Deploy MinIO on Amazon EKS and use your S3 Compatible Storage

Deploy MinIO on Amazon EKS and use your S3 Compatible Storage

Introduction

Tired of the limitations and costs of AWS S3? Unlock a powerful alternative with MinIO, seamlessly integrated with Amazon EKS. This guide provides a step-by-step walkthrough to deploy MinIO, a scalable, multi-tenant object storage solution, on Amazon EKS in just 15 minutes.

minio-banner

Amazon EKS, a managed Kubernetes service on AWS, simplifies Kubernetes management, while MinIO, available on the AWS Marketplace, brings robust object storage capabilities. Imagine handling terabytes to exabytes of data, all while isolating tenants in their own namespaces, all without the confines of S3.

This guide empowers you to ditch AWS S3 and embrace a superior alternative. Let's get started!

Prerequisites

Before diving in, ensure you have the following tools installed:

  • awscli

  • kubectl

  • eksctl

Have these three configuration parameters handy:

  1. AWS Account Number: Find it in the AWS Console or using this command:

     export AWS_ACCOUNT_NUMBER=`aws sts get-caller-identity --query "Account" --output text`
     echo $AWS_ACCOUNT_NUMBER
    
  2. Region: For example, us-west-2.

  3. Cluster Name: For example, minio-cluster.

Initial Setup

1. Set Up Cluster

New Cluster: Replace <CLUSTER_NAME> and execute:

eksctl create cluster \
--name <CLUSTER_NAME> \
--version 1.21 \
--node-type=c6i.24xlarge \
--nodes-min=4 \
--nodes=4 \
--nodes-max=4 \
--zones=us-west-2a,us-west-2b,us-west-2c

2. Install AWS EBS CSI Driver

This driver allows using gp3 and sc1 storage types within EKS:

kubectl apply -k "github.com/kubernetes-sigs/aws-ebs-csi-driver/deploy/kubernetes/overlays/stable/?ref=release-1.5"

Cluster Configuration

1. Create IAM Policy

Replace <CLUSTER_NAME> and <AWS_ACCOUNT_NUMBER> in iam-policy.json:

aws iam create-policy \
--policy-name minio-eks-<CLUSTER_NAME> \
--policy-document file://iam-policy.json

2. Create an OIDC Provider

eksctl utils associate-iam-oidc-provider --region=us-west-2 --cluster=<CLUSTER_NAME> --approve

3. Create Trust, Role, and Service Account

For MinIO Operator:

eksctl create iamserviceaccount \
   --name minio-operator \
   --namespace minio-operator \
   --cluster <CLUSTER_NAME> \
   --attach-policy-arn arn:aws:iam::<AWS_ACCOUNT_NUMBER>:policy/minio-eks-<CLUSTER_NAME> \
   --approve \
   --override-existing-serviceaccounts

For AWS EBS CSI Driver:

eksctl create iamserviceaccount 
   --name ebs-csi-controller-sa 
   --namespace kube-system 
   --cluster <CLUSTER_NAME> 
   --attach-policy-arn arn:aws:iam::<AWS_ACCOUNT_NUMBER>:policy/minio-eks-<CLUSTER_NAME> 
   --approve 
   --override-existing-serviceaccounts

Installing MinIO

Deploy the MinIO Operator:

kubectl apply -k github.com/miniohq/marketplace/eks/resources

Accessing MinIO

1. Retrieve the JWT for Operator Console

kubectl -n minio-operator get secret $(kubectl -n minio-operator get serviceaccount console-sa -o jsonpath="{.secrets[0].name}") -o jsonpath="{.data.token}" | base64 --decode

2. Port Forward to Operator Console

kubectl -n minio-operator port-forward svc/console 9090

Open http://localhost:9090 in your browser and log in with the retrieved JWT.

3. Create a Tenant

Log in and create your first tenant, specifying the desired size and storage type.

Conclusion

Congratulations! In just 15 minutes, you've successfully deployed MinIO on Amazon EKS, paving the way for a robust and scalable object storage solution. This guide offers a powerful starting point for migrating away from AWS S3, empowering you with flexibility, cost-efficiency, and a superior alternative for your data storage needs.

Thank you for reading! If you found this blog post helpful, please consider sharing it with others who might benefit. Feel free to check out my other blog posts and visit my socials!

Read more

Did you find this article valuable?

Support Devarshi Shimpi's Blog by becoming a sponsor. Any amount is appreciated!