How to deploy MinIO with ArgoCD in k8s - cniackz/public GitHub Wiki

Objective:

To deploy MinIO with ArgoCD in k8s cluster.

Documentation:

• ArgoCD: https://argo-cd.readthedocs.io/en/stable/getting_started/
• Helm Chart: https://github.com/minio/operator/tree/master/helm-releases
• https://github.com/minio/wiki/wiki/How-to-deploy-MinIO-with-ArgoCD-in-k8s

Steps:

1. Create cluster with kind:

• File: ~/bash-config/config-files/kind-config.yaml:

kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
networking:
  apiServerAddress: "127.0.0.1"
  apiServerPort: 6443
nodes:
  - role: control-plane
    extraPortMappings:
    - containerPort: 30080
      hostPort: 30080
      listenAddress: "127.0.0.1"
      protocol: TCP
  - role: worker
    extraPortMappings:
    - containerPort: 30081
      hostPort: 30081
      listenAddress: "127.0.0.1"
      protocol: TCP
  - role: worker
    extraPortMappings:
    - containerPort: 30082
      hostPort: 30082
      listenAddress: "127.0.0.1"
      protocol: TCP
  - role: worker
    extraPortMappings:
    - containerPort: 30083
      hostPort: 30083
      listenAddress: "127.0.0.1"
      protocol: TCP
  - role: worker
    extraPortMappings:
    - containerPort: 30084
      hostPort: 30084
      listenAddress: "127.0.0.1"
      protocol: TCP
  - role: worker
    extraPortMappings:
    - containerPort: 30085
      hostPort: 30085
      listenAddress: "127.0.0.1"
      protocol: TCP
  - role: worker
    extraPortMappings:
    - containerPort: 30086
      hostPort: 30086
      listenAddress: "127.0.0.1"
      protocol: TCP
  - role: worker
    extraPortMappings:
    - containerPort: 30087
      hostPort: 30087
      listenAddress: "127.0.0.1"
      protocol: TCP
  - role: worker
    extraPortMappings:
    - containerPort: 30088
      hostPort: 30088
      listenAddress: "127.0.0.1"
      protocol: TCP

kind delete cluster
kind create cluster --config ~/bash-config/config-files/kind-config.yaml

2. Install ArgoCD:

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

3. Expose ArgoCD externally, so you can manage apps with Argo, I suggest NodePort because it is more stable that port-forward but feel free to use any method as long as it works:

• URL: https://localhost:30080/

4. Login to ArgoCD:

# To get the password from the k8s Secret
argocd admin initial-password -n argocd
argocd login localhost:30080

Expected:

$ argocd login localhost:30080
WARNING: server certificate had error: tls: failed to verify certificate: x509: certificate signed by unknown authority. Proceed insecurely (y/n)? y 
Username: admin
Password: 
'admin:login' logged in successfully
Context 'localhost:30080' updated

5. Update password:

argocd account update-password

Expected:

$ argocd account update-password
*** Enter password of currently logged in user (admin): 
*** Enter new password for user admin: 
*** Confirm new password for user admin: 
Password updated
Context 'localhost:30080' updated

6. Set kind cluster to be used:

argocd cluster add kind-kind --in-cluster

Expected:

$ argocd cluster add kind-kind --in-cluster
WARNING: This will create a service account `argocd-manager` on the cluster referenced by context `kind-kind` with full cluster level privileges. Do you want to continue [y/N]? y
INFO[0002] ServiceAccount "argocd-manager" created in namespace "kube-system" 
INFO[0002] ClusterRole "argocd-manager-role" created    
INFO[0002] ClusterRoleBinding "argocd-manager-role-binding" created 
INFO[0007] Created bearer token secret for ServiceAccount "argocd-manager" 
Cluster 'https://kubernetes.default.svc' added

7. Create MinIO Operator App:

############################################
#
# Create a Helm app
#
############################################
kubectl create namespace minio-operator
argocd app create minio-operator --repo https://github.com/cniackz/minio-argocd.git --path minio-operator --dest-namespace minio-operator --dest-server https://kubernetes.default.svc --insecure --upsert

Expected:

$ kubectl create namespace minio-operator
namespace/minio-operator created
$ argocd app create minio-operator --repo https://github.com/cniackz/minio-argocd.git --path minio-operator --dest-namespace minio-operator --dest-server https://kubernetes.default.svc --insecure --upsert
application 'minio-operator' created

8. Login to the ui with user admin and password the one you set on step 5:

9. Synchronize the App so it gets deployed:

10. Expose MinIO Operator Service and access the UI:

11. Install/Deploy Tenant App in ArgoCD:

kubectl create namespace minio-tenant
argocd app create minio-tenant \
  --repo https://github.com/cniackz/minio-argocd.git \
  --path minio-tenant \
  --dest-namespace minio-tenant \
  --dest-server https://kubernetes.default.svc \
  --insecure \
  --upsert

Expected:

$ kubectl create namespace minio-tenant
namespace/minio-tenant created
Cesars-MacBook-Pro:minio-argocd cniackz$ argocd app create minio-tenant \
>   --repo https://github.com/cniackz/minio-argocd.git \
>   --path minio-tenant \
>   --dest-namespace minio-tenant \
>   --dest-server https://kubernetes.default.svc \
>   --insecure \
>   --upsert
application 'minio-tenant' created

12. Synch the minio-tenant app and wait until is deployed, then expose the console service and access the buckets in the UI: