A secret is created in the same namespace xtradb
where xtradb is running.
apiVersion: v1
kind: Secret
metadata:
name: my-cluster-name-backup-s3
namespace: xtradb
type: Opaque
data:
AWS_ACCESS_KEY_ID: xxx
AWS_SECRET_ACCESS_KEY: xxx
The backup is defined in values
file like this referencing the S3 credentials in Kubernetes secret:
backup:
enabled: true
image: ""
imagePullSecrets: []
pitr:
enabled: false
storages:
s3-storage:
type: s3
s3:
bucket: test
credentialsSecret: my-cluster-name-backup-s3
region: default
endpointUrl: https://test.s3
schedule:
- name: "daily-s3"
schedule: "*/10 * * * *"
keep: 5
storageName: s3-storage
The following error then comes up
INFO: [SST script] + mc -C /tmp/mc config host add dest https://cgd.bf.object.osl.basefarm.net/ ACCESS_KEY_ID SECRET_ACCESS_KEY
INFO: [SST script] mc: <ERROR> Unable to initialize new alias from the provided credentials. The AWS Access Key Id you provided does not exist.
However when the backup is defined directly with the same access key and secret
storages:
s3-storage:
type: s3
s3:
bucket: test
credentialsAccessKey: xxx
credentialsSecretKey: xxx
region: default
endpointUrl: https://test.s3
backup works fine.
What is wrong with the created Kubernetes secret? What does it mean “The AWS Access Key Id you provided does not exist.” ?