I was looking at articles and it doesnt seem to be clear on the directions. This guide will be exhaustive in an attempt to solve that problem.
First let us assume you have longhorn web app and minio web app up.
Step 1 — Creating Secret:
Create your bucket. Make sure you have the proper access set. You need to make sure Longhorn has the ability to access this bucket. For the purpose of this article, I set it to public. You will have to adjust your access for your purposes.
Go to your minio dashboard. Go to access keys and create an access key and secret.
It should look like this:
YOUR ACCESS KEY AND SECRET KEY WILL BE DIFFERENT. MAKE SURE TO YOUR OWN.
Access Key: 02xPTZmfF9zeJs7V
Secret Key: 1dFXRe7Ml29hpW8v4GCJ9t9n5DnSP9ZUYOUR ACCESS KEY AND SECRET KEY WILL BE DIFFERENT. MAKE SURE TO YOUR OWN.
Now go to settings and region and specify your region. I wrote mine as
Region: us-west-1
Make sure you click save.
Step 2 — Applying Secret:
Now go on your terminal where you have your minio cluster and lets take a look at it
Notice the PORTS. 9090 and 9000. Minio has TWO ports, one for the web UI and one for the S3 port. You need to make sure you know which is which. Mine is the 2nd port at 9000.
So your url is:
192.168.1.66:9000
<EXTERNAL IP>:<PORT>You most likely will mess up here because you put your external domain name (i.e. minio.domain.com) but that is pointing to your port 9090 and not the 9000. This is where I messed up. Since I have an external domain name pointing to 9090 port and forgot. So unless you SPECIFICALLY have an external domain pointing to the 9000 port, then just use the internal domain. Your external IP will be different. MAKE SURE TO USE YOUR EXTERNAL IP.
RECAP
Bucket Name: longhorn
[Allowed Public Access]
Url: http://192.168.1.66:9000/
Access Key: 02xPTZmfF9zeJs7V
Secret Key: 1dFXRe7Ml29hpW8v4GCJ9t9n5DnSP9ZU
Region: us-west-1Step 3 — YAML
This part may be the most trickiest. You want to make sure everything is exact.
echo -n <URL> | base64
echo -n <Access Key> | base64
echo -n <Secret Key> | base64
--------------------------------------------------------
echo -n http://192.168.1.66:9000/ | base64
echo -n t6dstDsYQuf7pbSj | base64
echo -n Q9RPWKxZ4bUIqBSzuOY6TLkFkXcHszRU | base64So notice NO QUOTATION MARKS. Notice the / at the end of http://192.168.1.66:9000/
Result:
aHR0cDovLzE5Mi4xNjguMS42Njo5MDAwLw==
dDZkc3REc1lRdWY3cGJTag==
UTlSUFdLeFo0YlVJcUJTenVPWTZUTGtGa1hjSHN6UlU=Here is the yaml file:
apiVersion: v1
kind: Secret
metadata:
name: longhorn-minio-credentials
namespace: longhorn-system
type: Opaque
data:
AWS_ACCESS_KEY_ID: dDZkc3REc1lRdWY3cGJTag==
AWS_SECRET_ACCESS_KEY: UTlSUFdLeFo0YlVJcUJTenVPWTZUTGtGa1hjSHN6UlU=
AWS_ENDPOINTS: aHR0cDovLzE5Mi4xNjguMS42Njo5MDAwLw==Commands to apply the yaml file
mkdir -p /kubernetes_config/minio
kubectl delete -f /kubernetes_config/minio/s3-cred.yaml
rm -rf /kubernetes_config/minio/s3-cred.yaml
nano /kubernetes_config/minio/s3-cred.yaml
[COPY AND PASTE]
kubectl apply -f /kubernetes_config/minio/s3-cred.yamlStep 4 — Updating Longhorn
Ok you should be on your Longhorn Settings (General Settings Page)
Scroll down until you see “Backup Target” and “Backup Target Credential” Secret
Here is what your put:
Backup Target: s3://longhorn@<REGION>/
Backup Target Credential Secret: longhorn-minio-credentials
Backup Target: s3://longhorn@us-west-1/
Backup Target Credential Secret: longhorn-minio-credentialsNow if you got to Backup. No errors should appear. That means you did it correctly!
