Pulp uses django-storages to support multiple storage backends. If no backend is configured, Pulp will by default use the local filesystem. If you want to use another storage backend such as Amazon Simple Storage Service (S3), you’ll need to configure Pulp.
Support for Amazon S3 is provided as a tech preview in Pulp 3.0. Functionality may not work or may be incomplete. Also, backwards compatibility when upgrading is not guaranteed.
Setting up S3¶
In order to use Amazon S3, you’ll need to set up an AWS account. Then you’ll need to create a bucket for Pulp to use. Then you’ll need to go into Identity and Access Management (IAM) in AWS to create a user that Pulp will use to access your S3 bucket. Save the access key id and secret access key.
To have Pulp use S3, you’ll need to install the optional django-storages and boto3 Python packages in the pulp virtual environment:pip install django-storages[boto3]
Next you’ll need to set
storages.backends.s3boto3.S3Boto3Storagein your Pulp settings. At a minimum, you’ll also need to set
AWS_STORAGE_BUCKET_NAME. For more S3 configuration options, see the django-storages documents.
You will also want to set the
MEDIA_ROOTconfiguration option. This will be the path in your bucket that Pulp will use. An empty string is acceptable as well if you want Pulp to create its folders in the top level of the bucket.
Here is an example configuration that will use a bucket called
pulp3that is hosted in region
eu-central-1:AWS_ACCESS_KEY_ID = 'AKIAIT2Z5TDYPX3ARJBA' AWS_SECRET_ACCESS_KEY = 'qR+vjWPU50fCqQuUWbj9Fain/j2pV+ZtBCiDiieS' AWS_STORAGE_BUCKET_NAME = 'pulp3' AWS_DEFAULT_ACL = None S3_USE_SIGV4 = True AWS_S3_SIGNATURE_VERSION = "s3v4" AWS_S3_ADDRESSING_STYLE = "path" AWS_S3_REGION_NAME = "eu-central-1" DEFAULT_FILE_STORAGE = 'storages.backends.s3boto3.S3Boto3Storage' MEDIA_ROOT = ''
If the system that hosts Pulp is running in AWS and has been configured with an instance profile that provides access to the S3 bucket you can omit the
AWS_SECRET_ACCESS_KEYparameters as the underlying
boto3library will pick them up automatically.
It is only necessary to set
Noneif you have set the
BlockPublicAclsoption in the Block Public Access settings of your bucket or of your AWS account. The default setting in the latest version of django-storages is public-read, which will get blocked. This is set to change in a future release.