minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-11-09 02:22:17 +03:00
Code Activity
Files
779f5945598ee4f9903da04bf9623606fa896c80
docs/source/operations/deployments/k8s-modify-minio-tenant-on-kubernetes.rst
Ravind Kumar 571f188a4e Attempting to reduce docs to single platform (#1258) 
##

We are going to make the following changes to the Object Store docs as
part of a larger QC/Content pass:

### Left Navigation

We want to modify the left navigation flow to be a natural progression
from a basic setup to more advanced.

For example:

- Core Concepts
  - Deployment Architecture
  - Availability and Resiliency
  - Erasure Coding and Object Healing
  - Object Scanner
  - Site Replication and Failover
  - Thresholds and Limits
- Installation
  - Deployment Checklist
  - Deploy MinIO on Kubernetes
  - Deploy MinIO on Red Hat Linux
  - Deploy MinIO on Ubuntu Linux
  - Deploy MinIO for Development (MacOS, Windows, Container)
- Security and Encryption (Conceptual Overview)
  - Network Encryption (TLS) (Conceptual overview)
    - Enable Network Encryption using Single Domain
    - Enable Network Encryption using Multiple Domains
    - Enable Network Encryption using certmanager (Kubernetes only)
  - Data Encryption (SSE) (Conceptual overview)
    - Enable SSE using AIStor Key Management Server
    - Enable SSE using KES (Summary page + linkouts)
  - External Identity Management (Conceptual Overview)
    - Enable External Identity management using OpenID
    - Enable External Identity management using AD/LDAP
- Backup and Recovery
  - Create a Multi-Site Replication Configuration
  - Recovery after Hardware Failure
    - Recover after drive failure
    - Recover after node failure
    - Recover after site failure
- Monitoring and Alerts
  - Metrics and Alerting (v3 reference)
    - Monitoring and Alerting using Prometheus
    - Monitoring and Alerting using InfluxDB
    - Monitoring and Alerting using Grafana
    - Metrics V2 Reference
  - Publish Server and Audit Logs to External Services
  - MinIO Healthcheck API

The Administration, Developer, and Reference sections will remain as-is
for now.

http://192.241.195.202:9000/staging/singleplat/mindocs/index.html

# Goals

Maintaining multiple platforms is getting to be too much, and based on
analytics the actual number of users taking advantage of it is minimal.

Furthermore, the majority of traffic is to installation pages.

Therefore we're going to try to collapse back into a single MinIO Object
Storage product, and use simple navigation and on-page selectors to
handle Baremetal vs Kubernetes.

This may also help to eventually stage us to migrate to Hugo + Markdown

---------

Co-authored-by: Daryl White <53910321+djwfyi@users.noreply.github.com>
Co-authored-by: Rushan <rushenn@minio.io>
Co-authored-by: rushenn <rushenn123@gmail.com>
2025-07-30 12:33:02 -04:00

3.3 KiB
Raw Blame History

Modify a MinIO Tenant

minio

Table of Contents

You can modify tenants after deployment to change mutable configuration settings. See minio-operator-crd for a complete description of available settings in the MinIO Custom Resource Definition.

The method for modifying the Tenant depends on how you deployed the tenant:

Kustomize

For Kustomize-deployed Tenants, you can modify the base Kustomization resources and apply them using kubectl apply -k against the directory containing the kustomization.yaml object.

kubectl apply -k ~/kustomization/TENANT-NAME/

Modify the path to the Kustomization directory to match your local configuration.

Helm

For Helm-deployed Tenants, you can modify the base values.yaml and upgrade the Tenant using the chart:

helm upgrade TENANT-NAME minio-operator/tenant -f values.yaml -n TENANT-NAMESPACE

The command above assumes use of the MinIO Operator Chart repository. If you installed the Chart manually or by using a different repository name, specify that chart or name in the command.

Replace TENANT-NAME and TENANT-NAMESPACE with the name and namespace of the Tenant, respectively. You can use helm list -n TENANT-NAMESPACE to validate the Tenant name.

Add Trusted Certificate Authorities

The MinIO Tenant validates the TLS certificate presented by each connecting client against the host system's trusted root certificate store. The MinIO Operator can attach additional third-party Certificate Authorities (CA) to the Tenant to allow validation of client TLS certificates signed by those CAs.

To customize the trusted CAs mounted to each Tenant MinIO pod, enable the Custom Certificates switch. Select the Add CA Certificate + button to add third party CA certificates.

If the MinIO Tenant cannot match an incoming client's TLS certificate issuer against either the container OS's trust store or an explicitly attached CA, MinIO rejects the connection as invalid.

Manage Tenant Pools

Specify Runtime Class

Console 0.23.1

When adding a new pool or modifying an existing pool for a tenant, you can specify the Runtime Class Name <concepts/containers/runtime-class/> for pools to use.

Decommission a Tenant Server Pool

MinIO Operator 4.4.13 and later support decommissioning a server pool in a Tenant. Specifically, you can follow the Decommission a Server pool <minio/linux/operations/install-deploy-manage/decommission-server-pool.html> procedure to remove the pool from the tenant, then edit the tenant YAML to drop the pool from the StatefulSet. When removing the Tenant pool, ensure the spec.pools.[n].name fields have values for all remaining pools.

View Git Blame Copy Permalink