MinIO Operator Guide 
MinIO is a high performance distributed object storage server, designed for large-scale private cloud infrastructure. MinIO is designed in a cloud-native manner to scale sustainably in multi-tenant environments. Orchestration platforms like Kubernetes provide perfect launchpad for MinIO to scale.
MinIO-Operator brings native MinIO, Console, and KES support to Kubernetes. MinIO-Operator currently supports following features:
| Feature | Reference Document |
|---|---|
| Create and delete highly available distributed MinIO clusters | Create a MinIO Tenant. |
| TLS Configuration | TLS for MinIO Tenant. |
| Expand an existing MinIO cluster | Expand a MinIO Cluster. |
| Use a custom template for hostname discovery | Custom Hostname Discovery. |
| Use PodSecurityPolicy for MinIO Pods | Apply PodSecurityPolicy. |
| Deploy Console with MinIO cluster | Deploy MinIO Tenant with Console. |
| Deploy KES with MinIO cluster | Deploy MinIO Tenant with KES. |
Getting Started
Prerequisites
- Kubernetes version v1.17.0 and above for compatibility. MinIO Operator uses
k8s/client-gov0.18.0. kubectlconfigured to refer to a Kubernetes cluster.- Create the required PVs using direct CSI driver.
- Optional:
kustomizeinstalled as explained here.
Create Operator Deployment
To start MinIO-Operator with default configuration, use the kubectl apply -k on this repository.
kubectl apply -k github.com/minio/operatorAdvanced users can leverage kustomize to customize operator configuration via overlays.
git clone https://github.com/minio/operator
kustomize build | kubectl apply -f -Create a MinIO Tenant
Once MinIO-Operator deployment is running, you can create MinIO Tenants using the below command
kubectl apply -f https://raw.githubusercontent.com/minio/operator/master/examples/tenant.yaml
Access Tenant via Service
Add an external service in Tenant definition to enable Service based access to the Tenant pods. Refer the example here for details on how to setup service based access for Tenant pods.
Environment variables
These variables may be passed to operator Deployment in order to modify some of its parameters
| Name | Default | Description |
|---|---|---|
CLUSTER_DOMAIN |
cluster.local |
Cluster Domain of the Kubernetes cluster |
WATCHED_NAMESPACE |
- |
If set, the operator will watch for Tenant (tenant.minio.min.io) resources in specified namespace only. If empty, operator will watch all namespaces. |
Explore Further
- MinIO Erasure Code QuickStart Guide
- Use
mcwith MinIO Server - Use
aws-cliwith MinIO Server - The MinIO documentation website
- Expose MinIO via Istio: Istio >= 1.4 has support for headless Services, so instead of creating an explicit
Servicefor the created MinIO Tenant, you can also directly target the headless Service that is created by the operator. Use Istio Ingress Gateway to configure Istio to expose the MinIO service outside of the service mesh.
