Charmed PostgreSQL K8s How To - Configure S3 for RadosGW

Note: All commands are written for juju >= v.3.0

If you are using an earlier version, check the Juju 3.0 Release Notes.

Configure S3 for RadosGW

A Charmed PostgreSQL K8s backup can be stored on any S3-compatible storage. S3 access and configurations are managed with the s3-integrator charm.

This guide will teach you how to deploy and configure the s3-integrator charm on Ceph via RadosGW, send the configuration to a Charmed PostgreSQL application, and update it. (To configure S3 for AWS, see this guide)

The Charmed PostgreSQL K8s backup tool (pgBackRest) can currently only interact with S3-compatible storages if they work with SSL/TLS (backup via the plain HTTP is currently not supported).

Configure s3-integrator

First, install the MinIO client and create a bucket:

mc config host add dest https://radosgw.mycompany.fqdn <access-key> <secret-key> --api S3v4 --lookup path
mc mb dest/backups-bucket

Then, deploy and run the charm:

juju deploy s3-integrator
juju run s3-integrator/leader sync-s3-credentials access-key=<access-key> secret-key=<secret-key>

Lastly, use juju config to add your configuration parameters. For example:

juju config s3-integrator \
    endpoint="https://radosgw.mycompany.fqdn" \
    bucket="backups-bucket" \
    path="/postgresql" \
    region="" \
    s3-api-version="" \
    s3-uri-style="path" \
    tls-ca-chain="$(base64 -w0 /path-to-your-server-ca-file)"

Integrate with Charmed PostgreSQL

To pass these configurations to Charmed PostgreSQL, integrate the two applications:

juju integrate s3-integrator postgresql-k8s

You can create, list, and restore backups now:

juju run postgresql-k8s/leader list-backups
juju run postgresql-k8s/leader create-backup
juju run postgresql-k8s/leader list-backups
juju run postgresql-k8s/leader restore backup-id=<backup-id-here>

You can also update your S3 configuration options after relating, using:

juju config s3-integrator <option>=<value>

The s3-integrator charm accepts many configurations - enter whatever configurations are necessary for your S3 storage.

MicroCeph tip: Make sure the region for s3-integrator matches "sudo microceph.radosgw-admin zonegroup list" output (use region="default" by default).