Skip to main content

Project Specific Buckets on OCI

Introduction

This tutorial will walk you through how to configure an Oracle Cloud Infrastructure (OCI) bucket and service account for use with Tator on OCI, how to register the bucket with your organization in Tator, and how to use the bucket in a specific Tator project.

Create and configure a bucket on OCI

  • Create a bucket, enable auto-tiering and uncommitted multipart uploads cleanup. Name it live.

Create IAM account for scoped bucket access

  • Create a user under Identity and Security > Users > Create User. Click IAM User. Click Create.
  • Create a group under Identity and Security > Groups Create Group. Create the group and add the user to it.
  • Create a policy in the relevant compartment with the following statements:
    Allow group <group-name> to manage buckets in compartment <compartment-name>
    Allow group <group-name> to manage objects in compartment <compartment-name>
  • Go back to the user and create a customer secret key. Copy the credentials to fill in the boto3_config section of the bucket config.
  • Create an API Key under this user. Download the private key, and copy the resulting data to fill in the native_config section of the bucket config.

Create a Bucket and Project in Tator

We will use tator-py to register the bucket to our organization, then create a project that will use that bucket. You can also change the bucket property of an existing project.

  1. Use tator-py to create a Bucket object, replacing the sample values as appropriate:


    config  = {
        "boto3_config": {
            "endpoint_url": "https://xxxx.compat.objectstorage.us-ashburn-1.oraclecloud.com",
            "region_name": "us-ashburn-1",
            "aws_access_key_id": "EXAMPLE",
            "aws_secret_access_key": "EXAMPLEKEY"
        },
        "native_config": {
            "user": "ocid1.user.oc1..xxxxx",
            "key_content": "-----BEGIN PRIVATE KEY-----\n......\n-----END PRIVATE KEY-----",
            "fingerprint": "83:23:3e:55:85:a1:d3:80:54:ec:3c:9c:d2:b8:4c:c0",
            "tenancy": "ocid1.tenancy.oc1..xxxxx",
            "region": "us-ashburn-1"
        },
    }

    b=Bucket.objects.create(organization=Organization.objects.get(pk=ORG_ID), name=BUCKET-NAME, config=config, store_type=ObjectStore.OCI, archive_sc='STANDARD')

  2. Use the bucket ID to create a project:

    p=Project.objects.get(pk=Foo)
    p.bucket = b
    p.save()

The project is now ready to use.