Product
Overview
What is AIStor?
Features
Replication Replication Console Console Cache Cache Encryption Encryption Versioning Versioning Observability Observability Object Immutability Object Immutability Key Management Server Key Management Server S3 Compatibility S3 Compatibility Identity + Access Mgt Identity + Access Mgt Catalog Catalog Object Prompt Object Prompt Lifecycle Lifecycle Firewall Firewall AIHub AIHub
Tools
Erasure Code Calculator Erasure Code Calculator Determine your raw and usable capacity across a range of erasure coding settings. Reference Hardware Reference Hardware MinIO’s recommended Configuration and reference hardware for building large scale data infrastructure.
Solutions
AI Storage Learn how MinIO is leading the AI storage market from its exclusive features to performance at scale. HDFS Migration Modernize and simplify your big data storage infrastructure with cloud native storage with AIStor. Snowflake Learn how to leverage Snowflake external tables to query data without having to move it.
Integrations Integrations with MinIO Browse our expansive list of
integrations with links to the relevant
documentation.
Veeam Learn how MinIO and Veeam have partnered deliver superior RTO and RPO. Modern Datalakes Learn how modern, multi-engine data lakeshouses depend on MinIO's AIStor. Equinix Repatriate your data onto the cloud you control with MinIO and Equinix. SQL Server Learn how to leverage SQL Server 2022 with MinIO to run queries on your data without having to move it. Commvault Learn how Commvault and MinIO are partnered to deliver performance at scale for mission critical backup and restore workloads. Hybrid Cloud Learn how enterprises use MinIO to build AI data infrastructure that runs on any cloud - public, private or colo. Splunk Find out how MinIO is delivering performance at scale for Splunk SmartStores. VMware Discover how MinIO integrates with VMware across the portfolio from the Persistent Data platform to TKG and how we support their Kubernetes ambitions.
Open Source
Github Community Explore, experiment, ask questions and contribute. Docs Development guides. Slack Channel Open Forum for discussing topics related to MinIO.
Download MinIO Object Store Get MinIO's open source server, client, and SDK.
Resources
Resources Home Browse our library of white papers, solution briefs, benchmarks and videos. Blog Product updates, company news, and educational content. Training Learn the MinIO Way and Become a Data Infrastructure Expert.
Events Join us to take advantage to meet with MinIO partners, employees, and subject-matter experts.
Partner Pricing Login Download

Documentation

MinIO Object Storage for OpenShift

Deploy MinIO Operator on RedHat OpenShift

Overview

Red Hat® OpenShift® is an enterprise-ready Kubernetes container platform with full-stack automated operations to manage hybrid cloud, multi-cloud, and edge deployments. OpenShift includes an enterprise-grade Linux operating system, container runtime, networking, monitoring, registry, and authentication and authorization solutions.

You can deploy the MinIO Kubernetes Operator through the Red Hat® OpenShift® Container Platform 4.8+. You can deploy and manage MinIO Tenants through OpenShift after deploying the MinIO Operator. This procedure includes instructions for the following deployment paths:

After deploying the MinIO Operator into your OpenShift cluster, you can create and manage MinIO Tenants through the OperatorHub user interface.

This documentation assumes familiarity with all referenced Kubernetes and OpenShift concepts, utilities, and procedures. While this documentation may provide guidance for configuring or deploying Kubernetes-related or OpenShift-related resources on a best-effort basis, it is not a replacement for the official Kubernetes Documentation and OpenShift Container Platform 4.8+ Documentation.

Prerequisites

RedHat OpenShift 4.8+

The MinIO Kubernetes Operator is available starting with OpenShift 4.8+.

Red Hat Marketplace installation requires registration of the OpenShift cluster with the Marketplace for the necessary namespaces. See Register OpenShift cluster with Red Hat Marketplace for complete instructions.

For older versions of OpenShift, use the generic Deploy the MinIO Operator procedure.

Administrator Access

Installation of operators through the Red Hat Marketplace and the Operator Hub is restricted to OpenShift cluster administrators (cluster-admin privileges). This procedure requires logging into the Marketplace and/or OpenShift with an account that has those privileges.

OpenShift oc CLI

Download and Install the OpenShift CLI oc for use in this procedure.

Procedure

1) Access the MinIO Operator Installation

Select the tab that corresponds to your preferred installation method:

Log into the OpenShift Web Console as a user with cluster-admin privileges.

From the Administrator panel, select Operators, then OperatorHub.

From the OperatorHub page, type “MinIO” into the Filter text entry. Select the MinIO Operator tile from the search list.

From the OperatorHub, search for MinIO, then select the MinIO Tile.

Select the MinIO Operator tile, then click Install to begin the installation.

Open the MinIO Red Hat Marketplace listing in your browser. Click Login to log in with your Red Hat Marketplace account.

After logging in, click Purchase to purchase the MinIO Operator for your account.

After completing the purchase, click Workplace from the top navigation and select My Software.

From the Red Hat Marketplace, select Workplace, then My Software

Click MinIO Hybrid Cloud Object Storage and select Install Operator to start the Operator Installation procedure in OpenShift.

2) Configure and Deploy the Operator

The Install Operator page provides a walkthrough for configuring the MinIO Operator installation.

Complete the Operator Installation Walkthrough

  • For Update channel, select any of the available options.

  • For Installation Mode, select All namespaces on the cluster

  • For Installed Namespace, select openshift-operators

  • For Approval Strategy, select the approval strategy of your choice.

See the Operator Installation Documentation Step 5 for complete descriptions of each displayed option.

Click Install to start the installation procedure. The web console displays a widget for tracking the installation progress.

Wait for Installation to Complete.

Once installation completes, click View Operator to view the MinIO Operator page.

3) Configure TLS Certificates

If you have installed the MinIO Operator from Red Hat OperatorHub, the installation process also configures the OpenShift Service CA Operator. This Operator manages the TLS certificates required to access MinIO Tenants. It automatically renews and rotates the certificates 13 months before expiration. No additional action is required.

For Operator installations deployed by other methods, configure the Service CA certificates manually. See the dropdowns below for details.

OpenShift Service CA Certificate configuration

To manually enable the service-ca Operator to manage TLS certificates:

  1. Use the following oc command to edit the deployment:

    oc edit deployment minio-operator  -n minio-operator

    If needed, replace minio-operator with the name and namespace of your deployment. oc edit opens the deployment configuration file in an editor.

  2. In the spec section, add the highlighted MinIO Operator environment variables:

    containers:
- args:
  - controller
  env:
   - name: MINIO_CONSOLE_TLS_ENABLE
     value: 'on'
   - name: MINIO_OPERATOR_RUNTIME
     value: OpenShift

  3. In the volumes section, add the following volumes and volume mounts:

    • sts-tls

    • openshift-service-ca

    • openshift-csr-signer-ca

    The added volume configuration resembles the following:

    volumes:
  - name: sts-tls
    projected:
      sources:
        - secret:
            name: sts-tls
            items:
              - key: tls.crt
                path: public.crt
              - key: tls.key
                path: private.key
            optional: true
      defaultMode: 420
  - name: openshift-service-ca
    configMap:
      name: openshift-service-ca.crt
      items:
        - key: service-ca.crt
          path: service-ca.crt
      defaultMode: 420
      optional: true
  - name: openshift-csr-signer-ca
    projected:
      sources:
        - secret:
            name: openshift-csr-signer-ca
            items:
              - key: tls.crt
                path: tls.crt
            optional: true
      defaultMode: 420
    volumeMounts:
      - name: openshift-service-ca
        mountPath: /tmp/service-ca
      - name: openshift-csr-signer-ca
        mountPath: /tmp/csr-signer-ca
      - name: sts-tls
        mountPath: /tmp/sts
OpenShift Service CA Certificate for Helm deployments

For Helm deployments on OpenShift, add the following environment variables and volumes to the values.yaml in the Operator Helm chart before deploying.

The added YAML configuration for the operator pod resembles the following:

operator:
  env:
    - name: MINIO_OPERATOR_RUNTIME
      value: "OpenShift"
    - name: MINIO_CONSOLE_TLS_ENABLE
      value: "on"

  volumes:
    - name: sts-tls
      projected:
        sources:
          - secret:
              name: sts-tls
              items:
                - key: tls.crt
                  path: public.crt
                - key: tls.key
                  path: private.key
              optional: true
        defaultMode: 420
    - name: openshift-service-ca
      configMap:
        name: openshift-service-ca.crt
        items:
          - key: service-ca.crt
            path: service-ca.crt
        defaultMode: 420
        optional: true
    - name: openshift-csr-signer-ca
      projected:
        sources:
          - secret:
              name: openshift-csr-signer-ca
              items:
                - key: tls.crt
                  path: tls.crt
              optional: true
        defaultMode: 420
  volumeMounts:
    - name: openshift-service-ca
      mountPath: /tmp/service-ca
    - name: openshift-csr-signer-ca
      mountPath: /tmp/csr-signer-ca
    - name: sts-tls
      mountPath: /tmp/sts

4) Open the MinIO Operator Interface

You can find the MinIO Operator Interface from the Operators left-hand navigation header

  1. Go to Operators, then Installed Operators.

  2. For the Project dropdown, select openshift-operators.

  3. Select MinIO Operators from the list of installed operators. The Status column must read Success to access the Operator interface.

5) Next Steps

After deploying the MinIO Operator, you can create a new MinIO Tenant. To deploy a MinIO Tenant using OpenShift, see Deploy a Tenant using the OpenShift Web Console.

This work is licensed under a Creative Commons Attribution 4.0 International License. 2020-Present, MinIO, Inc. Creative Commons License