Creating a dSource with ingestion type AWS S3
The following procedure provides details on creating a dSource with AWS S3 ingestion type.
Prerequisites
The source and staging instances must meet the host requirements as described in Requirements for CockroachDB Staging/Target hosts.
The accessibility of the backup location within the AWS S3 bucket from the Staging host must be verified prior to ingestion.
Creating dSource
Login to Delphix Management application.
Click Manage > Datasets.
Click on Add dSource.
In the Add dSource wizard, select the CockroachDB source config you just created on the staging host.
Select the dSource type from the drop-down available on dSource wizard. Refer different dSource Types
Enter the CockroachDB specific parameters for your dSource configuration.
dSource Type Type of dSource
dSource (AWS_S3) Details
Mount Path The path on the host where Delphix will mount the dSource files via NFS
IP Address / Hostname of the Staging Cluster IP Address / Hostname of the interface for the staging Cluster (default 127.0.0.1)
Staging CockroachDB Port Number Staging DB port for cluster’s inter-node communication
Staging CockroachDB Console Port Number Staging Console port for HTTP requests
CockroachDB Backup’s Subdirectory Path CockroachDB Backup’s Subdirectory Absolute Path where backups are located in S3 Bucket
CockroachDB Backup’s Bucket or Container Name Storage bucket or container name including absolute path where CockroachDB backups are located
Authentication Option for AWS S3 Storage Buckets
Specified Authentication Need to specify the AWS access key ID and secret access key in the dSource configuration fields:
Account Name or Access Key Specify an account access name or key associated with object storage holding CockroachDB backups.
Account Secret Access Key Specify the account secret access key associated with the account name field. This is essentially the password that gives access to CockroachDB backups.
Implicit Authentication Store the AWS credentials as environment variables
When using implicit authentication, ensure that aws credentials are configured on staging host using aws configure command.
Configure an IAM role attached to the EC2 instance with the necessary permissions (e.g., s3:GetObject, s3:ListBucket, s3:PutObject) to access the S3 bucket where the backups are stored.
Implement an S3 bucket policy to grant access to specific AWS accounts or IAM entities that need to restore the backup stored inside the S3 bucket. For example:
CODE{ "Version": "2012-10-17", "Id": "AWS_S3_Policy", "Statement": [ { "Sid": "ExampleStatement01", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::22420070000:user/delphix" }, "Action": [ "s3:PutObject", "s3:GetObject", "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::dlpx-crdb-bucket", "arn:aws:s3:::dlpx-crdb-bucket/*" ] } ] }
Skip Checking Localities Select the checkbox to skip checking the localities of a cluster before a restore.
Secure Mode Option to run the CockroachDB server in secure mode
Certificate directory path The absolute path to the certificate directory, it must have valid certificates containing the IP address or hostname for the CockroachDB server
CockroachDB Cluster Node Count Number of nodes that consists of a Staging CockroachDB cluster. Minimum: 3 and Maximum: 9
CockroachDB Parameters Additional CockroachDB configuration parameters to start the CockroachDB cluster
Parameter Name CockroachDB Cluster configuration parameter name
Parameter Value CockroachDB Cluster configuration parameter value
Then click Next to proceed further.
Additional Nodes: Specify the node configuration for each node the CRDB cluster.
Environment Select environment on which node has to be created.
Environment User Select environment user corresponding to the environment.
IP Address / Hostname IP Address / Hostname of the interface for the staging node(default 0.0.0.0)
CockroachDB Port Number Staging DB port for node’s inter-node communication
CockroachDB Console Port Number Staging Console port for HTTP requests
Certificate directory path The absolute path to the certificate directory, it must have valid certificates containing the IP address or hostname for the CockroachDB server
Append cluster CRDB parameters Check with box if the cluster configuration parameters are applicable for the node.
Additional Node Configuration Parameters Additional CockroachDB configuration parameters to start the node
Provide the details for dSource Name and Target group on the dSource configuration page and click Next.
On the Data management page, select the following and click Next.
Staging Environment: This will be your staging host where source config was created.
User: Database OS user with required privileges for linking the dataset.
On the next screens, configure a policy, hooks, and review the configuration, then click on Next button to view the summary.
Click the Submit button which will initiate the linking process
Once dSource is created successfully, you can review the datasets on Manage > Datasets > dSource Name.
Note:
You must specify the input “Certificate directory path” when “Secure Mode” option is selected.
For more detailed guidance on CockroachDB certificate generation, refer to the official documentation: CockroachDB Certificate Generation.