Documentation ¶
Overview ¶
Package v1 is the v1beta1 version of the API. +groupName=minio.min.io +versionName=v1
Index ¶
- Constants
- Variables
- func ExtractTar(filesToExtract []string, basePath, tarFileName string) error
- func GetClusterDomain() string
- func GetNSFromFile() string
- func Kind(kind string) schema.GroupKind
- func ReleaseTagToReleaseTime(releaseTag string) (releaseTime time.Time, err error)
- func Resource(resource string) schema.GroupResource
- type AuditConfig
- type CertificateConfig
- type ConsoleConfiguration
- type ExposeServices
- type KESConfig
- type LocalCertificateReference
- type LogConfig
- type LogDbConfig
- type Pool
- type PrometheusConfig
- type S3Features
- type SideCars
- type Tenant
- func (t *Tenant) AllMinIOHosts() []string
- func (t *Tenant) AutoCert() bool
- func (t *Tenant) ConsoleCIServiceName() string
- func (t *Tenant) ConsoleCSRName() string
- func (t *Tenant) ConsoleCommonName() string
- func (t *Tenant) ConsoleDeploymentName() string
- func (t *Tenant) ConsoleExternalCaCerts() bool
- func (t *Tenant) ConsoleExternalCert() bool
- func (t *Tenant) ConsolePodLabels() map[string]string
- func (t *Tenant) ConsoleServerHost() string
- func (t *Tenant) ConsoleTLSSecretName() string
- func (t *Tenant) ConsoleVolMountName() string
- func (t *Tenant) CreateConsoleUser(madmClnt *madmin.AdminClient, consoleSecret map[string][]byte, ...) error
- func (in *Tenant) DeepCopy() *Tenant
- func (in *Tenant) DeepCopyInto(out *Tenant)
- func (in *Tenant) DeepCopyObject() runtime.Object
- func (t *Tenant) EnsureDefaults() *Tenant
- func (t *Tenant) ExternalCaCerts() bool
- func (t *Tenant) ExternalCert() bool
- func (t *Tenant) ExternalClientCert() bool
- func (t *Tenant) GetConsoleEnvVars() (env []corev1.EnvVar)
- func (t *Tenant) HasCertConfig() bool
- func (t *Tenant) HasConsoleEnabled() bool
- func (t *Tenant) HasConsoleSecret() bool
- func (t *Tenant) HasCredsSecret() bool
- func (t *Tenant) HasKESEnabled() bool
- func (t *Tenant) HasLogEnabled() bool
- func (t *Tenant) HasPrometheusEnabled() bool
- func (t *Tenant) KESCSRName() string
- func (t *Tenant) KESClientCert() bool
- func (t *Tenant) KESExternalCert() bool
- func (t *Tenant) KESHLServiceName() string
- func (t *Tenant) KESHosts() []string
- func (t *Tenant) KESJobName() string
- func (t *Tenant) KESPodLabels() map[string]string
- func (t *Tenant) KESReplicas() int32
- func (t *Tenant) KESServiceEndpoint() string
- func (t *Tenant) KESServiceHost() string
- func (t *Tenant) KESStatefulSetName() string
- func (t *Tenant) KESTLSSecretName() string
- func (t *Tenant) KESVolMountName() string
- func (t *Tenant) KESWildCardName() string
- func (t *Tenant) LogHLServiceName() string
- func (t *Tenant) LogPgPodLabels() map[string]string
- func (t *Tenant) LogSearchAPIDeploymentName() string
- func (t *Tenant) LogSearchAPIPodLabels() map[string]string
- func (t *Tenant) LogSearchAPIServiceName() string
- func (t *Tenant) LogSecretName() string
- func (t *Tenant) LogStatefulsetName() string
- func (t *Tenant) MinIOBucketBaseDomain() string
- func (t *Tenant) MinIOBucketBaseWildcardDomain() string
- func (t *Tenant) MinIOCIServiceName() string
- func (t *Tenant) MinIOCSRName() string
- func (t *Tenant) MinIOClientCSRName() string
- func (t *Tenant) MinIOClientTLSSecretName() string
- func (t *Tenant) MinIOEndpoints(hostsTemplate string) (endpoints []string)
- func (t *Tenant) MinIOFQDNServiceName() string
- func (t *Tenant) MinIOHLServiceName() string
- func (t *Tenant) MinIOHeadlessServiceHost() string
- func (t *Tenant) MinIOHealthCheck() bool
- func (t *Tenant) MinIOHosts() (hosts []string)
- func (t *Tenant) MinIOPodLabels() map[string]string
- func (t *Tenant) MinIOServerEndpoint() string
- func (t *Tenant) MinIOServerHost() string
- func (t *Tenant) MinIOServerHostAddress() string
- func (t *Tenant) MinIOStatefulSetNameForPool(z *Pool) string
- func (t *Tenant) MinIOTLSSecretName() string
- func (t *Tenant) MinIOWildCardName() string
- func (t *Tenant) NewMinIOAdmin(minioSecret map[string][]byte) (*madmin.AdminClient, error)
- func (t *Tenant) OwnerRef() []metav1.OwnerReference
- func (t *Tenant) PoolStatefulsetName(pool *Pool) string
- func (t *Tenant) PrometheusConfigMapName() string
- func (t *Tenant) PrometheusConfigVolMountName() string
- func (t *Tenant) PrometheusHLServiceName() string
- func (t *Tenant) PrometheusPodLabels() map[string]string
- func (t *Tenant) PrometheusServiceName() string
- func (t *Tenant) PrometheusStatefulsetName() string
- func (t *Tenant) S3BucketDNS() bool
- func (t *Tenant) TLS() bool
- func (t *Tenant) TemplatedMinIOHosts(hostsTemplate string) (hosts []string)
- func (t *Tenant) UpdateURL(lrTime time.Time, overrideURL string) (string, error)
- func (t *Tenant) Validate() error
- func (t *Tenant) VolumePathForPool(pool *Pool) string
- type TenantList
- type TenantScheduler
- type TenantSpec
- type TenantStatus
Constants ¶
const ( WebhookAPIVersion = "/webhook/v1" WebhookDefaultPort = "4222" WebhookSecret = "operator-webhook-secret" WebhookOperatorUsername = "webhookUsername" WebhookOperatorPassword = "webhookPassword" )
Webhook API constants
const ( WebhookMinIOArgs = "MINIO_ARGS" WebhookMinIOBucket = "MINIO_DNS_WEBHOOK_ENDPOINT" )
Webhook environment variable constants
const ( WebhookAPIGetenv = WebhookAPIVersion + "/getenv" WebhookAPIBucketService = WebhookAPIVersion + "/bucketsrv" WebhookAPIUpdate = WebhookAPIVersion + "/update" )
List of webhook APIs
const CSRNameSuffix = "-csr"
CSRNameSuffix specifies the suffix added to Tenant name to create a CSR
const ConsoleAdminPolicyName = "consoleAdmin"
ConsoleAdminPolicyName denotes the policy name for Console user
const ConsoleCertPath = "/tmp/certs"
ConsoleCertPath is the path where all Console certs are mounted
const ConsoleConfigMountPath = "/tmp/console"
ConsoleConfigMountPath specifies the path where Console config file and all secrets are mounted We keep this to /tmp so it doesn't require any special permissions
const ConsoleContainerName = "console"
ConsoleContainerName specifies the default container name for Console
const ConsoleName = "-console"
ConsoleName specifies the default container name for Console
const ConsolePort = 9090
ConsolePort specifies the default Console port number.
const ConsolePrometheusURL = "CONSOLE_PROMETHEUS_URL"
ConsolePrometheusURL is the url to the prometheus the console should use to pull metrics from.
const ConsoleRestartPolicy = corev1.RestartPolicyAlways
ConsoleRestartPolicy defines the default restart policy for Console Containers
const ConsoleServiceNameSuffix = "-ui"
ConsoleServiceNameSuffix specifies the suffix added to Tenant service name to create a service for console
const ConsoleServicePortName = "http-console"
ConsoleServicePortName specifies the default Console Service's port name.
const ConsoleServiceTLSPortName = "https-console"
ConsoleServiceTLSPortName specifies the default Console Service's port name.
const ConsoleTLSPort = 9443
ConsoleTLSPort specifies the default Console port number for HTTPS.
const ConsoleTenantLabel = "v1.min.io/console"
ConsoleTenantLabel is applied to the Console pods of a Tenant cluster
const DefaultConsoleImage = "minio/console:v0.4.6"
DefaultConsoleImage specifies the latest Console Docker hub image
const DefaultConsoleReplicas = 2
DefaultConsoleReplicas specifies the default number of Console pods to be created if not specified
const DefaultImagePullPolicy = corev1.PullAlways
DefaultImagePullPolicy specifies the policy to image pulls
const DefaultKESImage = "minio/kes:v0.12.1"
DefaultKESImage specifies the latest KES Docker hub image
const DefaultKESReplicas = 2
DefaultKESReplicas specifies the default number of KES pods to be created if not specified
const DefaultLogSearchAPIImage = "minio/logsearchapi:latest"
DefaultLogSearchAPIImage specifies the latest logsearchapi container image
const DefaultMinIOImage = "minio/minio:RELEASE.2020-12-23T02-24-12Z"
DefaultMinIOImage specifies the default MinIO Docker hub image
const DefaultMinIOUpdateURL = "https://dl.min.io/server/minio/release/" + runtime.GOOS + "-" + runtime.GOARCH + "/archive/"
DefaultMinIOUpdateURL specifies the default MinIO URL where binaries are pulled from during MinIO upgrades
const DefaultPodManagementPolicy = appsv1.ParallelPodManagement
DefaultPodManagementPolicy specifies default pod management policy as expllained here https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies
const DefaultPoolName = "pool-0"
DefaultPoolName specifies the default pool name
const DefaultServers = 1
DefaultServers specifies the default MinIO replicas to use for distributed deployment if not specified explicitly by user
const DefaultUpdateStrategy = "RollingUpdate"
DefaultUpdateStrategy specifies default pod update policy as explained here https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
const DefaultVolumesPerServer = 1
DefaultVolumesPerServer specifies the default number of volumes per MinIO Tenant
const InitContainerImage = "busybox:1.32"
InitContainerImage name for init container.
const KESConfigMountPath = "/tmp/kes"
KESConfigMountPath specifies the path where KES config file and all secrets are mounted We keep this to /tmp so it doesn't require any special permissions
const KESContainerName = "kes"
KESContainerName specifies the default container name for KES
const KESHLSvcNameSuffix = "-kes-hl-svc"
KESHLSvcNameSuffix specifies the suffix added to Tenant name to create a headless service for KES
const KESInstanceLabel = "v1.min.io/kes"
KESInstanceLabel is applied to the KES pods of a Tenant cluster
const KESJobRestartPolicy = corev1.RestartPolicyOnFailure
KESJobRestartPolicy specifies the restart policy for the job created for key creation
const KESMinIOKey = "my-minio-key"
KESMinIOKey is the name of key that KES creates on the KMS backend
const KESName = "-kes"
KESName specifies the default container name for KES
const KESPort = 7373
KESPort specifies the default KES Service's port number.
const KESServicePortName = "http-kes"
KESServicePortName specifies the default KES Service's port name.
const LogAuditDB = "minio_logs"
LogAuditDB holds the name of the DB used to store MinIO audit events
const LogAuditDBKey = "POSTGRES_DB"
LogAuditDBKey is the k8s secret/environment variable key name referring to postgress default database.
const LogAuditTokenKey = "LOGSEARCH_AUDIT_AUTH_TOKEN"
LogAuditTokenKey is the k8s secret/environment variable key name referring to the token used to authenticate audit log ingestion from tenant's MinIO
const LogDBInstanceLabel = "v1.min.io/log-pg"
LogDBInstanceLabel is applied to the Log (Postgres server) pods
const LogDbLabel = "v1.min.io/logdb"
LogDbLabel is applied to all log db components of a Tenant cluster
const LogHLSvcNameSuffix = "-log-hl-svc"
LogHLSvcNameSuffix specifies the suffix added to Tenant name to create a headless service for Log
const LogPgConnStr = "LOGSEARCH_PG_CONN_STR"
LogPgConnStr is the k8s env var key name referring to the postgres connection string; used in logsearchapi deployment
const LogPgContainerName = "log-search-pg"
LogPgContainerName is the default name for the Log (PostgreSQL) server container
const LogPgImage = "library/postgres"
LogPgImage specifies the latest Postgres container image
const LogPgPassKey = "POSTGRES_PASSWORD"
LogPgPassKey is the k8s secret/environment variable key name referring to postgress password
const LogPgPort = 5432
LogPgPort specifies the default Log Service's port number.
const LogPgPortName = "http-log-pg"
LogPgPortName specifies the default Log Service Postgres server's port name.
const LogPgUser = "postgres"
LogPgUser is the POSTGRES_USER used for Log feature
const LogPgUserKey = "POSTGRES_USER"
LogPgUserKey is the k8s secret/environment variable key name referring to postgres user
const LogQueryTokenKey = "LOGSEARCH_QUERY_AUTH_TOKEN"
LogQueryTokenKey is the k8s secret/environment variable key name referring to the token used to perform search query on audit logs persisted.
const LogSearchAPIContainerName = "log-search-api"
LogSearchAPIContainerName is the name for the log search API server container
const LogSearchAPIInstanceLabel = "v1.min.io/logsearchapi"
LogSearchAPIInstanceLabel is applied to the Log Search API server pods
const LogSearchAPIPort = 8080
LogSearchAPIPort specifies the default Log Search API Service's port number.
const LogSearchAPIPortName = "http-logsearchapi"
LogSearchAPIPortName specifies the default Log Search API server's port name.
const LogSearchDiskCapacityGB = "LOGSEARCH_DISK_CAPACITY_GB"
LogSearchDiskCapacityGB is the k8s secret/environment variable key name referring to disk capacity required to store tenant's audit logs
const MinIOCRDResourceKind = "Tenant"
MinIOCRDResourceKind is the Kind of a Cluster.
const MinIOCertPath = "/tmp/certs"
MinIOCertPath is the path where all MinIO certs are mounted
const MinIODNSInitContainer = "minio-dns-wait"
MinIODNSInitContainer Init Container for DNS
const MinIOHLSvcNameSuffix = "-hl"
MinIOHLSvcNameSuffix specifies the suffix added to Tenant name to create a headless service
const MinIOPort = 9000
MinIOPort specifies the default Tenant port number.
const MinIOPortLoadBalancerSVC = 80
MinIOPortLoadBalancerSVC specifies the default Service port number for the load balancer service.
const MinIOServerName = "minio"
MinIOServerName specifies the default container name for Tenant
const MinIOServiceHTTPPortName = "http-minio"
MinIOServiceHTTPPortName specifies the default Service's http port name, e.g. for automatic protocol selection in Istio
const MinIOServiceHTTPSPortName = "https-minio"
MinIOServiceHTTPSPortName specifies the default Service's https port name, e.g. for automatic protocol selection in Istio
const MinIOTLSPortLoadBalancerSVC = 443
MinIOTLSPortLoadBalancerSVC specifies the default Service TLS port number for the load balancer service.
const MinIOVolumeInitContainer = "minio-vol-wait"
MinIOVolumeInitContainer Init Container for DNS
const MinIOVolumeMountPath = "/export"
MinIOVolumeMountPath specifies the default mount path for MinIO volumes
const MinIOVolumeName = "export"
MinIOVolumeName specifies the default volume name for MinIO volumes
const MinIOVolumeSubPath = ""
MinIOVolumeSubPath specifies the default sub path under mount path
const OperatorLabel = "v1.min.io/version"
OperatorLabel denotes the version of the Tenant operator running in the cluster.
const PoolLabel = "v1.min.io/pool"
PoolLabel is applied to all components in a Pool of a Tenant cluster
const PrometheusAPIPort = 9090
PrometheusAPIPort specifies the default Prometheus API Service's port number.
const PrometheusContainerName = "prometheus"
PrometheusContainerName is the name of the prometheus server container
const PrometheusHLSvcNameSuffix = "-prometheus-hl-svc"
PrometheusHLSvcNameSuffix specifies the suffix added to Tenant name to create a headless service for Prometheus.
const PrometheusImage = "quay.io/prometheus/prometheus:latest"
PrometheusImage specifies the container image for prometheus server
const PrometheusInstanceLabel = "v1.min.io/prometheus"
PrometheusInstanceLabel is applied to the prometheus server pod
const PrometheusPort = 9090
PrometheusPort specifies the default prometheus port number
const PrometheusPortName = "http-prometheus"
PrometheusPortName speicfies the default prometheus port's name.
const TenantLabel = "v1.min.io/tenant"
TenantLabel is applied to all components of a Tenant cluster
const Version = "v1"
Version specifies the API Version
Variables ¶
var ( // SchemeBuilder collects the scheme builder functions for the MinIO // Operator API. SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) // AddToScheme applies the SchemeBuilder functions to a specified scheme. AddToScheme = SchemeBuilder.AddToScheme )
var DefaultEllipticCurve = elliptic.P256()
DefaultEllipticCurve specifies the default elliptic curve to be used for key generation
var DefaultOrgName = []string{"Acme Co"}
DefaultOrgName specifies the default Org name to be used in automatic certificate generation
var DefaultQueryInterval = time.Second * 5
DefaultQueryInterval specifies the interval between each query for CSR Status
var DefaultQueryTimeout = time.Minute * 20
DefaultQueryTimeout specifies the timeout for query for CSR Status
var KESIdentity string
KESIdentity is the public identity generated for MinIO Server based on Used only during KES Deployments
var SchemeGroupVersion = schema.GroupVersion{Group: operator.GroupName, Version: Version}
SchemeGroupVersion is group version used to register these objects
var TLSSecretSuffix = "-tls"
TLSSecretSuffix is the suffix applied to Tenant name to create the TLS secret
Functions ¶
func ExtractTar ¶
ExtractTar extracts all tar files from the list `filesToExtract` and puts the files in the `basePath` location
func GetClusterDomain ¶ added in v0.4.0
func GetClusterDomain() string
GetClusterDomain returns the Kubernetes cluster domain
func GetNSFromFile ¶
func GetNSFromFile() string
GetNSFromFile assumes the operator is running inside a k8s pod and extract the current namespace from the /var/run/secrets/kubernetes.io/serviceaccount/namespace file
func ReleaseTagToReleaseTime ¶
ReleaseTagToReleaseTime - converts a 'RELEASE.2017-09-29T19-16-56Z.hotfix' into the build time
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
Types ¶
type AuditConfig ¶ added in v0.4.0
type AuditConfig struct { // DiskCapacityGB defines the disk capacity in GB available to store audit logs // +optional DiskCapacityGB *int `json:"diskCapacityGB,omitempty"` }
AuditConfig defines configuration parameters for Audit (type) logs
func (*AuditConfig) DeepCopy ¶ added in v0.4.0
func (in *AuditConfig) DeepCopy() *AuditConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditConfig.
func (*AuditConfig) DeepCopyInto ¶ added in v0.4.0
func (in *AuditConfig) DeepCopyInto(out *AuditConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CertificateConfig ¶
type CertificateConfig struct { CommonName string `json:"commonName,omitempty"` OrganizationName []string `json:"organizationName,omitempty"` DNSNames []string `json:"dnsNames,omitempty"` }
CertificateConfig is a specification for certificate contents
func (*CertificateConfig) DeepCopy ¶
func (in *CertificateConfig) DeepCopy() *CertificateConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateConfig.
func (*CertificateConfig) DeepCopyInto ¶
func (in *CertificateConfig) DeepCopyInto(out *CertificateConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ConsoleConfiguration ¶
type ConsoleConfiguration struct { // Replicas defines number of pods for KES StatefulSet. // +optional Replicas int32 `json:"replicas,omitempty"` // Image defines the Tenant Console Docker image. // +optional Image string `json:"image,omitempty"` // Image pull policy. One of Always, Never, IfNotPresent. // This is applied to MinIO Console pods only. // Refer Kubernetes documentation for details https://kubernetes.io/docs/concepts/containers/images#updating-images ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"` // This secret provides all environment variables for KES // This is a mandatory field ConsoleSecret *corev1.LocalObjectReference `json:"consoleSecret"` // ServiceAccountName is the name of the ServiceAccount to use to run pods of all Console // Pods created as a part of this Tenant. // +optional ServiceAccountName string `json:"serviceAccountName,omitempty"` // If provided, use these environment variables for Console resource // +optional Env []corev1.EnvVar `json:"env,omitempty"` // If provided, use these requests and limit for cpu/memory resource allocation // +optional Resources corev1.ResourceRequirements `json:"resources,omitempty"` // ExternalCertSecret allows a user to provide an external certificate and private key. This is // used for enabling TLS on Console and has priority over AutoCert. // +optional ExternalCertSecret *LocalCertificateReference `json:"externalCertSecret,omitempty"` // ExternalCaCertSecret allows a user to provide additional CA certificates. This is // used for Console to verify TLS connections with other applications. // +optional ExternalCaCertSecret []*LocalCertificateReference `json:"externalCaCertSecret,omitempty"` // If provided, use these annotations for Console Object Meta annotations // +optional Annotations map[string]string `json:"annotations,omitempty"` // If provided, use these labels for Console Object Meta labels // +optional Labels map[string]string `json:"labels,omitempty"` // If provided, use these nodeSelector for Console Object Meta nodeSelector // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` }
ConsoleConfiguration defines the specifications for Console Deployment
func (*ConsoleConfiguration) DeepCopy ¶
func (in *ConsoleConfiguration) DeepCopy() *ConsoleConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsoleConfiguration.
func (*ConsoleConfiguration) DeepCopyInto ¶
func (in *ConsoleConfiguration) DeepCopyInto(out *ConsoleConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ConsoleConfiguration) EqualImage ¶
func (c ConsoleConfiguration) EqualImage(currentImage string) bool
EqualImage returns true if config image and current input image are same
type ExposeServices ¶ added in v0.4.0
type ExposeServices struct { // MinIO tells operator whether to expose the MinIO service // +optional MinIO bool `json:"minio,omitempty"` // Console tells operator whether to expose the Console Service // +optional Console bool `json:"console,omitempty"` }
ExposeServices tells operator whether to expose the services for MinIO and Console
func (*ExposeServices) DeepCopy ¶ added in v0.4.0
func (in *ExposeServices) DeepCopy() *ExposeServices
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExposeServices.
func (*ExposeServices) DeepCopyInto ¶ added in v0.4.0
func (in *ExposeServices) DeepCopyInto(out *ExposeServices)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KESConfig ¶
type KESConfig struct { // Replicas defines number of pods for KES StatefulSet. // +optional Replicas int32 `json:"replicas,omitempty"` // Image defines the Tenant KES Docker image. // +optional Image string `json:"image,omitempty"` // Image pull policy. One of Always, Never, IfNotPresent. // This is applied to KES pods only. // Refer Kubernetes documentation for details https://kubernetes.io/docs/concepts/containers/images#updating-images ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"` // ServiceAccountName is the name of the ServiceAccount to use to run pods of all KES // Pods created as a part of this Tenant. // +optional ServiceAccountName string `json:"serviceAccountName,omitempty"` // This kesSecret serves as the configuration for KES // This is a mandatory field Configuration *corev1.LocalObjectReference `json:"kesSecret"` // ExternalCertSecret allows a user to specify custom CA certificate, and private key for group replication SSL. // +optional ExternalCertSecret *LocalCertificateReference `json:"externalCertSecret,omitempty"` // ClientCertSecret allows a user to specify a custom root certificate, client certificate and client private key. This is // used for adding client certificates on KES --> used for KES authentication against Vault or other KMS that supports mTLS. // +optional ClientCertSecret *LocalCertificateReference `json:"clientCertSecret,omitempty"` // If provided, use these annotations for KES Object Meta annotations // +optional Annotations map[string]string `json:"annotations,omitempty"` // If provided, use these labels for KES Object Meta labels // +optional Labels map[string]string `json:"labels,omitempty"` // If provided, use these nodeSelector for KES Object Meta nodeSelector // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` }
KESConfig defines the specifications for KES StatefulSet
func (*KESConfig) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KESConfig.
func (*KESConfig) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LocalCertificateReference ¶
type LocalCertificateReference struct { Name string `json:"name"` Type string `json:"type,omitempty"` }
LocalCertificateReference defines the spec for a local certificate
func (*LocalCertificateReference) DeepCopy ¶
func (in *LocalCertificateReference) DeepCopy() *LocalCertificateReference
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalCertificateReference.
func (*LocalCertificateReference) DeepCopyInto ¶
func (in *LocalCertificateReference) DeepCopyInto(out *LocalCertificateReference)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type LogConfig ¶ added in v0.4.0
type LogConfig struct { // Image defines the tenant's LogSearchAPI container image. // +optional Image string `json:"image,omitempty"` // If provided, use these requests and limit for cpu/memory resource allocation // +optional Resources corev1.ResourceRequirements `json:"resources,omitempty"` // NodeSelector is a selector which must be true for the pod to fit on a node. // Selector which must match a node's labels for the pod to be scheduled on that node. // More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` // If specified, affinity will define the pod's scheduling constraints // +optional Affinity *corev1.Affinity `json:"affinity,omitempty"` // Tolerations allows users to set entries like effect, key, operator, value. // +optional Tolerations []corev1.Toleration `json:"tolerations,omitempty"` // If provided, use these annotations for Console Object Meta annotations // +optional Annotations map[string]string `json:"annotations,omitempty"` // If provided, use these labels for Console Object Meta labels // +optional Labels map[string]string `json:"labels,omitempty"` // Db holds configuration for audit logs DB // +optional Db *LogDbConfig `json:"db,omitempty"` // AuditConfig holds configuration for audit logs from MinIO // +optional Audit *AuditConfig `json:"audit,omitempty"` }
LogConfig defines configuration parameters for Log feature
func (*LogConfig) DeepCopy ¶ added in v0.4.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogConfig.
func (*LogConfig) DeepCopyInto ¶ added in v0.4.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*LogConfig) EqualImage ¶ added in v0.4.0
EqualImage returns true if image specified in `LogConfig` is equal to `image`
type LogDbConfig ¶ added in v0.4.0
type LogDbConfig struct { // Image defines postgres DB container image. // +optional Image string `json:"image,omitempty"` // VolumeClaimTemplate allows a user to specify how volumes inside a Tenant VolumeClaimTemplate *corev1.PersistentVolumeClaim `json:"volumeClaimTemplate"` // If provided, use these requests and limit for cpu/memory resource allocation // +optional Resources corev1.ResourceRequirements `json:"resources,omitempty"` // NodeSelector is a selector which must be true for the pod to fit on a node. // Selector which must match a node's labels for the pod to be scheduled on that node. // More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` // If specified, affinity will define the pod's scheduling constraints // +optional Affinity *corev1.Affinity `json:"affinity,omitempty"` // Tolerations allows users to set entries like effect, key, operator, value. // +optional Tolerations []corev1.Toleration `json:"tolerations,omitempty"` // If provided, use these annotations for Console Object Meta annotations // +optional Annotations map[string]string `json:"annotations,omitempty"` // If provided, use these labels for Console Object Meta labels // +optional Labels map[string]string `json:"labels,omitempty"` }
LogDbConfig Holds all the configurations regarding the Log DB (Postgres) StatefulSet
func (*LogDbConfig) DeepCopy ¶ added in v0.4.0
func (in *LogDbConfig) DeepCopy() *LogDbConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogDbConfig.
func (*LogDbConfig) DeepCopyInto ¶ added in v0.4.0
func (in *LogDbConfig) DeepCopyInto(out *LogDbConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Pool ¶ added in v0.4.0
type Pool struct { // Name of the pool // +optional Name string `json:"name,omitempty"` // Number of Servers in the pool Servers int32 `json:"servers"` // Number of persistent volumes that will be attached per server VolumesPerServer int32 `json:"volumesPerServer"` // VolumeClaimTemplate allows a user to specify how volumes are configured for the Pool VolumeClaimTemplate *corev1.PersistentVolumeClaim `json:"volumeClaimTemplate"` // If provided, use these requests and limit for cpu/memory resource allocation // +optional Resources corev1.ResourceRequirements `json:"resources,omitempty"` // NodeSelector is a selector which must be true for the pod to fit on a node. // Selector which must match a node's labels for the pod to be scheduled on that node. // More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` // If specified, affinity will define the pod's scheduling constraints // +optional Affinity *corev1.Affinity `json:"affinity,omitempty"` // Tolerations allows users to set entries like effect, key, operator, value. // +optional Tolerations []corev1.Toleration `json:"tolerations,omitempty"` }
Pool defines the spec for a MinIO Pool
func (*Pool) DeepCopy ¶ added in v0.4.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Pool.
func (*Pool) DeepCopyInto ¶ added in v0.4.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PrometheusConfig ¶ added in v0.4.0
type PrometheusConfig struct { // DiskCapacityGB defines the disk capacity in GB available to the // Prometheus server // +optional DiskCapacityDB *int `json:"diskCapacityGB,omitempty"` // If provided, use these annotations for Prometheus Object Meta annotations // +optional Annotations map[string]string `json:"annotations,omitempty"` // If provided, use these labels for Prometheus Object Meta labels // +optional Labels map[string]string `json:"labels,omitempty"` // If provided, use these nodeSelector for Prometheus Object Meta nodeSelector // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` // If provided, use these requests and limit for cpu/memory resource allocation // +optional Resources corev1.ResourceRequirements `json:"resources,omitempty"` }
PrometheusConfig defines configuration for Prometheus metrics server
func (*PrometheusConfig) DeepCopy ¶ added in v0.4.0
func (in *PrometheusConfig) DeepCopy() *PrometheusConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusConfig.
func (*PrometheusConfig) DeepCopyInto ¶ added in v0.4.0
func (in *PrometheusConfig) DeepCopyInto(out *PrometheusConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type S3Features ¶ added in v0.4.0
type S3Features struct { // BucketDNS if 'true' means Buckets can be accessed using `<bucket>.minio.default.svc.cluster.local` BucketDNS bool `json:"bucketDNS"` }
S3Features list of S3 features to enable/disable. Currently only supports BucketDNS
func (*S3Features) DeepCopy ¶ added in v0.4.0
func (in *S3Features) DeepCopy() *S3Features
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new S3Features.
func (*S3Features) DeepCopyInto ¶ added in v0.4.0
func (in *S3Features) DeepCopyInto(out *S3Features)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SideCars ¶ added in v0.4.0
type SideCars struct { // List of containers to run inside the Pod // +patchMergeKey=name // +patchStrategy=merge Containers []corev1.Container `json:"containers" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=containers"` // volumeClaimTemplates is a list of claims that pods are allowed to reference. // The StatefulSet controller is responsible for mapping network identities to // claims in a way that maintains the identity of a pod. Every claim in // this list must have at least one matching (by name) volumeMount in one // container in the template. A claim in this list takes precedence over // any volumes in the template, with the same name. // TODO: Define the behavior if a claim already exists with the same name. // +optional VolumeClaimTemplates []corev1.PersistentVolumeClaim `json:"volumeClaimTemplates,omitempty" protobuf:"bytes,4,rep,name=volumeClaimTemplates"` // List of volumes that can be mounted by containers belonging to the pod. // More info: https://kubernetes.io/docs/concepts/storage/volumes // +optional // +patchMergeKey=name // +patchStrategy=merge,retainKeys Volumes []corev1.Volume `json:"volumes,omitempty" patchStrategy:"merge,retainKeys" patchMergeKey:"name" protobuf:"bytes,1,rep,name=volumes"` }
SideCars represents a list of containers that will be attached to the MinIO pods on each pool
func (*SideCars) DeepCopy ¶ added in v0.4.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SideCars.
func (*SideCars) DeepCopyInto ¶ added in v0.4.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Tenant ¶
type Tenant struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Scheduler TenantScheduler `json:"scheduler,omitempty"` Spec TenantSpec `json:"spec"` // Status provides details of the state of the Tenant // +optional Status TenantStatus `json:"status"` }
Tenant is a specification for a MinIO resource
func (*Tenant) AllMinIOHosts ¶
AllMinIOHosts returns the all the individual domain names relevant for current Tenant
func (*Tenant) AutoCert ¶
AutoCert is enabled by default, otherwise we return the user provided value
func (*Tenant) ConsoleCIServiceName ¶
ConsoleCIServiceName returns the name for Console Cluster IP Service
func (*Tenant) ConsoleCSRName ¶
ConsoleCSRName returns the name of CSR that generated if AutoTLS is enabled for Console Namespace adds uniqueness to the CSR name (single Console tenant per namsepace) since CSR is not a namespaced resource
func (*Tenant) ConsoleCommonName ¶
ConsoleCommonName returns the CommonName to be used in the csr template
func (*Tenant) ConsoleDeploymentName ¶
ConsoleDeploymentName returns the name for Console Deployment
func (*Tenant) ConsoleExternalCaCerts ¶ added in v0.4.0
ConsoleExternalCaCerts returns true is the user has provided a additional CA certificates for Console
func (*Tenant) ConsoleExternalCert ¶
ConsoleExternalCert returns true is the user has provided a secret that contains CA cert, server cert and server key for Console pods
func (*Tenant) ConsolePodLabels ¶
ConsolePodLabels returns the default labels for Console Pod
func (*Tenant) ConsoleServerHost ¶
ConsoleServerHost returns ClusterIP service Host for current Console Tenant
func (*Tenant) ConsoleTLSSecretName ¶
ConsoleTLSSecretName returns the name of Secret that has Console TLS related Info (Cert & Private Key)
func (*Tenant) ConsoleVolMountName ¶
ConsoleVolMountName returns the name of Secret that has TLS related Info (Cert & Private Key)
func (*Tenant) CreateConsoleUser ¶
func (t *Tenant) CreateConsoleUser(madmClnt *madmin.AdminClient, consoleSecret map[string][]byte, skipCreateUser bool) error
CreateConsoleUser function creates an admin user
func (*Tenant) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Tenant.
func (*Tenant) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Tenant) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*Tenant) EnsureDefaults ¶
EnsureDefaults will ensure that if a user omits and fields in the spec that are required, we set some sensible defaults. For example a user can choose to omit the version and number of members.
func (*Tenant) ExternalCaCerts ¶ added in v0.4.0
ExternalCaCerts returns true is the user has provided a additional CA certificates for MinIO
func (*Tenant) ExternalCert ¶
ExternalCert returns true is the user has provided a secret that contains CA cert, server cert and server key
func (*Tenant) ExternalClientCert ¶
ExternalClientCert returns true is the user has provided a secret that contains CA client cert, server cert and server key
func (*Tenant) GetConsoleEnvVars ¶ added in v0.4.0
GetConsoleEnvVars returns the environment variables for the console deployment of a particular tenant
func (*Tenant) HasCertConfig ¶
HasCertConfig returns true if the user has provided a certificate config
func (*Tenant) HasConsoleEnabled ¶
HasConsoleEnabled checks if the console has been enabled by the user
func (*Tenant) HasConsoleSecret ¶
HasConsoleSecret returns true if the user has provided an console secret for a Tenant else false
func (*Tenant) HasCredsSecret ¶
HasCredsSecret returns true if the user has provided a secret for a Tenant else false
func (*Tenant) HasKESEnabled ¶
HasKESEnabled checks if kes configuration is provided by user
func (*Tenant) HasLogEnabled ¶ added in v0.4.0
HasLogEnabled checks if Log feature has been enabled
func (*Tenant) HasPrometheusEnabled ¶ added in v0.4.0
HasPrometheusEnabled checks if Prometheus metrics has been enabled
func (*Tenant) KESCSRName ¶
KESCSRName returns the name of CSR that generated if AutoTLS is enabled for KES Namespace adds uniqueness to the CSR name (single KES tenant per namsepace) since CSR is not a namespaced resource
func (*Tenant) KESClientCert ¶
KESClientCert returns true is the user has provided a secret that contains CA cert, client cert and client key for KES pods
func (*Tenant) KESExternalCert ¶
KESExternalCert returns true is the user has provided a secret that contains CA cert, server cert and server key for KES pods
func (*Tenant) KESHLServiceName ¶
KESHLServiceName returns the name of headless service that is created to manage the StatefulSet of this Tenant
func (*Tenant) KESJobName ¶
KESJobName returns the name for KES Key Job
func (*Tenant) KESPodLabels ¶
KESPodLabels returns the default labels for KES Pod
func (*Tenant) KESReplicas ¶
KESReplicas returns the number of total KES replicas required for this cluster
func (*Tenant) KESServiceEndpoint ¶
KESServiceEndpoint similar to KESServiceHost but a URL with current scheme
func (*Tenant) KESServiceHost ¶
KESServiceHost returns headless service Host for KES in current Tenant
func (*Tenant) KESStatefulSetName ¶
KESStatefulSetName returns the name for KES StatefulSet
func (*Tenant) KESTLSSecretName ¶
KESTLSSecretName returns the name of Secret that has KES TLS related Info (Cert & Private Key)
func (*Tenant) KESVolMountName ¶
KESVolMountName returns the name of Secret that has TLS related Info (Cert & Private Key)
func (*Tenant) KESWildCardName ¶
KESWildCardName returns the wild card name managed by headless service created for KES StatefulSet in current Tenant
func (*Tenant) LogHLServiceName ¶ added in v0.4.0
LogHLServiceName returns name of Headless service for the Log statefulsets
func (*Tenant) LogPgPodLabels ¶ added in v0.4.0
LogPgPodLabels returns the default labels for Log Postgres server pods
func (*Tenant) LogSearchAPIDeploymentName ¶ added in v0.4.0
LogSearchAPIDeploymentName returns name of Log Search API server deployment
func (*Tenant) LogSearchAPIPodLabels ¶ added in v0.4.0
LogSearchAPIPodLabels returns the default labels for Log search API server pods
func (*Tenant) LogSearchAPIServiceName ¶ added in v0.4.0
LogSearchAPIServiceName returns name of Log Search API service name
func (*Tenant) LogSecretName ¶ added in v0.4.0
LogSecretName returns name of secret shared by Log PG server and log-search-api server
func (*Tenant) LogStatefulsetName ¶ added in v0.4.0
LogStatefulsetName returns name of statefulsets meant for Log feature
func (*Tenant) MinIOBucketBaseDomain ¶
MinIOBucketBaseDomain returns the base domain name for buckets
func (*Tenant) MinIOBucketBaseWildcardDomain ¶
MinIOBucketBaseWildcardDomain returns the base domain name for buckets
func (*Tenant) MinIOCIServiceName ¶
MinIOCIServiceName returns the name of Cluster IP service that is created to communicate with current MinIO StatefulSet pods
func (*Tenant) MinIOCSRName ¶
MinIOCSRName returns the name of CSR that is generated if AutoTLS is enabled Namespace adds uniqueness to the CSR name (single MinIO tenant per namsepace) since CSR is not a namespaced resource
func (*Tenant) MinIOClientCSRName ¶
MinIOClientCSRName returns the name of CSR that is generated for Client side authentication Used by KES Pods
func (*Tenant) MinIOClientTLSSecretName ¶
MinIOClientTLSSecretName returns the name of Secret that has TLS related Info (Cert & Private Key) for MinIO <-> KES client side authentication.
func (*Tenant) MinIOEndpoints ¶
MinIOEndpoints similar to MinIOHosts but as URLs
func (*Tenant) MinIOFQDNServiceName ¶
MinIOFQDNServiceName returns the name of the service created for the tenant.
func (*Tenant) MinIOHLServiceName ¶
MinIOHLServiceName returns the name of headless service that is created to manage the StatefulSet of this Tenant
func (*Tenant) MinIOHeadlessServiceHost ¶
MinIOHeadlessServiceHost returns headless service Host for current Tenant
func (*Tenant) MinIOHealthCheck ¶
MinIOHealthCheck check MinIO cluster health
func (*Tenant) MinIOHosts ¶
MinIOHosts returns the domain names in ellipses format created for current Tenant
func (*Tenant) MinIOPodLabels ¶
MinIOPodLabels returns the default labels for MinIO Pod
func (*Tenant) MinIOServerEndpoint ¶
MinIOServerEndpoint similar to MinIOServerHostAddress but a URL with current scheme
func (*Tenant) MinIOServerHost ¶
MinIOServerHost returns ClusterIP service Host for current Tenant
func (*Tenant) MinIOServerHostAddress ¶
MinIOServerHostAddress similar to MinIOServerHost but returns host with port
func (*Tenant) MinIOStatefulSetNameForPool ¶ added in v0.4.0
MinIOStatefulSetNameForPool returns the name for MinIO StatefulSet
func (*Tenant) MinIOTLSSecretName ¶
MinIOTLSSecretName returns the name of Secret that has TLS related Info (Cert & Private Key)
func (*Tenant) MinIOWildCardName ¶
MinIOWildCardName returns the wild card name for all MinIO Pods in current StatefulSet
func (*Tenant) NewMinIOAdmin ¶
NewMinIOAdmin initializes a new madmin.Client for operator interaction
func (*Tenant) OwnerRef ¶
func (t *Tenant) OwnerRef() []metav1.OwnerReference
OwnerRef returns the OwnerReference to be added to all resources created by Tenant
func (*Tenant) PoolStatefulsetName ¶ added in v0.4.0
PoolStatefulsetName returns the name of a statefulset for a given pool
func (*Tenant) PrometheusConfigMapName ¶ added in v0.4.0
PrometheusConfigMapName returns name of the config map for Prometheus.
func (*Tenant) PrometheusConfigVolMountName ¶ added in v0.4.0
PrometheusConfigVolMountName returns name of the prometheus config volume.
func (*Tenant) PrometheusHLServiceName ¶ added in v0.4.0
PrometheusHLServiceName returns name of Headless service for the Log statefulsets
func (*Tenant) PrometheusPodLabels ¶ added in v0.4.0
PrometheusPodLabels returns the default labels for Prometheus server pods
func (*Tenant) PrometheusServiceName ¶ added in v0.4.0
PrometheusServiceName returns name of the Prometheus service
func (*Tenant) PrometheusStatefulsetName ¶ added in v0.4.0
PrometheusStatefulsetName returns name of statefulset meant for Prometheus metrics.
func (*Tenant) S3BucketDNS ¶ added in v0.4.0
S3BucketDNS indicates if Bucket DNS feature is enabled.
func (*Tenant) TemplatedMinIOHosts ¶
TemplatedMinIOHosts returns the domain names in ellipses format created for current Tenant without the service part
func (*Tenant) Validate ¶
Validate returns an error if any configuration of the MinIO Tenant is invalid
func (*Tenant) VolumePathForPool ¶ added in v0.4.0
VolumePathForPool returns the paths for MinIO mounts based on total number of volumes on a given pool
type TenantList ¶
type TenantList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` Items []Tenant `json:"items"` }
TenantList is a list of Tenant resources
func (*TenantList) DeepCopy ¶
func (in *TenantList) DeepCopy() *TenantList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantList.
func (*TenantList) DeepCopyInto ¶
func (in *TenantList) DeepCopyInto(out *TenantList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*TenantList) DeepCopyObject ¶
func (in *TenantList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type TenantScheduler ¶
type TenantScheduler struct { // SchedulerName defines the name of scheduler to be used to schedule Tenant pods Name string `json:"name"` }
TenantScheduler is the spec for a Tenant scheduler
func (*TenantScheduler) DeepCopy ¶
func (in *TenantScheduler) DeepCopy() *TenantScheduler
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantScheduler.
func (*TenantScheduler) DeepCopyInto ¶
func (in *TenantScheduler) DeepCopyInto(out *TenantScheduler)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TenantSpec ¶
type TenantSpec struct { // Definition for Cluster in given MinIO cluster Pools []Pool `json:"pools"` // Image defines the Tenant Docker image. // +optional Image string `json:"image,omitempty"` // ImagePullSecret defines the secret to be used for pull image from a private Docker image. // +optional ImagePullSecret corev1.LocalObjectReference `json:"imagePullSecret,omitempty"` // Pod Management Policy for pod created by StatefulSet // +optional PodManagementPolicy appsv1.PodManagementPolicyType `json:"podManagementPolicy,omitempty"` // If provided, use this secret as the credentials for Tenant resource // Otherwise MinIO server creates dynamic credentials printed on MinIO server startup banner // +optional CredsSecret *corev1.LocalObjectReference `json:"credsSecret,omitempty"` // If provided, use these environment variables for Tenant resource // +optional Env []corev1.EnvVar `json:"env,omitempty"` // ExternalCertSecret allows a user to provide one or more TLS certificates and private keys. This is // used for enabling TLS with SNI support on MinIO server. // +optional ExternalCertSecret []*LocalCertificateReference `json:"externalCertSecret,omitempty"` // ExternalCaCertSecret allows a user to provide additional CA certificates. This is // used for MinIO to verify TLS connections with other applications. // +optional ExternalCaCertSecret []*LocalCertificateReference `json:"externalCaCertSecret,omitempty"` // ExternalClientCertSecret allows a user to specify custom CA client certificate, and private key. This is // used for adding client certificates on MinIO Pods --> used for KES authentication. // +optional ExternalClientCertSecret *LocalCertificateReference `json:"externalClientCertSecret,omitempty"` // Mount path for MinIO volume (PV). Defaults to /export // +optional Mountpath string `json:"mountPath,omitempty"` // Subpath inside mount path. This is the directory where MinIO stores data. Default to "" (empty) // +optional Subpath string `json:"subPath,omitempty"` // RequestAutoCert allows user to enable Kubernetes based TLS cert generation and signing as explained here: // https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/ // +optional RequestAutoCert *bool `json:"requestAutoCert,omitempty"` // S3 related features can be disabled or enabled such as `bucketDNS` etc. S3 *S3Features `json:"s3,omitempty"` // +optional // CertConfig allows users to set entries like CommonName, Organization, etc for the certificate // +optional CertConfig *CertificateConfig `json:"certConfig,omitempty"` // Security Context allows user to set entries like runAsUser, privilege escalation etc. // +optional SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"` // ConsoleConfiguration is for setting up minio/console for graphical user interface //+optional Console *ConsoleConfiguration `json:"console,omitempty"` // KES is for setting up minio/kes as MinIO KMS //+optional KES *KESConfig `json:"kes,omitempty"` Log *LogConfig `json:"log,omitempty"` // Prometheus is for setting up Prometheus metrics. Prometheus *PrometheusConfig `json:"prometheus,omitempty"` // ServiceAccountName is the name of the ServiceAccount to use to run pods of all MinIO // Pods created as a part of this Tenant. // +optional ServiceAccountName string `json:"serviceAccountName,omitempty"` // PriorityClassName indicates the Pod priority and hence importance of a Pod relative to other Pods. // This is applied to MinIO pods only. // Refer Kubernetes documentation for details https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass // +optional PriorityClassName string `json:"priorityClassName,omitempty"` // Image pull policy. One of Always, Never, IfNotPresent. // This is applied to MinIO pods only. // Refer Kubernetes documentation for details https://kubernetes.io/docs/concepts/containers/images#updating-images ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"` // SideCars a list of containers to run as sidecars along every MinIO Pod on every pool // +optional SideCars *SideCars `json:"sideCars,omitempty"` // ExposeServices tells operator whether to expose the MinIO service and/or the Console Service // +optional ExposeServices *ExposeServices `json:"exposeServices,omitempty"` }
TenantSpec is the spec for a Tenant resource
func (*TenantSpec) DeepCopy ¶
func (in *TenantSpec) DeepCopy() *TenantSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantSpec.
func (*TenantSpec) DeepCopyInto ¶
func (in *TenantSpec) DeepCopyInto(out *TenantSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TenantStatus ¶
type TenantStatus struct { CurrentState string `json:"currentState"` AvailableReplicas int32 `json:"availableReplicas"` }
TenantStatus is the status for a Tenant resource
func (*TenantStatus) DeepCopy ¶
func (in *TenantStatus) DeepCopy() *TenantStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantStatus.
func (*TenantStatus) DeepCopyInto ¶
func (in *TenantStatus) DeepCopyInto(out *TenantStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.