Articles
      Back to home
      1. Help Center
      2. How To
      3. Articles

      Configure MinIO

      Install MinIO as an S3 target for K10 workflow validation

      Kasten K10 uses Object Storage to export snapshots as backups into an S3 bucket for long term retention. For Test/Dev and Non-Production use-case testing, customers generally leverage an Object Storage solution such as MinIO. MinIO is High Performance Object Storage released under Apache License v2.0. It is API compatible with Amazon S3 cloud storage service. More details regarding MinIO can be found here.

      This guide provides steps to install a local MinIO server for K10 Data Protection workflow validation in your test environment. 

      Configure MinIO w/o TLS

      1. Deploy MinIO helm chart on the Kubernetes cluster.

      $ helm install --name minio --namespace minio-ns stable/minio \
        --set accessKey=admin \
        --set secretKey=password

      2. To access MinIO from localhost, run the following:

      $ kubectl port-forward service/minio 9000 --namespace minio-ns
      URL: http://localhost:9000/
      Username: admin
      Password: password

      3. After logging into the dashboard, create a bucket: (bottom right-hand side)

      4. Enable Read & Write permissions for this bucket, by selecting the icon --> Edit Policy.

      Resource: *
      Permissions: Read & Write
      Configure Location Profile

      5. From the K10 Dashboard, go to Settings --> Location Profile

      Provider: S3 Compatible
      S3 Access Key: admin
      S3 Secret: password
      Endpoint: http://minio.minio-ns.svc.cluster.local:9000
      Bucket Name: <from step #3>

      Note: Skip certificate verification 


      ------------------------------------------------------------------------------------------------------------------

      Configure MinIO with TLS

      6. For testing, generate a Self-Signed Certificate by creating a private key and a public certificate

      private.key: $ openssl genrsa -out private.key 2048

      public.crt: $ openssl req -new -x509 -days 3650 -key private.key -out public.crt -subj "/C=US/ST=state/L=location/O=organization/CN=<domain.com>"

      7. Follow these steps to create a Kubernetes secret and helm chart installation with TLS enabled.

      $ kubectl create secret generic tls-ssl-minio --from-file=path/to/private.key --from-file=path/to/public.crt

      8. Install MinIO

      $ helm install --name minio --namespace minio-ns stable/minio \
      --set accessKey=admin \
      --set secretKey=password \
      --set service.port=443 \
      --set tls.enabled=true \
      --set tls.certSecret=tls-ssl-minio

      9. To access dashboard, setup a local port-forwarding rule

      $ kubectl port-forward service/minio 3443:443 --namespace minio-ns

      10. Open a browser and type the following URL

      https://127.0.0.1:3443

      11. To create a bucket, follow steps 3 and 4.

      Configure Location Profile

      12. From the K10 Dashboard, go to Settings --> Location Profile

      Provider: S3 Compatible
      S3 Access Key: admin
      S3 Secret: password
      Endpoint: https://minio.minio-ns.svc.cluster.local
      Bucket Name: <from step #3>

      Note: Skip certificate verification