blog.sideeffect.dev
sideeffect
AboutArchivesRss
Setup minio in kubernetes with domain bucket access2023-09-10

tldr: remember to set up MINIO_DOMAIN

For seamless use of S3 under on-premise or local development with minio there’s one more config you want to set up.

By default minio object URL will be requested like [https://example.com/bucket/object](http://mydomain.com/bucket/object)

Which may break when you are using S3 SDK from aws-sdk with website endpoints normally you will init and use the SDK like:

// init
const s3 = new S3({
  endpoint: this.endpoint,
  accessKeyId: s3Config.iamAccessKeyId,
  secretAccessKey: s3Config.iamAccessKeySecret,
});
// upload
s3.upload(
  {
    Bucket: this.bucketName,
    Body,
    Key: fileKey,
    ContentType: minetype,
  },
  (err) => {
    if (err) return reject(err);

    return resolve(this.getDownloadURL(fileKey));
  },
);
// list
s3.listObjectsV2(
  {
    Bucket: this.bucketName,
    Prefix: prefix,
    MaxKeys: limit,
    ContinuationToken: continuationToken,
  },
  (err, data) => {
    if (err) return reject(err);

    return resolve({
      count: data.Contents.length,
      data: data.Contents.map((c) => this.getDownloadURL(c.Key)),
      cursor: {
        nextCursor: data.NextContinuationToken || null,
        prevCursor: null, // Do not have the ability to backward
      },
    });
  },
);

To match the experience with s3 on-premise you may like to set the FQDN to let MinIO accepts Bucket DNS style when requested.

Take helm as an example you will end up like this:

minio:
  extraEnvVars:
    - name: MINIO_DOMAIN
      value: "minio.${API_HOST}.nip.io"
  ingress: # For web ui
    enabled: true
    hostname: "minio-console.${API_HOST}.nip.io"
  apiIngress: # For object and api accessing
    enabled: true
    # Since the template is not quoting, we need to add quotes or wildcard will get syntax error 
    hostname: "\"*.minio.${API_HOST}.nip.io\""
    annotations:
      # unlimited the upload body
      nginx.ingress.kubernetes.io/proxy-body-size: "0"
  provisioning:
    enabled: true
    users:
    - username: ${S3_ACCESS_KEY_ID}
      password: ${S3_ACCESS_KEY_SECRET}
      disabled: false
      policies:
      - readwrite
    buckets:
    - name: ${S3_BUCKET_NAME}
    extraCommands:
    # mc alias is set to provisioning based on https://github.com/bitnami/charts/blob/master/bitnami/minio/templates/provisioning-job.yaml
    - 'mc ilm add provisioning/${APP_DSM_S3_BUCKET_NAME}/medias --expiry-days "7"'

After setting up MINIO_DOMAIN there will be no changes in the codebase.