Skip to content

operator 2032

Allan Roger Reid edited this page Mar 19, 2024 · 8 revisions

Set linger and reboot

ssh -p 20694 [email protected] -o "ServerAliveInterval=5" -o "ServerAliveCountMax=100000" -o "StrictHostKeyChecking=off"
loginctl enable-linger ubuntu

Install and verify k3s

sudo apt-get update -y && \
sudo apt-get upgrade -y && \
sudo apt-get install linux-generic -y && \
sudo apt-get dist-upgrade -y && \
sudo apt-get install linux-headers-generic -y && \
sudo touch /dev/kmsg
sudo ln -s /lib/modules/6.2.0-39-generic /lib/modules/6.2.0-35-generic

sudo touch /dev/kmsg
curl -sfL https://get.k3s.io | K3S_KUBECONFIG_MODE="644" sh -s - --snapshotter=fuse-overlayfs
sudo journalctl -f -u k3s.service
sudo systemctl status k3s
cat <<EOF >> ~/.bashrc 
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
EOF
cat ~/.bashrc 
source ~/.profile

Install helm

curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
chmod 700 get_helm.sh
./get_helm.sh

Install minio operator

curl -O https://raw.githubusercontent.com/minio/operator/master/helm-releases/operator-5.0.13.tgz
tar -xvf operator-5.0.13.tgz
helm install --namespace minio-operator --create-namespace minio-operator operator-5.0.13.tgz -f ./operator/values.yaml

Create existing secret

kubectl -n tenant1 delete secret/my-existing-secret
cat <<EOF > my-existing-secret.yaml
apiVersion: v1
kind: Secret
type: Opaque
metadata:
  namespace: tenant1
  name: my-existing-secret
stringData:
  config.env: |-
    export MINIO_ROOT_USER=ROOTUSERNAME
    export MINIO_ROOT_PASSWORD=ROOTUSERPASSWORD
EOF
kubectl create -f my-existing-secret.yaml

All tests imply modifications to values.yaml. i.e.

helm uninstall -n tenant1 tenant1
helm install --namespace tenant1 --create-namespace tenant1 --debug ./tenant
kubectl patch tenant -n tenant1 myminio --type='merge' -p '{"spec":{"requestAutoCert": false}}'
kubectl patch service -n tenant1 myminio-console -p '{"spec":{"ports":[{"name": "http-console","port": 9090,"protocol": "TCP","nodePort":'31091'},{"name": "https-console","port": 9443,"protocol": "TCP","nodePort":'30091'}],"type": "NodePort"}}'

Then, attempt login with http://minio-operator-helm-local.minio.training:31091

Regression tests

Test 1

secrets:
  name: myminio-env-configuration
  accessKey: minio 
  secretKey: minio123
  existingSecret:
    name: enabled
tenant:
  configuration:
    name: my-existing-secret

Expected outcome: login permitted with ROOTUSERNAME/ROOTUSERPASSWORD helm prints warning Actual outcome

Test 2

secrets:
  name: myminio-env-configuration
  accessKey: minio 
  secretKey: minio123
  existingSecret:
    name: enabled

Expected outcome: tenant does not start helm prints warning Actual outcome

Test 3

secrets:
  name: myminio-env-configuration
  accessKey: minio 
  secretKey: minio123
  existingSecret:
    name: enabled
tenant:
  configuration:
    name: myminio-env-configuration

Expected outcome: tenant does not start helm prints warning Actual outcome

Test 4

secrets:
  name: myminio-env-configuration
  accessKey: minio 
  secretKey: minio123
tenant:
  configuration:
    name: myminio-env-configuration

Expected outcome: login permitted with minio/minio123 helm prints warning Actual outcome


Integration tests

Test 1

secrets:
  name: myminio-env-configuration
  accessKey: minio 
  secretKey: minio123
  existingSecret:
    name: enabled
tenant:
  configuration:
    name: my-existing-secret
  configSecret:
    name: myminio-env-configuration
    accessKey: minio
    secretKey: minio123
    existingSecret: true

Expected outcome: helm install fails Actual outcome

Test 2

tenant:
  configuration:
    name: my-existing-secret
  configSecret:
    name: myminio-env-configuration
    accessKey: minio
    secretKey: minio123
    existingSecret: true

Expected outcome: login permitted with ROOTUSERNAME/ROOTUSERPASSWORD Actual outcome

Test 3

tenant:
  configuration:
    name: my-existing-secret
  configSecret:
    existingSecret: true

Expected outcome: login permitted with ROOTUSERNAME/ROOTUSERPASSWORD Actual outcome

Test 4

tenant:
  configuration:
    name: my-existing-secret
  configSecret:
    name: myminio-env-configuration
    accessKey: minio
    secretKey: minio123
    existingSecret: false

Expected outcome: tenant fails Actual outcome

Test 5

tenant:
  configuration:
    name: myminio-env-configuration
  configSecret:
    name: myminio-env-configuration
    accessKey: minio
    secretKey: minio123
    existingSecret: false

Expected outcome: login permitted with minio/minio123 Actual outcome

Test 6

tenant:
  configuration:
    name: myminio-env-configuration
  configSecret:
    name: myminio-env-configuration
    accessKey: minio
    secretKey: minio123

Expected outcome: login permitted with minio/minio123 Actual outcome

Clone this wiki locally