-
Notifications
You must be signed in to change notification settings - Fork 459
Deploy MinIO Operator with Helm
Cesar Celis Hernandez edited this page Sep 19, 2022
·
14 revisions
To deploy MinIO Operator with Helm
- Delete previous cluster if any:
kind delete cluster
- Create cluster with Kind:
kind create cluster --config kind-config.yaml
Where the
kind-config.yaml
is:
# four node (two workers) cluster config
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
- role: worker
- role: worker
- role: worker
- role: worker
- Deploy MinIO Operator with Helm:
helm repo add minio https://operator.min.io/
helm install \
--namespace minio-operator \
--create-namespace \
minio-operator minio/operator
You should get:
$ helm repo add minio https://operator.min.io/
"minio" has been added to your repositories
$ helm install \
> --namespace minio-operator \
> --create-namespace \
> minio-operator minio/operator
NAME: minio-operator
LAST DEPLOYED: Wed Sep 14 12:14:05 2022
NAMESPACE: minio-operator
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
1. Get the JWT for logging in to the console:
kubectl apply -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
name: console-sa-secret
namespace: minio-operator
annotations:
kubernetes.io/service-account.name: console-sa
type: kubernetes.io/service-account-token
EOF
kubectl -n minio-operator get secret console-sa-secret -o jsonpath="{.data.token}" | base64 --decode
2. Get the Operator Console URL by running these commands:
kubectl --namespace minio-operator port-forward svc/console 9090:9090
echo "Visit the Operator Console at http://127.0.0.1:9090"
And MinIO Operator should be running:
- Port-forward Operator so that you can access it via Web Browser:
kubectl --namespace minio-operator port-forward svc/console 9090:9090
You should see:
$ kubectl --namespace minio-operator port-forward svc/console 9090:9090
Forwarding from 127.0.0.1:9090 -> 9090
Forwarding from [::1]:9090 -> 9090
- Then get the token:
$ kubectl apply -f - <<EOF
> apiVersion: v1
> kind: Secret
> metadata:
> name: console-sa-secret
> namespace: minio-operator
> annotations:
> kubernetes.io/service-account.name: console-sa
> type: kubernetes.io/service-account-token
> EOF
kubectl -n minio-operator get secret console-sa-secret -o jsonpath="{.data.token}" | base64 --decode
Warning: resource secrets/console-sa-secret is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used on resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically.
secret/console-sa-secret configured
$ kubectl -n minio-operator get secret console-sa-secret -o jsonpath="{.data.token}" | base64 --decode
eyJhbGciOiJSUzI1NiIsImtpZCI6Ik1kLS1RU1JLenZ2Mm9FWnhlM0ZTQXAtdXJzQS1ZM2EzdWlFX2doTFpqaVkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJtaW5pby1vcGVyYXRvciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJjb25zb2xlLXNhLXNlY3JldCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJjb25zb2xlLXNhIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMjk1ZDk0Y2YtMTRiMS00NTMwLTk0ZjMtOTdlN2M1NzJhMzQ4Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Om1pbmlvLW9wZXJhdG9yOmNvbnNvbGUtc2EifQ.meEgvlEtnHGrpgGoAyblJEs3a8L3TZkVnGddW7SrhhCRyCF141azniOZc57LJiiacuw9-DOLyfsHrNlBHG5tCZipu3ONUIfqzTSDBeCnepuo8fKlc023M9AnpYtCVyYQKHMay7ug-IRX3WRHIHzfwnOydly9ZA9pUAfKQqZ5BhT3nliNmJ786wgX9RHcbbzHUWsGiDzRQ59p56nvRRQ3uu_tnActMb3rGwS3xwB8xGq-pNJdtaNeAtfYmt2Zj0KVGXURzcWMvp7E6l7FW_WezhJJd0I5MmjUj3zqmCyPjgKzOieVVNg_PiUyDy2KCzGynMK4r34nIxeUju7qI83uZw
The token is:
eyJhbGciOiJSUzI1NiIsImtpZCI6Ik1kLS1RU1JLenZ2Mm9FWnhlM0ZTQXAtdXJzQS1ZM2EzdWlFX2doTFpqaVkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJtaW5pby1vcGVyYXRvciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJjb25zb2xlLXNhLXNlY3JldCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJjb25zb2xlLXNhIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMjk1ZDk0Y2YtMTRiMS00NTMwLTk0ZjMtOTdlN2M1NzJhMzQ4Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Om1pbmlvLW9wZXJhdG9yOmNvbnNvbGUtc2EifQ.meEgvlEtnHGrpgGoAyblJEs3a8L3TZkVnGddW7SrhhCRyCF141azniOZc57LJiiacuw9-DOLyfsHrNlBHG5tCZipu3ONUIfqzTSDBeCnepuo8fKlc023M9AnpYtCVyYQKHMay7ug-IRX3WRHIHzfwnOydly9ZA9pUAfKQqZ5BhT3nliNmJ786wgX9RHcbbzHUWsGiDzRQ59p56nvRRQ3uu_tnActMb3rGwS3xwB8xGq-pNJdtaNeAtfYmt2Zj0KVGXURzcWMvp7E6l7FW_WezhJJd0I5MmjUj3zqmCyPjgKzOieVVNg_PiUyDy2KCzGynMK4r34nIxeUju7qI83uZw
- Open the browser: http://localhost:9090/ and provide the token to login:
- Create the tenant:
- Wait for tenant to be ready, couple of minutes:
- Once Tenant is ready will be green color:
- Then you can go to console, create a bucket and put objects inside:
If you need to change a field like the securityContext
, all you need to do is to change the values like this:
helm install \
--namespace minio-operator \
--create-namespace minio-operator minio/operator \
-f /path-to-the-repository/operator/helm/operator/values.yaml
Where values.yaml
will change the default values from:
securityContext:
runAsUser: 1000
runAsGroup: 1000
runAsNonRoot: true
fsGroup: 1000
To:
securityContext:
runAsUser: 900
runAsGroup: 900
runAsNonRoot: true
fsGroup: 900