minio ‐ tenant ‐ setup with persistentvolume - allanrogerr/public GitHub Wiki
k8s
Setup k8s using k3s
sudo apt update -y
sudo apt upgrade -y
curl -sfL https://get.k3s.io | K3S_KUBECONFIG_MODE="644" sh -
Validate k8s
kubectl get nodes
NAME STATUS ROLES AGE VERSION
k3s-pvc Ready control-plane,master 7s v1.27.7+k3s2
Deploy operator
Install krew
see https://krew.sigs.k8s.io/docs/user-guide/setup/install/ for macOS/Linux > Bash or ZSH shells
(
set -x; cd "$(mktemp -d)" &&
OS="$(uname | tr '[:upper:]' '[:lower:]')" &&
ARCH="$(uname -m | sed -e 's/x86_64/amd64/' -e 's/\(arm\)\(64\)\?.*/\1\2/' -e 's/aarch64$/arm64/')" &&
KREW="krew-${OS}_${ARCH}" &&
curl -fsSLO "https://github.com/kubernetes-sigs/krew/releases/latest/download/${KREW}.tar.gz" &&
tar zxvf "${KREW}.tar.gz" &&
./"${KREW}" install krew
)
export PATH="${KREW_ROOT:-$HOME/.krew}/bin:$PATH"
Install kubectl minio
https://min.io/docs/minio/kubernetes/upstream/reference/kubectl-minio-plugin.html#installation
kubectl krew update
kubectl krew install minio
kubectl minio version
Deploy minio operator
kubectl minio init
Deploy tenant
kubectl delete namespace minio-tenant
kubectl create namespace minio-tenant
kubectl delete storageclass minio-local-storage
cat <<EOF | kubectl apply -f -
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: minio-local-storage
provisioner: kubernetes.io/no-provisioner
volumeBindingMode: WaitForFirstConsumer
EOF
kubectl get storageclass/minio-local-storage
kubectl delete persistentvolume minio-local-pv
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: PersistentVolume
metadata:
name: minio-local-pv
spec:
capacity:
storage: 10Gi
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: minio-local-storage
local:
path: /tmp
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- k3s-pvc
EOF
kubectl get persistentvolume/minio-local-pv
Create data for storage-env-configuration
echo 'export MINIO_BROWSER="on"
export MINIO_ROOT_USER="QUNOTTBOCUGLUAIC"
export MINIO_ROOT_PASSWORD="5WIYV2J50R53XF3VHSY004TBSZVOP4KV"
export MINIO_STORAGE_CLASS_STANDARD="EC:0"' | base64 -w 0
Output
ZXhwb3J0IE1JTklPX0JST1dTRVI9Im9uIgpleHBvcnQgTUlOSU9fUk9PVF9VU0VSPSJRVU5PVFRCT0NVR0xVQUlDIgpleHBvcnQgTUlOSU9fUk9PVF9QQVNTV09SRD0iNVdJWVYySjUwUjUzWEYzVkhTWTAwNFRCU1pWT1A0S1YiCmV4cG9ydCBNSU5JT19TVE9SQUdFX0NMQVNTX1NUQU5EQVJEPSJFQzowIgo=
Continue deploying tenant
kubectl -n minio-tenant delete secret/storage-env-configuration
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
name: storage-env-configuration
namespace: minio-tenant
type: Opaque
data:
config.env: ZXhwb3J0IE1JTklPX0JST1dTRVI9Im9uIgpleHBvcnQgTUlOSU9fUk9PVF9VU0VSPSJRVU5PVFRCT0NVR0xVQUlDIgpleHBvcnQgTUlOSU9fUk9PVF9QQVNTV09SRD0iNVdJWVYySjUwUjUzWEYzVkhTWTAwNFRCU1pWT1A0S1YiCmV4cG9ydCBNSU5JT19TVE9SQUdFX0NMQVNTX1NUQU5EQVJEPSJFQzowIgo=
EOF
kubectl -n minio-tenant get secret/storage-env-configuration -o yaml
kubectl -n minio-tenant delete secret/storage-user-0
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
name: storage-user-0
namespace: minio-tenant
data:
CONSOLE_ACCESS_KEY: "bWluaW9hZG1pbgo=" #minioadmin
CONSOLE_SECRET_KEY: "bWluaW9hZG1pbgo=" #minioadmin
type: Opaque
EOF
kubectl -n minio-tenant get secret/storage-user-0 -o yaml
kubectl -n minio-tenant delete secret/storage-secret
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
namespace: minio-tenant
name: storage-secret
type: Opaque
data:
accesskey: ""
secretkey: ""
EOF
kubectl -n minio-tenant get secret/storage-secret -o yaml
kubectl -n minio-tenant delete tenant/storage
cat <<EOF | kubectl apply -f -
apiVersion: minio.min.io/v2
kind: Tenant
metadata:
name: storage
namespace: minio-tenant
spec:
configuration:
name: storage-env-configuration
credsSecret:
name: storage-secret
exposeServices:
console: true
minio: true
features: {}
image: minio/minio:RELEASE.2023-11-11T08-14-41Z
imagePullSecret: {}
mountPath: /export
pools:
- name: pool-0
resources: {}
runtimeClassName: ""
servers: 1
volumeClaimTemplate:
metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "1073741824"
storageClassName: minio-local-storage
status: {}
volumesPerServer: 1
requestAutoCert: true
users:
- name: storage-user-0
EOF
kubectl -n minio-tenant get tenant/storage -o yaml
Observe tenant pod status
kubectl -n minio-tenant get pods
Output
NAME READY STATUS RESTARTS AGE
storage-pool-0-0 2/2 Running 0 5m33s
kubectl -n minio-tenant logs pod/storage-pool-0-0
Output
Defaulted container "minio" out of: minio, sidecar, validate-arguments (init)
MinIO Object Storage Server
Copyright: 2015-2023 MinIO, Inc.
License: GNU AGPLv3 <https://www.gnu.org/licenses/agpl-3.0.html>
Version: RELEASE.2023-11-11T08-14-41Z (go1.21.4 linux/arm64)
Status: 1 Online, 0 Offline.
S3-API: https://minio.minio-tenant.svc.cluster.local
Console: https://10.42.0.25:9443 https://127.0.0.1:9443
Documentation: https://min.io/docs/minio/linux/index.html
Warning: The standard parity is set to 0. This can lead to data loss.