Skip to content

Deploy MinIO Operator with Helm

Jump to bottom
Cesar Celis Hernandez edited this page Sep 19, 2022 · 14 revisions

Objective:

To deploy MinIO Operator with Helm

Relevant links:

Steps:

  1. Delete previous cluster if any:
kind delete cluster
  1. Create cluster with Kind:
kind create cluster --config kind-config.yaml

Where the kind-config.yaml is:

# four node (two workers) cluster config
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
  - role: control-plane
  - role: worker
  - role: worker
  - role: worker
  - role: worker
  1. Deploy MinIO Operator with Helm:
helm repo add minio https://operator.min.io/
helm install \
  --namespace minio-operator \
  --create-namespace \
  minio-operator minio/operator

You should get:

$ helm repo add minio https://operator.min.io/
"minio" has been added to your repositories
$ helm install \
>   --namespace minio-operator \
>   --create-namespace \
>   minio-operator minio/operator
NAME: minio-operator
LAST DEPLOYED: Wed Sep 14 12:14:05 2022
NAMESPACE: minio-operator
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
1. Get the JWT for logging in to the console:
kubectl apply -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
  name: console-sa-secret
  namespace: minio-operator
  annotations:
    kubernetes.io/service-account.name: console-sa
type: kubernetes.io/service-account-token
EOF
kubectl -n minio-operator  get secret console-sa-secret -o jsonpath="{.data.token}" | base64 --decode

2. Get the Operator Console URL by running these commands:
  kubectl --namespace minio-operator port-forward svc/console 9090:9090
  echo "Visit the Operator Console at http://127.0.0.1:9090"

And MinIO Operator should be running:

Screen Shot 2022-09-14 at 12 14 48 PM
  1. Port-forward Operator so that you can access it via Web Browser:
kubectl --namespace minio-operator port-forward svc/console 9090:9090

You should see:

$ kubectl --namespace minio-operator port-forward svc/console 9090:9090
Forwarding from 127.0.0.1:9090 -> 9090
Forwarding from [::1]:9090 -> 9090
  1. Then get the token:
$ kubectl apply -f - <<EOF
> apiVersion: v1
> kind: Secret
> metadata:
>   name: console-sa-secret
>   namespace: minio-operator
>   annotations:
>     kubernetes.io/service-account.name: console-sa
> type: kubernetes.io/service-account-token
> EOF
kubectl -n minio-operator  get secret console-sa-secret -o jsonpath="{.data.token}" | base64 --decode
Warning: resource secrets/console-sa-secret is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used on resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically.
secret/console-sa-secret configured
$ kubectl -n minio-operator  get secret console-sa-secret -o jsonpath="{.data.token}" | base64 --decode
eyJhbGciOiJSUzI1NiIsImtpZCI6Ik1kLS1RU1JLenZ2Mm9FWnhlM0ZTQXAtdXJzQS1ZM2EzdWlFX2doTFpqaVkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJtaW5pby1vcGVyYXRvciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJjb25zb2xlLXNhLXNlY3JldCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJjb25zb2xlLXNhIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMjk1ZDk0Y2YtMTRiMS00NTMwLTk0ZjMtOTdlN2M1NzJhMzQ4Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Om1pbmlvLW9wZXJhdG9yOmNvbnNvbGUtc2EifQ.meEgvlEtnHGrpgGoAyblJEs3a8L3TZkVnGddW7SrhhCRyCF141azniOZc57LJiiacuw9-DOLyfsHrNlBHG5tCZipu3ONUIfqzTSDBeCnepuo8fKlc023M9AnpYtCVyYQKHMay7ug-IRX3WRHIHzfwnOydly9ZA9pUAfKQqZ5BhT3nliNmJ786wgX9RHcbbzHUWsGiDzRQ59p56nvRRQ3uu_tnActMb3rGwS3xwB8xGq-pNJdtaNeAtfYmt2Zj0KVGXURzcWMvp7E6l7FW_WezhJJd0I5MmjUj3zqmCyPjgKzOieVVNg_PiUyDy2KCzGynMK4r34nIxeUju7qI83uZw

The token is:

eyJhbGciOiJSUzI1NiIsImtpZCI6Ik1kLS1RU1JLenZ2Mm9FWnhlM0ZTQXAtdXJzQS1ZM2EzdWlFX2doTFpqaVkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJtaW5pby1vcGVyYXRvciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJjb25zb2xlLXNhLXNlY3JldCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJjb25zb2xlLXNhIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMjk1ZDk0Y2YtMTRiMS00NTMwLTk0ZjMtOTdlN2M1NzJhMzQ4Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Om1pbmlvLW9wZXJhdG9yOmNvbnNvbGUtc2EifQ.meEgvlEtnHGrpgGoAyblJEs3a8L3TZkVnGddW7SrhhCRyCF141azniOZc57LJiiacuw9-DOLyfsHrNlBHG5tCZipu3ONUIfqzTSDBeCnepuo8fKlc023M9AnpYtCVyYQKHMay7ug-IRX3WRHIHzfwnOydly9ZA9pUAfKQqZ5BhT3nliNmJ786wgX9RHcbbzHUWsGiDzRQ59p56nvRRQ3uu_tnActMb3rGwS3xwB8xGq-pNJdtaNeAtfYmt2Zj0KVGXURzcWMvp7E6l7FW_WezhJJd0I5MmjUj3zqmCyPjgKzOieVVNg_PiUyDy2KCzGynMK4r34nIxeUju7qI83uZw
  1. Open the browser: http://localhost:9090/ and provide the token to login:
Screen Shot 2022-09-14 at 12 29 26 PM
  1. Create the tenant:
Screen Shot 2022-09-14 at 12 30 22 PM
  1. Wait for tenant to be ready, couple of minutes:
Screen Shot 2022-09-14 at 12 31 34 PM
  1. Once Tenant is ready will be green color:
Screen Shot 2022-09-14 at 12 33 45 PM Screen Shot 2022-09-14 at 12 34 06 PM
  1. Then you can go to console, create a bucket and put objects inside:
Screen Shot 2022-09-14 at 12 34 43 PM Screen Shot 2022-09-14 at 12 35 11 PM

Additional Information:

If you need to change a field like the securityContext, all you need to do is to change the values like this:

helm install \
  --namespace minio-operator \
  --create-namespace minio-operator minio/operator \
  -f /path-to-the-repository/operator/helm/operator/values.yaml

Where values.yaml will change the default values from:

  securityContext:
    runAsUser: 1000
    runAsGroup: 1000
    runAsNonRoot: true
    fsGroup: 1000

To:

  securityContext:
    runAsUser: 900
    runAsGroup: 900
    runAsNonRoot: true
    fsGroup: 900
Clone this wiki locally