MinIO
S3-compatible object storage — backs Terrakube remote state, Vault DC→DR logical replication, and the replicator tool stash.
Quick facts
What it is
Stable S3 endpoint outside both clusters so it's available regardless of which side of DC/DR is current. Application object data on the platform itself uses Longhorn PVCs.
As of 2026-05-06 it also acts as the carrier for Vault cross-cluster sync: DC's vault-replicator-export CronJob ships a logical-export tarball to vault-snapshots-logical/dc/ hourly, DR's import CronJob fetches latest.tar.gz every 4 h and replays into DR Vault. The original vault-snapshots Raft-snapshot bucket plan was abandoned because per-cluster Shamir keyrings can't decrypt each other's master keys (see Vault page).
Architecture
Add diagrams or topology notes here — how this component sits relative to DC/DR, what replicates, and what speaks to it. Mermaid blocks render as plain text today; embed images under /assets/ when needed.
Configuration
Add chart values overrides, important env vars, OIDC client config, secret references. Link to the source files in infra/gitops-rke2 rather than copying YAML wholesale — the repo is the source of truth.
Operations
Add runbook notes: backup, restore, common troubleshooting, dashboards, on-call cheatsheet entries.
Failover
Add DC/DR cutover/cutback notes: edge HAProxy backend name, healthcheck path, measured cutover/cutback times, smoke-test commands.
References
- Add upstream chart / project links, ADR refs, MR links, and cross-references to other tools in this catalogue.