Monitoring Minio
You can monitor the health of your Minio server on IBM® Cloud Private cluster monitoring dashboard.
Minio exports Prometheus-compatible data as an unauthorized endpoint at /minio/prometheus/metrics.
To enable Prometheus metrics export on Minio server, set the configuration prometheusEnable: true while you install the Minio chart. When you set the parameter to true, monitoring is enabled for all endpoints, even if the
Minio server uses a self-signed TLS certificate.
After the Minio chart is installed, you can view the metrics on the IBM Cloud Private Grafana dashboard.
If you want to enable monitoring only for the endpoints that use a self-signed TLS certificate, then follow the steps in the Enabling monitoring when the Minio server is configured with a self-signed TLS certificate section.
Enabling monitoring when the Minio server is configured with a self-signed TLS certificate
If your Minio server installation uses a self-signed TLS certificate, the metrics are not collected by Prometheus by default. You can enable Prometheus to collect metrics from endpoints that are configured with a signed TLS certificate in any one of the following ways:
Set insecure_skip_verify: true for job_name: 'kubernetes-service-endpoints-with-tls'
-
Edit the
monitoring-prometheusconfigmap.
Note: You can edit themonitoring-prometheusconfigmap either by using the kubectl CLI, or by using the IBM Cloud Private management console. If you are using the kubectl CLI, first ensure that you set it up. See Accessing your cluster from the kubectl CLI.kubectl edit configmap -n kube-system monitoring-prometheus -
Locate the job
kubernetes-service-endpoints-with-tlsand setinsecure_skip_verify: true.Following is a sample file content:
- job_name: 'kubernetes-service-endpoints-with-tls' kubernetes_sd_configs: - role: endpoints relabel_configs: - source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape] action: keep regex: true ... tls_config: ca_file: /opt/ibm/monitoring/caCerts/tls.crt cert_file: /opt/ibm/monitoring/certs/tls.crt key_file: /opt/ibm/monitoring/certs/tls.key insecure_skip_verify: true ===>>> Set this parameter to true <<<====
Add Minio server details to the configmap under the scrape_configs section
-
Get the Minio service IP address.
kubectl get svc -n defaultFollowing is a sample output:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 21d minio-ibm-minio-objectstore ClusterIP 10.0.0.135 <none> 9000/TCP 18m -
Edit the
monitoring-prometheusconfigmap. Note: You can edit themonitoring-prometheusconfigmap either by using the kubectl CLI, or by using the IBM Cloud Private management console. If you are using the kubectl CLI, first ensure that you set it up. See Accessing your cluster from the kubectl CLI.kubectl edit configmap -n kube-system monitoring-prometheus -
Specify the Minio service IP address and port under the
static_configs.targetssection:scrape_configs: - job_name: minio metrics_path: /minio/prometheus/metrics static_configs: - targets: - 10.0.0.135:9000 scheme: https tls_config: insecure_skip_verify: true{pre}
-
Save and exit the configmap.
To access IBM Cloud Private cluster monitoring dashboard, log in to the management console and click Menu > Platform > Monitoring. Or, you can open https://<IP_address>:8443/grafana,
where IP_address is the DNS or IP address that is used to access the IBM Cloud Private console. View the Storage Minio Health dashboard.