Product
MinIO Enterprise Object Store
Overview Architecture
Features
MinIO for Public Cloud
AWS GCS Azure
MinIO for Private Cloud
Kubernetes OpenShift SUSE Rancher Tanzu
MinIO for Baremetal
Linux and Windows
Determine your raw and usable capacity Erasure Code Calculator MinIO's Recommended Hardware Configuration Reference Hardware
Solutions
AI Storage Object storage is powering the AI revolution. Learn how MinIO is leading the AI storage market through performance at scale. Modern Datalakes Modern, multi-engine datalakes depend on object stores that deliver performance at scale. Learn more about this core MinIO use case. Hybrid Cloud Effective multi-cloud storage strategies rely on utilizing architecture and tools that can function seamlessly across diverse environments. HDFS Migration Modernize and simplify your big data storage infrastructure with high-performance, Kubernetes-native object storage from MinIO. Equinix Repatriate your data onto the cloud you control with MinIO on Equinix to lower costs while maintaining public cloud adjacency. Splunk Find out how MinIO is delivering performance at scale for Splunk SmartStores. Snowflake Query and analyze multiple data sources, including streaming data, residing on MinIO with the Snowflake Data Cloud. No need to move the data, just query using SnowSQL. SQL Server Discover how to pair SQL Server 2022 with MinIO to run queries on your data on any cloud - without having to move it. VMware Discover how MinIO integrates with VMware across the portfolio from the Persistent Data platform to TKG and how we support their Kubernetes ambitions. Veeam Learn how MinIO and Veeam have partnered to drive performance and scalability for a variety of backup use cases. Commvault Learn how Commvault and MinIO are partnered to deliver performance at scale for mission critical backup and restore workloads. Integrations Browse our vast portfolio of integrations.
Community
GitHub Join our GitHub open source community: explore, experiment, ask questions, and contribute. Slack Channel The MinIO Community Slack provides an open forum for discussing topics related to MinIO. All support is provided on a best-effort basis.
Docs Blog Resources Training Partner Pricing Download

The App Store of OpenShift: MinIO in OperatorHub

AJ AJ Cesar Celis Hernandez Cesar Celis Hernandez on Red Hat OpenShift
The App Store of OpenShift: MinIO in OperatorHub

Running AI data storage infrastructure in the cloud is very expensive. Not only is it expensive to store the data, but everytime your applications consume the data from your AI data storage infrastructure you get charged ingress and egress fees. At one point when cloud was new and the scale of the data was small the costs were negligible. But with cloud costs rising industries have been looking to repatriate their data from the cloud without losing out on the cloud native benefits. That is the key here, repatriating out of the cloud without losing the ability to manage your infrastructure cloud natively.

That is where OpenShift OperatorHub comes in. One of the driving proponents of the cloud repatriation movement is OpenShift. OpenShift brings world-class cloud native ability to manage Kubernetes right on your own infrastructure from your own data center. Simply put, OperatorHub to OpenShift is what App Store is to Apple. With a web console interface, an Operator can be pulled from its off-cluster source, installed and subscribed on the cluster, and made ready for engineering teams to self-service manage the product across deployment environments.

Today we’ll show you how to install the MinIO operator using OperatorHub. In the process we’ll show you how to set up and test your local testing environment while using OpenShift with MinIO operator.

MinIO Operator via OperatorHub

Be sure to install crc on your Ubuntu machine. To learn more about CRC please refresh with this blog post.

MinIO Operator Console

Expose the operator open web page http://localhost:9090/login and get the token from the secret

oc login -u kubeadmin https://api.crc.testing:6443
oc port-forward svc/console 9090 -n openshift-operators


Apply these permissions to be able to create the namespace and get its quotas and this somehow will gain access to display the storage class in OpenShift

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRole

metadata:

  name: cluster-role-cesar-5

rules:

  - apiGroups: [""]

resources:

   - namespaces

   - resourcequotas

   - deletecollection

verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]

---    

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRoleBinding

metadata:

  name: role-binding-cesar-5

  namespace: openshift-operators

subjects:

- kind: ServiceAccount

  name: minio-operator

  namespace: openshift-operators

roleRef:

  kind: ClusterRole

  name: cluster-role-cesar-5

  apiGroup: rbac.authorization.k8s.io

oc login -u kubeadmin https://api.crc.testing:6443

oc apply -f ~/permissions.yaml

oc adm policy add-scc-to-user privileged -n openshift-operators -z minio-operator

oc adm policy add-scc-to-user privileged -n openshift-operators -z console-sa

oc adm policy add-scc-to-user privileged -n openshift-operators -z default

oc adm policy add-scc-to-user privileged -n openshift-operators -z builder

oc adm policy add-scc-to-user privileged -n openshift-operators -z deployer

---

oc create namespace rafta

oc create serviceaccount minio-operator -n rafta

oc adm policy add-scc-to-user privileged -n rafta -z minio-operator

oc adm policy add-scc-to-user privileged -n rafta -z builder

oc adm policy add-scc-to-user privileged -n rafta -z deployer

oc adm policy add-scc-to-user privileged -n rafta -z default

Create MinIO Tenant

Via the operator console create a tenant

Access Key: STSKAzp1TAsd9TGV
Secret Key: XzMOmH6erHeXzBM8dWAsf5LlOfSRKw7k

Then see the issue after pod is created

ERROR Unable to initialize backend: parity validation returned an error: parity 4 should be less than or equal to 0 <- (4, 1), for pool(1st)

To correct go to the tenant configuration http://localhost:9090/namespaces/rafta/tenants/rafta/configuration and change EC:4 by EC:0

Updating Cert

In order for TLS to work we have to update the certs used by the MinIO operator, let’s go ahead and do that.

First generate the certificate of the signer

oc get secret csr-signer -n openshift-kube-controller-manager-operator -o template='{{ index .data "tls.crt"}}' | base64 -d > route-ca.crt

Then, put together the above cert along with its signer in a file called ingress.pem.

cat public.crt route-ca.crt > ingress.pem

Create a secret using the ingress.pem file above and the private.key from previous step

oc create secret tls secretocuatro --cert=ingress.pem --key=private.key -n openshift-ingress

Patch it using kubectl, and wait for couple of minutes for the cert to be located at /var/run/secrets/kubernetes.io/serviceaccount/ca.crt.

oc patch ingresscontroller.operator default --type=merge -p '{"spec":{"defaultCertificate": {"name": "secretocuatro"}}}' -n openshift-ingress-operator

Wait a few moments while things get ready after the change and Operator will work and be able to communicate

Operator App Store

OperatorHub is the de facto App Store of Operators for the OpenShift ecosystem. The operators that get listed on OperatorHub are thoroughly tested, vetted and supported by their respective authors. The authors can range from community operators to certified operators (such as MinIO) and also RedHat themselves. This gives your organization peace of mind knowing that the operators your developers are installed call be trusted with security and compliance. Because they have access to very critical pieces of infrastructure and you don’t want to just install some random operator from a GitHub repo which might degrade the performance of your system or in the worst case compromise it. So its paramount that your developers are given access to such Operator Marketplaces so they can build the infrastructure needed to power your application.

If you have any questions on the MinIO Operator or how to install it on an OpenShift cluster, be sure to reach out to us on Slack!