मुख्य विषयवस्तु में जाएं

Add a New Object Storage Provider

विहंगावलोकन

वही objectStorage.providers registry in helm_aio accepts new providers without any chart-template change. Adding a backend that is not (yet) bundled is therefore a values-file edit. This page documents the three things a new provider needs and walks through the procedure for adding one to a running install.

The same procedure works for any S3-compatible backend, including the currently-planned Garage और समुद्री शैवाल एफएस ahead of their official bundled support.

Use cases for this procedure
  • Bringing Garage, समुद्री शैवाल एफएस, Ceph RGW, or another bundled-candidate provider in early.
  • Running a multi-provider benchmark on a single cluster, with objectStorage.activeProvider picking which one user traffic targets.
  • Migrating to a provider that इलम does not yet bundle, ahead of native chart support.

Three things a new provider needs

वही ilum-objectstorage Service alias is a label-selector सेवा. For its endpoints to resolve, the new provider must satisfy three requirements:

  1. A reachable Service in the release namespace. The provider can either expose its own सेवा (preferred) or piggyback on the alias. The provider's own सेवा makes direct probing easier during testing.
  2. Pods carrying two labels. Every pod backing the new provider must carry app.kubernetes.io/name: और app.kubernetes.io/instance: . The alias Service selector matches both labels.
  3. A registry entry under objectStorage.providers.. The entry declares the provider's iframe path and console routing mode for the इलम UI.

Step-by-step recipe

The example below adds समुद्री शैवाल एफएस to an existing install. The same shape applies to any provider.

Step 1. Deploy the provider's chart in the release namespace

Install the provider's own Helm chart, or run a hand-rolled परिनियोजन plus सेवा. The परिनियोजन must label its pods with both app.kubernetes.io/name और app.kubernetes.io/instance:

apiVersion: ऐप्स/v1
प्रकार: परिनियोजन
मेटाडेटा:
नाम: seaweedfs
Namespace: इलम
लेबल:
app.kubernetes.io/name: seaweedfs
app.kubernetes.io/instance: इलम
कल्पना:
प्रतिकृतियों: 1
चयनकर्ता:
मैचलेबल्स:
app.kubernetes.io/name: seaweedfs
app.kubernetes.io/instance: इलम
साँचा:
मेटाडेटा:
लेबल:
app.kubernetes.io/name: seaweedfs
app.kubernetes.io/instance: इलम
कल्पना:
कंटेनर:
- नाम: सर्वर
प्रतिबिंब: chrislusf/seaweedfs:बिलकुल नया
आर्ग्स: ["server", "-s3"]
पोर्ट:
- {containerPort: 9000, नाम: एस 3-एपीआई}
- {containerPort: 9001, नाम: एस 3-console}

The pod IP is what the ilum-objectstorage Service alias will route to once the registry is updated.

Step 2. Register the provider in the chart values

Add the entry under objectStorage.providers. and set the activeProvider override so the alias targets the new provider:

helm upgrade ilum ilum/helm_aio \
--पुन: उपयोग-मान \
--अस्त हो objectStorage.providers.seaweedfs.enabled=सच्चा \
--अस्त हो objectStorage.providers.seaweedfs.consolePath=/external/seaweed/ \
--अस्त हो objectStorage.providers.seaweedfs.consoleMode=nginx-rewrite \
--अस्त हो objectStorage.activeProvider=seaweedfs

Step 3. Verify the alias selector

The alias annotation should reflect the new active provider, and its endpoints should resolve to the new provider's pod IP:

कुबेक्टल -n ilum get svc ilum-objectstorage -ओ jsonpath='{.metadata.annotations.ilum\.cloud/object-storage-active-provider}{"\n"}'
# Expected: seaweedfs

कुबेक्टल -n ilum get endpoints ilum-objectstorage
# Expected ENDPOINTS: :9001,:9000

Step 4. Verify the UI iframe path

वही इलम यूआई ConfigMap should expose the new console path:

कुबेक्टल -n ilum get configmap ilum-ui -ओ jsonpath='{.data.ILUM_OBJECT_STORAGE_PATH}{"\n"}'
# Expected: /external/seaweed/

Hard-reload the इलम UI in the browser. The Object Storage nav button should load the new provider's console inside the iframe.

consoleMode: same-origin vs nginx-rewrite

The registry's consoleMode field controls how the इलम UI's nginx reverse proxy renders /external/object-storage/ and the provider-specific path.

ModeWhen to use
same-originThe upstream console respects a configurable base path that matches consolePath (for example, a Next.js basePath baked into the build). The nginx proxy passes requests through unchanged. RustFS uses this mode after the इलम patched-console image rebuilds with NEXT_PUBLIC_BASE_PATH=/rustfs/console.
nginx-rewriteThe upstream console pins itself to a single absolute URL via an internal redirect (such as मिनियो's MINIO_BROWSER_REDIRECT_URL). The nginx proxy rewrites /external// तक / before forwarding so the upstream console responds, and redirects /external/object-storage/ to the provider-specific consolePath to avoid loops.

When unsure, start with nginx-rewrite. It is the safer default for consoles that have not been built with इलम-aware base-path awareness.

What still needs hand-wiring

The registry handles alias selection, the UI iframe path, and the /external/object-storage/ redirect. The following items remain the operator's responsibility for a non-bundled provider:

  • Bucket bootstrap. Run the equivalent of the bundled init-rustfs-buckets नहीं तो init-minio-policies नौकरी against the new provider. The bucket list is documented under objectStorage.defaultBuckets.
  • Credentials. Either share the ilum-objectstorage-credentials Secret (the simplest option) or override the provider's chart values to read from a provider-specific Secret.
  • OIDC integration. The bundled Hydra integration plugs into मिनियो through MINIO_IDENTITY_OPENID_* env vars. New providers must supply their own OIDC adapter.
  • Bucket policies. The bundled chart applies two policies (readilum, readwriteilum) to मिनियो और RustFS on first install. Other providers need an equivalent.
  • Console UX testing. वही इलम UI iframe wraps the provider's own console. Cross-origin asset URLs, auto-redirects, and form submissions vary across providers. Test the embedded experience before flipping the active provider in production.

Reference