v2

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 28, 2023 License: AGPL-3.0 Imports: 37 Imported by: 0

Documentation

Overview

Package v2 - This page provides a quick automatically generated reference for the MinIO Operator `minio.min.io/v2` CRD. For more complete documentation on the MinIO Operator CRD, see https://min.io/docs/minio/kubernetes/upstream/index.html[MinIO Kubernetes Documentation]. +

The `minio.min.io/v2` API was released with the v4.0.0 MinIO Operator. The MinIO Operator automatically converts existing tenants using the `/v1` API to `/v2`. +

+groupName=minio.min.io +versionName=v2

Index

Constants

View Source 
const (
	MinIOServerURL          = "MINIO_SERVER_URL"
	MinIODomain             = "MINIO_DOMAIN"
	MinIOBrowserRedirectURL = "MINIO_BROWSER_REDIRECT_URL"
)

Webhook API constants

View Source 
const CSRNameSuffix = "-csr"

CSRNameSuffix specifies the suffix added to Tenant name to create a CSR

View Source 
const CfgFile = CfgPath + "config.env"

CfgFile is the Configuration File for MinIO

View Source 
const CfgPath = "/tmp/minio/"

CfgPath is the location of the MinIO Configuration File

View Source 
const ConsoleAdminPolicyName = "consoleAdmin"

ConsoleAdminPolicyName denotes the policy name for Console user

View Source 
const ConsoleName = "-console"

ConsoleName specifies the default container name for Console

View Source 
const ConsolePort = 9090

ConsolePort specifies the default Console port number.

View Source 
const ConsoleServicePortName = "http-console"

ConsoleServicePortName specifies the default Console Service's port name.

View Source 
const ConsoleServiceTLSPortName = "https-console"

ConsoleServiceTLSPortName specifies the default Console Service's port name.

View Source 
const ConsoleTLSPort = 9443

ConsoleTLSPort specifies the default Console port number for HTTPS.

View Source 
const ConsoleTenantLabel = "v1.min.io/console"

ConsoleTenantLabel is applied to the Console pods of a Tenant cluster

View Source 
const DefaultImagePullPolicy = corev1.PullIfNotPresent

DefaultImagePullPolicy specifies the policy to image pulls

View Source 
const DefaultKESImage = "minio/kes:2023-11-10T10-44-28Z"

DefaultKESImage specifies the latest KES Docker hub image

View Source 
const DefaultKESReplicas = 2

DefaultKESReplicas specifies the default number of KES pods to be created if not specified

View Source 
const DefaultMinIOImage = "minio/minio:RELEASE.2023-11-15T20-43-25Z"

DefaultMinIOImage specifies the default MinIO Docker hub image

View Source 
const DefaultMinIOUpdateURL = "https://dl.min.io/server/minio/release/" + runtime.GOOS + "-" + runtime.GOARCH + "/archive/"

DefaultMinIOUpdateURL specifies the default MinIO URL where binaries are pulled from during MinIO upgrades

View Source 
const DefaultMonitoringInterval = 3

DefaultMonitoringInterval is how often we run monitoring on tenants

View Source 
const DefaultPodManagementPolicy = appsv1.ParallelPodManagement

DefaultPodManagementPolicy specifies default pod management policy as expllained here https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies

View Source 
const DefaultPrometheusNamespace = "default"

DefaultPrometheusNamespace is the default namespace for prometheus

View Source 
const DefaultUpdateStrategy = "RollingUpdate"

DefaultUpdateStrategy specifies default pod update policy as explained here https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies

View Source 
const KESConfigMountPath = "/tmp/kes"

KESConfigMountPath specifies the path where KES config file and all secrets are mounted We keep this to /tmp, so it doesn't require any special permissions

View Source 
const KESContainerName = "kes"

KESContainerName specifies the default container name for KES

View Source 
const KESHLSvcNameSuffix = "-kes-hl-svc"

KESHLSvcNameSuffix specifies the suffix added to Tenant name to create a headless service for KES

View Source 
const KESInstanceLabel = "v1.min.io/kes"

KESInstanceLabel is applied to the KES pods of a Tenant cluster

View Source 
const KESMinIOKey = "my-minio-key"

KESMinIOKey is the name of key that KES creates on the KMS backend

View Source 
const KESName = "-kes"

KESName specifies the default container name for KES

View Source 
const KESPort = 7373

KESPort specifies the default KES Service's port number.

View Source 
const KESServicePortName = "http-kes"

KESServicePortName specifies the default KES Service's port name.

View Source 
const MinIOCRDResourceKind = "Tenant"

MinIOCRDResourceKind is the Kind of Cluster.

View Source 
const MinIOCertPath = "/tmp/certs"

MinIOCertPath is the path where all MinIO certs are mounted

View Source 
const MinIOHLSvcNameSuffix = "-hl"

MinIOHLSvcNameSuffix specifies the suffix added to Tenant name to create a headless service

View Source 
const MinIOPort = 9000

MinIOPort specifies the default Tenant port number.

View Source 
const MinIOPortLoadBalancerSVC = 80

MinIOPortLoadBalancerSVC specifies the default Service port number for the load balancer service.

View Source 
const MinIOPrometheusPathCluster = "/minio/v2/metrics/cluster"

MinIOPrometheusPathCluster is the path where MinIO tenant exposes cluster Prometheus metrics

View Source 
const MinIOPrometheusScrapeInterval = 30 * time.Second

MinIOPrometheusScrapeInterval defines how frequently to scrape targets.

View Source 
const MinIOSFTPPort = 8022

MinIOSFTPPort specifies the default Tenant SFTP port number.

View Source 
const MinIOServerName = "minio"

MinIOServerName specifies the default container name for Tenant

View Source 
const MinIOServiceHTTPPortName = "http-minio"

MinIOServiceHTTPPortName specifies the default Service's http port name, e.g. for automatic protocol selection in Istio

View Source 
const MinIOServiceHTTPSPortName = "https-minio"

MinIOServiceHTTPSPortName specifies the default Service's https port name, e.g. for automatic protocol selection in Istio

View Source 
const MinIOServiceSFTPPortName = "sftp-minio"

MinIOServiceSFTPPortName specifies the default Service's FTP port name

View Source 
const MinIOTLSPortLoadBalancerSVC = 443

MinIOTLSPortLoadBalancerSVC specifies the default Service TLS port number for the load balancer service.

View Source 
const MinIOVolumeMountPath = "/export"

MinIOVolumeMountPath specifies the default mount path for MinIO volumes

View Source 
const MinIOVolumeName = "export"

MinIOVolumeName specifies the default volume name for MinIO volumes

View Source 
const MinIOVolumeSubPath = ""

MinIOVolumeSubPath specifies the default sub path under mount path

View Source 
const PoolLabel = "v1.min.io/pool"

PoolLabel is applied to all components in a Pool of a Tenant cluster

View Source 
const PrometheusAddlScrapeConfigKey = "prometheus-additional.yaml"

PrometheusAddlScrapeConfigKey is the key in secret data

View Source 
const PrometheusAddlScrapeConfigSecret = "minio-prom-additional-scrape-config"

PrometheusAddlScrapeConfigSecret is the name of the secrets which contains the scrape config

View Source 
const PrometheusName = "PROMETHEUS_NAME"

PrometheusName is the name of the prometheus

View Source 
const PrometheusNamespace = "PROMETHEUS_NAMESPACE"

PrometheusNamespace is the namespace of the prometheus

View Source 
const Revision = "min.io/revision"

Revision is applied to all statefulsets

View Source 
const StatefulSetLegacyPrefix = "zone"

StatefulSetLegacyPrefix by old operators

View Source 
const StatefulSetPrefix = "ss"

StatefulSetPrefix used by statefulsets

View Source 
const TenantConfigurationSecretSuffix = "-configuration"

TenantConfigurationSecretSuffix specifies the suffix added to tenant name to create the configuration secret name

View Source 
const TenantLabel = "v1.min.io/tenant"

TenantLabel is applied to all components of a Tenant cluster

View Source 
const TmpPath = "/tmp"

TmpPath /tmp path inside the container file system

View Source 
const Version = "v2"

Version specifies the API Version

View Source 
const ZoneLabel = "v1.min.io/zone"

ZoneLabel is used for compatibility with tenants deployed prior to operator 4.0.0

Variables

View Source 
var (
	// SchemeBuilder collects the scheme builder functions for the MinIO
	// Operator API.
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)

	// AddToScheme applies the SchemeBuilder functions to a specified scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var DefaultEllipticCurve = elliptic.P256()

DefaultEllipticCurve specifies the default elliptic curve to be used for key generation

View Source 
var DefaultOrgName = []string{"system:nodes"}

DefaultOrgName specifies the default Org name to be used in automatic certificate generation

View Source 
var DefaultQueryInterval = time.Second * 5

DefaultQueryInterval specifies the interval between each query for CSR Status

View Source 
var DefaultQueryTimeout = time.Minute * 20

DefaultQueryTimeout specifies the timeout for query for CSR Status

View Source 
var SchemeGroupVersion = schema.GroupVersion{Group: operator.GroupName, Version: Version}

SchemeGroupVersion is group version used to register these objects

View Source 
var TLSSecretSuffix = "-tls"

TLSSecretSuffix is the suffix applied to Tenant name to create the TLS secret

Functions

func CompactJSONString 

func CompactJSONString(jsonObject string) (string, error)

CompactJSONString removes white spaces, tabs and line return

func ExtractTar 

func ExtractTar(filesToExtract []string, basePath, tarFileName string) error

ExtractTar extracts all tar files from the list `filesToExtract` and puts the files in the `basePath` location

func GenerateCredentials 

func GenerateCredentials() (accessKey, secretKey string, err error)

GenerateCredentials - creates randomly generated credentials of maximum allowed length.

func GenerateTenantConfigurationFile 

func GenerateTenantConfigurationFile(configuration map[string]string) string

GenerateTenantConfigurationFile :

func GetClusterDomain 

func GetClusterDomain() string

GetClusterDomain returns the Kubernetes cluster domain

func GetMonitoringInterval 

func GetMonitoringInterval() int

GetMonitoringInterval returns how ofter we should query tenants for cluster/health

func GetNSFromFile 

func GetNSFromFile() string

GetNSFromFile assumes the operator is running inside a k8s pod and extract the current namespace from the /var/run/secrets/kubernetes.io/serviceaccount/namespace file

func GetOpenshiftCSRSignerCAFromFile 

func GetOpenshiftCSRSignerCAFromFile() []byte

GetOpenshiftCSRSignerCAFromFile extracts the tls.crt certificate in Openshift deployments coming from the mounted secret openshift-csr-signer-ca

func GetOpenshiftServiceCAFromFile 

func GetOpenshiftServiceCAFromFile() []byte

GetOpenshiftServiceCAFromFile extracts the service-ca.crt certificate in Openshift deployments coming from configmap openshift-service-ca.crt

func GetPodCAFromFile 

func GetPodCAFromFile() []byte

GetPodCAFromFile assumes the operator is running inside a k8s pod and extract the current ca certificate from /var/run/secrets/kubernetes.io/serviceaccount/ca.crt

func GetPrivateKeyFilePath 

func GetPrivateKeyFilePath(serviceName string) string

GetPrivateKeyFilePath return the path to the key file based for the serviceName

func GetPrometheusName 

func GetPrometheusName() string

GetPrometheusName returns namespace of the prometheus managed by prometheus operator

func GetPrometheusNamespace 

func GetPrometheusNamespace() string

GetPrometheusNamespace returns namespace of the prometheus managed by prometheus operator

func GetPublicCertFilePath 

func GetPublicCertFilePath(serviceName string) string

GetPublicCertFilePath return the path to the certificate file based for the serviceName

func GetTenantKesImage 

func GetTenantKesImage() string

GetTenantKesImage returns the default KES Image for a tenant

func GetTenantMinIOImage 

func GetTenantMinIOImage() string

GetTenantMinIOImage returns the default MinIO image for a tenant

func IsContainersEnvUpdated 

func IsContainersEnvUpdated(existingContainers, expectedContainers []corev1.Container) bool

IsContainersEnvUpdated compare environment variables of existing and expected containers and returns true if there is a change

func IsEnvUpdated 

func IsEnvUpdated(old, new map[string]string) bool

IsEnvUpdated looks for new env vars in the old env vars and returns true if new env vars are not found

func Kind 

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func MergeMaps 

func MergeMaps(a, b map[string]string) map[string]string

MergeMaps merges two maps and returns the union

func MustGetSystemCertPool 

func MustGetSystemCertPool() *x509.CertPool

MustGetSystemCertPool - return system CAs or empty pool in case of error (or windows)

func ParseRawConfiguration 

func ParseRawConfiguration(configuration []byte) (config map[string][]byte)

ParseRawConfiguration map[string][]byte representation of the MinIO config.env file

func ReleaseTagToReleaseTime 

func ReleaseTagToReleaseTime(releaseTag string) (releaseTime time.Time, err error)

ReleaseTagToReleaseTime - converts a 'RELEASE.2017-09-29T19-16-56Z.hotfix' into the build time

func Resource 

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

func ToMap 

func ToMap(envs []corev1.EnvVar) map[string]string

ToMap converts a slice of env vars to a map of Name and value

Types

type AuditConfig 

type AuditConfig struct {
	// *Required* +
	//
	// Specify the amount of storage to request in Gigabytes (GB) for storing audit logs.
	// +optional
	DiskCapacityGB *int `json:"diskCapacityGB,omitempty"`
}

AuditConfig defines configuration parameters for Audit (type) logs

func (*AuditConfig) DeepCopy 

func (in *AuditConfig) DeepCopy() *AuditConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditConfig.

func (*AuditConfig) DeepCopyInto 

func (in *AuditConfig) DeepCopyInto(out *AuditConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Bucket 

type Bucket struct {
	Name          string `json:"name,omitempty"`
	Region        string `json:"region,omitempty"`
	ObjectLocking bool   `json:"objectLock,omitempty"`
}

Bucket describes the default created buckets

func (*Bucket) DeepCopy 

func (in *Bucket) DeepCopy() *Bucket

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Bucket.

func (*Bucket) DeepCopyInto 

func (in *Bucket) DeepCopyInto(out *Bucket)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertificateConfig 

type CertificateConfig struct {
	// *Optional* +
	//
	// The `CommonName` or `CN` attribute to associate to automatically generated TLS certificates. +
	CommonName string `json:"commonName,omitempty"`
	// *Optional* +
	//
	// Specify one or more `OrganizationName` or `O` attributes to associate to automatically generated TLS certificates. +
	OrganizationName []string `json:"organizationName,omitempty"`
	// *Optional* +
	//
	// Specify one or more x.509 Subject Alternative Names (SAN) to associate to automatically generated TLS certificates. MinIO Server pods use SNI to determine which certificate to respond with based on the requested hostname.
	DNSNames []string `json:"dnsNames,omitempty"`
}

CertificateConfig (`certConfig`) defines controlling attributes associated to any TLS certificate automatically generated by the Operator as part of tenant creation. These fields have no effect if `spec.autoCert: false`.

func (*CertificateConfig) DeepCopy 

func (in *CertificateConfig) DeepCopy() *CertificateConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateConfig.

func (*CertificateConfig) DeepCopyInto 

func (in *CertificateConfig) DeepCopyInto(out *CertificateConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertificateStatus 

type CertificateStatus struct {
	// AutoCertEnabled registers whether we know if the tenant has autocert enabled
	// +nullable
	AutoCertEnabled *bool `json:"autoCertEnabled,omitempty"`
	// Provides the output of the `client`, `minio`, and`minioCAs` custom TLS certificates manually added to the Operator.
	// +nullable
	CustomCertificates *CustomCertificates `json:"customCertificates,omitempty"`
}

CertificateStatus keeps track of all the certificates managed by the operator

func (*CertificateStatus) DeepCopy 

func (in *CertificateStatus) DeepCopy() *CertificateStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateStatus.

func (*CertificateStatus) DeepCopyInto 

func (in *CertificateStatus) DeepCopyInto(out *CertificateStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomCertificateConfig 

type CustomCertificateConfig struct {
	// *Optional* +
	//
	// Output one or more `CertName` attributes associated with the manually provided TLS certificates. +
	CertName string `json:"certName,omitempty"`
	// *Optional* +
	//
	// Output one or more `Domains` attributes associated with the manually provided TLS certificates. +
	Domains []string `json:"domains,omitempty"`
	// *Optional* +
	//
	// Output one or more `Expiry` attributes associated with the manually provided TLS certificates. +
	Expiry string `json:"expiry,omitempty"`
	// *Optional* +
	//
	// Output one or more `ExpiresIn` attributes associated with the manually provided TLS certificates. +
	ExpiresIn string `json:"expiresIn,omitempty"`
	// *Optional* +
	//
	// Output one or more `SerialNo` attributes associated with the manually provided TLS certificates. +
	SerialNo string `json:"serialNo,omitempty"`
}

CustomCertificateConfig (`customCertificateConfig`) provides attributes associated of the TLS certificates manually added to the Operator as part of tenant creation. These fields contain no data if there are no custom TLS certificates.

func (*CustomCertificateConfig) DeepCopy 

func (in *CustomCertificateConfig) DeepCopy() *CustomCertificateConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomCertificateConfig.

func (*CustomCertificateConfig) DeepCopyInto 

func (in *CustomCertificateConfig) DeepCopyInto(out *CustomCertificateConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomCertificates 

type CustomCertificates struct {
	// *Optional* +
	//
	// Client
	Client []*CustomCertificateConfig `json:"client,omitempty"`
	// *Optional* +
	//
	// Minio
	Minio []*CustomCertificateConfig `json:"minio,omitempty"`
	// *Optional* +
	//
	// Certificate Authorities
	MinioCAs []*CustomCertificateConfig `json:"minioCAs,omitempty"`
}

CustomCertificates (`customCertificates`) provides groupings of the TLS certificates manually added to the Operator as part of tenant creation. These fields contain no data if there are no custom TLS certificates.

func (*CustomCertificates) DeepCopy 

func (in *CustomCertificates) DeepCopy() *CustomCertificates

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomCertificates.

func (*CustomCertificates) DeepCopyInto 

func (in *CustomCertificates) DeepCopyInto(out *CustomCertificates)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExposeServices 

type ExposeServices struct {
	// *Optional* +
	//
	// Directs the Operator to expose the MinIO service. Defaults to `false`. +
	// +optional
	MinIO bool `json:"minio,omitempty"`
	// *Optional* +
	//
	// Directs the Operator to expose the MinIO Console service. Defaults to `false`. +
	// +optional
	Console bool `json:"console,omitempty"`
}

ExposeServices (`exposeServices`) defines the exposure of the MinIO object storage and Console services. +

func (*ExposeServices) DeepCopy 

func (in *ExposeServices) DeepCopy() *ExposeServices

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExposeServices.

func (*ExposeServices) DeepCopyInto 

func (in *ExposeServices) DeepCopyInto(out *ExposeServices)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Features 

type Features struct {
	// *Optional* +
	//
	// Specify `true` to allow clients to access buckets using the DNS path `<bucket>.minio.default.svc.cluster.local`. Defaults to `false`.
	//
	BucketDNS bool `json:"bucketDNS,omitempty"`
	// *Optional* +
	//
	// Specify a list of domains used to access MinIO and Console.
	//
	Domains *TenantDomains `json:"domains,omitempty"`
	// *Optional* +
	//
	// Starts minio server with SFTP support
	EnableSFTP *bool `json:"enableSFTP,omitempty"`
}

Features (`features`) - Object describing which MinIO features to enable/disable in the MinIO Tenant. +

func (*Features) DeepCopy 

func (in *Features) DeepCopy() *Features

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Features.

func (*Features) DeepCopyInto 

func (in *Features) DeepCopyInto(out *Features)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HealthStatus 

type HealthStatus string

HealthStatus represents whether the tenant is healthy, with decreased service or offline 

const (
	// HealthStatusGreen indicates a healthy tenant: all drives online
	HealthStatusGreen HealthStatus = "green"
	// HealthStatusYellow indicates a decreased resilience tenant, some drives offline
	HealthStatusYellow HealthStatus = "yellow"
	// HealthStatusRed indicates the tenant is offline, or lost write quorum
	HealthStatusRed HealthStatus = "red"
)

type KESConfig 

type KESConfig struct {
	// *Optional* +
	//
	// Specify the number of replica KES pods to deploy in the tenant. Defaults to `2`.
	// +optional
	Replicas int32 `json:"replicas,omitempty"`
	// *Optional* +
	//
	// The Docker image to use for deploying MinIO KES. Defaults to {kes-image}. +
	// +optional
	Image string `json:"image,omitempty"`
	// *Optional* +
	//
	// The pull policy for the MinIO Docker image. Specify one of the following: +
	//
	// * `Always` +
	//
	// * `Never` +
	//
	// * `IfNotPresent` (Default) +
	//
	// Refer to the Kubernetes documentation for details https://kubernetes.io/docs/concepts/containers/images#updating-images
	ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"`
	// *Optional* +
	//
	// The https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/[Kubernetes Service Account] to use for running MinIO KES pods created as part of the Tenant. +
	// +optional
	ServiceAccountName string `json:"serviceAccountName,omitempty"`
	// *Required* +
	//
	// Specify a https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes opaque secret] which contains environment variables to use for setting up the MinIO KES service. +
	//
	// See the https://github.com/lgj101/operator/blob/master/examples/kes-secret.yaml[MinIO Operator `console-secret.yaml`] for an example.
	Configuration *corev1.LocalObjectReference `json:"kesSecret"`
	// *Optional* +
	//
	// Enables TLS with SNI support on each MinIO KES pod in the tenant. If `externalCertSecret` is omitted *and* `spec.requestAutoCert` is set to `false`, MinIO KES pods deploy *without* TLS enabled. +
	//
	// Specify a https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes TLS secret]. The MinIO Operator copies the specified certificate to every MinIO pod in the tenant. When the MinIO pod/service responds to a TLS connection request, it uses SNI to select the certificate with matching `subjectAlternativeName`. +
	//
	// Specify an object containing the following fields: +
	//
	// * - `name` - The name of the Kubernetes secret containing the TLS certificate. +
	//
	// * - `type` - Specify `kubernetes.io/tls` +
	//
	// See the https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-minio-tenant.html#procedure-command-line[MinIO Operator CRD] reference for examples and more complete documentation on configuring TLS for MinIO Tenants.
	// +optional
	ExternalCertSecret *LocalCertificateReference `json:"externalCertSecret,omitempty"`
	// *Optional* +
	//
	// Specify a a https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes TLS secret] containing a custom root Certificate Authority and x.509 certificate to use for performing mTLS authentication with an external Key Management Service, such as Hashicorp Vault. +
	//
	// Specify an object containing the following fields: +
	//
	// * - `name` - The name of the Kubernetes secret containing the Certificate Authority and x.509 Certificate. +
	//
	// * - `type` - Specify `kubernetes.io/tls` +
	// +optional
	ClientCertSecret *LocalCertificateReference `json:"clientCertSecret,omitempty"`
	// *Optional* +
	//
	//  Specify the GCP default credentials to be used for KES to authenticate to GCP key store
	//
	// +optional
	GCPCredentialSecretName string `json:"gcpCredentialSecretName,omitempty"`
	// *Optional* +
	//
	//  Specify the name of the workload identity pool (This is required for generating service account token)
	//
	// +optional
	GCPWorkloadIdentityPool string `json:"gcpWorkloadIdentityPool,omitempty"`
	// *Optional* +
	//
	// If provided, use these annotations for KES Object Meta annotations
	// +optional
	Annotations map[string]string `json:"annotations,omitempty"`
	// *Optional* +
	//
	// If provided, use these labels for KES Object Meta labels
	// +optional
	Labels map[string]string `json:"labels,omitempty"`
	// *Optional* +
	//
	// Object specification for specifying CPU and memory https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/[resource allocations] or limits in the MinIO tenant. +
	// +optional
	Resources corev1.ResourceRequirements `json:"resources,omitempty"`
	// *Optional* +
	//
	// The filter for the Operator to apply when selecting which nodes on which to deploy MinIO KES pods. The Operator only selects those nodes whose labels match the specified selector. +
	//
	// See the Kubernetes documentation on https://kubernetes.io/docs/concepts/configuration/assign-pod-node/[Assigning Pods to Nodes] for more information.
	// +optional
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`
	// *Optional* +
	//
	// Specify one or more https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/[Kubernetes tolerations] to apply to MinIO KES pods.
	// +optional
	Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
	// *Optional* +
	//
	// Specify node affinity, pod affinity, and pod anti-affinity for the KES pods. +
	// +optional
	Affinity *corev1.Affinity `json:"affinity,omitempty"`
	// *Optional* +
	//
	// Specify one or more https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/[Kubernetes Topology Spread Constraints] to apply to pods deployed in the MinIO pool.
	// +optional
	TopologySpreadConstraints []corev1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"`
	// *Optional* +
	//
	// If provided, use this as the name of the key that KES creates on the KMS backend
	// +optional
	KeyName string `json:"keyName,omitempty"`
	// Specify the https://kubernetes.io/docs/tasks/configure-pod-container/security-context/[Security Context] of MinIO KES pods. The Operator supports only the following pod security fields: +
	//
	// * `fsGroup` +
	//
	// * `fsGroupChangePolicy` +
	//
	// * `runAsGroup` +
	//
	// * `runAsNonRoot` +
	//
	// * `runAsUser` +
	//
	// * `seLinuxOptions` +
	// +optional
	SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"`
	// *Optional* +
	//
	// If provided, the MinIO Operator adds the specified environment variables when deploying the KES resource.
	// +optional
	Env []corev1.EnvVar `json:"env,omitempty"`
}

KESConfig (`kes`) defines the configuration of the https://github.com/minio/kes[MinIO Key Encryption Service] (KES) StatefulSet deployed as part of the MinIO Tenant. KES supports Server-Side Encryption of objects using an external Key Management Service (KMS). +

func (*KESConfig) DeepCopy 

func (in *KESConfig) DeepCopy() *KESConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KESConfig.

func (*KESConfig) DeepCopyInto 

func (in *KESConfig) DeepCopyInto(out *KESConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KESConfig) EqualImage 

func (c *KESConfig) EqualImage(currentImage string) bool

EqualImage returns true if config image and current input image are same

type LocalCertificateReference 

type LocalCertificateReference struct {
	// *Required* +
	//
	// The name of the Kubernetes secret containing the TLS certificate or Certificate Authority file. +
	Name string `json:"name"`
	// *Required* +
	//
	// The type of Kubernetes secret. Specify `kubernetes.io/tls` +
	Type string `json:"type,omitempty"`
}

LocalCertificateReference (`externalCertSecret`, `externalCaCertSecret`,`clientCertSecret`) contains a Kubernetes secret containing TLS certificates or Certificate Authority files for use with enabling TLS in the MinIO Tenant. +

func (*LocalCertificateReference) DeepCopy 

func (in *LocalCertificateReference) DeepCopy() *LocalCertificateReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalCertificateReference.

func (*LocalCertificateReference) DeepCopyInto 

func (in *LocalCertificateReference) DeepCopyInto(out *LocalCertificateReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Logging 

type Logging struct {
	JSON      bool `json:"json,omitempty"`
	Anonymous bool `json:"anonymous,omitempty"`
	Quiet     bool `json:"quiet,omitempty"`
}

Logging describes Logging for MinIO tenants.

func (*Logging) DeepCopy 

func (in *Logging) DeepCopy() *Logging

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Logging.

func (*Logging) DeepCopyInto 

func (in *Logging) DeepCopyInto(out *Logging)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Pool 

type Pool struct {
	// *Optional* +
	//
	// Specify the name of the pool. The Operator automatically generates the pool name if this field is omitted.
	// +optional
	Name string `json:"name,omitempty"`
	// *Required*
	//
	// The number of MinIO server pods to deploy in the pool. The minimum value is `2`.
	//
	// The MinIO Operator requires a minimum of `4` volumes per pool. Specifically, the result of `pools.servers X pools.volumesPerServer` must be greater than `4`. +
	Servers int32 `json:"servers"`
	// *Required* +
	//
	// The number of Persistent Volume Claims to generate for each MinIO server pod in the pool. +
	//
	// The MinIO Operator requires a minimum of `4` volumes per pool. Specifically, the result of `pools.servers X pools.volumesPerServer` must be greater than `4`. +
	VolumesPerServer int32 `json:"volumesPerServer"`
	// *Required* +
	//
	// Specify the configuration options for the MinIO Operator to use when generating Persistent Volume Claims for the MinIO tenant. +
	//
	VolumeClaimTemplate *corev1.PersistentVolumeClaim `json:"volumeClaimTemplate"`
	// *Optional* +
	//
	// Object specification for specifying CPU and memory https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/[resource allocations] or limits in the MinIO tenant. +
	// +optional
	Resources corev1.ResourceRequirements `json:"resources,omitempty"`
	// *Optional* +
	//
	// The filter for the Operator to apply when selecting which nodes on which to deploy pods in the pool. The Operator only selects those nodes whose labels match the specified selector. +
	//
	// See the Kubernetes documentation on https://kubernetes.io/docs/concepts/configuration/assign-pod-node/[Assigning Pods to Nodes] for more information.
	// +optional
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`
	// *Optional* +
	//
	// Specify node affinity, pod affinity, and pod anti-affinity for pods in the MinIO pool. +
	// +optional
	Affinity *corev1.Affinity `json:"affinity,omitempty"`
	// *Optional* +
	//
	// Specify one or more https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/[Kubernetes tolerations] to apply to pods deployed in the MinIO pool.
	// +optional
	Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
	// *Optional* +
	//
	// Specify one or more https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/[Kubernetes Topology Spread Constraints] to apply to pods deployed in the MinIO pool.
	// +optional
	TopologySpreadConstraints []corev1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"`
	// *Optional* +
	//
	// Specify the https://kubernetes.io/docs/tasks/configure-pod-container/security-context/[Security Context] of pods in the pool. The Operator supports only the following pod security fields: +
	//
	// * `fsGroup` +
	//
	// * `fsGroupChangePolicy` +
	//
	// * `runAsGroup` +
	//
	// * `runAsNonRoot` +
	//
	// * `runAsUser` +
	//
	// +optional
	SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"`
	// Specify the https://kubernetes.io/docs/tasks/configure-pod-container/security-context/[Security Context] of containers in the pool. The Operator supports only the following container security fields: +
	//
	// * `runAsGroup` +
	//
	// * `runAsNonRoot` +
	//
	// * `runAsUser` +
	//
	// +optional
	ContainerSecurityContext *corev1.SecurityContext `json:"containerSecurityContext,omitempty"`
	// *Optional* +
	//
	// Specify custom labels and annotations to append to the Pool.
	// +optional
	// *Optional* +
	//
	// If provided, use these annotations for the Pool Objects Meta annotations (Statefulset and Pod template)
	// +optional
	Annotations map[string]string `json:"annotations,omitempty"`
	// *Optional* +
	//
	// If provided, use these labels for the Pool Objects Meta annotations (Statefulset and Pod template)
	// +optional
	Labels map[string]string `json:"labels,omitempty"`
	// *Optional* +
	//
	// If provided, each pod on the Statefulset will run with the specified RuntimeClassName, for more info https://kubernetes.io/docs/concepts/containers/runtime-class/
	// +optional
	RuntimeClassName *string `json:"runtimeClassName,omitempty"`
	// *Optional* +
	//
	// If true. Will delete the storage when tenant has been deleted.
	// +optional
	ReclaimStorage *bool `json:"reclaimStorage,omitempty"`
}

Pool (`pools`) defines a MinIO server pool on a Tenant. Each pool consists of a set of MinIO server pods which "pool" their storage resources for supporting object storage and retrieval requests. Each server pool is independent of all others and supports horizontal scaling of available storage resources in the MinIO Tenant. +

See the https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-minio-tenant.html#procedure-command-line[MinIO Operator CRD] reference for the `pools` object for examples and more complete documentation. +

func (*Pool) DeepCopy 

func (in *Pool) DeepCopy() *Pool

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Pool.

func (*Pool) DeepCopyInto 

func (in *Pool) DeepCopyInto(out *Pool)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Pool) Validate 

func (z *Pool) Validate(zi int) error

Validate validate single pool as per MinIO deployment requirements

type PoolState 

type PoolState string

PoolState represents the state of a pool 

const (
	// PoolNotCreated of a pool when it's not even created yet
	PoolNotCreated PoolState = "PoolNotCreated"
	// PoolCreated indicates a pool was created
	PoolCreated PoolState = "PoolCreated"
	// PoolInitialized indicates if a pool has been observed to be online
	PoolInitialized PoolState = "PoolInitialized"
)

type PoolStatus 

type PoolStatus struct {
	SSName string    `json:"ssName"`
	State  PoolState `json:"state"`
	// LegacySecurityContext stands for Legacy SecurityContext. It represents that these pool was created before v4.2.3 when
	// we introduced the default securityContext as non-root, thus we should keep running this Pool without a
	// Security Context
	// +optional
	LegacySecurityContext bool `json:"legacySecurityContext"`
}

PoolStatus keeps track of all the pools and their current state

func (*PoolStatus) DeepCopy 

func (in *PoolStatus) DeepCopy() *PoolStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PoolStatus.

func (*PoolStatus) DeepCopyInto 

func (in *PoolStatus) DeepCopyInto(out *PoolStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServiceMetadata 

type ServiceMetadata struct {
	// *Optional* +
	//
	// If provided, append these labels to the MinIO service
	// +optional
	MinIOServiceLabels map[string]string `json:"minioServiceLabels,omitempty"`
	// *Optional* +
	//
	// If provided, append these annotations to the MinIO service
	// +optional
	MinIOServiceAnnotations map[string]string `json:"minioServiceAnnotations,omitempty"`
	// *Optional* +
	//
	// If provided, append these labels to the Console service
	// +optional
	ConsoleServiceLabels map[string]string `json:"consoleServiceLabels,omitempty"`
	// *Optional* +
	//
	// If provided, append these annotations to the Console service
	// +optional
	ConsoleServiceAnnotations map[string]string `json:"consoleServiceAnnotations,omitempty"`
}

ServiceMetadata (`serviceMetadata`) defines custom labels and annotations for the MinIO Object Storage service and/or MinIO Console service. +

func (*ServiceMetadata) DeepCopy 

func (in *ServiceMetadata) DeepCopy() *ServiceMetadata

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceMetadata.

func (*ServiceMetadata) DeepCopyInto 

func (in *ServiceMetadata) DeepCopyInto(out *ServiceMetadata)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SideCars 

type SideCars struct {
	// *Optional* +
	//
	// List of containers to run inside the Pod
	// +patchMergeKey=name
	// +patchStrategy=merge
	Containers []corev1.Container `json:"containers,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=containers"`
	// *Optional* +
	//
	// volumeClaimTemplates is a list of claims that pods are allowed to reference.
	// The StatefulSet controller is responsible for mapping network identities to
	// claims in a way that maintains the identity of a pod. Every claim in
	// this list must have at least one matching (by name) volumeMount in one
	// container in the template. A claim in this list takes precedence over
	// any volumes in the template, with the same name.
	// +TODO: Define the behavior if a claim already exists with the same name.
	// +optional
	VolumeClaimTemplates []corev1.PersistentVolumeClaim `json:"volumeClaimTemplates,omitempty" protobuf:"bytes,4,rep,name=volumeClaimTemplates"`
	// *Optional* +
	//
	// List of volumes that can be mounted by containers belonging to the pod.
	// More info: https://kubernetes.io/docs/concepts/storage/volumes
	// +optional
	// +patchMergeKey=name
	// +patchStrategy=merge,retainKeys
	Volumes []corev1.Volume `json:"volumes,omitempty" patchStrategy:"merge,retainKeys" patchMergeKey:"name" protobuf:"bytes,1,rep,name=volumes"`
	// *Optional* +
	//
	// sidecar's Resource, initcontainer will use that if set.
	// +optional
	Resources *corev1.ResourceRequirements `json:"resources,omitempty"`
}

SideCars (`sidecars`) defines a list of containers that the Operator attaches to each MinIO server pods in the `pool`.

func (*SideCars) DeepCopy 

func (in *SideCars) DeepCopy() *SideCars

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SideCars.

func (*SideCars) DeepCopyInto 

func (in *SideCars) DeepCopyInto(out *SideCars)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Tenant 

type Tenant struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Scheduler TenantScheduler `json:"scheduler,omitempty"`
	// *Required* +
	//
	// The root field for the MinIO Tenant object.
	Spec TenantSpec `json:"spec"`
	// Status provides details of the state of the Tenant
	// +optional
	Status TenantStatus `json:"status"`
}

Tenant is a https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/[Kubernetes object] describing a MinIO Tenant. + +genclient +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +k8s:defaulter-gen=true +kubebuilder:object:root=true +kubebuilder:object:generate=true +kubebuilder:subresource:status +kubebuilder:resource:scope=Namespaced,shortName=tenant,singular=tenant +kubebuilder:printcolumn:name="State",type="string",JSONPath=".status.currentState" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:storageversion

func (*Tenant) AllMinIOHosts 

func (t *Tenant) AllMinIOHosts() []string

AllMinIOHosts returns the all the individual domain names relevant for current Tenant

func (*Tenant) AutoCert 

func (t *Tenant) AutoCert() bool

AutoCert is enabled by default, otherwise we return the user provided value

func (*Tenant) BucketDNS 

func (t *Tenant) BucketDNS() bool

BucketDNS indicates if Bucket DNS feature is enabled.

func (*Tenant) ConfigurationSecretName 

func (t *Tenant) ConfigurationSecretName() string

ConfigurationSecretName returns name of secret used to store the tenant configuration

func (*Tenant) ConsoleCIServiceName 

func (t *Tenant) ConsoleCIServiceName() string

ConsoleCIServiceName returns the name for Console Cluster IP Service

func (*Tenant) ConsoleCSRName 

func (t *Tenant) ConsoleCSRName() string

ConsoleCSRName returns the name of CSR that generated if AutoTLS is enabled for Console Namespace adds uniqueness to the CSR name (single Console tenant per namsepace) since CSR is not a namespaced resource

func (*Tenant) ConsoleCommonName 

func (t *Tenant) ConsoleCommonName() string

ConsoleCommonName returns the CommonName to be used in the csr template

func (*Tenant) ConsoleDeploymentName 

func (t *Tenant) ConsoleDeploymentName() string

ConsoleDeploymentName returns the name for Console Deployment

func (*Tenant) ConsolePodLabels 

func (t *Tenant) ConsolePodLabels() map[string]string

ConsolePodLabels returns the default labels for Console Pod

func (*Tenant) ConsoleServerHost 

func (t *Tenant) ConsoleServerHost() string

ConsoleServerHost returns ClusterIP service Host for current Console Tenant

func (*Tenant) ConsoleTLSSecretName 

func (t *Tenant) ConsoleTLSSecretName() string

ConsoleTLSSecretName returns the name of Secret that has Console TLS related Info (Cert & Private Key)

func (*Tenant) ConsoleVolMountName 

func (t *Tenant) ConsoleVolMountName() string

ConsoleVolMountName returns the name of Secret that has TLS related Info (Cert & Private Key)

func (*Tenant) CreateBuckets 

func (t *Tenant) CreateBuckets(minioClient *minio.Client, buckets ...Bucket) (created bool, err error)

CreateBuckets creates buckets and skips if bucket already present

func (*Tenant) CreateUsers 

func (t *Tenant) CreateUsers(madmClnt *madmin.AdminClient, userCredentialSecrets []*corev1.Secret, tenantConfiguration map[string][]byte) error

CreateUsers creates a list of admin users on MinIO, optionally creating users is disabled.

func (*Tenant) DeepCopy 

func (in *Tenant) DeepCopy() *Tenant

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Tenant.

func (*Tenant) DeepCopyInto 

func (in *Tenant) DeepCopyInto(out *Tenant)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Tenant) DeepCopyObject 

func (in *Tenant) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Tenant) EnsureDefaults 

func (t *Tenant) EnsureDefaults() *Tenant

EnsureDefaults will ensure that if a user omits and fields in the spec that are required, we set some sensible defaults. For example a user can choose to omit the version and number of members.

func (*Tenant) ExternalCaCerts 

func (t *Tenant) ExternalCaCerts() bool

ExternalCaCerts returns true is the user has provided a additional CA certificates for MinIO

func (*Tenant) ExternalCert 

func (t *Tenant) ExternalCert() bool

ExternalCert returns true is the user has provided a secret that contains CA cert, server cert and server key

func (*Tenant) ExternalClientCert 

func (t *Tenant) ExternalClientCert() bool

ExternalClientCert returns true is the user has provided a secret that contains CA client cert, server cert and server key

func (*Tenant) ExternalClientCerts 

func (t *Tenant) ExternalClientCerts() bool

ExternalClientCerts returns true is the user has provided additional client certificates

func (*Tenant) GenBearerToken 

func (t *Tenant) GenBearerToken(accessKey, secretKey string) string

GenBearerToken returns the JWT token for current Tenant for Prometheus authentication

func (*Tenant) GetBindingName 

func (t *Tenant) GetBindingName() string

GetBindingName returns the binding name we will use for the tenant

func (*Tenant) GetDomainHosts 

func (t *Tenant) GetDomainHosts() []string

GetDomainHosts returns a list of hosts in the .spec.features.domains.minio list to configure MINIO_DOMAIN

func (*Tenant) GetEnvVars 

func (t *Tenant) GetEnvVars() (env []corev1.EnvVar)

GetEnvVars returns the environment variables for tenant deployment.

func (*Tenant) GetKESEnvVars 

func (t *Tenant) GetKESEnvVars() (env []corev1.EnvVar)

GetKESEnvVars returns the environment variables for the KES deployment.

func (*Tenant) GetRoleName 

func (t *Tenant) GetRoleName() string

GetRoleName returns the role name we will use for the tenant

func (*Tenant) GetTenantServiceURL 

func (t *Tenant) GetTenantServiceURL() (svcURL string)

GetTenantServiceURL gets tenant's service url with the proper scheme and port

func (*Tenant) HasCertConfig 

func (t *Tenant) HasCertConfig() bool

HasCertConfig returns true if the user has provided a certificate config

func (*Tenant) HasConfigurationSecret 

func (t *Tenant) HasConfigurationSecret() bool

HasConfigurationSecret returns true if the user has provided a configuration for a Tenant else false

func (*Tenant) HasConsoleDomains 

func (t *Tenant) HasConsoleDomains() bool

HasConsoleDomains indicates whether a domain is being specified for Console

func (*Tenant) HasCredsSecret 

func (t *Tenant) HasCredsSecret() bool

HasCredsSecret returns true if the user has provided a secret for a Tenant else false

func (*Tenant) HasEnv 

func (t *Tenant) HasEnv(envName string) bool

HasEnv returns whether an environment variable is defined in the .spec.env field

func (*Tenant) HasGCPCredentialSecretForKES 

func (t *Tenant) HasGCPCredentialSecretForKES() bool

HasGCPCredentialSecretForKES returns if GCP cred secret is set in KES for fleet workload identity support.

func (*Tenant) HasGCPWorkloadIdentityPoolForKES 

func (t *Tenant) HasGCPWorkloadIdentityPoolForKES() bool

HasGCPWorkloadIdentityPoolForKES returns if GCP worload identity pool secret is set in KES for fleet workload identity support.

func (*Tenant) HasKESEnabled 

func (t *Tenant) HasKESEnabled() bool

HasKESEnabled checks if kes configuration is provided by user

func (*Tenant) HasMinIODomains 

func (t *Tenant) HasMinIODomains() bool

HasMinIODomains indicates whether domains are being specified for MinIO

func (*Tenant) HasPrometheusOperatorEnabled 

func (t *Tenant) HasPrometheusOperatorEnabled() bool

HasPrometheusOperatorEnabled checks if Prometheus service monitor has been enabled

func (*Tenant) Hub 

func (*Tenant) Hub()

Hub marks this type as a conversion hub.

func (*Tenant) KESCSRName 

func (t *Tenant) KESCSRName() string

KESCSRName returns the name of CSR that generated if AutoTLS is enabled for KES Namespace adds uniqueness to the CSR name (single KES tenant per namsepace) since CSR is not a namespaced resource

func (*Tenant) KESClientCert 

func (t *Tenant) KESClientCert() bool

KESClientCert returns true is the user has provided a secret that contains CA cert, client cert and client key for KES pods

func (*Tenant) KESExternalCert 

func (t *Tenant) KESExternalCert() bool

KESExternalCert returns true is the user has provided a secret that contains CA cert, server cert and server key for KES pods

func (*Tenant) KESHLServiceName 

func (t *Tenant) KESHLServiceName() string

KESHLServiceName returns the name of headless service that is created to manage the StatefulSet of this Tenant

func (*Tenant) KESHosts 

func (t *Tenant) KESHosts() []string

KESHosts returns the host names created for current KES StatefulSet

func (*Tenant) KESJobName 

func (t *Tenant) KESJobName() string

KESJobName returns the name for KES Key Job

func (*Tenant) KESPodLabels 

func (t *Tenant) KESPodLabels() map[string]string

KESPodLabels returns the default labels for KES Pod

func (*Tenant) KESReplicas 

func (t *Tenant) KESReplicas() int32

KESReplicas returns the number of total KES replicas required for this cluster

func (*Tenant) KESServiceEndpoint 

func (t *Tenant) KESServiceEndpoint() string

KESServiceEndpoint similar to KESServiceHost but a URL with current scheme

func (*Tenant) KESServiceHost 

func (t *Tenant) KESServiceHost() string

KESServiceHost returns headless service Host for KES in current Tenant

func (*Tenant) KESStatefulSetName 

func (t *Tenant) KESStatefulSetName() string

KESStatefulSetName returns the name for KES StatefulSet

func (*Tenant) KESTLSSecretName 

func (t *Tenant) KESTLSSecretName() string

KESTLSSecretName returns the name of Secret that has KES TLS related Info (Cert & Private Key)

func (*Tenant) KESVolMountName 

func (t *Tenant) KESVolMountName() string

KESVolMountName returns the name of Secret that has TLS related Info (Cert & Private Key)

func (*Tenant) KESWildCardName 

func (t *Tenant) KESWildCardName() string

KESWildCardName returns the wild card name managed by headless service created for KES StatefulSet in current Tenant

func (*Tenant) LegacyStatefulsetName 

func (t *Tenant) LegacyStatefulsetName(pool *Pool) string

LegacyStatefulsetName returns the name of a statefulset for a given pool

func (*Tenant) MinIOBucketBaseDomain 

func (t *Tenant) MinIOBucketBaseDomain() string

MinIOBucketBaseDomain returns the base domain name for buckets

func (*Tenant) MinIOBucketBaseWildcardDomain 

func (t *Tenant) MinIOBucketBaseWildcardDomain() string

MinIOBucketBaseWildcardDomain returns the base domain name for buckets

func (*Tenant) MinIOCIServiceName 

func (t *Tenant) MinIOCIServiceName() string

MinIOCIServiceName returns the name of Cluster IP service that is created to communicate with current MinIO StatefulSet pods

func (*Tenant) MinIOCSRName 

func (t *Tenant) MinIOCSRName() string

MinIOCSRName returns the name of CSR that is generated if AutoTLS is enabled Namespace adds uniqueness to the CSR name (single MinIO tenant per namsepace) since CSR is not a namespaced resource

func (*Tenant) MinIOClientCSRName 

func (t *Tenant) MinIOClientCSRName() string

MinIOClientCSRName returns the name of CSR that is generated for Client side authentication Used by KES Pods

func (*Tenant) MinIOClientTLSSecretName 

func (t *Tenant) MinIOClientTLSSecretName() string

MinIOClientTLSSecretName returns the name of Secret that has TLS related Info (Cert & Private Key) for MinIO <-> KES client side authentication.

func (*Tenant) MinIOEndpoints 

func (t *Tenant) MinIOEndpoints(hostsTemplate string) (endpoints []string)

MinIOEndpoints similar to MinIOHosts but as URLs

func (*Tenant) MinIOFQDNServiceName 

func (t *Tenant) MinIOFQDNServiceName() string

MinIOFQDNServiceName returns the name of the service created for the tenant.

func (*Tenant) MinIOFQDNServiceNameAndNamespace 

func (t *Tenant) MinIOFQDNServiceNameAndNamespace() string

MinIOFQDNServiceNameAndNamespace returns the name of the service created for the tenant up to namespace, ie: minio.default

func (*Tenant) MinIOFQDNShortServiceName 

func (t *Tenant) MinIOFQDNShortServiceName() string

MinIOFQDNShortServiceName returns the name of the service created for the tenant up to svc, ie: minio.default.svc

func (*Tenant) MinIOHLPodAddress 

func (t *Tenant) MinIOHLPodAddress(podName string) string

MinIOHLPodAddress similar to MinIOFQDNServiceName but returns pod hostname with port

func (*Tenant) MinIOHLPodHostname 

func (t *Tenant) MinIOHLPodHostname(podName string) string

MinIOHLPodHostname returns the full address of a particular MinIO pod.

func (*Tenant) MinIOHLServiceName 

func (t *Tenant) MinIOHLServiceName() string

MinIOHLServiceName returns the name of headless service that is created to manage the StatefulSet of this Tenant

func (*Tenant) MinIOHeadlessServiceHost 

func (t *Tenant) MinIOHeadlessServiceHost() string

MinIOHeadlessServiceHost returns headless service Host for current Tenant

func (*Tenant) MinIOHealthCheck 

func (t *Tenant) MinIOHealthCheck(tr *http.Transport) bool

MinIOHealthCheck check MinIO cluster health

func (*Tenant) MinIOHosts 

func (t *Tenant) MinIOHosts() (hosts []string)

MinIOHosts returns the domain names in ellipses format created for current Tenant

func (*Tenant) MinIOPodLabels 

func (t *Tenant) MinIOPodLabels() map[string]string

MinIOPodLabels returns the default labels for MinIO Pod

func (*Tenant) MinIOServerEndpoint 

func (t *Tenant) MinIOServerEndpoint() string

MinIOServerEndpoint similar to MinIOServerHostAddress but a URL with current scheme

func (*Tenant) MinIOServerHostAddress 

func (t *Tenant) MinIOServerHostAddress() string

MinIOServerHostAddress similar to MinIOFQDNServiceName but returns host with port

func (*Tenant) MinIOStatefulSetNameForPool 

func (t *Tenant) MinIOStatefulSetNameForPool(z *Pool) string

MinIOStatefulSetNameForPool returns the name for MinIO StatefulSet

func (*Tenant) MinIOTLSSecretName 

func (t *Tenant) MinIOTLSSecretName() string

MinIOTLSSecretName returns the name of Secret that has TLS related Info (Cert & Private Key)

func (*Tenant) MinIOWildCardName 

func (t *Tenant) MinIOWildCardName() string

MinIOWildCardName returns the wild card name for all MinIO Pods in current StatefulSet

func (*Tenant) NewMinIOAdmin 

func (t *Tenant) NewMinIOAdmin(minioSecret map[string][]byte, tr *http.Transport) (*madmin.AdminClient, error)

NewMinIOAdmin initializes a new madmin.Client for operator interaction

func (*Tenant) NewMinIOAdminForAddress 

func (t *Tenant) NewMinIOAdminForAddress(address string, minioSecret map[string][]byte, tr *http.Transport) (*madmin.AdminClient, error)

NewMinIOAdminForAddress initializes a new madmin.Client for operator interaction

func (*Tenant) NewMinIOUser 

func (t *Tenant) NewMinIOUser(minioSecret map[string][]byte, tr *http.Transport) (*minio.Client, error)

NewMinIOUser initializes a new console user

func (*Tenant) NewMinIOUserForAddress 

func (t *Tenant) NewMinIOUserForAddress(address string, minioSecret map[string][]byte, tr *http.Transport) (*minio.Client, error)

NewMinIOUserForAddress initializes a new console user

func (*Tenant) ObjectRef 

func (t *Tenant) ObjectRef() corev1.ObjectReference

ObjectRef returns the ObjectReference to be added to all resources created by Tenant

func (*Tenant) OwnerRef 

func (t *Tenant) OwnerRef() []metav1.OwnerReference

OwnerRef returns the OwnerReference to be added to all resources created by Tenant

func (*Tenant) PoolStatefulsetName 

func (t *Tenant) PoolStatefulsetName(pool *Pool) string

PoolStatefulsetName returns the name of a statefulset for a given pool

func (*Tenant) PrometheusConfigJobName 

func (t *Tenant) PrometheusConfigJobName() string

PrometheusConfigJobName returns the name of the prometheus job

func (*Tenant) PrometheusConfigMapName 

func (t *Tenant) PrometheusConfigMapName() string

PrometheusConfigMapName returns name of the config map for Prometheus.

func (*Tenant) PrometheusOperatorAddlConfigJobName 

func (t *Tenant) PrometheusOperatorAddlConfigJobName() string

PrometheusOperatorAddlConfigJobName returns the name of the prometheus job when prometheus operator is enabled

func (*Tenant) TLS 

func (t *Tenant) TLS() bool

TLS indicates whether TLS is enabled for this tenant

func (*Tenant) TemplatedMinIOHosts 

func (t *Tenant) TemplatedMinIOHosts(hostsTemplate string) (hosts []string)

TemplatedMinIOHosts returns the domain names in ellipses format created for current Tenant without the service part

func (*Tenant) UpdateURL 

func (t *Tenant) UpdateURL(ltag string, overrideURL string) (string, error)

UpdateURL returns the URL for the sha256sum location of the new binary

func (*Tenant) Validate 

func (t *Tenant) Validate() error

Validate returns an error if any configuration of the MinIO Tenant is invalid

func (*Tenant) ValidateDomains 

func (t *Tenant) ValidateDomains() error

ValidateDomains checks the validity of the domains configured on the tenant

func (*Tenant) VolumePathForPool 

func (t *Tenant) VolumePathForPool(pool *Pool) string

VolumePathForPool returns the paths for MinIO mounts based on total number of volumes on a given pool

type TenantDomains 

type TenantDomains struct {
	// List of Domains used by MinIO. This will enable DNS style access to the object store where the bucket name is
	// inferred from a subdomain in the domain.
	Minio []string `json:"minio,omitempty"`
	// Domain used to expose the MinIO Console, this will configure the redirect on MinIO when visiting from the browser
	// If Console is exposed via a subpath, the domain should include it, i.e. https://console.domain.com:8123/subpath/
	Console string `json:"console,omitempty"`
}

TenantDomains (`domains`) - List of domains used to access the tenant from outside the kubernetes clusters. this will only configure MinIO for the domains listed, but external DNS configuration is still needed. The listed domains should include schema and port if any is used, i.e. https://minio.domain.com:8123

func (*TenantDomains) DeepCopy 

func (in *TenantDomains) DeepCopy() *TenantDomains

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantDomains.

func (*TenantDomains) DeepCopyInto 

func (in *TenantDomains) DeepCopyInto(out *TenantDomains)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TenantList 

type TenantList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []Tenant `json:"items"`
}

TenantList is a list of Tenant resources

func (*TenantList) DeepCopy 

func (in *TenantList) DeepCopy() *TenantList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantList.

func (*TenantList) DeepCopyInto 

func (in *TenantList) DeepCopyInto(out *TenantList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*TenantList) DeepCopyObject 

func (in *TenantList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type TenantScheduler 

type TenantScheduler struct {
	// *Optional* +
	//
	// Specify the name of the https://kubernetes.io/docs/concepts/scheduling-eviction/kube-scheduler/[Kubernetes scheduler] to be used to schedule Tenant pods
	Name string `json:"name"`
}

TenantScheduler (`scheduler`) - Object describing Kubernetes Scheduler to use for deploying the MinIO Tenant.

func (*TenantScheduler) DeepCopy 

func (in *TenantScheduler) DeepCopy() *TenantScheduler

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantScheduler.

func (*TenantScheduler) DeepCopyInto 

func (in *TenantScheduler) DeepCopyInto(out *TenantScheduler)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TenantSpec 

type TenantSpec struct {
	// *Required* +
	//
	// An array of objects describing each MinIO server pool deployed in the MinIO Tenant. Each pool consists of a set of MinIO server pods which "pool" their storage resources for supporting object storage and retrieval requests. Each server pool is independent of all others and supports horizontal scaling of available storage resources in the MinIO Tenant. +
	//
	// The MinIO Tenant `spec` *must have* at least *one* element in the `pools` array. +
	//
	// See the https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-minio-tenant.html[MinIO Operator CRD] reference for the `pools` object for examples and more complete documentation.
	Pools []Pool `json:"pools"`
	// *Optional* +
	//
	// The Docker image to use when deploying `minio` server pods. Defaults to {minio-image}. +
	//
	// +optional
	Image string `json:"image,omitempty"`
	// *Optional* +
	//
	// Specify the secret key to use for pulling images from a private Docker repository. +
	// +optional
	ImagePullSecret corev1.LocalObjectReference `json:"imagePullSecret,omitempty"`
	// *Optional* +
	//
	// Pod Management Policy for pod created by StatefulSet
	// +optional
	PodManagementPolicy appsv1.PodManagementPolicyType `json:"podManagementPolicy,omitempty"`
	// *optional* +
	//
	// Specify a https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes opaque secret] to use for setting the MinIO root access key and secret key. Specify the secret as `name: <secret>`. The Kubernetes secret must contain the following fields: +
	//
	// * `data.accesskey` - The access key for the root credentials +
	//
	// * `data.secretkey` - The secret key for the root credentials +
	//
	//
	// +optional
	CredsSecret *corev1.LocalObjectReference `json:"credsSecret,omitempty"`
	// *Optional* +
	//
	// If provided, the MinIO Operator adds the specified environment variables when deploying the Tenant resource.
	// +optional
	Env []corev1.EnvVar `json:"env,omitempty"`

	// *Optional* +
	//
	// Enables TLS with SNI support on each MinIO pod in the tenant. If `externalCertSecret` is omitted *and* `requestAutoCert` is set to `false`, the MinIO Tenant deploys *without* TLS enabled. +
	//
	// Specify an array of https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes TLS secrets]. The MinIO Operator copies the specified certificates to every MinIO server pod in the tenant. When the MinIO pod/service responds to a TLS connection request, it uses SNI to select the certificate with matching `subjectAlternativeName`. +
	//
	// Each element in the `externalCertSecret` array is an object containing the following fields: +
	//
	// * - `name` - The name of the Kubernetes secret containing the TLS certificate. +
	//
	// * - `type` - Specify `kubernetes.io/tls` +
	//
	// See the https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-minio-tenant.html#create-tenant-security-section[MinIO Operator CRD] reference for examples and more complete documentation on configuring TLS for MinIO Tenants.
	// +optional
	ExternalCertSecret []*LocalCertificateReference `json:"externalCertSecret,omitempty"`
	// *Optional* +
	//
	// Allows MinIO server pods to verify client TLS certificates signed by a Certificate Authority not in the pod's trust store. +
	//
	// Specify an array of https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes TLS secrets]. The MinIO Operator copies the specified certificates to every MinIO server pod in the tenant. +
	//
	// Each element in the `externalCertSecret` array is an object containing the following fields: +
	//
	// * - `name` - The name of the Kubernetes secret containing the Certificate Authority. +
	//
	// * - `type` - Specify `kubernetes.io/tls`. +
	//
	// See the https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-minio-tenant.html#create-tenant-security-section[MinIO Operator CRD] reference for examples and more complete documentation on configuring TLS for MinIO Tenants.
	// +optional
	ExternalCaCertSecret []*LocalCertificateReference `json:"externalCaCertSecret,omitempty"`
	// *Optional* +
	//
	// Enables mTLS authentication between the MinIO Tenant pods and https://github.com/minio/kes[MinIO KES]. *Required* for enabling connectivity between the MinIO Tenant and MinIO KES. +
	//
	// Specify a https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes TLS secrets]. The MinIO Operator copies the specified certificate to every MinIO server pod in the tenant. The secret *must* contain the following fields: +
	//
	// * `name` - The name of the Kubernetes secret containing the TLS certificate. +
	//
	// * `type` - Specify `kubernetes.io/tls` +
	//
	// The specified certificate *must* correspond to an identity on the KES server. See the https://github.com/minio/kes/wiki/Configuration#policy-configuration[KES Wiki] for more information on KES identities. +
	//
	// If deploying KES with the MinIO Operator, include the hash of the certificate as part of the <<k8s-api-github-com-minio-operator-pkg-apis-minio-min-io-v2-kesconfig,`kes`>> object specification. +
	//
	// See the https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-minio-tenant.html#create-tenant-security-section[MinIO Operator CRD] reference for examples and more complete documentation on configuring TLS for MinIO Tenants.
	//
	// +optional
	ExternalClientCertSecret *LocalCertificateReference `json:"externalClientCertSecret,omitempty"`
	// *Optional* +
	//
	// Provide support for mounting additional client certificate into MinIO Tenant pods
	// Multiple client certificates will be mounted using the following folder structure: +
	//
	//* certs +
	//
	//* * client-0 +
	//
	//* * * client.crt +
	//
	//* * * client.key +
	//
	//* * client-1 +
	//
	//* * * client.crt +
	//
	//* * * client.key +
	//
	//* * * client-2 +
	//
	//* * client.crt +
	//
	//* * *  client.key +
	//
	// Specify a https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes TLS secrets]. The MinIO Operator copies the specified certificate to every MinIO server pod in the tenant that later can be referenced using environment variables. The secret *must* contain the following fields: +
	//
	// * `name` - The name of the Kubernetes secret containing the TLS certificate. +
	//
	// * `type` - Specify `kubernetes.io/tls` +
	//
	// +optional
	ExternalClientCertSecrets []*LocalCertificateReference `json:"externalClientCertSecrets,omitempty"`
	// *Optional* +
	//
	// Mount path for MinIO volume (PV). Defaults to `/export`
	// +optional
	Mountpath string `json:"mountPath,omitempty"`
	// *Optional* +
	//
	// Subpath inside mount path. This is the directory where MinIO stores data. Default to `""“ (empty)
	// +optional
	Subpath string `json:"subPath,omitempty"`
	// *Optional* +
	//
	// Enables using https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/[Kubernetes-based TLS certificate generation] and signing for pods and services in the MinIO Tenant. +
	//
	// * Specify `true` to explicitly enable automatic certificate generate (Default). +
	//
	// * Specify `false` to disable automatic certificate generation. +
	//
	// If `requestAutoCert` is set to `false` *and* `externalCertSecret` is omitted, the MinIO Tenant deploys *without* TLS enabled.
	//
	// See the https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-minio-tenant.html#create-tenant-security-section[MinIO Operator CRD] reference for examples and more complete documentation on configuring TLS for MinIO Tenants.
	// +optional
	RequestAutoCert *bool `json:"requestAutoCert,omitempty"`

	// Liveness Probe for container liveness. Container will be restarted if the probe fails.
	// +optional
	Liveness *corev1.Probe `json:"liveness,omitempty"`

	// Readiness Probe for container readiness. Container will be removed from service endpoints if the probe fails.
	// +optional
	Readiness *corev1.Probe `json:"readiness,omitempty"`

	// Startup Probe allows to configure a max grace period for a pod to start before getting traffic routed to it.
	// +optional
	Startup *corev1.Probe `json:"startup,omitempty"`

	// S3 related features can be disabled or enabled such as `bucketDNS` etc.
	Features *Features `json:"features,omitempty"`
	// *Optional* +
	//
	// Enables setting the `CommonName`, `Organization`, and `dnsName` attributes for all TLS certificates automatically generated by the Operator. Configuring this object has no effect if `requestAutoCert` is `false`. +
	// +optional
	CertConfig *CertificateConfig `json:"certConfig,omitempty"`
	// *Optional* +
	//
	// Directs the MinIO Operator to deploy the https://github.com/minio/kes[MinIO Key Encryption Service] (KES) using the specified configuration. The MinIO KES supports performing server-side encryption of objects on the MiNIO Tenant. +
	//
	//
	//+optional
	KES *KESConfig `json:"kes,omitempty"`
	// *Optional* +
	//
	// Directs the MinIO Operator to use prometheus operator. +
	//
	// Tenant scrape configuration will be added to prometheus managed by the prometheus-operator.
	//+optional
	PrometheusOperator bool `json:"prometheusOperator,omitempty"`
	// *Optional* +
	//
	// The https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/[Kubernetes Service Account] to use for running MinIO pods created as part of the Tenant. +
	// +optional
	ServiceAccountName string `json:"serviceAccountName,omitempty"`
	// *Optional* +
	//
	// Indicates the Pod priority and therefore importance of a Pod relative to other Pods in the cluster.
	// This is applied to MinIO pods only. +
	//
	// Refer Kubernetes https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass[Priority Class documentation] for more complete documentation.
	// +optional
	PriorityClassName string `json:"priorityClassName,omitempty"`
	// *Optional* +
	//
	// The pull policy for the MinIO Docker image. Specify one of the following: +
	//
	// * `Always` +
	//
	// * `Never` +
	//
	// * `IfNotPresent` (Default) +
	//
	// Refer Kubernetes documentation for details https://kubernetes.io/docs/concepts/containers/images#updating-images
	ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"`
	// *Optional* +
	//
	// A list of containers to run as sidecars along every MinIO Pod deployed in the tenant.
	// +optional
	SideCars *SideCars `json:"sideCars,omitempty"`
	// *Optional* +
	//
	// Directs the Operator to expose the MinIO and/or Console services. +
	// +optional
	ExposeServices *ExposeServices `json:"exposeServices,omitempty"`
	// *Optional* +
	//
	// Specify custom labels and annotations to append to the MinIO service and/or Console service.
	// +optional
	ServiceMetadata *ServiceMetadata `json:"serviceMetadata,omitempty"`
	// *Optional* +
	//
	// An array of https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes opaque secrets] to use for generating MinIO users during tenant provisioning. +
	//
	// Each element in the array is an object consisting of a key-value pair `name: <string>`, where the `<string>` references an opaque Kubernetes secret. +
	//
	// Each referenced Kubernetes secret must include the following fields: +
	//
	// * `CONSOLE_ACCESS_KEY` - The "Username" for the MinIO user +
	//
	// * `CONSOLE_SECRET_KEY` - The "Password" for the MinIO user +
	//
	// The Operator creates each user with the `consoleAdmin` policy by default. You can change the assigned policy after the Tenant starts. +
	// +optional
	Users []*corev1.LocalObjectReference `json:"users,omitempty"`
	// *Optional* +
	//
	// Create buckets when creating a new tenant. Skip if bucket with given name already exists
	// +optional
	Buckets []Bucket `json:"buckets,omitempty"`
	// *Optional* +
	//
	// Enable JSON, Anonymous logging for MinIO tenants.
	// +optional
	Logging *Logging `json:"logging,omitempty"`
	// *Optional* +
	//
	// Specify a secret that contains additional environment variable configurations to be used for the MinIO pools.
	// The secret is expected to have a key named config.env containing all exported environment variables for MinIO+
	// +optional
	Configuration *corev1.LocalObjectReference `json:"configuration,omitempty"`
	// *Optional* +
	//
	// Add custom initContainers to StatefulSet
	// +optional
	InitContainers []corev1.Container `json:"initContainers,omitempty"`
	// *Optional* +
	//
	// If provided, statefulset will add these volumes. You should set the rules for the corresponding volumes and volume mounts. We will not test this rule, k8s will show the result.
	// +optional
	AdditionalVolumes []corev1.Volume `json:"additionalVolumes,omitempty"`
	// *Optional* +
	//
	// If provided, statefulset will add these volumes. You should set the rules for the corresponding volumes and volume mounts. We will not test this rule, k8s will show the result.
	// +optional
	AdditionalVolumeMounts []corev1.VolumeMount `json:"additionalVolumeMounts,omitempty"`
}

TenantSpec (`spec`) defines the configuration of a MinIO Tenant object. +

The following parameters are specific to the `minio.min.io/v2` MinIO CRD API `spec` definition added as part of the MinIO Operator v4.0.0. +

For more complete documentation on this object, see the https://min.io/docs/minio/kubernetes/upstream/operations/installation.html[MinIO Kubernetes Documentation]. +

func (*TenantSpec) DeepCopy 

func (in *TenantSpec) DeepCopy() *TenantSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantSpec.

func (*TenantSpec) DeepCopyInto 

func (in *TenantSpec) DeepCopyInto(out *TenantSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TenantStatus 

type TenantStatus struct {
	CurrentState      string `json:"currentState"`
	AvailableReplicas int32  `json:"availableReplicas"`
	Revision          int32  `json:"revision"`
	SyncVersion       string `json:"syncVersion"`
	// Keeps track of all the TLS certificates managed by the operator
	// +nullable
	Certificates CertificateStatus `json:"certificates"`
	// All the pools get an individual status
	// +nullable
	Pools []PoolStatus `json:"pools"`
	// *Optional* +
	//
	// Minimum number of disks that need to be online
	WriteQuorum int32 `json:"writeQuorum,omitempty"`
	// *Optional* +
	//
	// Total number of drives online for the tenant
	DrivesOnline int32 `json:"drivesOnline,omitempty"`
	// *Optional* +
	//
	// Total number of drives offline
	DrivesOffline int32 `json:"drivesOffline,omitempty"`
	// *Optional* +
	//
	// Drives with healing going on
	DrivesHealing int32 `json:"drivesHealing,omitempty"`
	// *Optional* +
	//
	// Health State of the tenant
	HealthStatus HealthStatus `json:"healthStatus,omitempty"`
	// *Optional* +
	//
	// Health Message regarding the State of the tenant
	HealthMessage string `json:"healthMessage,omitempty"`
	// *Optional* +
	//
	// If set, we will wait until cleared for up a given time
	WaitingOnReady *metav1.Time `json:"waitingOnReady,omitempty"`
	// *Optional* +
	//
	// Information about tenant usage
	Usage TenantUsage `json:"usage,omitempty"`
	// Health Message regarding the State of the tenant
	// ProvisionedUsers keeps track for telling if operator already created initial users for the tenant
	ProvisionedUsers bool `json:"provisionedUsers,omitempty"`
	// *Optional* +
	//
	// Health Message regarding the State of the tenant
	// ProvisionedBuckets keeps track for telling if operator already created initial buckets for the tenant
	ProvisionedBuckets bool `json:"provisionedBuckets,omitempty"`
}

TenantStatus is the status for a Tenant resource

func (*TenantStatus) DeepCopy 

func (in *TenantStatus) DeepCopy() *TenantStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantStatus.

func (*TenantStatus) DeepCopyInto 

func (in *TenantStatus) DeepCopyInto(out *TenantStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TenantUsage 

type TenantUsage struct {
	// Capacity the usage capacity of this tenant in bytes.
	// +optional
	Capacity int64 `json:"capacity,omitempty"`
	// Capacity the raw capacity of this tenant in bytes.
	// +optional
	RawCapacity int64 `json:"rawCapacity,omitempty"`
	// Usage is how much data is managed by MinIO in bytes.
	// +optional
	Usage int64 `json:"usage,omitempty"`
	// Usage is the raw usage on disks in bytes.
	// +optional
	RawUsage int64 `json:"rawUsage,omitempty"`
	// Tiers includes the usage of individual tiers in the tenant
	// +optional
	Tiers []TierUsage `json:"tiers,omitempty"`
}

TenantUsage are metrics regarding the usage and capacity of the tenant

func (*TenantUsage) DeepCopy 

func (in *TenantUsage) DeepCopy() *TenantUsage

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantUsage.

func (*TenantUsage) DeepCopyInto 

func (in *TenantUsage) DeepCopyInto(out *TenantUsage)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TierUsage 

type TierUsage struct {
	// Name of the tier
	Name string `json:"Name"`
	// type of the tier
	Type string `json:"Type,omitempty"`
	// TotalSize usage of the tier
	TotalSize int64 `json:"totalSize"`
}

TierUsage represents the usage from a tier setup by the tenant

func (*TierUsage) DeepCopy 

func (in *TierUsage) DeepCopy() *TierUsage

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TierUsage.

func (*TierUsage) DeepCopyInto 

func (in *TierUsage) DeepCopyInto(out *TierUsage)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.