Name: steward-demo-s3
Owner: Deis
Description: Helm charts to demo Steward
Created: 2016-09-30 17:26:30.0
Updated: 2017-03-16 18:08:36.0
Pushed: 2017-05-10 21:00:26.0
Homepage: https://github.com/deis/steward
Size: 73
Language: null
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
This repository contains helm charts intended to demo Steward CF.
The following charts are available:
This chart installs the following:
When an Instance
is later created, steward-cf will call the backing CF service
broker's provision API to create a new S3 bucket. When a Binding
is created,
steward-cf will call the backing CF service broker's binding API to create
an IAM user and grant access to the aforementioned bucket.
After a bind, steward-cf will drop the bucket-name, AWS_ACCESS_KEY
, and
AWS_SECRET_KEY
into a kubernetes Secret. It will look like the following:
: Secret
ersion: v1
:
me: <s3 bucket name>
ssword: <AWS_SECRET_KEY>
ername: <AWS_ACCESS_KEY>
This chart installs a Broker
resource, which tells steward-cf
to connect to
the backing S3 CF service broker API, list its catalog, and write a
ServiceClass
resource for each service therein
This chart installs an Instance
resource, which tells steward-cf
to make a
provision API call on the backing S3 CF broker API. This call in turn creates
a new S3 bucket.
This chart installs a Binding
resource, which tells steward-cf
to make a
bind API call on the backing S3 CF broker API. This call in turn creates new IAM
credentials which get written into a secret called s3-demo-secret
, in the same
namespace as the Binding
itself.
This chart installs a job that consumes the secret output from the charts/binding chart, connects to the S3 bucket described in the secret, and uploads a jpeg image to the bucket.
You must have AWS credentials with full S3 and IAM access. The access key
should be stored in the AWS_ACCESS_KEY_ID
environment variable, and the secret
should be stored in the AWS_SECRET_ACCESS_KEY
environment variable.
In order to use these helm charts to show a start-to-finish demo of Steward's capability, install the following charts in order:
ServiceBroker
resourceServiceClass
resources should be written to
the steward
namespaceServiceInstance
resourceServiceBinding
resources3-demo-secret
should be written to the
same namespace as the ServiceBinding
resource itself