Skip to main content

Manage buckets

Contributors netapp-mwallis netapp-dbagwell amgrissino

An object store bucket provider is essential if you want to back up your applications and persistent storage or if you want to clone applications across clusters. Using Astra Control Center, add an object store provider as your off-cluster, backup destination for your apps.

You don't need a bucket if you are cloning your application configuration and persistent storage to the same cluster.

Use one of the following Amazon Simple Storage Service (S3) bucket providers:

  • NetApp ONTAP S3

  • NetApp StorageGRID S3

  • Microsoft Azure

  • Generic S3

    Note Amazon Web Services (AWS) and Google Cloud Platform (GCP) use the Generic S3 bucket type.
    Note Although Astra Control Center supports Amazon S3 as a Generic S3 bucket provider, Astra Control Center might not support all object store vendors that claim Amazon's S3 support.

A bucket can be in one of these states:

  • pending: The bucket is scheduled for discovery.

  • available: The bucket is available for use.

  • removed: The bucket is not currently accessible.

For instructions on how to manage buckets using the Astra Control API, see the Astra Automation and API information.

You can do these tasks related to managing buckets:

Note S3 buckets in Astra Control Center do not report available capacity. Before backing up or cloning apps managed by Astra Control Center, check bucket information in the ONTAP or StorageGRID management system.

Edit a bucket

You can change the access credential information for a bucket and change whether a selected bucket is the default bucket.

Note When you add a bucket, select the correct bucket provider and provide the right credentials for that provider. For example, the UI accepts NetApp ONTAP S3 as the type and accepts StorageGRID credentials; however, this will cause all future app backups and restores using this bucket to fail. See the Release Notes.
Steps
  1. From the left navigation, select Buckets.

  2. From the menu in the Actions column, select Edit.

  3. Change any information other than the bucket type.

    Tip You can't modify the bucket type.
  4. Select Update.

Set the default bucket

When you perform a clone across clusters, Astra Control requires a default bucket. Follow these steps to set a default bucket for all clusters.

Steps
  1. Go to Cloud instances.

  2. Select the menu in the Actions column for the cloud instance in the list.

  3. Select Edit.

  4. In the Bucket list, select the bucket you want to be the default.

  5. Select Save.

Rotate or remove bucket credentials

Astra Control uses bucket credentials to gain access and provide secret keys for an S3 bucket so that Astra Control Center can communicate with the bucket.

Rotate bucket credentials

If you rotate credentials, rotate them during a maintenance window when no backups are in progress (scheduled or on-demand).

Steps to edit and rotate credentials
  1. From the left navigation, select Buckets.

  2. From the Options menu in the Actions column, select Edit.

  3. Create the new credential.

  4. Select Update.

Remove bucket credentials

You should remove bucket credentials only if new credentials have been applied to a bucket, or if the bucket is no longer actively used.

Tip The first set of credentials that you add to Astra Control is always in use because Astra Control uses the credentials to authenticate the backup bucket. Do not remove these credentials if the bucket is in active use as this will lead to backup failures and backup unavailability.
Note If you do remove active bucket credentials, see troubleshooting bucket credential removal.

For instructions on how to remove S3 credentials using the Astra Control API, see the Astra Automation and API information.

Remove a bucket

You can remove a bucket that is no longer in use or is not healthy. You might want to do this to keep your object store configuration simple and up-to-date.

Note
  • You cannot remove a default bucket. If you want to remove that bucket, first select another bucket as the default.

  • You cannot remove a write once read many (WORM) bucket before the bucket's cloud provider retention period has expired. WORM buckets are denoted with "Locked" next to the bucket name.

  • You cannot remove a default bucket. If you want to remove that bucket, first select another bucket as the default.

Before you begin
  • You should check to ensure that there are no running or completed backups for this bucket before you begin.

  • You should check to ensure that the bucket is not being used in any active protection policy.

If there are, you'll not be able to continue.

Steps
  1. From left navigation, select Buckets.

  2. From the Actions menu, select Remove.

    Note Astra Control ensures first that there are no schedule policies using the bucket for backups and that there are no active backups in the bucket you are about to remove.
  3. Type "remove" to confirm the action.

  4. Select Yes, remove bucket.

[Tech preview] Manage a bucket using a custom resource

You can add a bucket using the an Astra Control custom resource (CR) on the application cluster. Adding object store bucket providers is essential if you want to back up your applications and persistent storage or if you want to clone applications across clusters. Astra Control stores those backups or clones in the object store buckets that you define. If you are using the custom resource method, application snapshots functionality requires a bucket.

You don't need a bucket in Astra Control if you are cloning your application configuration and persistent storage to the same cluster.

The bucket custom resource for Astra Control is known as an AppVault. This CR contains the configurations necessary for a bucket to be used in protection operations.

Before you begin
  • Ensure you have a bucket that is reachable from your clusters managed by Astra Control Center.

  • Ensure you have credentials for the bucket.

  • Ensure the bucket is one of the following types:

    • NetApp ONTAP S3

    • NetApp StorageGRID S3

    • Microsoft Azure

    • Generic S3

Note Amazon Web Services (AWS) uses the Generic S3 bucket type.
Note Although Astra Control Center supports Amazon S3 as a Generic S3 bucket provider, Astra Control Center might not support all object store vendors that claim Amazon's S3 support.
Steps
  1. Create the custom resource (CR) file and name it (for example, astra-appvault.yaml).

  2. Configure the following attributes:

    • metadata.name: (Required) The name of the AppVault custom resource.

    • spec.prefix: (Optional) A path that is prefixed to the names of all entities stored in the AppVault.

    • spec.providerConfig: (Required) Stores the configuration necessary to access the AppVault using the specified provider.

    • spec.providerCredentials: (Required) Stores references to any credential required to access the AppVault using the specified provider.

      • spec.providerCredentials.valueFromSecret: (Optional) Indicates that the credential value should come from a secret.

        • key: (Required if valueFromSecret is used) The valid key of the secret to select from.

        • name: (Required if valueFromSecret is used) Name of the secret containing the value for this field. Must be in the same namespace.

    • spec.providerType: (Required) Determines what provides the backup; for example, NetApp ONTAP S3 or Microsoft Azure.

      Example YAML:

      apiVersion: astra.netapp.io/v1
      kind: AppVault
      metadata:
        name: astra-appvault
      spec:
        providerType: generic-s3
        providerConfig:
          path: testpath
          endpoint: 192.168.1.100:80
          bucketName: bucket1
          secure: "false"
        providerCredentials:
          accessKeyID:
            valueFromSecret:
              name: s3-creds
              key: accessKeyID
          secretAccessKey:
            valueFromSecret:
              name: s3-creds
              key: secretAccessKey
  3. After you populate the astra-appvault.yaml file with the correct values, apply the CR:

    kubectl apply -f astra-appvault.yaml -n astra-connector
    Note When you add a bucket, Astra Control marks one bucket with the default bucket indicator. The first bucket that you create becomes the default bucket. As you add buckets, you can later decide to set another default bucket.

Find more information