-
Notifications
You must be signed in to change notification settings - Fork 297
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
As per minio/console#2539 , the websocket behavior integrated as part of Console 0.22.1 (minio/console#2419) seems to break port-forwarding behavior. There's no easy fix for this. NodePorts are a workaround, but slightly kludgy. Ingress is the better long-term solution, but requires more work. This is a stopgap: - For Operator, point users towards NodePorts if port-forwarding fails - For Tenant Console, simply drop port-forwarding entirely and point only at Ingress/LB Out of scope but in progress is Ingress guidance for Nginx and Traefik so we can close the loop on this.
- Loading branch information
Showing
10 changed files
with
136 additions
and
211 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
82 changes: 82 additions & 0 deletions
82
source/includes/common/common-k8s-connect-operator-console.rst
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,82 @@ | ||
.. tab-set:: | ||
|
||
.. tab-item:: Port Forwarding | ||
|
||
.. note:: | ||
|
||
Starting with Operator 4.5.8, the MinIO Operator Console implements websockets for improved performance. | ||
This protocol may exhibit unpredictable behavior with Kubernetes port-forwarding, especially during the login sequence. | ||
|
||
Users who encounter timeouts when using port forwarding should select from the remaining tabs to view alternatives for connecting to the Operator Console. | ||
|
||
Run the :mc:`kubectl minio proxy` command to temporarily forward traffic from | ||
the :ref:`MinIO Operator Console <minio-operator-console>` service to your | ||
local machine: | ||
|
||
.. cond:: k8s and not openshift | ||
|
||
.. code-block:: shell | ||
:class: copyable | ||
kubectl minio proxy | ||
.. cond:: openshift | ||
|
||
.. code-block:: shell | ||
:class: copyable | ||
oc minio proxy | ||
The command output includes a JWT token you must use to log into the | ||
Operator Console. | ||
|
||
.. image:: /images/k8s/operator-dashboard.png | ||
:align: center | ||
:width: 70% | ||
:class: no-scaled-link | ||
:alt: MinIO Operator Console | ||
|
||
You can deploy a new :ref:`MinIO Tenant <minio-k8s-deploy-minio-tenant>` from | ||
the Operator Dashboard. | ||
|
||
.. tab-item:: Node Ports | ||
|
||
Use the following command to identify the :kube-docs:`NodePorts <concepts/services-networking/service/#type-nodeport>` configured for the Operator Console. | ||
If your local host does not have the ``jq`` utility installed, you can run the first command and locate the ``spec.ports`` section of the output. | ||
|
||
.. code-block:: shell | ||
:class: copyable | ||
kubectl get svc/console -n minio-operator -o json | jq -r '.spec.ports' | ||
The output resembles the following: | ||
|
||
.. code-block:: json | ||
[ | ||
{ | ||
"name": "http", | ||
"nodePort": 31055, | ||
"port": 9090, | ||
"protocol": "TCP", | ||
"targetPort": 9090 | ||
}, | ||
{ | ||
"name": "https", | ||
"nodePort": 31388, | ||
"port": 9443, | ||
"protocol": "TCP", | ||
"targetPort": 9443 | ||
} | ||
] | ||
Use the ``http`` or ``https`` port depending on whether you deployed the Operator with Console TLS enabled via :mc-cmd:`kubectl minio init --console-tls`. | ||
|
||
Append the ``nodePort`` value to the externally-accessible IP address of a worker node in your Kubernetes cluster. | ||
|
||
Use the following command to retrieve the JWT token necessary for logging into the Operator Console: | ||
|
||
.. code-block:: shell | ||
:class: copyable | ||
kubectl get secret/console-sa-secret -n minio-operator -o json | jq -r '.data.token' | base64 -d |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.