Deploy MinIO Operator on RedHat OpenShift

Table of Contents


Red Hat® OpenShift® is an enterprise-ready Kubernetes container platform with full-stack automated operations to manage hybrid cloud, multi-cloud, and edge deployments. OpenShift includes an enterprise-grade Linux operating system, container runtime, networking, monitoring, registry, and authentication and authorization solutions.

You can deploy the MinIO Kubernetes Operator through the Red Hat® OpenShift® Container Platform 4.7+. You can deploy and manage MinIO Tenants through OpenShift after deploying the MinIO Operator. This procedure includes instructions for the following deployment paths:

After deploying the MinIO Operator into your OpenShift cluster, you can create and manage MinIO Tenants through the OperatorHub user interface.

This documentation assumes familiarity with all referenced Kubernetes and OpenShift concepts, utilities, and procedures. While this documentation may provide guidance for configuring or deploying Kubernetes-related or OpenShift-related resources on a best-effort basis, it is not a replacement for the official Kubernetes Documentation and OpenShift Container Platform 4.7+ Documentation.


RedHat OpenShift 4.7+

The MinIO Kubernetes Operator is available starting with OpenShift 4.7+.

Red Hat Marketplace installation requires registration of the OpenShift cluster with the Marketplace for the necessary namespaces. See Register OpenShift cluster with Red Hat Marketplace for complete instructions.

For older versions of OpenShift, use the generic Deploy the MinIO Operator procedure.

Administrator Access

Installation of operators through the Red Hat Marketplace and the Operator Hub is restricted to OpenShift cluster administrators (cluster-admin privileges). This procedure requires logging into the Marketplace and/or OpenShift with an account that has those privileges.

OpenShift oc CLI

Download and Install the OpenShift CLI oc for use in this procedure.

MinIO kubectl Plugin

The MinIO Kubernetes Plugin provides a command line interface for the MinIO Operator. This procedure uses the oc minio plugin as part of the installation.

You can install the MinIO Kubernetes plugin by downloading and installing the plugin binary to your local host:

You can download the MinIO kubectl plugin to your local system path. The oc CLI automatically discovers and runs compatible plugins.

The following code downloads the latest stable version 5.0.1 of the MinIO Kubernetes plugin and installs it to the system path:

curl -o kubectl-minio
chmod +x kubectl-minio
mv kubectl-minio /usr/local/bin/

The mv command above may require sudo escalation depending on the permissions of the authenticated user.

Run the following command to verify installation of the plugin:

oc minio version

The output should display the Operator version as 5.0.1.

You can download the MinIO kubectl plugin to your local system path. The oc CLI automatically discovers and runs compatible plugins.

The following PowerShell command downloads the latest stable version 5.0.1 of the MinIO Kubernetes plugin and installs it to the system path:

Invoke-WebRequest -Uri "" -OutFile "C:\kubectl-plugins\kubectl-minio.exe"

Ensure the path to the plugin folder is included in the Windows PATH.

Run the following command to verify installation of the plugin:

oc minio version

The output should display the Operator version as 5.0.1.


1) Access the MinIO Operator Installation

Select the tab that corresponds to your preferred installation method:

Open the MinIO Red Hat Marketplace listing in your browser. Click Login to log in with your Red Hat Marketplace account.

After logging in, click Purchase to purchase the MinIO Operator for your account.

After completing the purchase, click Workplace from the top navigation and select My Software.

From the Red Hat Marketplace, select Workplace, then My Software

Click MinIO Hybrid Cloud Object Storage and select Install Operator to start the Operator Installation procedure in OpenShift.

Log into the OpenShift Web Console as a user with cluster-admin privileges.

From the Administrator panel, select Operators, then OperatorHub.

From the OperatorHub page, type “MinIO” into the Filter text entry. Select the MinIO Operator tile from the search list.

From the OperatorHub, search for MinIO, then select the MinIO Tile.

Select the MinIO Operator tile, then click Install to begin the installation.

2) Configure and Deploy the Operator

The Install Operator page provides a walkthrough for configuring the MinIO Operator installation.

Complete the Operator Installation Walkthrough
  • For Update channel, select any of the available options.

  • For Installation Mode, select All namespaces on the cluster

  • For Installed Namespace, select openshift-operators

  • For Approval Strategy, select the approval strategy of your choice.

See the Operator Installation Documentation Step 5 for complete descriptions of each displayed option.

Click Install to start the installation procedure. The web console displays a widget for tracking the installation progress.

Wait for Installation to Complete.

Once installation completes, click View Operator to view the MinIO Operator page.

3) Open the MinIO Operator Interface

You can find the MinIO Operator Interface from the Operators left-hand navigation header.

  1. Go to Operators, then Installed Operators.

  2. For the Project dropdown, select openshift-operators.

  3. Select MinIO Operators from the list of installed operators. The Status column must read Success to access the Operator interface.

4) Access the Operator Console

The MinIO Operator includes the Operator Console, a browser-based management interface for managed MinIO tenants.

Port Forwarding


Some Kubernetes deployments may experience issues with timeouts during port-forwarding operations with the Operator Console. Select the NodePorts section to view instructions for alternative access. You can alternatively configure your preferred Ingress to grant access to the Operator Console service. See for more information.

Run the kubectl minio proxy command to temporarily forward traffic from the MinIO Operator Console service to your local machine:

oc minio proxy

The command output includes a required token for logging into the Operator Console.

MinIO Operator Console

You can deploy a new MinIO Tenant from the Operator Dashboard.


Use the following command to identify the NodePorts configured for the Operator Console. If your local host does not have the jq utility installed, you can run the first command and locate the spec.ports section of the output.

kubectl get svc/console -n minio-operator -o json | jq -r '.spec.ports'

The output resembles the following:

      "name": "http",
      "nodePort": 31055,
      "port": 9090,
      "protocol": "TCP",
      "targetPort": 9090
      "name": "https",
      "nodePort": 31388,
      "port": 9443,
      "protocol": "TCP",
      "targetPort": 9443

Use the http or https port depending on whether you deployed the Operator with Console TLS enabled via kubectl minio init --console-tls.

Append the nodePort value to the externally-accessible IP address of a worker node in your Kubernetes cluster.

Use the following command to retrieve the JWT token necessary for logging into the Operator Console:

kubectl get secret/console-sa-secret -n minio-operator -o json | jq -r '.data.token' | base64 -d

You can create a permanent routing rule by creating a Route or Ingress to allow access from external clients, such as your local computer browser.

The following steps provides a summary of actions necessary to create a Route.

  1. From Networking, go to Routes

  2. Create a new Route in the MinIO Operator project. Select a recognizable route name, such as operator-console-route.

  3. Set the Hostname as per your organizations networking and hostname topology. Omit the hostname to allow OpenShift to generate it automatically

  4. Set the Service to console

  5. Set the Target Port to 9090

You can then access the Operator Console using the configured Route. The Operator Console still requires using the generated JWT token for access, which you can generate at any time using oc minio port-forward.

6) Next Steps

After deploying the MinIO Operator, you can create a new MinIO Tenant. To deploy a MinIO Tenant using OpenShift, see Deploy a Tenant using the OpenShift Web Console.