MinIO Operator Console

The Operator Console provides a rich user interface for deploying and managing MinIO Tenants on Kubernetes infrastructure. Installing the MinIO Kubernetes Operator automatically installs and configures the Operator Console.

MinIO Operator Console

This page summarizes the functions available with the MinIO Operator Console.

Connect to the Operator Console

Port Forwarding


Some Kubernetes deployments may experience issues with timeouts during port-forwarding operations with the Operator Console. Select the NodePorts section to view instructions for alternative access. You can alternatively configure your preferred Ingress to grant access to the Operator Console service. See for more information.

Run the kubectl minio proxy command to temporarily forward traffic from the MinIO Operator Console service to your local machine:

oc minio proxy

The command output includes a required token for logging into the Operator Console.

MinIO Operator Console

You can deploy a new MinIO Tenant from the Operator Dashboard.


Use the following command to identify the NodePorts configured for the Operator Console. If your local host does not have the jq utility installed, you can run the first command and locate the spec.ports section of the output.

kubectl get svc/console -n minio-operator -o json | jq -r '.spec.ports'

The output resembles the following:

      "name": "http",
      "nodePort": 31055,
      "port": 9090,
      "protocol": "TCP",
      "targetPort": 9090
      "name": "https",
      "nodePort": 31388,
      "port": 9443,
      "protocol": "TCP",
      "targetPort": 9443

Use the http or https port depending on whether you deployed the Operator with Console TLS enabled via kubectl minio init --console-tls.

Append the nodePort value to the externally-accessible IP address of a worker node in your Kubernetes cluster.

Use the following command to retrieve the JWT token necessary for logging into the Operator Console:

kubectl get secret/console-sa-secret -n minio-operator -o json | jq -r '.data.token' | base64 -d

Tenant Management

The MinIO Operator Console supports deploying, managing, and monitoring MinIO Tenants on the Kubernetes cluster.

MinIO Operator Console

You can deploy a MinIO Tenant through the Operator Console.

The Operator Console automatically detects MinIO Tenants deployed on the cluster when provisioned through:

Select a listed tenant to open an in-browser view of that tenant’s MinIO Console. You can use this view to directly manage, modify, expand, upgrade, and delete the tenant through the Operator UI.

New in version Operator: 5.0.0

You can download a Log Report for a tenant from the Pods summary screen.

The report downloads as <tenant-name> The ZIP archive contains status, events, and log information for each pool on the deployment. The archive also includes a summary yaml file describing the deployment.

MinIO SUBNET users relying on the commercial license should register the MinIO tenants to their SUBNET account, which can be done through the Operator Console.

Tenant Registration

MinIO SUBNET users relying on the commercial license should register the MinIO tenants to their SUBNET account, which can be done through the Operator Console.

MinIO Operator Console Register Screen
  1. Select the Register tab

  2. Enter the API Key

    You can obtain the key from MinIO SUBNET through the Console by selecting Get from SUBNET.

TLS Certificate Renewal

Operator 4.5.4 or later

Operator versions 4.5.4 and later automatically renew a tenant’s certificates when the duration of the certificate has reached 80% of its life.

For example, a tenant certificate was issued on January 1, 2023, and set to expire on December 31, 2023. 80% of the 1 year life of the certificate comes on day 292, or October 19, 2023. On that date, Operator automatically renews the tenant’s certificate.

Operator 4.3.3 to 4.5.3

Operator versions 4.3.3 through 4.5.3 automatically renew tenant certificates after they reach 48 hours before expiration.

For a certificate that expires on December 31, 2023, Operator renews the certificate on December 29 or December 30, within 48 of the expiration.

Operator 4.3.2 or earlier

Operator versions 4.3.2 and earlier do not automatically renew certificates. You must renew the tenant certificates on these releases separately.

Review Your MinIO License

To review which license you are using and the features available through different license options, select the License tab.

MinIO supports two licenses: AGPLv3 Open Source or a MinIO Commercial License. Subscribers to MinIO SUBNET use MinIO under a commercial license.

You can also Subscribe from the License screen.