Is there a way to set up an Object Expiration policy for a storage bucket? Iβd like to have a bucket that expires older objects after a certain amount of time.
So itβs worth keeping in mind that LXD itself has no visibility on the objects stored within a bucket. Thatβs handled by whatever backend is in use, minio
for local storage or ceph-rgw
for remote storage.
It looks like Ceph at least supports setting the expiration rule through the S3 API. I donβt know if minio does too and if that uses the exact same API.
Maybe do a few tests poking the S3 API to add expiration rules and see if that works with whatever backend you have.
Ok, I was able to do this through the mc
command (Iβm using minio). Per https://min.io/docs/minio/linux/administration/object-management/create-lifecycle-management-expiration-rule.html
lxc storage bucket create default first
mc alias set first https://lxd1:8555 <access_key> <secret_key>
mc ilm rule add first/first --expire-days "1"
mc ilm rule ls first/first
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Expiration for latest version (Expiration) β
ββββββββββββββββββββββββ¬ββββββββββ¬βββββββββ¬βββββββ¬βββββββββββββββββ¬ββββββββββββββββββββββ€
β ID β STATUS β PREFIX β TAGS β DAYS TO EXPIRE β EXPIRE DELETEMARKER β
ββββββββββββββββββββββββΌββββββββββΌβββββββββΌβββββββΌβββββββββββββββββΌββββββββββββββββββββββ€
β ch7rlo3djg0irph21520 β Enabled β - β - β 1 β false β
ββββββββββββββββββββββββ΄ββββββββββ΄βββββββββ΄βββββββ΄βββββββββββββββββ΄ββββββββββββββββββββββ
The mc
tool seems to give me most of the control I need, including providing anonymous access to the buckets. Unfortunately some of the admin commands fail. Is this by design, or can they be made to work through the LXD proxy?
ββ― mc admin trace first
mc: <ERROR> Unable to listen to http trace. Failed to parse server response (unexpected end of JSON input):.
ββ― mc admin info first
mc: <ERROR> Unable to get service status
I think this is expected because LXD provides the common S3 API of MinIO or Ceph radosgw and not the implementation specific admin APIs of each.