Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

[deployments] provide a way to configure an internal and external URI to minio

Description

Issue

In the self-hosted kubernetes version of Mender, you provide a way to set up S3 storage on minio.

Deployments only takes one variable for AWS_URI. This variable is used by Deployments itself to talk with minio and by IoT devices to fetch artifacts.

 

With only one URI, it is not possible to use mTLS to validate incoming connections (or you have to rebuild the mender-deployments image to add a client certificate in it).

Also, this requires connections between deployments and minio to be outbound of the cluster.

Suggestion

The simplest way would be to have two endpoints, AWS_URI and AWS_EXTERNAL_URI.

AWS_URI: connection between the service deployment and S3 storage.
AWS_EXTERNAL_URI: base URI for frontend and artifacts URIs sent to devices.

Example:

Parameter

Description

Example value

Default

global.s3.AWS_URI

minio internal endpoint

http://minio:9000

 

global.s3.AWS_EXTERNAL_URI

minio external endpoint

https://mender.webdomain.com

{global.s3.AWS_URI}

h2. Our modifications

We have made changes that allow us to use two endpoints to access the bucket.
We are not GO experts but maybe this will help in your deployments:

 

Affects versions

None

Environment

None

Checklist

Activity

Show:

Fabio TranchitellaMay 25, 2022 at 5:36 AM

We merged your PR to the master branch and cherry-picked it into the release branch. Therefore, your implementation will be part of Mender 3.3, which we'll release next week. Consequently, I'm marking this task as done.

Thank you for your contribution, . Very much appreciated.

BenjaminMay 18, 2022 at 4:25 PM

Hello ,

Can you check this PR https://github.com/mendersoftware/deployments/pull/728 ?

Fabio TranchitellaMay 17, 2022 at 12:28 PM

Hello , there is a general agreement that what you propose makes sense.

However, we didn't prioritize the work to port your patch to our code base just yet.
If you can launch a PR to the deployments service, we'll happily review and accept it when ready.

BenjaminMay 16, 2022 at 4:40 PM

Hello, do you have any news?

Fabio TranchitellaJanuary 19, 2022 at 8:05 AM

Hello ,
A quick follow-up: we will discuss your patch with the dev team and get back to you soon.
Thank you.

Fixed

Details

Assignee

Reporter

Labels

Priority

Days in progress

0

Backlog

yes

Zendesk Support

Checklist

Created December 7, 2021 at 1:47 PM
Updated May 25, 2022 at 5:37 AM
Resolved May 25, 2022 at 5:37 AM

Flag notifications