- Kubernetes 1.19+
- Helm 3.2.0+
- (All Nodes)
mkdir -p /data/longhorn
helm repo add longhorn https://charts.longhorn.io
helm repo update longhorn
mkdir -p /data/longhorn
helm install longhorn longhorn/longhorn \
--create-namespace \
--namespace longhorn-system \
--set defaultSettings.defaultDataPath="/data/longhorn" \
--set defaultSettings.defaultDataLocality="best-effort"
kubectl patch storageclass longhorn -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
secrets
endpoint=$(echo -n http://minio.minio-system:9000 | base64)
accesskey_encoded=$(echo -n longhorn-taking-access-key | base64)
secretkey_encoded=$(echo -n longhorn-taking-secret-key | base64)
cat << EOF | kubectl apply -f -
# minio-secret.yaml
---
apiVersion: v1
kind: Secret
metadata:
name: minio-secret
namespace: longhorn-system
type: Opaque
data:
AWS_ACCESS_KEY_ID: ${accesskey_encoded}
AWS_SECRET_ACCESS_KEY: ${secretkey_encoded}
AWS_ENDPOINTS: ${endpoint}
---
apiVersion: v1
kind: Namespace
metadata:
name: minio-system
EOF
- 참고) standalone 모드로 설정함
- 단일 노드 : standalone, 클러스터 : distributed (최소 4대 노드 필요)
accesskey=longhorn-taking-access-key
secretkey=longhorn-taking-secret-key
helm repo add minio https://charts.min.io/
helm repo update
helm install minio minio/minio \
--create-namespace \
--namespace minio-system \
--set existingSecret=minio-secret \
--set mode=standalone \
--set replicas=2 \
--set persistence.size=10Gi \
--set MINIO_REGION=us-east-1 \
--set buckets[0].name=minio-bucket \
--set buckets[0].policy=none \
--set buckets[0].purge=false \
--set users[0].accessKey=${accesskey} \
--set users[0].secretKey=${secretkey} \
--set users[0].policy=readwrite \
--set resources.requests.memory=10Gi
custom policy 설정 시
--set policies[0].name=mypolicy \
--set policies[0].statements[0].resources[0]='arn:aws:s3:::minio-bucket' \
--set policies[0].statements[0].resources[0]='arn:aws:s3:::minio-bucket/*' \
--set policies[0].statements[0].actions[0]='s3:PutBucketPolicy' \
--set policies[0].statements[0].actions[1]='s3:GetBucketPolicy' \
--set policies[0].statements[0].actions[2]='s3:DeleteBucketPolicy' \
--set policies[0].statements[0].actions[3]='s3:ListAllMyBuckets' \
--set policies[0].statements[0].actions[4]='s3:ListBucket' \
--set users[0].accessKey=${accesskey} \
--set users[0].secretKey=${secretkey} \
--set users[0].policy=mypolicy
(Option) traefik IngressRoute
Longhorn
Mino