Is there a way to set up an Object Expiration policy for a storage bucket? I’d like to have a bucket that expires older objects after a certain amount of time.
So it’s worth keeping in mind that LXD itself has no visibility on the objects stored within a bucket. That’s handled by whatever backend is in use,
minio for local storage or
ceph-rgw for remote storage.
It looks like Ceph at least supports setting the expiration rule through the S3 API. I don’t know if minio does too and if that uses the exact same API.
Maybe do a few tests poking the S3 API to add expiration rules and see if that works with whatever backend you have.
Ok, I was able to do this through the
mc command (I’m using minio). Per https://min.io/docs/minio/linux/administration/object-management/create-lifecycle-management-expiration-rule.html
lxc storage bucket create default first mc alias set first https://lxd1:8555 <access_key> <secret_key> mc ilm rule add first/first --expire-days "1" mc ilm rule ls first/first ┌───────────────────────────────────────────────────────────────────────────────────────┐ │ Expiration for latest version (Expiration) │ ├──────────────────────┬─────────┬────────┬──────┬────────────────┬─────────────────────┤ │ ID │ STATUS │ PREFIX │ TAGS │ DAYS TO EXPIRE │ EXPIRE DELETEMARKER │ ├──────────────────────┼─────────┼────────┼──────┼────────────────┼─────────────────────┤ │ ch7rlo3djg0irph21520 │ Enabled │ - │ - │ 1 │ false │ └──────────────────────┴─────────┴────────┴──────┴────────────────┴─────────────────────┘
mc tool seems to give me most of the control I need, including providing anonymous access to the buckets. Unfortunately some of the admin commands fail. Is this by design, or can they be made to work through the LXD proxy?
─❯ mc admin trace first mc: <ERROR> Unable to listen to http trace. Failed to parse server response (unexpected end of JSON input):. ─❯ mc admin info first mc: <ERROR> Unable to get service status
I think this is expected because LXD provides the common S3 API of MinIO or Ceph radosgw and not the implementation specific admin APIs of each.