Support reusing existing storage containers across task providers #687
Conversation
* Update config schema. * AWS support for existing S3 buckets. * Existing bucket support for gcp. * Add mocks and tests to existing bucket resource in aws. * Update docs with new pre-allocated container fields.
* AWS support for existing S3 buckets. * Existing bucket support for gcp. * Fix subdirectory in rclone remote. * Blob container generates the rclone connection string. * Introduce a type for generating rclone connection strings. * Azure support for reusable blob containers. * Update docs. * Fix path prefix. * Initialize s3 existing bucket with RemoteStorage struct. * Update gcp and aws existing bucket data sources to align with the azure data source. Use common.RemoteStorage to initialize the data sources. Using rclone to verify storage during Read. Remove aws s3 client mocks and tests that rely on them. * Fix comment.
* K8s support for specifying an existing persistent volume claim. Co-authored-by: Helio Machado <0x2b3bfa0+git@googlemail.com>
0x2b3bfa0
changed the title
0x2b3bfa0
added
enhancement
tasdomas
force-pushed
the
feature-bucket-reuse
branch
from
b900f4b to
670f214
Compare
|
It depends on your definition of resource group.1 😅 Footnotes
|
|
@tasdomas, would you mind opening an issue to track #687 (comment)? |
Done. Thanks for reminding me! |
| ### Generic | ||
|
|
||
| A set of "permissions" assigned to the `task` instance, format depends on the cloud provider | ||
|
|
||
| #### Amazon Web Services | ||
| ### Cloud-specific | ||
|
|
||
| #### Kubernetes | ||
|
|
||
| The name of a service account in the current namespace. | ||
|
|
||
| ### Amazon Web Services | ||
|
|
||
| An [instance profile `arn`](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html), e.g.: | ||
| `permission_set = "arn:aws:iam:1234567890:instance-profile/rolename"` | ||
|
|
||
| #### Google Cloud Platform | ||
| ### Google Cloud Platform | ||
|
|
||
| A service account email and a [list of scopes](https://cloud.google.com/sdk/gcloud/reference/alpha/compute/instances/set-scopes#--scopes), e.g.: | ||
| `permission_set = "sa-name@project_id.iam.gserviceaccount.com,scopes=storage-rw"` | ||
|
|
||
| #### Microsoft Azure | ||
| ### Microsoft Azure |
There was a problem hiding this comment.
I don't get this title reworking. There are no generic options for permission_set, so there shouldn't be a ### Generic section?
| A comma-separated list of [user-assigned identity](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview) ARM resource ids, e.g.: | ||
| `permission_set = "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}"` | ||
|
|
||
| ## Pre-allocated blob container | ||
|
|
||
| ### Generic |
There was a problem hiding this comment.
again, would remove "### Generic" here since there are no generic options for container, right? (for example, machine="m" is generic, machine="t2.micro" is not).
| @@ -65,6 +65,8 @@ resource "iterative_task" "example" { | |||
| - `storage.workdir` - (Optional) Local working directory to upload and use as the `script` working directory. | |||
| - `storage.output` - (Optional) Results directory (**relative to `workdir`**) to download (default: no download). | |||
| - `storage.exclude` - (Optional) List of files and globs to exclude from transfering. Excluded files are neither uploaded to cloud storage nor downloaded from it. Exclusions are defined relative to `storage.workdir`. | |||
| - `storage.container` - (Optional) Pre-allocated container to use for storage of task data, results and status. | |||
There was a problem hiding this comment.
slightly wary of clashing with "docker containers" but willing to accept owing to "storage" namespace.
| - `storage.container` - (Optional) Pre-allocated container to use for storage of task data, results and status. | ||
| - `storage.container_opts` - (Optional) Block of cloud-specific container settings. |
There was a problem hiding this comment.
what about storage.container_(options|conf(ig)|settings)?
This closes #299.
The storage type is inferred by provider.
The
storageconfig section is extended with additional options: