jackersson · September 22, 2021 14:36
diff --git a/config.yaml b/config.yaml
 apiVersion: opdef.apps.onepanel.io/v1alpha1
 kind: OpDef
 spec:
  manifestsRepo: /home/ubuntu/Downloads/test/.onepanel/manifests/v1.0.1-rc.1
  params: params.yaml
  components:
  - kfserving/base
  - cert-manager/base
  - common/application/base
  - common/istio/base
  - common/argo/base
  - common/artifact-repository/base
  - common/onepanel/base
  - storage/base
  overlays:
  - cert-manager/overlays/self-signed
  - common/argo/overlays/cloud
  - common/artifact-repository/overlays/s3
  - common/onepanel/overlays/cloud
  - storage/overlays/microk8s
diff --git a/minio-tenant.yaml b/minio-tenant.yaml
 ## Secret to be used as MinIO Root Credentials
 apiVersion: v1
 kind: Secret
 metadata:
  namespace: camai # your namespace here
  name: minio-autocert-no-encryption-minio-creds-secret
 type: Opaque
 data:
  ## Access Key for MinIO Tenant, base64 encoded (echo -n 'minio' | base64)
  accesskey: bWluaW8=
  ## Secret Key for MinIO Tenant, base64 encoded (echo -n 'minio123' | base64)
  secretkey: bWluaW8xMjM=
 ---
 ## Secret to be used for MinIO Console
 apiVersion: v1
 kind: Secret
 metadata:
  namespace: camai # your namespace here
  name: minio-autocert-no-encryption-console-secret
 type: Opaque
 data:
  ## Passphrase to encrypt jwt payload, base64 encoded (echo -n 'SECRET' | base64)
  CONSOLE_PBKDF_PASSPHRASE: U0VDUkVU
  ## Salt to encrypt jwt payload, base64 encoded (echo -n 'SECRET' | base64)
  CONSOLE_PBKDF_SALT: U0VDUkVU
  ## MinIO User Access Key (used for Console Login), base64 encoded (echo -n 'YOURCONSOLEACCESS' | base64)
  CONSOLE_ACCESS_KEY: WU9VUkNPTlNPTEVBQ0NFU1M=
  ## MinIO User Secret Key (used for Console Login), base64 encoded (echo -n 'YOURCONSOLESECRET' | base64)
  CONSOLE_SECRET_KEY: WU9VUkNPTlNPTEVTRUNSRVQ=
 ---
 ## MinIO Tenant Definition
 apiVersion: minio.min.io/v2
 kind: Tenant
 metadata: 
  namespace: camai # your namespace here
  name: minio-autocert-no-encryption
  ## Optionally pass labels to be applied to the statefulset pods
  labels:
    app: minio-autocert-no-encryption-minio
  ## Annotations for MinIO Tenant Pods
  annotations:
    prometheus.io/path: /minio/v2/metrics/cluster
    prometheus.io/port: "9000"
    prometheus.io/scrape: "true"

 ## If a scheduler is specified here, Tenant pods will be dispatched by specified scheduler.
 ## If not specified, the Tenant pods will be dispatched by default scheduler.
 # scheduler:
 #  name: my-custom-scheduler

 spec:
  ## Registry location and Tag to download MinIO Server image
  image: minio/minio:RELEASE.2021-08-17T20-53-08Z
  imagePullPolicy: IfNotPresent

  ## Secret with credentials to be used by MinIO Tenant.
  ## Refers to the secret object created above.
  credsSecret:
    name: minio-autocert-no-encryption-minio-creds-secret

  ## Specification for MinIO Pool(s) in this Tenant.
  pools:
    - servers: 1
      volumesPerServer: 4
      volumeClaimTemplate:
        metadata:
          name: data
        spec:
          accessModes:
            - ReadWriteOnce
          resources:
            requests:
              storage: 2Gi # your storage here
  ## Mount path where PV will be mounted inside container(s).
  mountPath: /data
    ## Sub path inside Mount path where MinIO stores data.
    # subPath: /data

  ## Enable automatic Kubernetes based certificate generation and signing as explained in
  ## https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster
  requestAutoCert: false

  ## This field is used only when "requestAutoCert" is set to true. Use this field to set CommonName
  ## for the auto-generated certificate. Internal DNS name for the pod will be used if CommonName is
  ## not provided. DNS name format is *.minio.default.svc.cluster.local
  certConfig:
    commonName: ""
    organizationName: []
    dnsNames: []

  ## PodManagement policy for MinIO Tenant Pods. Can be "OrderedReady" or "Parallel"
  ## Refer https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy
  ## for details.
  podManagementPolicy: Parallel

  ## Add environment variables to be set in MinIO container (https://github.com/minio/minio/tree/master/docs/config)
  # env:
  # - name: MINIO_BROWSER
  #   value: "off" # to turn-off browser
  # - name: MINIO_STORAGE_CLASS_STANDARD
  #   value: "EC:2"

  ## PriorityClassName indicates the Pod priority and hence importance of a Pod relative to other Pods.
  ## This is applied to MinIO pods only.
  ## Refer Kubernetes documentation for details https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass/
  # priorityClassName: high-priority
diff --git a/outputs b/outputs
 > KUBECONFIG=./kubeconfig opctl app status
 Your deployment is ready.
 error: unable to get deployed ip from LoadBalancer
 In your /etc/hosts file, add
   app.camai.com
   sys-storage-camai.camai.com
   serving.camai.com

 Once complete, your application will be running at https://app.camai.com

 ArtifactRepository tests: Failed
  Head "https://10.1.62.29:9000/mybucket/": http: server gave HTTP response to HTTPS client
  
  
 > mc alias set minio http://10.1.62.29:9000 minio minio123
 > mc ls minio
 > [2021-09-21 10:52:48 EEST]     0B mybucket/


 CLI version: v1.0.1-rc.1
 Manifest version: v1.0.1-rc.1
 API version: v1.0.1-rc.1
 Web UI version: v1.0.1-rc.1
diff --git a/params.yaml b/params.yaml
 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 # Generated with Onepanel CLI 
 # CLI version: v1.0.1-rc.1
 # Command: opctl init --provider microk8s --artifact-repository-provider s3
 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 # Component: Onepanel
 # Description: Onepanel application information
 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 application:
  # First namespace that will be created in Onepanel, more can be added later
  # Note that you cannot use any of the following reserved namespaces:
  #   onepanel, default, application-system, cert-manager, istio-system, knative-serving, kube-public, kube-system
  defaultNamespace: camai
  # Domain where Onepanel is hosted
  # Use a first-level or multi-level subdomain like example.com or sub.example.com
  domain: camai.com
  # The Fully Qualified Domain (FQDN) where Onepanel will be hosted.
  # If `domain` above is set to example.com or sub.example.com, then your FQDN could be: app.example.com or app.sub.example.com respectively
  fqdn: app.camai.com
  # HTTP or HTTPS - Do not change, determined by `opctl init --enable-https`
  # CLI flag: --enable-https
  insecure: true
  # Node pool key and values used for AutoScaling
  nodePool:
    # Cloud providers will automatically set label key as "node.kubernetes.io/instance-type" on all nodes
    # For all Kubernetes 1.16.x versions, use "beta.kubernetes.io/instance-type"
    # You would also need to use "beta.kubernetes.io/instance-type" for all versions of AKS and GKE 1.17.x
    label: node.kubernetes.io/instance-type
    # These are the machine type options that will be available in Onepanel
    #   `name` can be any user friendly name
    #   `value` should be the instance type in your cloud provider
    #   `resources.limits` should only be set if the node pool has GPUs
    # The first option will be used as default.
    options:
      - name: 'Local Machine'
        value: local
    
  # The kubernetes cluster where Onepanel will be deployed.
  # Valid values: aks, eks, gke, microk8s
  provider: microk8s
 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 # Component: Artifact repository
 # Description: S3 compatible object storage for storing files across Onepanel
 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 artifactRepository:
  s3:
    # S3 access key
    accessKey: minio
    # Name of bucket, example: my-bucket
    bucket: mybucket
    # Endpoint for S3 compatible storage
    # Supported provider endpoints:
    #   AWS: s3.amazonaws.com
    #   GCS: storage.googleapis.com
    #   Minio: my-minio-endpoint.default:9000
    endpoint: 10.1.62.29:9000
    # Change to true if endpoint does NOT support HTTPS
    insecure: false
    # Key Format for objects stored by Workflows. This can reference Workflow variables
    keyFormat: artifacts/{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}
    # Only used if using a local minio setup
    publicEndpoint: 10.1.62.29:9000
    # Bucket region
    region: us-west-2
    # S3 secret key
    secretKey: 'minio123'
 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 # Component: cert-manager
 # Description: automatically creates and renews TLS certificates using Let's Encrypt
 # Docs: https://onepanelio.github.io/core-docs/docs/deployment/configuration/tls
 # CLI flag: --enable-cert-manager
 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 certManager:
  # Enter certificate admin email
  # Example: [email protected]
  email: [email protected]
	apiVersion: opdef.apps.onepanel.io/v1alpha1
	kind: OpDef
	spec:
	manifestsRepo: /home/ubuntu/Downloads/test/.onepanel/manifests/v1.0.1-rc.1
	params: params.yaml
	components:
	- kfserving/base
	- cert-manager/base
	- common/application/base
	- common/istio/base
	- common/argo/base
	- common/artifact-repository/base
	- common/onepanel/base
	- storage/base
	overlays:
	- cert-manager/overlays/self-signed
	- common/argo/overlays/cloud
	- common/artifact-repository/overlays/s3
	- common/onepanel/overlays/cloud
	- storage/overlays/microk8s
	## Secret to be used as MinIO Root Credentials
	apiVersion: v1
	kind: Secret
	metadata:
	namespace: camai # your namespace here
	name: minio-autocert-no-encryption-minio-creds-secret
	type: Opaque
	data:
	## Access Key for MinIO Tenant, base64 encoded (echo -n 'minio' \| base64)
	accesskey: bWluaW8=
	## Secret Key for MinIO Tenant, base64 encoded (echo -n 'minio123' \| base64)
	secretkey: bWluaW8xMjM=
	---
	## Secret to be used for MinIO Console
	apiVersion: v1
	kind: Secret
	metadata:
	namespace: camai # your namespace here
	name: minio-autocert-no-encryption-console-secret
	type: Opaque
	data:
	## Passphrase to encrypt jwt payload, base64 encoded (echo -n 'SECRET' \| base64)
	CONSOLE_PBKDF_PASSPHRASE: U0VDUkVU
	## Salt to encrypt jwt payload, base64 encoded (echo -n 'SECRET' \| base64)
	CONSOLE_PBKDF_SALT: U0VDUkVU
	## MinIO User Access Key (used for Console Login), base64 encoded (echo -n 'YOURCONSOLEACCESS' \| base64)
	CONSOLE_ACCESS_KEY: WU9VUkNPTlNPTEVBQ0NFU1M=
	## MinIO User Secret Key (used for Console Login), base64 encoded (echo -n 'YOURCONSOLESECRET' \| base64)
	CONSOLE_SECRET_KEY: WU9VUkNPTlNPTEVTRUNSRVQ=
	---
	## MinIO Tenant Definition
	apiVersion: minio.min.io/v2
	kind: Tenant
	metadata:
	namespace: camai # your namespace here
	name: minio-autocert-no-encryption
	## Optionally pass labels to be applied to the statefulset pods
	labels:
	app: minio-autocert-no-encryption-minio
	## Annotations for MinIO Tenant Pods
	annotations:
	prometheus.io/path: /minio/v2/metrics/cluster
	prometheus.io/port: "9000"
	prometheus.io/scrape: "true"

	## If a scheduler is specified here, Tenant pods will be dispatched by specified scheduler.
	## If not specified, the Tenant pods will be dispatched by default scheduler.
	# scheduler:
	# name: my-custom-scheduler

	spec:
	## Registry location and Tag to download MinIO Server image
	image: minio/minio:RELEASE.2021-08-17T20-53-08Z
	imagePullPolicy: IfNotPresent

	## Secret with credentials to be used by MinIO Tenant.
	## Refers to the secret object created above.
	credsSecret:
	name: minio-autocert-no-encryption-minio-creds-secret

	## Specification for MinIO Pool(s) in this Tenant.
	pools:
	- servers: 1
	volumesPerServer: 4
	volumeClaimTemplate:
	metadata:
	name: data
	spec:
	accessModes:
	- ReadWriteOnce
	resources:
	requests:
	storage: 2Gi # your storage here
	## Mount path where PV will be mounted inside container(s).
	mountPath: /data
	## Sub path inside Mount path where MinIO stores data.
	# subPath: /data

	## Enable automatic Kubernetes based certificate generation and signing as explained in
	## https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster
	requestAutoCert: false

	## This field is used only when "requestAutoCert" is set to true. Use this field to set CommonName
	## for the auto-generated certificate. Internal DNS name for the pod will be used if CommonName is
	## not provided. DNS name format is *.minio.default.svc.cluster.local
	certConfig:
	commonName: ""
	organizationName: []
	dnsNames: []

	## PodManagement policy for MinIO Tenant Pods. Can be "OrderedReady" or "Parallel"
	## Refer https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy
	## for details.
	podManagementPolicy: Parallel

	## Add environment variables to be set in MinIO container (https://github.com/minio/minio/tree/master/docs/config)
	# env:
	# - name: MINIO_BROWSER
	# value: "off" # to turn-off browser
	# - name: MINIO_STORAGE_CLASS_STANDARD
	# value: "EC:2"

	## PriorityClassName indicates the Pod priority and hence importance of a Pod relative to other Pods.
	## This is applied to MinIO pods only.
	## Refer Kubernetes documentation for details https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass/
	# priorityClassName: high-priority
	> KUBECONFIG=./kubeconfig opctl app status
	Your deployment is ready.
	error: unable to get deployed ip from LoadBalancer
	In your /etc/hosts file, add
	app.camai.com
	sys-storage-camai.camai.com
	serving.camai.com

	Once complete, your application will be running at https://app.camai.com

	ArtifactRepository tests: Failed
	Head "https://10.1.62.29:9000/mybucket/": http: server gave HTTP response to HTTPS client


	> mc alias set minio http://10.1.62.29:9000 minio minio123
	> mc ls minio
	> [2021-09-21 10:52:48 EEST] 0B mybucket/


	CLI version: v1.0.1-rc.1
	Manifest version: v1.0.1-rc.1
	API version: v1.0.1-rc.1
	Web UI version: v1.0.1-rc.1
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	# Generated with Onepanel CLI
	# CLI version: v1.0.1-rc.1
	# Command: opctl init --provider microk8s --artifact-repository-provider s3
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	# Component: Onepanel
	# Description: Onepanel application information
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	application:
	# First namespace that will be created in Onepanel, more can be added later
	# Note that you cannot use any of the following reserved namespaces:
	# onepanel, default, application-system, cert-manager, istio-system, knative-serving, kube-public, kube-system
	defaultNamespace: camai
	# Domain where Onepanel is hosted
	# Use a first-level or multi-level subdomain like example.com or sub.example.com
	domain: camai.com
	# The Fully Qualified Domain (FQDN) where Onepanel will be hosted.
	# If `domain` above is set to example.com or sub.example.com, then your FQDN could be: app.example.com or app.sub.example.com respectively
	fqdn: app.camai.com
	# HTTP or HTTPS - Do not change, determined by `opctl init --enable-https`
	# CLI flag: --enable-https
	insecure: true
	# Node pool key and values used for AutoScaling
	nodePool:
	# Cloud providers will automatically set label key as "node.kubernetes.io/instance-type" on all nodes
	# For all Kubernetes 1.16.x versions, use "beta.kubernetes.io/instance-type"
	# You would also need to use "beta.kubernetes.io/instance-type" for all versions of AKS and GKE 1.17.x
	label: node.kubernetes.io/instance-type
	# These are the machine type options that will be available in Onepanel
	# `name` can be any user friendly name
	# `value` should be the instance type in your cloud provider
	# `resources.limits` should only be set if the node pool has GPUs
	# The first option will be used as default.
	options:
	- name: 'Local Machine'
	value: local

	# The kubernetes cluster where Onepanel will be deployed.
	# Valid values: aks, eks, gke, microk8s
	provider: microk8s
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	# Component: Artifact repository
	# Description: S3 compatible object storage for storing files across Onepanel
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	artifactRepository:
	s3:
	# S3 access key
	accessKey: minio
	# Name of bucket, example: my-bucket
	bucket: mybucket
	# Endpoint for S3 compatible storage
	# Supported provider endpoints:
	# AWS: s3.amazonaws.com
	# GCS: storage.googleapis.com
	# Minio: my-minio-endpoint.default:9000
	endpoint: 10.1.62.29:9000
	# Change to true if endpoint does NOT support HTTPS
	insecure: false
	# Key Format for objects stored by Workflows. This can reference Workflow variables
	keyFormat: artifacts/{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}
	# Only used if using a local minio setup
	publicEndpoint: 10.1.62.29:9000
	# Bucket region
	region: us-west-2
	# S3 secret key
	secretKey: 'minio123'
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	# Component: cert-manager
	# Description: automatically creates and renews TLS certificates using Let's Encrypt
	# Docs: https://onepanelio.github.io/core-docs/docs/deployment/configuration/tls
	# CLI flag: --enable-cert-manager
	# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
	certManager:
	# Enter certificate admin email
	# Example: [email protected]
	email: [email protected]