Replace MinIO with Garage v2.3.0 as S3 backend#74
Open
Syed-Ali-Abbas-568 wants to merge 2 commits into
Open
Conversation
Swap the deprecated MinIO daemon (and `mc` init job image) for the Garage v2.3.0 S3-compatible storage backend, plus the khairul169 garage-webui admin console. Open edX-side configuration is preserved: all variable names keep the `MINIO_` prefix, and the daemon binds on port 9000 internally so existing `MINIO_HOST:9000` endpoints continue to resolve transparently. Plugin / templates: - plugin.py: add Garage image defaults (`MINIO_DOCKER_IMAGE`, `MINIO_WEBUI_DOCKER_IMAGE`, `MINIO_JOB_DOCKER_IMAGE`), unique `MINIO_RPC_SECRET`, and a `to_hex` Jinja filter that SHA-256s the random secret to a 32-byte hex string (Garage's required format). - IMAGES_BUILD + IMAGES_BUILD_REQUIRED hooks register the `garage-job` image (alpine + garage CLI) so it auto-builds during `tutor dev launch` / `tutor local launch`. Required because the upstream Garage image is `scratch`-based and the init script needs a shell, awk, and wget. - Override `OPENEDX_AWS_ACCESS_KEY` to `openedxs3` (9 chars) since Garage rejects key IDs shorter than 8 characters. Init flow (templates/minio/tasks/minio/init.sh): - Read node ID from the metadata volume in docker-compose, or fall back to the admin API in k8s where the ReadWriteOnce PVC blocks the job pod from mounting it. - Configure cluster layout (1 GiB capacity, dc1 zone), import the Open edX S3 key, create + grant access to all buckets, and enable public website access on bucket(s) Open edX serves directly. - All operations idempotent so subsequent inits are no-ops. Docker compose / k8s patches: - Garage daemon, garage-webui, and garage-job services with the garage.toml config mounted at /etc/garage.toml. - k8s adds a ConfigMap for garage.toml, a Deployment for garage-webui, and splits storage into separate meta + data PVCs. - Caddyfile proxies MINIO_HOST → garage:9000 and MINIO_CONSOLE_HOST → garage-webui:3909. Verified end-to-end with `tutor dev launch`: cluster initialized, buckets created, LMS uploaded badge images during init, S3 read/write round-trips succeed via aws-cli, and LMS/CMS/WebUI all return healthy HTTP responses. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Replace MinIO with Garage v2.3.0 as S3 backend
Summary
Swaps the deprecated MinIO daemon (and its
mcinit image) for [Garage v2.3.0](https://garagehq.deuxfleurs.fr/) as the S3-compatible storage backend, with [khairul169/garage-webui](https://github.com/khairul169/garage-webui) as the admin console.Open edX-side configuration is preserved end-to-end: all variables keep the
MINIO_prefix and Garage binds on port 9000 internally, so existingMINIO_HOST:9000endpoints resolve transparently. No changes are required inedx-platformor downstream plugins.Changes
Plugin (
tutorminio/plugin.py)MINIO_DOCKER_IMAGE(Garage),MINIO_WEBUI_DOCKER_IMAGE(garage-webui),MINIO_JOB_DOCKER_IMAGE(custom alpine + garage CLI).MINIO_RPC_SECRETplus ato_hexJinja filter that SHA-256s the random secret into the 32-byte hex string Garage requires (Tutor'srandom_stringis alphanumeric and not valid hex).garage-jobviaIMAGES_BUILD/IMAGES_BUILD_REQUIREDso it auto-builds ontutor dev launch/tutor local launch. Needed because the upstream Garage image isscratch-based and the init script needs a shell,awk, andwget.OPENEDX_AWS_ACCESS_KEYfromopenedx→openedxs3(Garage rejects key IDs shorter than 8 chars). This is the only user-visible default that changed.Init flow (
templates/minio/tasks/minio/init.sh)dc1zone), imports the Open edX S3 key, creates all buckets, grants the key full access, and enables public website access on the buckets Open edX serves directly.Docker Compose / Kubernetes patches
garage,garage-webui, andgarage-jobservices withgarage.tomlmounted at/etc/garage.toml.garage.toml, Deployment forgarage-webui, and storage split into separatemeta+dataPVCs.MINIO_HOST→garage:9000andMINIO_CONSOLE_HOST→garage-webui:3909.Testing
Verified end-to-end with
tutor dev launch:openedxbucket during its own init — confirms Open edX → Garage works with no Open edX-side changes.aws-cliagainsthttp://garage:9000succeeded.ruff checkandruff format --checkboth pass.Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>