4.1 KiB
4.1 KiB
MinIO
Deploy Minio
This playbook installs MinIO on a Kubernetes cluster using Helm and retrieves necessary credentials and access information.
Variables
| Variable | Description |
|---|---|
user_prompt |
SSH user to execute commands |
host_name_prompt |
Hostname of the target machine |
memory_req |
Memory allocation for MinIO (2Gi by default) |
storage_req |
Storage allocation for MinIO (20Gi by default) |
Steps Executed
- Install necessary Python libraries.
- Check if Helm is installed and install it if not present.
- Add and update the MinIO Helm repository.
- Deploy MinIO using Helm if it is not already running.
- Retrieve the MinIO credentials (root user and password).
- Retrieve the MinIO UI console external IP and API internal IP.
- Display login credentials and connection details.
Running the Playbook
ansible-playbook -i inventory deploy_minio.yml --extra-vars "user_prompt=your-user host_name_prompt=your-host"
Setting up MinIO access
/!\ This part can be automated with this ansible playbook which is designed to create ressources in a Argo-Workflows/Admiralty combo.
/!\ If you still want to setup the host manually and aim to use admiralty, give the ressources an unique name and be sure to make this uniqueness accessible (in an environment variable, in a conf file...)
- With the output of the last tasks, create a secret in argo namespace to give access to the minio API. We need to use the
createverb because apply creates a non-functionning secret
kubectl create secret -n <name of your argo namespace> generic argo-artifact-secret \
--from-literal=access-key=<your access key> \
--from-literal=secret-key=<your secret key>
- Create a ConfigMap, which will be used by argo to create the S3 artifact, the content must match the one from the previously created secret
apiVersion: v1
kind: ConfigMap
metadata:
# If you want to use this config map by default, name it "artifact-repositories".
name: artifact-repositories
# annotations:
# # v3.0 and after - if you want to use a specific key, put that key into this annotation.
# workflows.argoproj.io/default-artifact-repository: oc-s3-artifact-repository
data:
oc-s3-artifact-repository: |
s3:
bucket: oc-bucket
endpoint: [ retrieve cluster with kubectl get service argo-artifacts -o jsonpath="{.spec.clusterIP}" ]:9000
insecure: true
accessKeySecret:
name: argo-artifact-secret
key: access-key
secretKeySecret:
name: argo-artifact-secret
key: secret-key
Ansible Playbook setup MinIO
Purpose
This playbook sets up MinIO to work with Argo Workflows, including creating the required buckets and secrets.
Variables
| Variable | Description |
|---|---|
user_prompt |
SSH user to execute commands |
uuid_prompt |
Unique identifier for the Argo secret |
argo_namespace |
Kubernetes namespace for Argo (argo by default) |
Steps Executed
- Install necessary dependencies.
- Download and configure MinIO Client (
mc). - Retrieve MinIO credentials (root user and password).
- Configure
mcto connect to MinIO. - Create a new S3 bucket (
oc-bucket). - Generate a new access key and secret key for MinIO.
- Retrieve the MinIO API cluster IP.
- Create a Kubernetes Secret to store MinIO credentials.
- Create a Kubernetes ConfigMap for MinIO artifact repository configuration.
Running the Playbook
ansible-playbook -i inventory setup_minio_resources.yml --extra-vars "user_prompt=your-user uuid_prompt=unique-id"
Expected Output
Upon successful execution, you should see:
- MinIO deployed and accessible.
- MinIO UI console credentials displayed.
- MinIO bucket (
oc-bucket) created. - Secrets and ConfigMaps properly configured in Kubernetes.
For any issues, check Ansible logs and validate configurations manually using:
kubectl get pods -n default
kubectl get secrets -n argo
kubectl get configmaps -n argo