marco/plugin-barman-cloud
1
0
Fork 0
mirror of https://github.com/cloudnative-pg/plugin-barman-cloud.git synced 2026-01-11 21:23:12 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

docs: update minio object store docs

Browse Source 
The MinIO Gateway is deprecated as of 2022-02-24:
https://blog.min.io/deprecation-of-the-minio-gateway/

These updated docs explain how to use MinIO's S3-compatible object
storage without the need for setting up a dedicated gateway.

Signed-off-by: Alexander Rundberg <alex@gwai.se>
This commit is contained in:
Alexander Rundberg 2025-06-29 11:59:13 +02:00 committed by Marco Nenciarini
parent 70e12dea9a
commit 1d35e3632f
1 changed files with 17 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
web/docs/object_stores.md
View File

@ -384,87 +384,30 @@ write permissions to the bucket.
--- ---
## MinIO Gateway ## MinIO Object Store
MinIO Gateway can proxy requests to cloud object storage providers like S3 or GCS. For the lastest documentation on MinIO, please refer to the
For more information, refer to [MinIO official documentation](https://docs.min.io/). [MinIO official documentation](https://docs.min.io/).
### Setup MinIO Object Store's API is compatible with S3, the default configuration of the tenant
will create these services:
- `<tenant>-console` on port 9090 (with autocert) or 9443 (without autocert)
- `<tenant>-hl` on port 9000
Create MinIO access credentials: The `console` service is for managing the tenant, while the `hl` service exposes the S3
compatible API. If your tenant is configured with `requestAutoCert` you will communicate
to these services over HTTPS, if not you will use HTTP.
For authentication you can use your username and password, or create an access key.
Whichever method you choose, it has to be stored as a secret.
```sh ```sh
kubectl create secret generic minio-creds \ kubectl create secret generic minio-creds \
--from-literal=MINIO_ACCESS_KEY=<minio access key> \ --from-literal=MINIO_ACCESS_KEY=<minio access key or username> \
--from-literal=MINIO_SECRET_KEY=<minio secret key> --from-literal=MINIO_SECRET_KEY=<minio secret key or password>
``` ```
:::note Finally, create the Barman ObjectStore:
Cloud Object Storage credentials will be used only by MinIO Gateway in this
case.
:::
Expose MinIO Gateway via `ClusterIP`:
```yaml
apiVersion: v1
kind: Service
metadata:
name: minio-gateway-service
spec:
type: ClusterIP
ports:
- port: 9000
targetPort: 9000
protocol: TCP
selector:
app: minio
```
Here follows an excerpt of an example of deployment relaying to S3:
```yaml
apiVersion: apps/v1
kind: Deployment
[...]
spec:
containers:
- name: minio
image: minio/minio:RELEASE.2020-06-03T22-13-49Z
args: ["gateway", "s3"]
ports:
- containerPort: 9000
env:
- name: MINIO_ACCESS_KEY
valueFrom:
secretKeyRef:
name: minio-creds
key: MINIO_ACCESS_KEY
- name: MINIO_SECRET_KEY
valueFrom:
secretKeyRef:
name: minio-creds
key: MINIO_SECRET_KEY
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: aws-creds
key: ACCESS_KEY_ID
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: aws-creds
key: ACCESS_SECRET_KEY
# Uncomment the below section if session token is required
# - name: AWS_SESSION_TOKEN
# valueFrom:
# secretKeyRef:
# name: aws-creds
# key: ACCESS_SESSION_TOKEN
```
Proceed by configuring MinIO Gateway service as the `endpointURL` in the
`ObjectStore` definition, then choose a bucket name to replace `BUCKET_NAME`:
```yaml ```yaml
apiVersion: barmancloud.cnpg.io/v1 apiVersion: barmancloud.cnpg.io/v1
@ -474,7 +417,7 @@ metadata:
spec: spec:
configuration: configuration:
destinationPath: s3://BUCKET_NAME/ destinationPath: s3://BUCKET_NAME/
endpointURL: http://minio-gateway-service:9000 endpointURL: http://<tenant>-hl:9000
s3Credentials: s3Credentials:
accessKeyId: accessKeyId:
name: minio-creds name: minio-creds