Deploy AIStor on Kubernetes

This tutorial deploys AIStor onto Kubernetes distributions that follow the upstream API and functionality. The steps in this procedure may work on forked Kubernetes distributions.

This procedure requires the installation of Kubernetes operators and associated resources including CustomResourceDefinitions, StatefulSets, and Secrets into new or existing Namespaces. You must perform the operations in this procedure as a user that has broad permissions to create resources within multiple Namespaces.

This procedure documents installation on Kubernetes with the AIStor Helm Charts. MinIO recommends Helm version 3.17 or later.

1. Retrieve your license file.

   Log in to SUBNET and select the License button in the Deployments view.

   

   Save the content of the file in a secure location for use in the next step. You need the decoded JWT token value from the license file (beginning with eyJ...) for installation.

   License Management

   Starting with AIStor Server RELEASE.2025-12-20T04-58-37Z, deployments can start without a license in safe mode (read-only access). For full functionality, you must install a valid license.

   After deployment starts, you can register with SUBNET and apply your license:

   mc license register ALIAS --license /path/to/minio.license
      

   For license renewal, expiration details, and safe mode restrictions, see Licenses.

2. Add the AIStor Helm repository.

   helm repo add minio https://helm.min.io/
   

3. (Optional) Create a YAML manifest to customize the minio/aistor-operator chart.

   If you need to customize the operator deployment beyond the default settings, use your preferred text editor to create a YAML manifest for the chart named aistor-operator-values.yaml. Refer to the AIStor Operator values reference for available customizations and the Operator Environment Variables reference for configuring Operator behavior through environment variables.

   The operator chart supports hierarchical configuration where you can set values globally under global.operator.* that apply to all operators, then override specific values for individual operators under operators.<operator-name>.*. Individual operator settings take precedence over global settings. If no settings are specified at the individual or global level, then AIStor uses the default settings value in the chart template. See Configuration Precedence for details.

4. Install the chart to the aistor namespace with your SUBNET license:

   The minio/aistor-operator chart contains the necessary Kubernetes resources for deploying AIStor Server resources through the objectstore chart.

   helm install aistor minio/aistor-operator \
     -n aistor --create-namespace \
     --set license="eyJhbGciOiJFUzM4NCIsInR..."
   

   Replace the license value with your decoded JWT token from SUBNET.

   If you created a customization file in the previous step, add it to the command:

   helm install aistor minio/aistor-operator \
     -n aistor --create-namespace \
     --set license="eyJhbGciOiJFUzM4NCIsInR..." \
     -f aistor-operator-values.yaml
   

   If successful, the command outputs a summary of installed resources.

5. Validate the installation by running the following command:

   kubectl get all -n aistor
   

   The output should show running pods similar to the following:

   NAME                                         READY   STATUS    RESTARTS   AGE
   pod/adminjob-operator-cfc97d9f-hjbp5         1/1     Running   0          4m16s
   pod/object-store-operator-78c9f84b85-kmwlv   1/1     Running   0          4m16s
   
   NAME                            TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
   service/object-store-operator   ClusterIP   10.43.210.230   <none>        4221/TCP   4m16s
   
   NAME                                    READY   UP-TO-DATE   AVAILABLE   AGE
   deployment.apps/adminjob-operator       1/1     1            1           4m16s
   deployment.apps/object-store-operator   1/1     1            1           4m16s
   
   NAME                                               DESIRED   CURRENT   READY   AGE
   replicaset.apps/adminjob-operator-cfc97d9f         1         1         1       4m16s
   replicaset.apps/object-store-operator-78c9f84b85   1         1         1       4m16s
   

6. Configure and deploy the minio/aistor-objectstore chart.

   Run the following command to save a copy of the default chart values:

   helm show values minio/aistor-objectstore > aistor-objectstore-values.yml
   

   Open the file with your preferred text editor and modify the values to reflect your deployment. Remove any default or unmodified values such that the file reflects only your changes. The following example has a minimal set of fields for deploying an 8x8 object store using MinIO DirectPV for storage provisioning:

   objectStore:
      name: primary-object-store # name of the AIStor Server
      pools:
      - name: pool-0
        servers: 8 # Number of servers/pods to deploy
        volumesPerServer: 8 # Number of Persistent Volumes per Server/Pod
        size: 2Ti # Size of each PV
   #    storageClassName: directpv-min-io # Storage Class assigned to each PV
      services:
         minio:
            serviceType: NodePort
            nodePort: 31000 # Select an available NodePort in the supported range of 30000-32767
   

   Optionally, configure spread zones to distribute Pods across different failure domains, such as racks or availability zones.

   The following command deploys an AIStor Object Store with the name and Namespace of primary-object-store.

   Production deployments

   For production deployments, consider enabling PVC protection to prevent accidental data loss by adding objectStore.pvcProtection: true to your values file.

   The following command deploys an AIStor Object Store with the name and namespace of primary-object-store.

   helm install primary-object-store minio/aistor-objectstore \
     -n primary-object-store --create-namespace \
     -f aistor-objectstore-values.yaml
   

7. Connect to the deployment.

   The previous step configures the S3 API services via NodePort such that you can access them through the IP or hostname of any worker node in the Kubernetes cluster. Use kubectl get nodes -o wide or a similar command to determine the appropriate IP/Hostname to use for access.

   Console

   Configure Ingress to route traffic to the -console service in the object store namespace. You can temporarily access the Console using kubectl port-forward:

   kubectl port-forward -n primary-object-store svc/primary-object-store-console 9443:9443
   

   You can use the browser interface for managing the object store installation.

   CLI

   1. Download the mc tool to your local host machine:

      See AIStor Client Quickstart for installation instructions.

   2. Create a new alias for the AIStor server:

      mc --insecure alias set myaistor https://aistor.example.net:31000 minio minio123
      

      Replace the URL with the externally accessible hostname or IP of any worker node in the deployment.

   3. Create a bucket and copy a file to that bucket:

      mc --insecure mb myaistor/data
      mc --insecure cp ~/somefile.txt myaistor/data
      

AIStor supports the following additional ObjectStore configuration options:

• To configure AIStor using environment variables, including secure management of sensitive values with Kubernetes Secrets, see Environment Variable Configuration.
• To distribute pods across failure domains for improved fault tolerance, see Spread Zone Configuration.
• For all available Helm chart customization options, see the Object Store Helm Chart reference.