Deploy AIStor on Red Hat OpenShift

This page documents the installation and management of AIStor object storage using MinIO’s Red Hat OpenShift-certified operator.

This procedure assumes that the user interacting with the OpenShift cluster has authorization to:

• Install Kubernetes operators and associated resources including CustomResourceDefinitions, Statefulsets, and secrets into new or existing namespaces.
• Perform operations as a user that has broad permissions to create resources within multiple namespaces.

This section installs the OpenShift-certified AIStor Operator. You must complete this section before proceeding to deploying AIStor.

As an alternative to the procedure below, you can install the Operator using the OpenShift Operator Hub. Search for ‘MinIO’, select the AIStor operator for installation, then follow the displayed instructions.

1. Retrieve your License File.

   Log into SUBNET and select the License button in the Deployments view.

   

   Save the content of the file in a secure location for use in the next step. Save the value to a secure location for use in a subsequent step.

2. Create the AIStor namespace

   Use the oc command to create a new project for AIStor:

   oc new-project aistor
   

3. Create and apply the SUBNET license secret

   Use the following file as a template. Replace the minio.license value with the base64-encoded value of your SUBNET license.

   # license.yaml
   
   apiVersion: v1
   data:  
      minio.license: <base 64 encoded license here>
   kind: Secret
   metadata:  
      name: minio-license 
   type: Opaque
   

   Apply the license to the aistor namespace:

   oc apply -f license.yaml -n aistor
   

4. Create the Operator manifest and install to the namespace

   Use the following file as a template for the operator bundle:

   # subscription.yaml
   
   apiVersion: operators.coreos.com/v1alpha1
   kind: Subscription
   metadata:  
      name: minio-object-store-operator
   spec:  
      channel: stable  
      installPlanApproval: Automatic  
      name: minio-object-store-operator  
      source: certified-operators  
      sourceNamespace: openshift-marketplace  
      startingCSV: minio-object-store-operator.v2025.7.1011319
   ---
   apiVersion: operators.coreos.com/v1
   kind: OperatorGroup
   metadata:  
      name: objectstore-operator-group
   

   Apply the manifest to the aistor namespace:

   oc apply -f subscription.yaml -n aistor
   

5. Next Steps

   You can now deploy AIStor object storage to your Open Shift cluster using the OpenShift UI.

1. Create the project

   Use the oc new-project command to create a project for the AIStor deployment:

   oc new-project aistor-primary
   

2. Create a secret for the storage configuration

   AIStor uses a plaintext configuration file for looking up environment variables. Create a Kubernetes secret where the config.env key has the list of environments in export ENVVAR format.

   # storage-configuration.yaml
   apiVersion: v1
   kind: Secret
   metadata:
      name: storage-configuration
   type: Opaque
   stringData:
      config.env: |-
         export MINIO_ROOT_USER=aistor-admin
         export MINIO_ROOT_PASSWORD=REPLACEME123      
   

   Modify the file to reflect your desired configuration, then apply the file to the project:

   oc apply -f storage-configuration.yaml -n aistor-primary
   

3. Open the OpenShift UI and navigate to the AIStor Operator

   Use your preferred browser to access the UI for your OpenShift installation. Select the AIStor Operator from the list of installed operators

4. Create an AIStor object store resource

   You can deploy AIStor using the OpenShift UI or the oc CLI tool.

   OpenShift UI

   The UI provides a tab for deploying new object store resources. Use either the UI or the YAML editor to construct the AIStor definition.

   

   You can use the following example YAML as a baseline for further customization.

   # aistor-primary-storage.yaml
   apiVersion: aistor.min.io/v1
   kind: ObjectStore
   metadata:
     annotations:
       prometheus.io/path: /minio/v2/metrics/cluster
       prometheus.io/port: "9000"
       prometheus.io/scrape: "true"
     labels:
       app: minio
     name: aistor-primary
     namespace: aistor-primary
   spec:
     certificates:
       disableAutoCert: false
     configuration:
       name: storage-configuration
     mountPath: /export
     podManagementPolicy: Parallel
     pools:
       - name: pool-0
         servers: 8
         volumeClaimTemplate:
           apiVersion: v1
           kind: persistentvolumeclaims
           spec:
             accessModes:
               - ReadWriteOnce
             resources:
               requests:
                 storage: 1Ti
   #         storageClassName: directpv-min-io 
         volumesPerServer: 8
   

   The example above uses the default storage class on the OpenShift cluster. You can specify a custom storage class instead, such as AIStor Volume Manager, for provisioning Persistent Volumes to support the AIStor deployment.

   CLI

   Create a YAML file for describing the object store resource. You can use the following example YAML as a baseline for further customization.

   # aistor-primary-storage.yaml
   apiVersion: aistor.min.io/v1
   kind: ObjectStore
   metadata:
     annotations:
       prometheus.io/path: /minio/v2/metrics/cluster
       prometheus.io/port: "9000"
       prometheus.io/scrape: "true"
     labels:
       app: minio
     name: aistor-primary
     namespace: aistor-primary
   spec:
     certificates:
       disableAutoCert: false
     configuration:
       name: storage-configuration
     mountPath: /export
     podManagementPolicy: Parallel
     pools:
       - name: pool-0
         servers: 8
         volumeClaimTemplate:
           apiVersion: v1
           kind: persistentvolumeclaims
           spec:
             accessModes:
               - ReadWriteOnce
             resources:
               requests:
                 storage: 1Ti
   #         storageClassName: directpv-min-io 
         volumesPerServer: 8
   

   The example above uses the default storage class on the OpenShift cluster. You can specify a custom storage class instead, such as AIStor Volume Manager, for provisioning Persistent Volumes to support the AIStor deployment.

   Modify the file to reflect your desired configuration, then apply the file to the project:

   oc apply -f aistor-primary-storage.yaml
   

5. Monitor the namespace

   The AIStor Operator deploys resources to the namespace that include Deployments, ReplicaSets, Services, and Pods. Once all pods deploy successfully, you can access the AIStor services by configuring Routes, Ingress, or similar network controls.

   The minio service provides access to the S3 API. The -console suffixed service provides access to the AIStor Console for web access and management.

6. Expose access using routes

   You can configure OpenShift Routes to expose the minio and -console services to external traffic. The following example route exposes the minio service for S3 access.

   kind: Route
   apiVersion: route.openshift.io/v1
   metadata:
     name: route-object-store-s3-api
     namespace: aistor-primary
     annotations:
       openshift.io/host.generated: 'true'
   spec:
     host: openshift-worker-node-01.example.net
     to:
       kind: Service
       name: minio
       weight: 100
     port:
       targetPort: management
     tls:
       termination: passthrough
       insecureEdgeTerminationPolicy: Redirect
     wildcardPolicy: None
   

   You can then access the service using the hostname and the mc alias set command:

   mc alias set aistor-primary https://openshift-worker-node-01.example.net USERNAME PASSWORD --insecure