minio

prepare

1. k8s is ready
2. argocd is ready and logged in
3. ingress is ready
4. cert-manager is ready
   • the clusterissuer named self-signed-ca-issuer is ready

installation

1. prepare secret for root user credentials

   • kubectl get namespaces storage > /dev/null 2>&1 || kubectl create namespace storage
     kubectl -n storage create secret generic minio-credentials \
         --from-literal=rootUser=admin \
         --from-literal=rootPassword=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 16)
     

2. prepare minio.yaml

   • apiVersion: argoproj.io/v1alpha1
     kind: Application
     metadata:
       name: minio
     spec:
       syncPolicy:
         syncOptions:
         - CreateNamespace=true
       project: default
       source:
         repoURL: https://ben-wangz.github.io/helm-chart-mirror/charts
         chart: minio
         targetRevision: 5.0.15
         helm:
           releaseName: minio
           values: |
             image:
               repository: quay.io/minio/minio
             mcImage:
               repository: quay.io/minio/mc
             mode: standalone
             persistence:
               enabled: false
             ingress:
               enabled: true
               ingressClassName: nginx
               annotations:
                 nginx.ingress.kubernetes.io/rewrite-target: /$1
               path: /?(.*)
               hosts:
                 - minio-api.dev.geekcity.tech
             consoleIngress:
               enabled: true
               ingressClassName: nginx
               annotations:
                 nginx.ingress.kubernetes.io/rewrite-target: /$1
               path: /?(.*)
               hosts:
                 - minio-console.dev.geekcity.tech
             replicas: 1
             resources:
               requests:
                 memory: 512Mi
                 cpu: 250m
               limits:
                 memory: 512Mi
                 cpu: 250m
             existingSecret: minio-credentials
       destination:
         server: https://kubernetes.default.svc
         namespace: storage
     
     

3. apply to k8s

   • kubectl -n argocd apply -f minio.yaml
     

4. sync by argocd

   • argocd app sync argocd/minio
     

5. visit minio console
   • minio-console.dev.geekcity.tech should be resolved to nginx-ingress
     • for example, add $K8S_MASTER_IP minio-console.dev.geekcity.tech to /etc/hosts
   • address: http://minio-console.dev.geekcity.tech:32080/login
   • access key: admin
   • access secret

     • kubectl -n storage get secret minio-credentials -o jsonpath='{.data.rootPassword}' | base64 -d
       

6. test with mc

   • # change K8S_MASTER_IP to your k8s master ip
     K8S_MASTER_IP=$(kubectl get node -l node-role.kubernetes.io/control-plane -o jsonpath='{.items[0].status.addresses[?(@.type=="InternalIP")].address}')
     ACCESS_SECRET=$(kubectl -n storage get secret minio-credentials -o jsonpath='{.data.rootPassword}' | base64 -d)
     podman run --rm \
         --entrypoint bash \
         --add-host=minio-api.dev.geekcity.tech:${K8S_MASTER_IP} \
         -it docker.io/minio/mc:latest \
         -c "mc alias set minio http://minio-api.dev.geekcity.tech:32080 admin ${ACCESS_SECRET} \
             && mc ls minio \
             && mc mb --ignore-existing minio/test \
             && mc cp /etc/hosts minio/test/etc/hosts \
             && mc ls --recursive minio"
     

references

• https://github.com/minio/minio/tree/master/helm/minio