SRE文档文档,
https://github.com/minio/operator
https://min.io/docs/minio/kubernetes/upstream/operations/installation.html
1. 组件版本
生产环境
Kubernetes : v1.22.x
请根据自己k8s版本自行下载安装,https://github.com/minio/operator/releases
4.0.0+对应k8s版本>=1.19.0;
5.0.0+对应k8s>=1.21.0;
5.0.6+对应k8s>=1.25.0请根据自己k8s版本自行下载安装,https://github.com/minio/operator/releases
4.0.0+对应k8s版本>=1.19.0;
5.0.0+对应k8s>=1.21.0;
5.0.6+对应k8s>=1.25.0| 名称 | 说明 |
|---|---|
| console | 租户控制台 |
| operator | minio-operator |
| kubectl-minio | kubectl minio 插件(初始化operator、管理租户) |
| MinIO Tenant | 多租户环境中实现数据隔离、资源管理和安全性(pv) |
| mc | minio客户端管理工具 |
2. MinIO Operator部署
minio官方推荐使用minio-operator部署多租户的minio系统。
每个 MinIO Tenant 代表 Kubernetes 集群中的一个独立的 MinIO Object Store。下图描述了部署到 Kubernetes 中的 MinIO Tenant 的架构:
2.1 kubectl-minio插件安装
bash
curl https://github.com/minio/operator/releases/download/v5.0.5/kubectl-minio_5.0.5_linux_amd64 -o kubectl-minio
chmod +x kubectl-minio
mv kubectl-minio /usr/local/bin/curl https://github.com/minio/operator/releases/download/v5.0.5/kubectl-minio_5.0.5_linux_amd64 -o kubectl-minio
chmod +x kubectl-minio
mv kubectl-minio /usr/local/bin/- 查看版本
bash
[root@kube-master ~]# kubectl-minio version
v5.0.5[root@kube-master ~]# kubectl-minio version
v5.0.52.2 初始化安装MinIO Operator
2.2.1 参数帮助
bash
#帮助
kubectl minio init --help
'init' command creates MinIO Operator deployment along with all the dependencies.
Usage:
minio init [flags]
Examples:
kubectl minio init
Flags:
-d, --cluster-domain string cluster domain of the Kubernetes cluster (default "cluster.local")
--console-image string console image
--console-tls enable tls for Operator console
--default-kes-image string default tenant KES image
--default-minio-image string default tenant MinIO image
-h, --help help for init
-i, --image string operator image (default "minio/operator:v5.0.5")
--image-pull-secret string image pull secret to be used for pulling MinIO Operator
-n, --namespace string namespace scope for this request (default "minio-operator")
--namespace-to-watch string namespace where operator looks for MinIO tenants, leave empty for all namespaces
-o, --output dry run this command and generate requisite yaml
--prometheus-name string name of the prometheus managed by prometheus-operator
--prometheus-namespace string namespace of the prometheus managed by prometheus-operator
--sts enable Operator sts (v1alpha1)#帮助
kubectl minio init --help
'init' command creates MinIO Operator deployment along with all the dependencies.
Usage:
minio init [flags]
Examples:
kubectl minio init
Flags:
-d, --cluster-domain string cluster domain of the Kubernetes cluster (default "cluster.local")
--console-image string console image
--console-tls enable tls for Operator console
--default-kes-image string default tenant KES image
--default-minio-image string default tenant MinIO image
-h, --help help for init
-i, --image string operator image (default "minio/operator:v5.0.5")
--image-pull-secret string image pull secret to be used for pulling MinIO Operator
-n, --namespace string namespace scope for this request (default "minio-operator")
--namespace-to-watch string namespace where operator looks for MinIO tenants, leave empty for all namespaces
-o, --output dry run this command and generate requisite yaml
--prometheus-name string name of the prometheus managed by prometheus-operator
--prometheus-namespace string namespace of the prometheus managed by prometheus-operator
--sts enable Operator sts (v1alpha1)2.2.2 初始化
bash
kubectl minio init --namespace minio-operatorkubectl minio init --namespace minio-operator- 查看状态
bash
[root@kube-master ~]# kubectl get pod -nminio-operator
NAME READY STATUS RESTARTS AGE
console-69bcc64b6d-p97kx 1/1 Running 1 (11m ago) 15m
minio-operator-6c68464fc4-5f6w5 1/1 Running 3 (9m51s ago) 15m
minio-operator-6c68464fc4-jvcs6 1/1 Running 3 (9m57s ago) 15m
#查看所有
kubectl get all -n minio-operator[root@kube-master ~]# kubectl get pod -nminio-operator
NAME READY STATUS RESTARTS AGE
console-69bcc64b6d-p97kx 1/1 Running 1 (11m ago) 15m
minio-operator-6c68464fc4-5f6w5 1/1 Running 3 (9m51s ago) 15m
minio-operator-6c68464fc4-jvcs6 1/1 Running 3 (9m57s ago) 15m
#查看所有
kubectl get all -n minio-operator2.3 MinIO Operator Console访问
两种方式
2.3.1 curl
不建议使用这个
bash
kubectl minio proxy --namespace minio-operator
curl http://localhost:9090/api/v1/check-versionkubectl minio proxy --namespace minio-operator
curl http://localhost:9090/api/v1/check-version2.3.2 ingress
cat 4.minio-web-ing.yaml
yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
name: minio-console-ing
namespace: minio-operator
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: 100m
spec:
ingressClassName: nginx
rules:
- host: minio.ikubernetes.net
http:
paths:
- backend:
service:
name: console
port:
number: 9090
path: /
pathType: PrefixapiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
name: minio-console-ing
namespace: minio-operator
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: 100m
spec:
ingressClassName: nginx
rules:
- host: minio.ikubernetes.net
http:
paths:
- backend:
service:
name: console
port:
number: 9090
path: /
pathType: Prefix- 访问
- 获取token
bash
kubectl get secret/console-sa-secret -n minio-operator -o json | jq -r '.data.token' | base64 -dkubectl get secret/console-sa-secret -n minio-operator -o json | jq -r '.data.token' | base64 -d