minio는 3년전 운영하던 시스템의 오브젝트스토리지로 사용되고 있었는데, 그때는 사실 별 관심이 없었다.
그런데 S3호환이기도 하고, 요즘들어 PV만으로는 한계가 있어보이는 일들이 늘어가는 것 같아
다양한 용도로 사용을 해봐야겠다는 생각이 들어 일단 구성해본다.
구성후 MLOps까지는 아니더라도 velero, springboot 에서 우선 사용해보고 활용방안에 대해 감을 잡아보자
bitnami helm chart로 간단히 구성해본다.
helm repo add bitnami https://charts.bitnami.com/bitnami
helm pull bitnami/minio --version 14.8.5
cd minio
vi values.yaml
#global.storageClass="nfs-client"
#auth.password="password1!"
helm install minio -f values.yaml -n default .
오픈시프트에서는 개발자 카탈로그 > Helm 에서 bitnami repo 추가후 검색하여 설치한다.
values.yaml은 다음과 같다.
# openshift values.yaml
# securityContext 의 runAsUser: 0 이나 1001 과 같은 설정은 다 삭제해준다.
affinity: {}
apiIngress:
annotations: {}
apiVersion: ''
enabled: false
extraHosts: []
extraPaths: []
extraRules: []
extraTls: []
hostname: minio.local
ingressClassName: ''
path: /minio
pathType: ImplementationSpecific
secrets: []
selfSigned: false
servicePort: minio-api
tls: false
args: []
auth:
existingSecret: ''
forceNewKeys: false
forcePassword: false
rootPassword: 'password1!'
rootPasswordSecretKey: ''
rootUser: admin
rootUserSecretKey: ''
useCredentialsFiles: false
useSecret: true
automountServiceAccountToken: false
clientImage:
digest: ''
registry: docker.io
repository: bitnami/minio-client
tag: 2024.10.8-debian-12-r0
clusterDomain: cluster.local
command: []
commonAnnotations: {}
commonLabels: {}
containerPorts:
api: 9000
console: 9001
containerSecurityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
enabled: true
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
customLivenessProbe: {}
customReadinessProbe: {}
customStartupProbe: {}
defaultBuckets: ''
deployment:
updateStrategy:
type: Recreate
disableWebUI: false
extraDeploy: []
extraEnvVars: []
extraEnvVarsCM: ''
extraEnvVarsSecret: ''
extraVolumeMounts: []
extraVolumes: []
fullnameOverride: ''
global:
compatibility:
openshift:
adaptSecurityContext: auto
defaultStorageClass: nfs-client
imagePullSecrets: []
imageRegistry: ''
storageClass: ''
hostAliases: []
image:
debug: false
digest: ''
pullPolicy: IfNotPresent
pullSecrets: []
registry: docker.io
repository: bitnami/minio
tag: 2024.10.13-debian-12-r0
ingress:
annotations: {}
apiVersion: ''
enabled: false
extraHosts: []
extraPaths: []
extraRules: []
extraTls: []
hostname: minio.local
ingressClassName: ''
path: /
pathType: ImplementationSpecific
secrets: []
selfSigned: false
servicePort: minio-console
tls: false
initContainers: []
kubeVersion: ''
lifecycleHooks: {}
livenessProbe:
enabled: true
failureThreshold: 5
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
metrics:
enabled: false
prometheusAuthType: public
prometheusRule:
additionalLabels: {}
enabled: false
namespace: ''
rules: []
serviceMonitor:
apiVersion: ''
enabled: false
honorLabels: false
interval: 30s
jobLabel: ''
labels: {}
metricRelabelings: []
namespace: ''
paths:
- /minio/v2/metrics/cluster
- /minio/v2/metrics/node
relabelings: []
scrapeTimeout: ''
selector: {}
tlsConfig: {}
mode: standalone
nameOverride: ''
namespaceOverride: ''
networkPolicy:
allowExternal: true
allowExternalEgress: true
enabled: true
extraEgress: []
extraIngress: []
ingressNSMatchLabels: {}
ingressNSPodMatchLabels: {}
nodeAffinityPreset:
key: ''
type: ''
values: []
nodeSelector: {}
pdb:
create: true
maxUnavailable: ''
minAvailable: ''
persistence:
accessModes:
- ReadWriteOnce
annotations: {}
enabled: true
existingClaim: ''
mountPath: /bitnami/minio/data
selector: {}
size: 16Gi
storageClass: 'nfs-client'
podAffinityPreset: ''
podAnnotations: {}
podAntiAffinityPreset: soft
podLabels: {}
podSecurityContext:
enabled: false
fsGroupChangePolicy: OnRootMismatch
supplementalGroups: []
sysctls: []
priorityClassName: ''
provisioning:
args: []
buckets: []
cleanupAfterFinished:
enabled: false
seconds: 600
command: []
config: []
containerSecurityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
enabled: true
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
enabled: false
extraCommands: []
extraVolumeMounts: []
extraVolumes: []
groups: []
networkPolicy:
allowExternalEgress: true
enabled: true
extraEgress: []
extraIngress: []
nodeSelector: {}
podAnnotations: {}
podLabels: {}
podSecurityContext:
enabled: false
fsGroupChangePolicy: Always
supplementalGroups: []
sysctls: []
policies: []
resources: {}
resourcesPreset: nano
schedulerName: ''
users: []
usersExistingSecrets: []
readinessProbe:
enabled: true
failureThreshold: 5
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 1
resources: {}
resourcesPreset: micro
runtimeClassName: ''
schedulerName: ''
service:
annotations: {}
clusterIP: ''
externalTrafficPolicy: Cluster
extraPorts: []
headless:
annotations: {}
loadBalancerIP: ''
loadBalancerSourceRanges: []
nodePorts:
api: ''
console: ''
ports:
api: 9000
console: 9001
type: ClusterIP
serviceAccount:
annotations: {}
automountServiceAccountToken: false
create: true
name: ''
sidecars: []
startupProbe:
enabled: false
failureThreshold: 60
initialDelaySeconds: 0
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
statefulset:
drivesPerNode: 1
podManagementPolicy: Parallel
replicaCount: 4
updateStrategy:
type: RollingUpdate
zones: 1
terminationGracePeriodSeconds: ''
tls:
autoGenerated: false
enabled: false
existingSecret: ''
mountPath: ''
tolerations: []
topologySpreadConstraints: []
volumePermissions:
containerSecurityContext:
runAsNonRoot: true
seLinuxOptions: {}
enabled: false
image:
digest: ''
pullPolicy: IfNotPresent
pullSecrets: []
registry: docker.io
repository: bitnami/os-shell
tag: 12-debian-12-r31
resources: {}
resourcesPreset: nano
9001 포트로 minio 서비스에 접근해서 사용해보자.
728x90
'CloudNative > Runtime' 카테고리의 다른 글
| minio springboot file up/download (1) | 2024.11.19 |
|---|---|
| minio multipart test (1) | 2024.11.17 |