Helm/MinIO: Difference between revisions
Jump to navigation
Jump to search
(4 intermediate revisions by the same user not shown) | |||
Line 104: | Line 104: | ||
mcli alias set k8s_gitlab_ab http://minio.minio:9000 FfG564tLdSlgaM2t0ig0 FEbThROKMZ06Feddr1SUMk85g4wRM5NZnVVrS24V | mcli alias set k8s_gitlab_ab http://minio.minio:9000 FfG564tLdSlgaM2t0ig0 FEbThROKMZ06Feddr1SUMk85g4wRM5NZnVVrS24V | ||
mcli admin info k8s_gitlab_ab | mcli admin info k8s_gitlab_ab | ||
mcli alias set s3_host_ab http://s3.host.k8s.local O2PLF0Pznp12HNbT9FbJ YIISq1Srxf9gv24fxkryN5ilQDg8P5wxJXt1qgle | |||
mcli admin info s3_host_ab | |||
mcli alias set s3_host_aa http://s3.host.k8s.local 6zXMWye9rOjKgpka pHKjpqiXK4RLpvdyX7qYuwbIk5KAkKa6 | |||
mcli admin info s3_host_aa | |||
mcli alias set k8s_admin http://minio.minio:9000 admin sadaqah! | mcli alias set k8s_admin http://minio.minio:9000 admin sadaqah! | ||
Line 323: | Line 329: | ||
|- | |- | ||
| valign="top" | | | valign="top" | | ||
* [https://medium.com/picus-security-engineering/on-premises-s3-bucket-object-storage-with-minio-server-gateway-4c44fc321b1c MinIO » On-premises AWS S3 Object Storage] | |||
* [https://min.io/docs/minio/kubernetes/upstream/administration/object-management/transition-objects-to-s3.html MinIO » Transition Objects to AWS S3] | |||
* [https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-operator-helm.html MinIO » Helm Charts » Operator] | * [https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-operator-helm.html MinIO » Helm Charts » Operator] | ||
* [https://min.io/docs/minio/linux/integrations/setup-nginx-proxy-with-minio.html MinIO » Configure NGINX Proxy] | |||
* [https://github.com/bitnami/charts/tree/main/bitnami/minio/ MinIO » Bitnami » Helm Charts] | * [https://github.com/bitnami/charts/tree/main/bitnami/minio/ MinIO » Bitnami » Helm Charts] | ||
* [https://bitnami.com/stack/minio/helm MinIO » Bitnami » Package] | * [https://bitnami.com/stack/minio/helm MinIO » Bitnami » Package] | ||
Line 354: | Line 363: | ||
* [[K8s/CSI Hostpath Driver|K8s » CSI Hostpath Driver]] | * [[K8s/CSI Hostpath Driver|K8s » CSI Hostpath Driver]] | ||
* [[K8s/Ingress|K8s » Ingress]] | * [[K8s/Ingress|K8s » Ingress]] | ||
* [[K8s/Service|K8s » Service]] | |||
* [[CIDR]] | * [[CIDR]] | ||
* [[UFW]] | * [[UFW]] |
Revision as of 20:16, 18 November 2024
helm repo add bitnami https://charts.bitnami.com/bitnami helm repo update && helm repo list kubectl config get-contexts
Config
export KUBECONFIG="${HOME}/.kube/dev-kubeconfig.yaml"
export KUBECONFIG="${HOME}/.kube/gcp-kubeconfig.yaml"
export KUBECONFIG="${HOME}/.kube/config"
Install
kubectl get ns|grep minio
kubectl delete ns minio
|
kubectl get ns|grep minio
kubectl create ns minio
|
| |
cat <<YML | helm -n minio install minio bitnami/minio --version=14.7.1 -f -
---
global:
defaultStorageClass: standard
mode: standalone
auth:
rootUser: admin
rootPassword: sadaqah!
defaultBuckets: "gitlab-artifacts, gitlab-backups, gitlab-ci-secure-files, gitlab-dependency-proxy, gitlab-lfs, gitlab-mr-diffs, gitlab-packages, gitlab-pages, gitlab-registry, gitlab-runner-cache, gitlab-tf-state, gitlab-tmp, gitlab-uploads"
ingress:
enabled: true
hostname: minio.k8s.local
statefulset:
drivesPerNode: 1
replicaCount: 1
zones: 1
YML
|
cat <<YML | helm -n minio install minio bitnami/minio --version=14.7.1 -f -
---
global:
defaultStorageClass: standard
mode: distributed
auth:
rootUser: admin
rootPassword: sadaqah!
defaultBuckets: "gitlab-artifacts, gitlab-backups, gitlab-ci-secure-files, gitlab-dependency-proxy, gitlab-lfs, gitlab-mr-diffs, gitlab-packages, gitlab-pages, gitlab-registry, gitlab-runner-cache, gitlab-tf-state, gitlab-tmp, gitlab-uploads"
ingress:
enabled: true
hostname: minio.k8s.local
statefulset:
drivesPerNode: 4
replicaCount: 1
zones: 1
YML
|
| |
xdg-open http://minio.k8s.local &>/dev/null &
gnome-open http://minio.k8s.local &>/dev/null &
|
x-www-browser http://minio.k8s.local &>/dev/null &
sensible-browser http://minio.k8s.local &>/dev/null &
|
Uninstall
helm uninstall -n minio minio
kubectl delete namespace minio
Swiss Knife
kubectl -n minio run -i --tty --rm minio-cli --image=alpine --restart=Never -- sh
apk --update add minio-client inetutils-telnet
mcli alias set k8s_gitlab_aa http://minio.minio:9000 Tnen3kCv71osfJKkhcIP rxMU6fWayQD6no1p1LO7orBmxNMtbKuyHITpflBJ
mcli admin info k8s_gitlab_aa
mcli alias set k8s_gitlab_ab http://minio.minio:9000 FfG564tLdSlgaM2t0ig0 FEbThROKMZ06Feddr1SUMk85g4wRM5NZnVVrS24V
mcli admin info k8s_gitlab_ab
mcli alias set s3_host_ab http://s3.host.k8s.local O2PLF0Pznp12HNbT9FbJ YIISq1Srxf9gv24fxkryN5ilQDg8P5wxJXt1qgle
mcli admin info s3_host_ab
mcli alias set s3_host_aa http://s3.host.k8s.local 6zXMWye9rOjKgpka pHKjpqiXK4RLpvdyX7qYuwbIk5KAkKa6
mcli admin info s3_host_aa
mcli alias set k8s_admin http://minio.minio:9000 admin sadaqah!
mcli admin info k8s_admin
EKS » EBS » PVC
cat << YML | kubectl apply -f -
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: minio-pv
spec:
accessModes:
- ReadWriteOnce
awsElasticBlockStore:
fsType: ext4
volumeID: aws://ap-southeast-1/vol-0bbbd80804f1ae62a
capacity:
storage: 10Gi
persistentVolumeReclaimPolicy: Retain
storageClassName: "gp2"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/name: minio
name: minio-pvc
namespace: minio
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: "gp2"
volumeName: minio-pv
YML
EKS » EBS » Patch
kubectl -n minio get deploy/minio -ojson|jq -r '.spec.template.spec.nodeSelector'
| |
| |
cat <<YML | kubectl -n minio patch deploy/minio --patch-file=/dev/stdin
---
spec:
template:
spec:
nodeSelector:
topology.kubernetes.io/zone: minikube
YML
|
cat <<YML | kubectl -n minio patch deploy/minio --patch-file=/dev/stdin
---
spec:
template:
spec:
nodeSelector:
topology.kubernetes.io/zone: ap-southeast-1a
YML
|
| |
kubectl -n minio get deploy/minio -ojson|jq -r '.spec.template.spec.nodeSelector'
kubectl -n minio delete pods --all
|
EKS » Ingress » TLS
cat << YML | kubectl apply -n minio -f -
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: minio-domain
namespace: minio
spec:
dnsNames:
- "minio.finology.group"
issuerRef:
kind: ClusterIssuer
name: letsencrypt-http01
secretName: minio-secret-tls
YML
EKS » Ingress » Patch
cat <<YML | kubectl -n minio patch ing/minio --patch-file=/dev/stdin
---
metadata:
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: 10m
nginx.ingress.kubernetes.io/proxy-buffer-size: 128k
nginx.ingress.kubernetes.io/proxy-buffers-number: '4'
nginx.ingress.kubernetes.io/proxy-buffers-size: 256k
nginx.ingress.kubernetes.io/proxy-ssl-server-name: 'on'
nginx.ingress.kubernetes.io/proxy-ssl-verify: 'on'
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/ssl-redirect: 'true'
spec:
ingressClassName: nginx
tls:
- hosts:
- minio.finology.group
secretName: minio-secret-tls
YML
Playground
helm -n minio install minio bitnami/minio --version=14.6.1
helm -n minio upgrade -i minio bitnami/minio --version=14.7.1
helm show values bitnami/minio --version=14.6.1|less
| |
| |
kubectl -n minio get secret minio -o json|jq -r '.data."root-password"'|base64 -d;echo
kubectl -n minio get secret minio -o json|jq -r '.data."root-user"'|base64 -d;echo
kubectl -n minio exec -it svc/minio -c minio -- bash
| |
| |
kubectl config --kubeconfig=${HOME}/.kube/aws-kubeconfig.yaml view --flatten
kubectl config --kubeconfig=${HOME}/.kube/dev-kubeconfig.yaml view --flatten
kubectl config --kubeconfig=${HOME}/.kube/gcp-kubeconfig.yaml view --flatten
kubectl config --kubeconfig=${HOME}/.kube/config view --flatten
| |
| |
kubectl -n minio delete all --all
kubectl -n minio delete ing --all
kubectl -n minio delete sts --all
|
kubectl -n minio delete svc --all
kubectl -n minio delete pvc --all
kubectl -n minio delete pv --all
|
| |
kubectl -n minio rollout history deploy minio
kubectl -n minio rollout restart deploy minio
kubectl -n minio rollout status deploy minio
|
kubectl -n minio exec -it svc/minio -c minio -- mc --help
kubectl -n minio exec -it svc/minio -c minio -- bash
kubectl -n minio logs -f svc/minio -c minio
|
References
| ||
| ||