Configure Storage
Authentication
Bucket authentication varies between cloud providers.
Amazon S3
Google Cloud Storage
Amazon S3
You will need to supply the AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN and AWS_REGION environment variables to the API for both the control plane and the builder. See the AWS authentication documentation for details. It is also possible to store the configuration as a Kubernetes secret, similar to the Google Cloud Storage configuration.
To configure a storage bucket, provide the SE2_STORAGE_PATH environment variable to both the control plane and builder, e.g. s3://my-bucket for Amazon S3 or gs://my-bucket for Google Cloud Storage. For Kubernetes deployments, this is done in .suborbital/se2-controlplane-deployment.yaml under the controlplane and builder containers sections, and for local docker-compose deployments, this is done in docker-compose.yaml under the se2-controlplane and se2-builder services.
containers:
- name: controlplane
image: suborbital/se2-controlplane:v0.4.2
command: ["controlplane"]
ports:
- containerPort: 8081
env:
- name: SE2_HTTP_PORT
value: "8081"
- name: SE2_LOG_LEVEL
value: "info"
- name: SE2_ENV_TOKEN
value: <your environment token>
- name: SE2_STORAGE_PATH
value: s3://<your-s3-storage-bucket>
- name: builder
image: suborbital/se2-builder:v0.4.2
command: ["builder"]
env:
- name: SE2_DOMAIN
value: "domain.example.com"
- name: SE2_TLS_PORT
value: "8443"
- name: SE2_LOG_LEVEL
value: "info"
- name: SE2_CONTROL_PLANE
value: "se2-controlplane-service:8081"
- name: SE2_STORAGE_PATH
value: s3://your-s3-storage-bucket