COS-lite docs - Set up minio for s3 testing

Table of Contents

Minio is a lightweight S3-compatible object storage system. In its single-node configuration, it is suitable for providing s3 storage backends for testing purposes for certain HA COS addons such as Tempo, Loki and Mimir.

In production, you will probably want to deploy ceph and then follow this guide instead how to use ceph for s3 storage.

The minio charm does not directly provide an s3 endpoint. For that, we need to deploy an s3-integrator app to act as intermediary.

Single-node Minio deployment

Deploy `minio`

Deploy the minio charm (feel free to use stronger access and secret keys depending on how exposed your environment is)

juju deploy minio --channel edge --trust --config access-key=accesskey --config secret-key=mysoverysecretkey

Note that the secret-key must be at least 8 characters long. If not, Minio will crash.

And wait for it to go to active/idle.

Deploy `s3-integrator`

juju deploy s3-integrator --channel edge --trust s3

We deploy s3-integrator as s3, but feel free to give the app a different name.

And wait for it to go to blocked/idle. The s3 app will go into blocked status until you run the sync-s3-credentials action to give it access to minio.

juju run s3/leader sync-s3-credentials access-key=accesskey secret-key=mysoverysecretkey,

Add a bucket

Using the Minio UI

The simplest way to create a bucket is to use the Minio console. Obtain the Minio IP from the juju status output and then open http://MINIO_IP:9001 in a browser using the access key and secret key you configured earlier as user and password respectively.

From there you should be able to create a bucket with a few clicks. See this guide for a step-by-step tutorial.

Using the Python sdk

Alternatively, you can use the python sdk.

pip install minio

Then execute:

from minio import Minio

address = <minio/0 unit IP>
bucket_name = "mybucket"  # replace with your bucket name

mc_client = Minio(
    f"{address}:9000",
    access_key="accesskey",
    secret_key="secretkey",
    secure=False,
)

found = mc_client.bucket_exists(bucket_name)
if not found:
    mc_client.make_bucket(bucket_name)

Integrate s3

Now grant the s3 integrator access to the bucket by doing:

juju config s3 endpoint=minio-0.minio-endpoints.<JUJU MODEL NAME>.svc.cluster.local:9000 bucket=mybucket

Replace with the name of the juju model minio is deployed in, and mybucket with the name of the bucket you just created.

Now the s3 integrator is ready to provide the s3 integration to any charm requiring it.

:warning: Note that, as of rev 41 for s3-integrator, if multiple charms each require integration with different S3 buckets, you would need to deploy multiple s3-integrator applications—one per unique bucket, as each s3-integrator application can only have one set of unique bucket configurations. see more

A handy script to do it all

We have written a simple python script that does all of the above, for internal development purposes. And, as it happens, you can use it too!

juju switch cos  # select the model where you have COS-lite deployed
sudo pip3 install minio  # install the script's only dependency
curl https://raw.githubusercontent.com/canonical/tempo-coordinator-k8s-operator/main/scripts/deploy_minio.py | python3

The script will install minio charm, s3-integrator charm and configure them to create and use tempo bucket where traces will be stored. Once the script finishes, you should see the following message:

Waiting for task 2...
ok: Credentials successfully updated.

all done! have fun.

Your storage is now ready, and you can integrate the s3 app to whatever needs a bucket.

4 Likes

Hi @ppasotti

There is even a simpler way to create a bucket in minio:

Log into the Minio console: http://MINIO_IP:9001 with user: accesskey and Password: secretkey and create a bucket with a few click :wink:

1 Like

@ppasotti I tried to deploy the s3-integrator and without running juju <run|run-action> s3-integrator/leader sync-s3-credentials access-key=<your_key> secret-key=<your_secret_key>, the charm results in BlockedStatus. I think this command is required and it would be nice to note that the secret key must be 8 characters long at least! Otherwise, minio will crash.

Additionally, the juju integrate s3 minio command is not relevant here.

2 Likes

Beautiful!

1 Like