# MinIO ## Deploy Minio This playbook installs MinIO on a Kubernetes cluster using Helm and retrieves necessary credentials and access information. ### Variables | Variable | Description | |----------|-------------| | `user_prompt` | SSH user to execute commands | | `host_name_prompt` | Hostname of the target machine | | `memory_req` | Memory allocation for MinIO (`2Gi` by default) | | `storage_req` | Storage allocation for MinIO (`20Gi` by default) | ### Steps Executed 1. Install necessary Python libraries. 2. Check if Helm is installed and install it if not present. 3. Add and update the MinIO Helm repository. 4. Deploy MinIO using Helm if it is not already running. 5. Retrieve the MinIO credentials (root user and password). 6. Retrieve the MinIO UI console external IP and API internal IP. 7. Display login credentials and connection details. ### Running the Playbook ```sh ansible-playbook -i inventory deploy_minio.yml --extra-vars "user_prompt=your-user host_name_prompt=your-host" ``` ## Setting up MinIO access /!\ This part can be automated with this **[ansible playbook](https://github.com/pi-B/ansible-oc/blob/main/setup_minio_admiralty.yml)** which is designed to create ressources in a Argo-Workflows/Admiralty combo. /!\ If you still want to setup the host manually **and** aim to use admiralty, give the ressources an **unique name** and be sure to make this uniqueness accessible (in an environment variable, in a conf file...) - With the output of the last tasks, create a secret in argo namespace to give access to the minio API. We need to use the `create` verb because apply creates a non-functionning secret ```bash kubectl create secret -n generic argo-artifact-secret \ --from-literal=access-key= \ --from-literal=secret-key= ``` - Create a ConfigMap, which will be used by argo to create the S3 artifact, the content must match the one from the previously created secret ```yaml apiVersion: v1 kind: ConfigMap metadata: # If you want to use this config map by default, name it "artifact-repositories". name: artifact-repositories # annotations: # # v3.0 and after - if you want to use a specific key, put that key into this annotation. # workflows.argoproj.io/default-artifact-repository: oc-s3-artifact-repository data: oc-s3-artifact-repository: | s3: bucket: oc-bucket endpoint: [ retrieve cluster with kubectl get service argo-artifacts -o jsonpath="{.spec.clusterIP}" ]:9000 insecure: true accessKeySecret: name: argo-artifact-secret key: access-key secretKeySecret: name: argo-artifact-secret key: secret-key ``` ## Ansible Playbook setup MinIO ### Purpose This playbook sets up MinIO to work with Argo Workflows, including creating the required buckets and secrets. ### Variables | Variable | Description | |----------|-------------| | `user_prompt` | SSH user to execute commands | | `uuid_prompt` | Unique identifier for the Argo secret | | `argo_namespace` | Kubernetes namespace for Argo (`argo` by default) | ### Steps Executed 1. Install necessary dependencies. 2. Download and configure MinIO Client (`mc`). 3. Retrieve MinIO credentials (root user and password). 4. Configure `mc` to connect to MinIO. 5. Create a new S3 bucket (`oc-bucket`). 6. Generate a new access key and secret key for MinIO. 7. Retrieve the MinIO API cluster IP. 8. Create a Kubernetes Secret to store MinIO credentials. 9. Create a Kubernetes ConfigMap for MinIO artifact repository configuration. ### Running the Playbook ```sh ansible-playbook -i inventory setup_minio_resources.yml --extra-vars "user_prompt=your-user uuid_prompt=unique-id" ``` --- ## Expected Output Upon successful execution, you should see: - MinIO deployed and accessible. - MinIO UI console credentials displayed. - MinIO bucket (`oc-bucket`) created. - Secrets and ConfigMaps properly configured in Kubernetes. For any issues, check Ansible logs and validate configurations manually using: ```sh kubectl get pods -n default kubectl get secrets -n argo kubectl get configmaps -n argo ```