operator watches for NooBaaSystem changes and reconcile them to apply the following deployment:

Status

The operator will set the status of the NooBaaSystem to represent the current state of reconciling to the desired state.
Here is the example status structure as would be returned by a kubectl get noobaa -n noobaa -o yaml:

apiVersion: noobaa.io/v1alpha1
kind: NooBaa
metadata:
  name: noobaa
  namespace: noobaa
spec:
    # ...
status:
  accounts:
    admin:
      secretRef:
        name: noobaa-admin
        namespace: noobaa
  actualImage: noobaa/noobaa-core:X.Y.Z
  conditions:
  - lastHeartbeatTime: "2019-11-05T13:50:20Z"
    lastTransitionTime: "2019-11-06T07:03:48Z"
    message: noobaa operator completed reconcile - system is ready
    reason: SystemPhaseReady
    status: "True"
    type: Available
  - lastHeartbeatTime: "2019-11-05T13:50:20Z"
    lastTransitionTime: "2019-11-06T07:03:48Z"
    message: noobaa operator completed reconcile - system is ready
    reason: SystemPhaseReady
    status: "False"
    type: Progressing
  - lastHeartbeatTime: "2019-11-05T13:50:20Z"
    lastTransitionTime: "2019-11-05T13:50:20Z"
    message: noobaa operator completed reconcile - system is ready
    reason: SystemPhaseReady
    status: "False"
    type: Degraded
  - lastHeartbeatTime: "2019-11-05T13:50:20Z"
    lastTransitionTime: "2019-11-06T07:03:48Z"
    message: noobaa operator completed reconcile - system is ready
    reason: SystemPhaseReady
    status: "True"
    type: Upgradeable
  observedGeneration: 1
  phase: Ready
  readme: |

Welcome to NooBaa

S3 Endpoint
-----------
- Access key            : export AWS_ACCESS_KEY_ID=$(kubectl get secret noobaa-admin-s3-secret -n noobaa -o json | jq -r '.data.AWS_ACCESS_KEY_ID|@base64d')
- Secret key            : export AWS_SECRET_ACCESS_KEY=$(kubectl get secret noobaa-admin-s3-secret -n noobaa -o json | jq -r '.data.AWS_SECRET_ACCESS_KEY|@base64d')
- External address      : https://222.222.222.222:8443
- ClusterIP address     : https://s3.noobaa
- NodePort address      : http://192.168.99.100:30361
- Port forwarding       : kubectl port-forward -n noobaa service/s3 10443:443 # then open https://localhost:10443
- aws-cli               : alias s3="aws --endpoint https://localhost:10443 s3"

Management
-------------
- Username/password     : kubectl get secret noobaa-admin-mgmt-secret -n noobaa -o json | jq '.data|map_values(@base64d)'
- External address      : https://111.111.111.111:8443
- ClusterIP address     : https://noobaa-mgmt.noobaa:8443
- Node port address     : http://192.168.99.100:30785
- Port forwarding       : kubectl port-forward -n noobaa service/noobaa-mgmt 11443:8443 # then open https://localhost:11443


  services:
    serviceMgmt:
      externalDNS:
      - https://noobaa-mgmt-noobaa.apps.noobaa.noobaa.org
      - https://noobaa.us-east-2.elb.amazonaws.com:443
      internalDNS:
      - https://noobaa-mgmt.noobaa:443
      internalIP:
      - https://1.1.1.1:443
      nodePorts:
      - https://1.1.1.1:31433
      podPorts:
      - https://1.1.1.1:8443
    serviceS3:
      externalDNS:
      - https://s3-noobaa.apps.noobaa.noobaa.org
      - https://noobaa.us-east-2.elb.amazonaws.com:443
      internalDNS:
      - https://s3.noobaa:443
      internalIP:
      - https://1.1.1.1:443
      nodePorts:
      - https://1.1.1.1:32367
      podPorts:
      - https://1.1.1.1:6443

Custom Images

The NooBaa spec below shows how to override the noobaa-core image used for the system deployment. Another way to change the default image is to set the env NOOBAA_CORE_IMAGE on the operator pod (on its deployment) which makes the operator assume a different default core image even when the NooBaa spec is not specifying it. In any case when using custom images, you will have to make sure the operator and core images are compatible with eachother.

apiVersion: noobaa.io/v1alpha1
kind: NooBaa
metadata:
  name: noobaa
  namespace: noobaa
spec:
  image: noobaa/noobaa-core:v9999.9.9

Private Image Registry

See below how to set spec.imagePullSecret in order to pull from a private image repository

apiVersion: noobaa.io/v1alpha1
kind: NooBaa
metadata:
  name: noobaa
  namespace: noobaa
spec:
  image: noobaa/noobaa-core:v9999.9.9
  dbImage: centos/mongodb-36-centos7
  imagePullSecret:
    name: <SECRET-NAME>

Custom CPU and Memory Resources

The NooBaa spec can be used to control the resources of each component. Below is an example of how to set the spec to use custom compute resources.

Keep the following in mind when choosing your custom resources values:

apiVersion: noobaa.io/v1alpha1
kind: NooBaa
metadata:
  name: noobaa
  namespace: noobaa
spec:
  coreResources:
    requests:
      cpu: "8"
      memory: "16Gi"
    limits:
      cpu: "8"
      memory: "16Gi"
  dbResources:
    requests:
      cpu: "8"
      memory: "16Gi"
    limits:
      cpu: "8"
      memory: "16Gi"
  endpoints:
    minCount: 4
    maxCount: 4
    resources:
      requests:
        cpu: "2"
        memory: "4Gi"
      limits:
        cpu: "2"
        memory: "4Gi"

Delete

The operator will detect deletion of a system CR, and will followup by deleting all the owned resources.

This is done by connecting owner references and letting Garbage Collection do the rest as described here:

https://kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/