New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Minio custom access keys won't allow login to dashboard #3478
Comments
Got this resolved. I actually found the fix for it on the minio/minio github project as a related issue. The problem seemed to be that when base64 encoding the values, you need to be sure that newlines and feeds do not get into it. I am not sure how that occurred for me but my command looked something like What I had to do instead was:
The link for the fix can be found here: Using Env vars for Minio Access/Secret Keys. Hope this helps some folks! |
@jbmcfarlin31 Would you be up to document on Rook's side so other people are not running into this as well? 🙂 |
@galexrt Sure, I don't mind at all! Please let me know where to go / what to do and I will get started on it. |
@jbmcfarlin31 Thanks! For more info https://github.com/rook/rook/blob/master/CONTRIBUTING.md and / or hit me up on the Rook Slack, see https://slack.rook.io/. |
creating custom access/secret keys without properly base64 encoding them resulted in failed access to minio dashboard Signed-off-by: jbmcfar <jbmcfar@sandia.gov>
@galexrt I just submitted the PR today. Please let me know if anything needs to change. |
minio: update documentation in regards to #3478
creating custom access/secret keys without properly base64 encoding them resulted in failed access to minio dashboard Signed-off-by: jbmcfar <jbmcfar@sandia.gov>
creating custom access/secret keys without properly base64 encoding them resulted in failed access to minio dashboard Signed-off-by: jbmcfar <jbmcfar@sandia.gov>
Is this a bug report or feature request?
Bug Report
When using a custom generated access key and secret key to access the minio object store, I get an error saying
The access key ID you provided does not exist in our records
.Expected behavior:
I would be able to login with the generated access keys.
Deviation from expected behavior:
I was deploying the sample code from the cluster/examples/kubernetes/minio directory. The only thing that was modified was the secret containing the username and password fields (respectively access key and secret key used for minio). I then changed the storage class to be what I am using (in this case rook-ceph).
How to reproduce it (minimal and precise):
I just
kubectl create -f operator.yaml
and waited for it to come up. Then when it was successful I did akubectl create -f object-store.yaml
ensuring to enter my new credentials as base64 encoded values.The
my-store-x
pods came up, I was able to access my minio dashboard via my ingress rule that I defined for it, and upon trying to login to the dashboard with the generated credentials I get the error mentioned above.Nothing shows in the operator log or the
my-store-x
pods.I took the same
object-store.yaml
file and left the default values for credentials ("TEMP_DEMO_ACCESS_KEY
andTEMP_DEMO_SECRET_KEY
") and redeployed after deleting everything and was able to login.I should also note that with the custom credentials, I see them in the pods and statefulset as ENV vars with the correct values.
File(s) to submit:
cluster.yaml
, if necessaryTo get logs, use
kubectl -n <namespace> logs <pod name>
When pasting logs, always surround them with backticks or use the
insert code
button from the Github UI.Read Github documentation if you need help.
Environment:
uname -a
):rook version
inside of a Rook Pod): v0.9.3ceph -v
): ceph 0.9.3kubectl version
): 1.13.5ceph health
in the Rook Ceph toolbox):The text was updated successfully, but these errors were encountered: