Skip to content

How to install MinIO Using Helm in Kubernetes

Cesar Celis Hernandez edited this page Mar 21, 2023 · 14 revisions

Objective:

Install MinIO using Helm in Kubernetes

Pre-Step:

  1. Download Operator from: https://github.com/minio/operator/blob/master/helm-releases/operator-4.5.8.tgz
  2. Download Tenant from: https://github.com/minio/operator/blob/master/helm-releases/tenant-4.5.8.tgz

Steps:

  1. Create a cluster:
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
networking:
  apiServerAddress: "127.0.0.1"
  apiServerPort: 6443
nodes:
  - role: control-plane
    extraPortMappings:
    - containerPort: 30080
      hostPort: 30080
      listenAddress: "127.0.0.1"
      protocol: TCP
  - role: worker
    extraPortMappings:
    - containerPort: 30081
      hostPort: 30081
      listenAddress: "127.0.0.1"
      protocol: TCP
  - role: worker
    extraPortMappings:
    - containerPort: 30082
      hostPort: 30082
      listenAddress: "127.0.0.1"
      protocol: TCP
  - role: worker
    extraPortMappings:
    - containerPort: 30083
      hostPort: 30083
      listenAddress: "127.0.0.1"
      protocol: TCP
  - role: worker
    extraPortMappings:
    - containerPort: 30084
      hostPort: 30084
      listenAddress: "127.0.0.1"
      protocol: TCP
kind delete cluster
kind create cluster --config ~/bash-config/config-files/kind-config.yaml
  1. Deploy Operator:
helm install \
     --namespace minio-operator \
     --create-namespace \
     minio-operator ./operator-4.5.8.tgz

Expected output:

Cesars-MacBook-Pro:Downloads cniackz$ helm install \
>      --namespace minio-operator \
>      --create-namespace \
>      minio-operator ./operator-4.5.8.tgz
NAME: minio-operator
LAST DEPLOYED: Tue Mar 21 12:20:59 2023
NAMESPACE: minio-operator
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
1. Get the JWT for logging in to the console:
kubectl apply -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
  name: console-sa-secret
  namespace: minio-operator
  annotations:
    kubernetes.io/service-account.name: console-sa
type: kubernetes.io/service-account-token
EOF
kubectl -n minio-operator  get secret console-sa-secret -o jsonpath="{.data.token}" | base64 --decode

2. Get the Operator Console URL by running these commands:
  kubectl --namespace minio-operator port-forward svc/console 9090:9090
  echo "Visit the Operator Console at http://127.0.0.1:9090"
  1. Expose Operator UI:
k get service console -n minio-operator -o yaml > ~/service.yaml
yq e -i '.spec.type="NodePort"' ~/service.yaml
yq e -i '.spec.ports[0].nodePort = 30080' ~/service.yaml
k apply -f ~/service.yaml
k get deployment minio-operator -n minio-operator -o yaml > ~/operator.yaml
yq -i -e '.spec.replicas |= 1' ~/operator.yaml
k apply -f ~/operator.yaml
k apply -f ~/bash-config/config-files/console-secret.yaml
SA_TOKEN=$(k -n minio-operator  get secret console-sa-secret -o jsonpath="{.data.token}" | base64 --decode)
echo $SA_TOKEN
Screenshot 2023-03-21 at 12 25 31 PM
  1. Deploy Tenant:
helm install \
  --namespace tenant-ns \
  --create-namespace \
  tenant-ns ./tenant-4.5.8.tgz

Expected output:

Cesars-MacBook-Pro:Downloads cniackz$ helm install \
>   --namespace tenant-ns \
>   --create-namespace \
>   tenant-ns ./tenant-4.5.8.tgz
NAME: tenant-ns
LAST DEPLOYED: Tue Mar 21 12:32:40 2023
NAMESPACE: tenant-ns
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
To connect to the minio1 tenant if it doesn't have a service exposed, you can port-forward to it by running:

  kubectl --namespace tenant-ns port-forward svc/minio1-console 9443:9443

  Then visit the MinIO Console at https://127.0.0.1:9443
  1. Disable Prometheus and Logs, these examples/features are being deprecated.

  2. Wait couple of minutes to get Pods ready

Screenshot 2023-03-21 at 12 37 17 PM
  1. Expose the Tenant Service for console UI:
kubectl --namespace tenant-ns port-forward svc/minio1-console 9443:9443
Screenshot 2023-03-21 at 12 39 20 PM Screenshot 2023-03-21 at 12 39 26 PM
  1. Expose the service for mc CLI Access:
$ kubectl port-forward svc/minio1-hl 9000 -n tenant-ns
Forwarding from 127.0.0.1:9000 -> 9000
Forwarding from [::1]:9000 -> 9000
Handling connection for 9000
Handling connection for 9000
Handling connection for 9000
$ mc alias set myminio https://localhost:9000 minio minio123 --insecure
Added `myminio` successfully.
Clone this wiki locally