offends/Kubernetes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7a2f41e7d6
Kubernetes/Helm/Helm部署Minio.md
offends 7a2f41e7d6
All checks were successful
continuous-integration/drone Build is passing
Details
synchronization
2024-08-07 18:54:39 +08:00

4.5 KiB
Raw Blame History

本文作者:丁辉

Helm 部署 Minio

介绍

Minio 是一个高性能、开源的云存储和对象存储服务器,适用于任何规模的应用

开始部署

官方仓库

  1. 添加仓库

    helm repo add minio https://charts.min.io/
helm repo update

  2. 创建命名空间

    kubectl create namespace minio

  3. 编写 Yaml 文件

    vi minio-values.yaml

    内容如下

    # 开启 ingress 对外访问
consoleIngress:
  enabled: true
  ingressClassName: # 指定 ingress 控制器, 不指定则需要集群内存在默认的 ingress 控制器
  annotations:
    nginx.ingress.kubernetes.io/proxy-body-size: "1024m" # 调整文件上传允许传输大小
  path: /
  hosts:
    - # 域名
  tls:
   - secretName: minio-tls
     hosts:
       - # 域名

# 配置镜像加速
image:
  repository: quay.io/minio/minio
  tag: latest
  pullPolicy: IfNotPresent

# 配置 Minio 用户密码
rootUser: "填写账户"
rootPassword: "填写密码"
replicas: 1

# 开启持久化存储
persistence:
  enabled: true
  storageClass: "" # 指定存储卷, 不指定则需要集群内存在默认的存储卷

# 独立部署模式 
mode: standalone
resources:
  requests:
    memory: 512Mi

# 指定分享访问地址
environment:
  MINIO_SERVER_URL: "https://域名:9000"

  4. 创建 Nginx 证书 secret

    cert为.pem和.crt文件都可以

    kubectl create secret tls minio-tls --key nginx.key --cert nginx.pem -n minio

  5. 安装

    helm install --namespace minio minio minio/minio -f minio-values.yaml

  6. 部署 Nginx 代理

    vi default.conf

    内容如下

    server {
    listen       9000 ssl;
    server_name  localhost; # 这里替换自己的域名

    client_max_body_size 1024m; # 限制上传文件大小

    ssl_certificate     /etc/nginx/conf.d/cert/tls.crt; 
    ssl_certificate_key /etc/nginx/conf.d/cert/tls.key;

    location / {
                    proxy_set_header    X-FORWARDED-FOR $remote_addr;
                    proxy_set_header    X-FORWARDED-PROTO $scheme;
                    proxy_set_header    Host   $http_host;
                    proxy_pass          http://minio:9000;
    }
}

  7. 编辑 Dockerfile

    vi Dockerfile

    内容如下

    FROM nginx:alpine-slim

COPY ./default.conf /etc/nginx/conf.d/default.conf

EXPOSE 9000

  8. 构建镜像

    docker build -t minio-gateway:v1.0 .

  9. 查看 Minio SVC IP

    kubectl get svc -n minio | grep 9000 | awk '{print $3}'

  10. 编辑 Yaml

    vi minio-gateway.yaml

    内容如下

    apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: minio
  name: minio-gateway
  labels:
    app: minio-gateway
spec:
  selector:
    matchLabels:
      app: minio-gateway
  template:
    metadata:
      labels:
        app: minio-gateway
    spec:
      hostNetwork: true
      hostAliases:
      - ip: "" #填入 Minio SVC IP
        hostnames:
        - "minio"
      containers:
        - name: minio-gateway
          image: minio-gateway:v1.0
          imagePullPolicy: IfNotPresent
          ports:
            - containerPort: 9000
              protocol: TCP
          readinessProbe:
            failureThreshold: 3
            initialDelaySeconds: 5
            periodSeconds: 3
            successThreshold: 1
            tcpSocket:
              port: 9000
            timeoutSeconds: 10
          resources:
            limits:
              memory: 128Mi
          volumeMounts:
            - name: ssl
              mountPath: "/etc/nginx/conf.d/cert/"
      volumes:
        - name: ssl
          secret:
            secretName: minio-ssl

  11. 部署

    kubectl apply -f minio-gateway.yaml

卸载

  1. 卸载网关

    kubectl delete -f minio-gateway.yaml

  2. 卸载 minio

    helm uninstall minio -n minio

  3. 删除 secret

    kubectl delete secret minio-tls -n minio

  4. 删除命名空间

    kubectl delete namespace minio