Minio

Operator

The minio service provides tenants with buckets that are compatiable with AWS S3.

The Minio Operator is the k8s version of this service.

The buckets use kubernetes cluster local storage (distributed node storage) and different applications use them as backend storage.

DNS

The following URLs are proxied by Gateway Device and to the MetalLB External IP. This is managed by the Gateway Device /etc/hosts entries and dnsmasq.

1. storage.cluster.home
2. minio.cluster.home

Minio Operator

Minio operator: http://minio.cluster.home/

Operator Console: http://minio.cluster.home

JWT Login is stored in Minio Operator Secret console-sa-secret

kubectl -n mop get secret console-sa-secret -o jsonpath='{.data.token}' | base64 --decode

Tenants

Console Sub-Path

subpath failure in latest releases https://github.com/minio/console/issues/2774

Last known working version of console with subpath: RELEASE.2023-03-24T21-41-23Z https://github.com/minio/console/releases/tag/v0.28.0 fixes subpath - no tagged RELEASE yet

Monitoring Logs Tenant

• Monitoring (Loki, Mimir)

Argo Workflows Tenant

• Argo Workflows Artifact Tenant

Misc

TLS Off

In this project, TLS is currently disabled. This is done by setting the following chart value to false…

  certificate:
    requestAutoCert: false

HTTPS/TLS Support

TBD - HTTPS - stuck on console making HTTP requests to HTTPS endpoint.

• https://github.com/minio/console/issues/2045
• https://github.com/minio/minio/issues/15275

https://github.com/minio/operator/blob/master/helm/tenant/values.yaml This disabled HTTPS and presents HTTP pods

        certificate:
          requestAutoCert: false

Enabling HTTPS seems to work but console ends up with errors of sending HTTP requests to an HTTPS endpoint

The following values setting enables “TLS” which makes all the minio Pods operate in HTTPS.

        certificate:
          requestAutoCert: true