https://pulumi.com logo
Title
f

flat-planet-10000

04/25/2023, 11:55 AM
Hi, I am trying to create a minio bucket within a kubernetes cluster. How can I configure the minio provider to be run with the cluster? Here is the code snippet:
import * as minio from '@pulumi/minio';
import * as config from './config';

const provider = new minio.Provider("minio-provider", {
    minioServer: config.minioServer,
    minioSsl: config.minioSsl,
    minioUser: config.minioRootUser,
    minioPassword: config.minioRootPassword,
    minioRegion: 'my-region',
}, {
    provider: config.k8sprovider,
});

export const bucket = new minio.S3Bucket("minio-bucket", {
    bucket: "testbucket",
}, {
    provider,
});
The Error I get is:
dial tcp: lookup minio.minio.svc.cluster.local on <my local ip>: no such host
b

billowy-army-68599

04/25/2023, 3:51 PM
You will need to have network access into the cluster to hit that address, alternatively you can create an exposed service or an ingress
Either way, this isn’t really a Pulumi problem, it’s a networking problem
s

salmon-account-74572

04/25/2023, 4:19 PM
Are you able to share the
config
file from line 2? That will help us see how the Minio server is being configured. Perhaps that can be modified to create an exposed service as @billowy-army-68599 suggests, which is required in order to be able to communicate with Minio.
f

flat-planet-10000

04/26/2023, 9:13 AM
I tried to split up the infrastructure in a infra repo. There I install minio with the helm chart:
const minioNs = new k8s.core.v1.Namespace('minio', {
    metadata: { name: 'minio' }
}, {
    provider: cluster.k8sProvider,
});
const chart = new k8s.helm.v3.Chart(
    "minio",
    {
        chart: "minio",
        version: "11.10.16",
        fetchOpts: {
            repo: "<https://marketplace.azurecr.io/helm/v1/repo>",
        },
        values: {
            global: {
                stroageClass: config.minioStorageClass,
            },
            auth: {
                rootUser: config.minioRootUser,
                rootPassword: rootPassword.result,
            },
            // defaultBuckets: "testbucket",
            config: {
                name: "region",
                options: {
                    name: config.minioRegion,
                }
            }
        },
        namespace: minioNs.metadata.name,
    },
    { provider: cluster.k8sProvider },
);
const service = chart.getResource("v1/Service", `minio/minio`);

export const minioServer = pulumi.interpolate`${service.metadata.name}.${minioNs.metadata.name}.svc.cluster.local:9000`;
export const minioSsl = false;
export const minioRootUser = config.minioRootUser;
export const minioRootPassword = pulumi.secret(s3.rootPassword.result);
export const minioRegion = config.minioRegion;
And the application deployment uses this stack. Here is the part of the config.
import { Provider } from '@pulumi/kubernetes';
import * as pulumi from '@pulumi/pulumi';

const config = new pulumi.Config();
const env = pulumi.getStack();

const infra = new pulumi.StackReference(`<project>/${env}`);
export const k8sprovider = new Provider('k8s', {
  kubeconfig: infra.getOutput('kubeConfig'),
});
export const minioRegion = config.get('minioRegion') || infra.getOutput('minioRegion');
export const minioServer = infra.getOutput('minioServer');
export const minioSsl = infra.getOutput('minioSsl');
export const minioRootUser = infra.getOutput('minioRootUser');
export const minioRootPassword = infra.getOutput('minioRootPassword');
If I create an exposed service or an ingress, then I have to use SSL/TLS encryption. I wanted to avoid this and therefore just communicate within the cluster. Or do you have a ready solution how to do this?
OK, now I made an ingress and it is working as expected. Thanks for the answers.
s

salmon-account-74572

04/26/2023, 4:56 PM
Glad you got it working!