Documentation

Deploy MinIO Operator on Google Kubernetes Engine

Overview

Google Kubernetes Engine (GKE) offers a highly automated secure and fully managed Kubernetes platform. The MinIO Kubernetes Operator supports deploying MinIO Tenants onto GKE infrastructure using the MinIO Operator Console, the kubectl minio CLI tool, or kustomize for YAML-defined deployments.

Through the GKE Marketplace

MinIO maintains an GKE Marketplace listing through which you can register your GKE cluster with MinIO SUBNET. Any MinIO tenant you deploy through Marketplace-connected clusters can take advantage of SUBNET registration, including 24/7 direct access to MinIO engineers.

Using the MinIO kubectl Plugin

MinIO provides a kubectl plugin for installing and managing the MinIO Operator and Tenants through a terminal or shell (CLI) environment. You can manually register these tenants with MinIO SUBNET at any time.

This page documents deploying the MinIO Operator through the CLI using the kubectl minio plugin. For instructions on deploying the MinIO Operator through the GKE Marketplace, see Deploy MinIO through GKE

This documentation assumes familiarity with all referenced Kubernetes and Google Kubernetes Engine concepts, utilities, and procedures. While this documentation may provide guidance for configuring or deploying Kubernetes-related or Google Kubernetes Engine-related resources on a best-effort basis, it is not a replacement for the official Kubernetes Documentation.

Prerequisites

Existing GKE Cluster

This procedure assumes an existing GKE cluster onto which you can deploy the MinIO Operator.

The Operator by default deploys pods and services with two replicas each and pod anti-affinity. The GKE cluster should therefore have at least two nodes available for scheduling Operator pods and services. While these nodes may be the same nodes intended for use by MinIO Tenants, co-locating Operator and Tenant pods may increase the risk of service interruptions due to the loss of any one node.

kubectl Access to the GKE Cluster

Ensure your host machine has a kubectl installation compatible with the target GKE cluster. For guidance on connecting kubectl to GKE, see Install kubectl and configure cluster access.

Procedure

1) Install the MinIO Kubernetes Plugin

The MinIO Kubernetes Plugin provides a command for initializing the MinIO Operator.

You can install the MinIO plugin using either the Kubernetes Krew plugin manager or manually by downloading and installing the plugin binary to your local host:

Krew is a kubectl plugin manager developed by the Kubernetes SIG CLI group. See the krew installation documentation for specific instructions. You can use the Krew plugin for Linux, MacOS, and Windows operating systems.

You can use Krew to install the MinIO kubectl plugin using the following commands:

kubectl krew update
kubectl krew install minio

If you want to update the MinIO plugin with Krew, use the following command:

kubectl krew upgrade minio

You can validate the installation of the MinIO plugin using the following command:

kubectl minio version

The output should match 5.0.14.

You can download the MinIO kubectl plugin to your local system path. The kubectl CLI automatically discovers and runs compatible plugins.

The following code downloads the latest stable version 5.0.14 of the MinIO Kubernetes plugin and installs it to the system path:

curl https://github.com/minio/operator/releases/download/v5.0.14/kubectl-minio_5.0.14_linux_amd64 -o kubectl-minio
chmod +x kubectl-minio
mv kubectl-minio /usr/local/bin/

The mv command above may require sudo escalation depending on the permissions of the authenticated user.

Run the following command to verify installation of the plugin:

kubectl minio version

The output should display the Operator version as 5.0.14.

You can download the MinIO kubectl plugin to your local system path. The kubectl CLI automatically discovers and runs compatible plugins.

The following PowerShell command downloads the latest stable version 5.0.14 of the MinIO Kubernetes plugin and installs it to the system path:

Invoke-WebRequest -Uri "https://github.com/minio/operator/releases/download/v5.0.14/kubectl-minio_5.0.14_windows_amd64.exe" -OutFile "C:\kubectl-plugins\kubectl-minio.exe"

Ensure the path to the plugin folder is included in the Windows PATH.

Run the following command to verify installation of the plugin:

kubectl minio version

The output should display the Operator version as 5.0.14.

2) Initialize the MinIO Kubernetes Operator

Run the kubectl minio init command to initialize the MinIO Operator:

kubectl minio init

The command initializes the MinIO Operator with the following default settings:

The Operator deploys with certain default settings and resource requests. To modify these settings, do the following:

  1. Append the kubectl minio init -o > operator.yaml to save the YAML configuration to file

  2. Modify settings as-needed to fit your deployment

  3. Run kubectl apply -f operator.yaml to apply the customized Operator deployment.

Important

Document all arguments used when initializing the MinIO Operator.

3) Validate the Operator Installation

To verify the installation, run the following command:

kubectl get all --namespace minio-operator

If you initialized the Operator with a custom namespace, replace minio-operator with that namespace.

The output resembles the following:

NAME                                  READY   STATUS    RESTARTS   AGE
pod/console-59b769c486-cv7zv          1/1     Running   0          81m
pod/minio-operator-7976b4df5b-rsskl   1/1     Running   0          81m

NAME               TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)             AGE
service/console    ClusterIP   10.105.218.94    <none>        9090/TCP,9443/TCP   81m
service/operator   ClusterIP   10.110.113.146   <none>        4222/TCP,4233/TCP   81m

NAME                             READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/console          1/1     1            1           81m
deployment.apps/minio-operator   1/1     1            1           81m

NAME                                        DESIRED   CURRENT   READY   AGE
replicaset.apps/console-59b769c486          1         1         1       81m
replicaset.apps/minio-operator-7976b4df5b   1         1         1       81m

4) Open the Operator Console

Port Forwarding

Note

Some Kubernetes deployments may experience issues with timeouts during port-forwarding operations with the Operator Console. Select the NodePorts section to view instructions for alternative access. You can alternatively configure your preferred Ingress to grant access to the Operator Console service. See https://github.com/kubernetes/kubectl/issues/1368 for more information.

Run the kubectl minio proxy command to temporarily forward traffic from the MinIO Operator Console service to your local machine:

kubectl minio proxy

The command output includes a required token for logging into the Operator Console.

MinIO Operator Console

You can deploy a new MinIO Tenant from the Operator Dashboard.

NodePorts

Use the following command to identify the NodePorts configured for the Operator Console. If your local host does not have the jq utility installed, you can run the first command and locate the spec.ports section of the output.

kubectl get svc/console -n minio-operator -o json | jq -r '.spec.ports'

The output resembles the following:

[
   {
      "name": "http",
      "nodePort": 31055,
      "port": 9090,
      "protocol": "TCP",
      "targetPort": 9090
   },
   {
      "name": "https",
      "nodePort": 31388,
      "port": 9443,
      "protocol": "TCP",
      "targetPort": 9443
   }
]

Use the http or https port depending on whether you deployed the Operator with Console TLS enabled via kubectl minio init --console-tls.

Append the nodePort value to the externally-accessible IP address of a worker node in your Kubernetes cluster.

Use the following command to retrieve the JWT token necessary for logging into the Operator Console:

kubectl get secret/console-sa-secret -n minio-operator -o json | jq -r '.data.token' | base64 -d