How do I deploy an SSL certificate for a related component in K8S? For example, minio.

[caesar168]

What would you like to share?

How do I deploy an SSL certificate for a related component in K8S? For example, minio.

Additional information

No response

[cubxxw]

After reading the article you provided at https://github.com/openimsdk/helm-charts/tree/main/infra/minio, I would suggest searching for tls.enabled on the page to determine if setting it to false can resolve the authentication issue with Minio in the container. Thank you for bringing this to my attention and I hope this solution proves helpful.

[cubxxw]

@caesar168 You can configure this field in the following file: https://github.com/openimsdk/helm-charts/blob/main/infra/minio-config.yaml. Thank you for considering this option.

apiIngress:
  enabled: true
  ingressClassName: "nginx"
  hostname: openim.server.com # your hostname
  annotations:
    nginx.ingress.kubernetes.io/proxy-body-size: 50m
    nginx.ingress.kubernetes.io/use-regex: "true"
    nginx.ingress.kubernetes.io/rewrite-target: /$2
  path: /im-minio-api(/|$)(.*)
  pathType: ImplementationSpecific
  servicePort: minio-api
  extraTls:
    - hosts:
        - openim.server.com
      secretName: webapitls  #your hostname tls

[caesar168]

We did not use the minio deployment solution provided by the project team, our minio system is deployed in the underlying storage facilities outside the K8S system, so it is invalid to modify the SSL in the project team. In the actual application system, no user will deploy the minio storage in the nfs-client storage class, but directly deploy it on the physical host.

[cubxxw]

Understood. I will work on upgrading the storage and hopefully, you will be pleasantly surprised in the next iteration.