How to deploy MinIO without Operator in OpenShift - cniackz/public GitHub Wiki

Objective:

How to deploy MinIO without Operator in OpenShift.

Reasoning:

  • When you offer "Namespace as a Service" instead of "Cluster as a Service"
  • When you can't afford the resources required to run a dedicated Kubernetes cluster for MinIO Operator.
  • When you are not comfortable installing sinple-purpose Operators cluster-wide where it becomes a potential attack vector.

Steps:

  1. With crc get your OpenShift cluster ready!

  2. Deploy the statefulset:

apiVersion: apps/v1
kind: StatefulSet
metadata:
  labels:
    app: minio
  name: minio
  namespace: default
spec:
  podManagementPolicy: OrderedReady
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: minio
  serviceName: minio
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: minio
    spec:
      containers:
      - args:
        - server
        - /data
        env:
        - name: MINIO_KMS_SECRET_KEY
          value: my-minio-key:oyArl7zlPECEduNbB1KXgdzDn2Bdpvvw0l8VO51HQnY=
        image: minio/minio:RELEASE.2023-05-27T05-56-19Z
        imagePullPolicy: IfNotPresent
        name: minio
        ports:
        - containerPort: 9000
          hostPort: 9000
          protocol: TCP
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /data
          name: data
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      terminationGracePeriodSeconds: 30
  updateStrategy:
    rollingUpdate:
      partition: 0
    type: RollingUpdate
  volumeClaimTemplates:
  - apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      creationTimestamp: null
      name: data
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
      storageClassName: crc-csi-hostpath-provisioner
      volumeMode: Filesystem
    status:
      phase: Pending
  1. Apply the minio service:
apiVersion: v1
kind: Service
metadata:
  name: minio
  labels:
    app: minio
spec:
  type: NodePort
  ports:
    - port: 9000
      name: minio
      nodePort: 30080
  selector:
    app: minio
  1. Create the Route:
apiVersion: route.openshift.io/v1
kind: Route
metadata:
  annotations:
    openshift.io/host.generated: "true"
  labels:
    app: minio
  name: my-route
  namespace: default
spec:
  host: my-route-default.apps-crc.testing
  port:
    targetPort: minio
  to:
    kind: Service
    name: minio
    weight: 100
  wildcardPolicy: None
  1. Access the service:
$ mc alias set myminio http://my-route-default.apps-crc.testing minioadmin minioadmin --insecure
Added `myminio` successfully.