tags: `documentation`

draft Create a minio server using local storage

Reference:
- https://cloud.redhat.com/blog/how-to-backup-and-restore-acm-with-oadp-and-minio

requirements

dnf -y install @container-tools gparted tuned.noarch tuned-utils.noarch tuned-utils-systemtap.noarch

create a new partition on your laptop
- The new partition in my case is named /dev/nvme0n1p4

Steps:

Create the physical volume, volume group, logical volumes and filesystem

vgcreate vg_minio-data /dev/nvme0n1p4
lvcreate -n lv_minio-data -l 100%FREE vg_minio-data
lvdisplay lv_minio-data
mkfs.xfs /dev/mapper/vg_minio--data-lv_minio--data
mkdir -pv /minio/data
restorecon -RFvv /minio
tuned-adm profile throughput-performance

Update your /etc/fstab and mount

# add the following line
/dev/mapper/vg_minio--data-lv_minio--data /minio/data xfs defaults,noatime,nodiratime 1 2
mount -v /minio/data/

create the minio user

useradd -s /sbin/nologin -d /minio minio
chown -R minio:minio /minio

start the minio container

podman run \
  --detach \
  -p 9000:9000 \                           <---- MinIO API Port
  -p 9001:9001 \                           <---- MinIO Console Port
  --user $(id -u minio):$(id -g minio) \   
  --name minio-server \
  -e "MINIO_ROOT_USER=minio" \    <---- MinIO User API & Console
  -e "MINIO_ROOT_PASSWORD=minio123" \ <---- MinIO Pass API & Console
  -v /minio/data:/data:z \                 <---- Data Volume Mount
  quay.io/minio/minio server /data --console-address ":9001"

Formatted to execute:

podman run --detach -p 9000:9000 -p 9001:9001 --user $(id -u minio):$(id -g minio) --name minio-server -e "MINIO_ROOT_USER=miniouseradmin" -e "MINIO_ROOT_PASSWORD=miniouserpass" -v /minio/data:/data:z quay.io/minio/minio server /data --console-address ":9001"

start minio container w/ tls
- https://github.com/minio/certgen.git
setup

mkdir /data/certs
pushd /data/certs/
certgen -host "127.0.0.1,localhost"
chown -R minio:minio /data/certs
popd

add a cert to the trust list in fedora/rhel
- https://www.redhat.com/sysadmin/configure-ca-trust-list

cp $cert /etc/pki/ca-trust/source/anchors
update-ca-trust
trust list --filter=ca-anchors | grep -i $example

run w/ ssl cert

podman run --detach -p 9000:9000 -p 9001:9001 --user $(id -u root):$(id -g root) --name minio-server -e "MINIO_ROOT_USER=miniouseradmin" -e "MINIO_ROOT_PASSWORD=miniouserpass" -v ./minio-config:/root/.minio:z  -v /minio/data:/data:z quay.io/minio/minio server /data --console-address ":9001"
981973f50376f72571caeaaa4f28b368b4f5c5c79186af9ba3a2c8a03ba6872c

[root@thinkdoe MINIO]# ls minio-config/certs/
 private.key  public.crt

sudo podman run --detach -p 9000:9000 -p 9001:9001 --user $(id -u minio):$(id -g minio) --name minio-server -e "MINIO_ROOT_USER=minio" -e "MINIO_ROOT_PASSWORD=minio123" -v /minio/certs/:/.minio/certs:z -v /minio/data:/data:z quay.io/minio/minio server /data --console-address ":9001"

Update your firewall

firewall-cmd --state
firewall-cmd --get-default-zone
# depending on your OS version
  firewall-cmd --zone=public --add-port=9000-9001/tcp --permanent
  OR
  firewall-cmd --zone=FedoraWorkstation --add-port=9000-9001/tcp --permanent

If running velero, and you want to run locally

kubectl scale --replicas=0 deployment velero -n velero

delete and recreate your backuplocation

velero backup-location create default --provider aws --bucket velero --cacert public.crt --config region=local,s3ForcePathStyle="true",s3Url=https://localhost:9000 --credential=local-cloud-credentials=bsl

SUCCESS
Now open your browser to localhost:9001 and login

On Kube

https://min.io/docs/minio/kubernetes/upstream/operations/installation.html#minio-k8s-deploy-operator-tls

tags: documentation

draft Create a minio server using local storage

requirements

On Kube

Read more

unsupported args for OADP

OADP-3866

virt-todo

Cloud Casa / block devices Notes

tags: `documentation`