MinIO Component

S3-compatible object storage with multi-tenancy via bucket sub-components. Auto-creates buckets with policies and generates connection secrets for linked applications.

Architecture

                MinIO Server - S3-compatible object storage

                Bucket - Sub-component for storage isolation

                mc Client - Bucket provisioning via Jobs

                S3 API - AWS S3-compatible interface

                Console - Web UI for management

Quick Reference

Attribute	Example	Default	Effect
`namespace` REQ	`minio`	-	Kubernetes namespace
`root_user` REQ	`admin`	-	Root admin username
`root_password` REQ	`secretpass`	-	Root admin password
`replicas`	`1`	1	Server replicas (4 for distributed)
`storage_size`	`50Gi`	10Gi	PVC storage size
`storageclass`	`standard`	default	Storage class name

Sub-Components

bucket SUB

Defines an S3 bucket with its own access credentials. Creates bucket via mc client Job and generates connection secrets.

Attribute	Example	Description
`bucket_name` REQ	`app-data`	Bucket name
`bucket_access_key` REQ	`AKIAEXAMPLE`	S3 access key ID
`bucket_secret_key` REQ	`secretkey123`	S3 secret access key
`versioning`	`true`	Enable object versioning
`quota`	`10Gi`	Bucket quota limit
`retention_days`	`30`	Object retention in days

                    Creates:

                    - Job: mc mb (bucket creation)

                    - Job: mc admin user add (user creation)

                    - Job: mc admin policy attach (policy assignment)

                    - Secret: bucket-secret.yaml (credentials)

Link Variables

Variable	Link Type	Effect
`__prometheus`	prometheus-minio	ServiceMonitor for metrics
`__loki`	loki-minio	Loki bucket storage
`__apisix`	apisix-minio	Gateway route exposure
`__velero`	velero-minio	Velero backup storage
`__istio`	istio-minio	Service mesh integration
`__kafka`	topic-minio	Kafka S3 sink connector

Components that Link to bucket Sub-Component

Link Type	Consumer	Purpose
`backend-bucket`	fastapi, nodejs, etc.	Injects S3 credentials (AWS_ACCESS_KEY_ID, etc.)
`cnpg-bucket`	CNPG	PostgreSQL backup storage
`mongodb-bucket`	MongoDB	MongoDB backup storage
`loki-bucket`	Loki	Log storage backend
`velero-bucket`	Velero	Cluster backup storage
`k6-bucket`	K6	Load test S3 operations
`kafka-bucket`	Kafka Connect	S3 sink connector destination
`airflow-bucket`	Airflow	DAG ETL S3 operations

Generated Files

File	Condition	Contains
helm/helm-values.yaml	Always	MinIO Helm values
bucket-job.yaml	__bucket exists	mc client bucket creation jobs
secret/minio.env	Always	Root credentials
secret/bucket-secret.yaml	__bucket exists	Per-bucket credentials
service-monitor.yaml	__prometheus	Prometheus ServiceMonitor

Ports

Port	Purpose	Protocol
9000	S3 API endpoint	HTTP/HTTPS
9001	Console UI	HTTP

S3 Connection Format

                Endpoint: http://minio.{namespace}.svc.cluster.local:9000

                Region: us-east-1 (default)

                ENV Variables (per bucket):

                AWS_ACCESS_KEY_ID={bucket_access_key}

                AWS_SECRET_ACCESS_KEY={bucket_secret_key}

                AWS_ENDPOINT_URL=http://minio.{namespace}:9000

                S3_BUCKET={bucket_name}

Technical Info

                Chart Version: 14.6.0

                mc Client: RELEASE.2024-08-26T10-49-58Z

                Ports: 9000 (API), 9001 (Console)

                Kaniko Version: v1.21.0 (for custom builds)