Configuring Minio during IBM Cloud Private installation

Configure Minio when you install your IBM® Cloud Private cluster.

Complete these steps to configure Minio:

Enable Minio storage. Set storage-minio: enabled under the management services list in the /<installation_directory>/cluster/config.yaml file.
```
management_services:
 istio: disabled
 vulnerability-advisor: disabled
 storage-glusterfs: disabled
 storage-minio: enabled
```
Add the following piece of code to the config.yaml file:

storage-minio:
  mode: standalone
  accessKey: "admin"
  secretKey: "admin1234"
  minioAccessSecret: "minio-secret"
  configPath: "/minio/.minio/"
  mountPath: "/export"
  replica: 4
  persistence:
    enabled: false
    useDynamicProvisioning: false
    storageClass: standard
    accessMode: ReadWriteOnce
    size: 10Gi
  service:
    type: ClusterIP
    loadBalancerIP: None
    port: 9000
    nodePort: 31311
    prometheusEnable: false
    prometheusPath: '/minio/prometheus/metrics'
    prometheusPort: '9000'
  ingress:
    enabled: false
    annotations: {}
    path: /
    hosts: ""
    tls: []
  tls:
    enabled: false
    type: "cert-manager-generated"
    minioTlsSecret: ""
    issuerRef:
      name: "icp-ca-issuer"
      kind: "ClusterIssuer"
    clusterDomain: "cluster.local"
  nodeSelector: ""
  tolerations: ""

Following are the descriptions of the parameters that are required for a simple configuration. For an advanced configuration, see the complete list of available parameters: Minio Opens in a new tab .

mode is the Minio server mode. Valid options are standalone or distributed.
accessKey is the access key of the Minio server. The key must be 5 - 20 characters.
secretKey is the secret key of the Minio server. The key must be 8 - 40 characters.
minioAccessSecret is the name of the Kubernetes secret object.
Note: You can configure this parameter only if you are configuring Minio after IBM Cloud Private is installed.
configPath is the location of the default configuration file.
mountPath is the default mount path for the persistent drive.
replica is the number of Minio nodes. This parameter is applicable only to the Minio distributed mode. The value must be 4 - 32 nodes.
persistence.enabled is to set whether persistent volume is used to store data.
persistence.useDynamicProvisioning is to set whether the persistent volume claim (PVC) uses a storage class to bind the volume.
persistence.storageClass is the name of the storage Class to bind the PVC. Specify a storage class name if you set the persistence.useDynamicProvisioning to true.
persistence.accessMode sets the access mode. Valid options are ReadWriteOnce or ReadOnly.
persistence.size is the size of the PVC to be created by using a storage class.
service.type is the Kubernetes service type. Allowed values are ClusterIP, LoadBalancer, or NodePort.
service.clusterIP is the Kubernetes service cluster IP address. The default cluster IP address is used if you set service:type parameter to ClusterIP. You can specify another IP address, if required.
service.loadBalancerIP is the Kubernetes service load balancer IP address. The default load balancer IP address is used if you set service.type parameter to loadBalancer. You can specify another IP address, if required.
service.port is the Kubernetes port on which the service is exposed. Default value is 9000.
service.nodePort exposes the service on the IP address of the node at a static port. Default value is 31311.
service.prometheusEnable enables Prometheus scrape. Default value is false.
service.prometheusPath is the metrics path. Default value is /minio/prometheus/metrics.
service.prometheusPort is the port for scraping metrics. Default value is 9000.
ingress.enabled enables ingress controller.
ingress.annotations are annotation for ingress. For example, {kubernetes.io/ingress.class: nginx, kubernetes.io/tls-acme: "true"}.
ingress.path is the path of the ingress controller. Default value is /.
ingress.hosts are host names that are accepted by the ingress controller. For example, ["chart-example1.local", "chart-example2.local"].
ingress.tls is the TLS configuration of the ingress controller. For example, [{"secretName": "chart-example-tls", "hosts": ["chart-example.local", "chart-example.local"]}].
tls.enabled enables Minio server with TLS certificates when set to true. Default value is false.
tls.type is for specifying whether a chart must autogenerate a TLS certificate by using cert-manager issuer or use the one that you provide. The valid values are provided and cert-manager-generated. If you are providing the certificate, you must create a secret that contains a private key, TLS certificate, and a certificate authority (CA) certificate. You provide the secret name in the tls.minioTlsSecret parameter.
tls.minioTlsSecret is the secret that you create and contains a private key (key private.key), TLS certificate (key public.crt), and a CA certificate (key ca.crt) to configure the Minio server with TLS certificates. You must create and specify the secret in the same namespace where you are deploying the chart. Use this parameter if you set tls.type to provided.
tls.issuerRef.name is the name of ClusterIssuer or Issuer from whom the signed x509 certificate is obtained. You must specify this value if you specified the value of tls.type as cert-manager-generated.
tls.issuerRef.kind is the kind of CA from whom the signed x509 certificate is obtained. Valid values are ClusterIssuer and Issuer. You must specify this value if you specified the value of tls.type as cert-manager-generated.
tls.clusterDomain is the cluster domain name that is used to generate a certificate by using cert-manager. Specify your cluster domain name here. This parameter is applicable when tls.type is set as cert-manager-generated.
nodeSelector is adding node labels for pod assignment. Add labels as {"key":"value"} pair. For example, {"role": "minio-node"}.
tolerations are toleration labels for pod assignment. Add labels as {"key":"value"} pair. For example, [{"operator":"Equal"}, {"effect":"NoSchedule"}].

Configuration of Minio is complete. Proceed with the IBM Cloud Private installation.