Follow https://rook.io/docs/rook/v1.4/ceph-object.html
Create the CephObjectStore as described above and then instead of creating a ObjectBucketCalim
, create a CephObjectStoreUser
cat << EOF | kubectl apply -f -
apiVersion: ceph.rook.io/v1
kind: CephObjectStoreUser
metadata:
name: s3admin
namespace: rook-ceph
spec:
store: my-store
displayName: "s3 admin"
EOF
The secret will be in rook-ceph rook-ceph-object-user-my-store-
Get the ACCESS and SECRET Key
root@k8s-storage-1:~# kubectl -n rook-ceph get secret rook-ceph-object-user-my-store-s3admin -o yaml | grep AccessKey | awk '{print $2}' | base64 --decode
5OY--dummy-TM5
root@k8s-storage-1:~# kubectl -n rook-ceph get secret rook-ceph-object-user-my-store-s3admin -o yaml | grep SecretKey | awk '{print $2}' | base64 --decode
7XOmX--dummy--83Z0Skp4OV
We will use this the minio-gw pod
Follow this https://haproxy-ingress.github.io/docs/getting-started/
kubectl -n rook-ceph get svc -l app=rook-ceph-rgw
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
rook-ceph-rgw-my-store ClusterIP 10.x.x.y <none> 8080/TCP 6h59m
kubeclt apply this
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: mystore-s3-ingress
namespace: rook-ceph
spec:
rules:
- host: s3.mystore.10.x.x.y.nip.io
http:
paths:
- backend:
serviceName: rook-ceph-rgw-my-store
servicePort: 80
status:
loadBalancer:
ingress:
- {}
Now Kubectl apply below for Mino S3 Gateway which is a GUI for S3 backed
apiVersion: v1
kind: Pod
metadata:
name: minio-gw
namespace: minio
labels:
app: minio-gw
purpose: mino-UI
spec:
containers:
- name: minio-gw
image: minio/minio
command:
- sh
- -c
- minio gateway s3 http://s3.mystore.10.x.y.112.nip.io:80
#command: ["/bin/sh"]
#args: ["minio gateway s3 http://s3.mystore.10.x.y.112.nip.io:80"]
ports:
- containerPort: 9000
env:
- name: MINIO_ACCESS_KEY
value: 5OY--dummy-TM5
- name: MINIO_SECRET_KEY
value: 7XOmX--dummy--83Z0Skp4OV
---
apiVersion: v1
kind: Service
metadata:
name: minio-gw-svc
namespace: minio
spec:
selector:
app: minio-gw
ports:
- protocol: TCP
port: 80
targetPort: 9000
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: minio-gw-ing
namespace: minio
spec:
rules:
- host: minio.10.x.x.x.nip.io
http:
paths:
- backend:
serviceName: minio-gw-svc
servicePort: 80
status:
loadBalancer:
ingress:
- {}