Skip to content

root credentials via tenant spec env

Jump to bottom
Cesar Celis Hernandez edited this page Mar 20, 2024 · 3 revisions

Dios, encomiendo esta actividad a ti Señor, para que nos guies por el camino de mas provecho a todos; si es para nuestro bien, que se de la mejor solucion posible y con equilibrio con el universo.

Objetivo:

  • Pasar las root credentials via tenant.spec.env
createcluster nodeport

installoperator nodeport

k create namespace tenant-lite

kubectl create secret generic username --from-literal=usernamekey='elsusuario' -n tenant-lite
kubectl create secret generic password --from-literal=passwordkey='elsusuario123' -n tenant-lite

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Namespace
metadata:
  name: tenant-lite
---
apiVersion: v1
data:
  CONSOLE_ACCESS_KEY: Y29uc29sZQ==
  CONSOLE_SECRET_KEY: Y29uc29sZTEyMw==
kind: Secret
metadata:
  name: storage-user
  namespace: tenant-lite
type: Opaque
---
apiVersion: v1
kind: Secret
metadata:
  name: storage-configuration
  namespace: tenant-lite
stringData:
  config.env: |-
    #export MINIO_ROOT_USER="minio"
    #export MINIO_ROOT_PASSWORD="minio123"
    export MINIO_STORAGE_CLASS_STANDARD="EC:2"
    export MINIO_BROWSER="on"
type: Opaque
---
apiVersion: v1
data:
  accesskey: ZWxzdXN1YXJpbw==
  secretkey: ZWxzdXN1YXJpbzEyMw==
kind: Secret
metadata:
  creationTimestamp: "2024-03-19T21:22:35Z"
  name: minio1-secret
  namespace: tenant-lite
  resourceVersion: "1798"
  uid: 5d3baeba-932b-4502-933e-db665cb3ac07
type: Opaque
---
apiVersion: minio.min.io/v2
kind: Tenant
metadata:
  annotations:
    prometheus.io/path: /minio/v2/metrics/cluster
    prometheus.io/port: "9000"
    prometheus.io/scrape: "true"
  labels:
    app: minio
  name: myminio
  namespace: tenant-lite
spec:
  credsSecret:
    name: minio1-secret
  certConfig: {}
  configuration:
    name: storage-configuration
  env:
    - name: accesskey
      value: minio
    - name: secretkey
      value: minio321111
    - name: MINIO_ROOT_USER
      value: minio
    - name: MINIO_ROOT_PASSWORD
      value: minio123
  externalCaCertSecret: []
  externalCertSecret: []
  externalClientCertSecrets: []
  features:
    bucketDNS: false
    domains: {}
  image: quay.io/minio/minio:RELEASE.2024-03-05T04-48-44Z
  imagePullSecret: {}
  mountPath: /export
  podManagementPolicy: Parallel
  pools:
  - containerSecurityContext:
      runAsGroup: 1000
      runAsNonRoot: true
      runAsUser: 1000
    name: pool-0
    servers: 4
    volumeClaimTemplate:
      metadata:
        name: data
      spec:
        accessModes:
        - ReadWriteOnce
        resources:
          requests:
            storage: 2Gi
    volumesPerServer: 2
  priorityClassName: ""
  requestAutoCert: true
  serviceAccountName: ""
  serviceMetadata:
    consoleServiceAnnotations: {}
    consoleServiceLabels: {}
    minioServiceAnnotations: {}
    minioServiceLabels: {}
  subPath: ""
  users:
  - name: storage-user
EOF
Clone this wiki locally