truenas/chart
1
0
Fork 0
mirror of https://github.com/truenas/charts.git synced 2026-04-08 21:28:46 +08:00
Code Issues Packages Projects Releases Wiki Activity

NAS-113688 / 22.02 / Merge pull request #296 from truenas/NAS-113688

Browse Source 
NAS-113688 / 22.02 / Configure MinIO ACLs (i.e. user:minio uid:473 gid:473)
This commit is contained in:
Rick Mesta
2022-02-18 16:29:08 -06:00
committed by GitHub
parent fa2dbe8737 f6843d6017
commit 9154554d68
23 changed files with 797 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
test/minio/1.5.0/.helmignore Normal file
View File

@@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
# OWNERS file for Kubernetes
OWNERS

8
test/minio/1.5.0/CHANGELOG.md Normal file
View File

@@ -0,0 +1,8 @@
# Change Log
This contains all the notable changes to the MinIO application.
## [1.5.0]
1. On fresh installation, minIO data directory's ownership will be updated to minio:minio.
2. For existing installations that are exhibiting the upgrade, the minIO data directory's ownership will be migrated to minio:minio.

19
test/minio/1.5.0/Chart.yaml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: v1
appVersion: '2022-01-28'
dependencies:
- name: common
repository: file://../../../library/common/2112.0.0
version: 2112.0.0
description: High Performance, Kubernetes Native Object Storage
home: https://min.io
icon: https://min.io/resources/img/logo/MINIO_wordmark.png
keywords:
- storage
- object-storage
- S3
name: minio
sources:
- https://github.com/minio/minio
- https://github.com/minio/charts
upstream_version: 8.0.5
version: 1.5.0

52
test/minio/1.5.0/README.md Executable file
View File

@@ -0,0 +1,52 @@
MinIO
=====
[MinIO](https://min.io) is a High Performance Object Storage released under Apache License v2.0. It is API compatible with Amazon S3 cloud storage service. Use MinIO to build high performance infrastructure for machine learning, analytics and application data workloads.
MinIO supports [distributed mode](https://docs.minio.io/docs/distributed-minio-quickstart-guide). In distributed mode, you can pool multiple drives (even on different machines) into a single object storage server.
For more detailed documentation please visit [here](https://docs.minio.io/)
Introduction
------------
This chart bootstraps MinIO deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
Configuration
-------------
The following table lists the configurable parameters of the MinIO chart and their default values.
| Parameter | Description | Default |
|:-------------------------------------------------|:----------------------------------------------------------------------------------------------------------------------------------------|:---------------------------------|
| `image.repository` | Image repository | `minio/minio` |
| `image.tag` | MinIO image tag. Possible values listed [here](https://hub.docker.com/r/minio/minio/tags/). | `RELEASE.2020-11-06T23-17-07Z` |
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `extraArgs` | Additional command line arguments to pass to the MinIO server | `[]` |
| `accessKey` | Default access key (5 to 20 characters) | random 20 chars |
| `secretKey` | Default secret key (8 to 40 characters) | random 40 chars |
| `persistence.enabled` | Use persistent volume to store data | `true` |
| `persistence.size` | Size of persistent volume claim | `500Gi` |
| `persistence.existingClaim` | Use an existing PVC to persist data | `nil` |
| `persistence.storageClass` | Storage class name of PVC | `nil` |
| `persistence.accessMode` | ReadWriteOnce or ReadOnly | `ReadWriteOnce` |
| `persistence.subPath` | Mount a sub directory of the persistent volume if set | `""` |
| `environment` | Set MinIO server relevant environment variables in `values.yaml` file. MinIO containers will be passed these variables when they start. | `MINIO_STORAGE_CLASS_STANDARD: EC:4"` |
Some parameters above map to the env variables defined in the [MinIO DockerHub image](https://hub.docker.com/r/minio/minio/).
Pass environment variables to MinIO containers
----------------------------------------------
To pass environment variables to MinIO containers when deploying via Helm chart, use the below command line format
```bash
$ helm install --set environment.MINIO_BROWSER=on,environment.MINIO_DOMAIN=domain-name minio/minio
```
You can add as many environment variables as required, using the above format. Just add `environment.<VARIABLE_NAME>=<value>` under `set` flag.
**NOTE**
- On fresh installation, minIO data directory's ownership will be updated to minio:minio.
- For existing installations that are exhibiting the upgrade to >=1.5.0, the minIO data directory's ownership will be migrated to minio:minio.

5
test/minio/1.5.0/app-readme.md Normal file
View File

@@ -0,0 +1,5 @@
[MinIO](https://min.io) is a High Performance Object Storage released under Apache License v2.0. It is API compatible with Amazon S3 cloud storage service. Use MinIO to build high performance infrastructure for machine learning, analytics and application data workloads.
**NOTE**
- On installation, minIO data directory's ownership will be updated to minio:minio.
- For existing installations that are exhibiting the upgrade to >=1.5.0, the minIO data directory's ownership will be migrated to minio:minio.

BIN
test/minio/1.5.0/charts/common-2112.0.0.tgz Normal file
View File

Binary file not shown.

22
test/minio/1.5.0/default_values.yaml Normal file
View File

@@ -0,0 +1,22 @@
## Set default image, imageTag, and imagePullPolicy. mode is used to indicate the
##
image:
repository: minio/minio
tag: RELEASE.2020-11-19T23-48-16Z
pullPolicy: IfNotPresent
## Additional arguments to pass to minio binary
extraArgs: []
updateStrategy: RollingUpdate
service:
nodePort: 9000
environment:
## Please refer for comprehensive list https://docs.minio.io/docs/minio-server-configuration-guide.html
appVolumeMounts:
export:
emptyDir: true
mountPath: "/export"

9
test/minio/1.5.0/ix_values.yaml Normal file
View File

@@ -0,0 +1,9 @@
image:
pullPolicy: IfNotPresent
repository: minio/minio
tag: RELEASE.2022-01-28T02-28-16Z
# uid=473(minio)
runAsUser: 473
# gid=473(minio)
runAsGroup: 473

28
test/minio/1.5.0/migrations/migrate_from_1.0.0 Executable file
View File

@@ -0,0 +1,28 @@
#!/usr/bin/python3
import json
import os
import sys
def migrate(values):
if values.get('appVolumeMounts'):
return values
values.update({
'appVolumeMounts': {
'export': {
'hostPathEnabled': values['minioHostPathEnabled'],
**({'hostPath': values['minioHostPath']} if values.get('minioHostPath') else {})
},
},
})
return values
if __name__ == '__main__':
if len(sys.argv) != 2:
exit(1)
if os.path.exists(sys.argv[1]):
with open(sys.argv[1], 'r') as f:
print(json.dumps(migrate(json.loads(f.read()))))

111
test/minio/1.5.0/migrations/migrate_from_1.4.24 Executable file
View File

@@ -0,0 +1,111 @@
#!/usr/bin/python3
import json
import os
import sys
import subprocess
from pathlib import Path
from middlewared.client import Client
from middlewared.service import ValidationErrors, CallError
def path_in_locked_datasets(path: str) -> bool:
with Client() as c:
return c.call('pool.dataset.path_in_locked_datasets', path)
def get_host_path_attachments(path: str) -> set:
with Client() as c:
return {
attachment['type']
for attachment in c.call('pool.dataset.attachments_with_path', path)
if attachment['type'].lower() not in ['kubernetes', 'chart releases']
}
def get_kubernetes_config() -> dict:
with Client() as c:
return c.call('kubernetes.config')
def validate_host_path(path: str, schema_name: str, verrors: ValidationErrors) -> None:
"""
These validations are taken from `FilesystemService._common_perm_path_validate`.
Including an additional validation that makes sure all the children under
a path are on same device.
"""
schema_name += ".migration.chown"
p = Path(path)
if not p.is_absolute():
verrors.add(schema_name, f"Must be an absolute path: {path}")
if p.is_file():
verrors.add(schema_name, f"Recursive operations on a file are invalid: {path}")
if not p.absolute().as_posix().startswith("/mnt/"):
verrors.add(
schema_name,
f"Changes to permissions on paths that are not beneath the directory /mnt are not permitted: {path}"
)
elif len(p.resolve().parents) == 2:
verrors.add(schema_name, f"The specified path is a ZFS pool mountpoint: {path}")
# Make sure that dataset is not locked
if path_in_locked_datasets(path):
verrors.add(schema_name, f"Dataset is locked at path: {path}.")
# Validate attachments
if attachments := get_host_path_attachments(path):
verrors.add(schema_name, f"The path '{path}' is already attached to service(s): {', '.join(attachments)}.")
# Make sure all the minio's data directory children are on same device.
device_id = os.stat(path).st_dev
for root, dirs, files in os.walk(path):
for child in dirs + files:
abs_path = os.path.join(root, child)
if os.stat(abs_path).st_dev != device_id:
verrors.add(
schema_name,
(f"All the children of MinIO data directory should be on "
f"same device as root: path={abs_path} device={os.stat(abs_path).st_dev}")
)
break
def migrate(values: dict) -> dict:
# minio user / group ID
uid = gid = 473
verrors = ValidationErrors()
k8s_config = get_kubernetes_config()
if values["appVolumeMounts"]["export"]["hostPathEnabled"]:
host_path = values["appVolumeMounts"]["export"]["hostPath"]
else:
app_dataset = values["appVolumeMounts"]["export"]["datasetName"]
host_path = os.path.join(
"/mnt", k8s_config['dataset'], "releases", values["release_name"], app_dataset
)
validate_host_path(host_path, values['release_name'], verrors)
verrors.check()
# chown the host path
acltool = subprocess.run([
"/usr/bin/nfs4xdr_winacl",
"-a", "chown",
"-O", str(uid), "-G", str(gid),
"-r",
"-c", host_path,
"-p", host_path], check=False, capture_output=True
)
if acltool.returncode != 0:
raise CallError(f"acltool [chown] on path {host_path} failed with error: [{acltool.stderr.decode().strip()}]")
return values
if __name__ == "__main__":
if len(sys.argv) != 2:
exit(1)
if os.path.exists(sys.argv[1]):
with open(sys.argv[1], "r") as f:
print(json.dumps(migrate(json.loads(f.read()))))

252
test/minio/1.5.0/questions.yaml Normal file
View File

@@ -0,0 +1,252 @@
groups:
- name: "Container Images"
description: "Image to be used for container"
- name: "Workload Configuration"
description: "Configure workload deployment"
- name: "Minio Configuration"
description: "Configure Minio credentials"
- name: "Storage"
description: "Configure Storage for Nextcloud"
- name: "Advanced DNS Settings"
description: "Configure DNS settings"
portals:
web_portal:
protocols:
- "$kubernetes-resource_configmap_minio-config_protocol"
host:
- "$node_ip"
ports:
- "$variable-service.consolePort"
questions:
- variable: dnsConfig
label: "DNS Configuration"
group: "Advanced DNS Settings"
schema:
type: dict
attrs:
- variable: options
label: "DNS Options"
schema:
type: list
items:
- variable: optionsEntry
label: "Option Entry Configuration"
schema:
type: dict
attrs:
- variable: name
label: "Option Name"
schema:
type: string
required: true
- variable: value
label: "Option Value"
schema:
type: string
required: true
- variable: updateStrategy
label: "Minio update strategy"
group: "Workload Configuration"
schema:
type: string
default: "RollingUpdate"
enum:
- value: "RollingUpdate"
description: "Create new pods and then kill old ones"
- value: "Recreate"
description: "Kill existing pods before creating new ones"
- variable: distributedMode
label: "Enable Distributed Mode"
description: "Run Minio instance to connect to a distributed minio cluster"
group: "Minio Configuration"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: distributedIps
label: "Distributed Minio Instance URI(s)"
schema:
type: list
required: true
default: []
items:
- variable: ip
label: "Distributed Minio Instance URI"
schema:
type: string
empty: false
- variable: extraArgs
label: "Minio Extra Arguments"
group: "Minio Configuration"
schema:
type: list
default: []
items:
- variable: arg
label: "Argument"
schema:
type: string
- variable: accessKey
label: "Root User"
group: "Minio Configuration"
description: "Enter the S3 Root User"
schema:
type: string
private: true
required: true
min_length: 5
max_length: 20
- variable: secretKey
label: "Root Password"
group: "Minio Configuration"
description: "Enter the S3 Root Password"
schema:
type: string
private: true
required: true
min_length: 8
max_length: 40
- variable: environmentVariables
label: "Minio image environment"
group: "Minio Configuration"
schema:
type: list
default: []
items:
- variable: environmentVariable
label: "Environment Variable"
schema:
type: dict
attrs:
- variable: name
label: "Name"
schema:
type: string
- variable: value
label: "Value"
schema:
type: string
- variable: service
description: "Minio Service Configuration"
label: "Minio Service Configuration"
group: "Minio Configuration"
schema:
type: dict
required: true
attrs:
- variable: nodePort
label: "Node Port to use for Minio API"
schema:
type: int
min: 9000
max: 65535
default: 9000
required: true
- variable: consolePort
label: "Node Port to use for Minio UI Access"
schema:
type: int
min: 9000
max: 65535
default: 9002
required: true
- variable: minioDomain
label: "Minio Domain Name"
description: "This is only required if TLS is configured for Minio"
group: "Minio Configuration"
schema:
type: string
default: null
"null": true
show_if: [["certificate", "!=", null]]
- variable: certificate
description: "Minio Certificate"
label: "Minio Certificate"
group: "Minio Configuration"
schema:
type: int
$ref:
- "definitions/certificate"
- variable: appVolumeMounts
label: "Minio Storage"
group: "Storage"
schema:
type: dict
show_if: [["distributedMode", "=", false]]
attrs:
- variable: export
label: "Data Volume"
schema:
type: dict
attrs:
- variable: datasetName
label: "Minio Data Volume Name"
schema:
type: string
hidden: true
$ref:
- "normalize/ixVolume"
show_if: [["hostPathEnabled", "=", false]]
default: "ix-minio"
editable: false
- variable: mountPath
label: "Minio Data Mount Path"
description: "Path where the volume will be mounted inside the pod"
schema:
type: path
hidden: true
editable: false
default: "/export"
- variable: hostPathEnabled
label: "Enable Host Path for Minio Data Volume"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: hostPath
label: "Host Path for Minio Data Volume"
schema:
type: hostpath
required: true
immutable: true
- variable: extraAppVolumeMounts
label: "Extra Host Path Volumes"
group: "Storage"
schema:
type: list
items:
- variable: extraAppVolume
label: "Host Path Volume"
description: "Add an extra host path volume for Minio application"
schema:
type: dict
attrs:
- variable: mountPath
label: "Mount Path in Pod"
description: "Path where the volume will be mounted inside the pod"
schema:
type: path
required: true
- variable: hostPath
label: "Host Path"
description: "Host path"
schema:
type: hostpath
required: true

6
test/minio/1.5.0/requirements.lock Normal file
View File

@@ -0,0 +1,6 @@
dependencies:
- name: common
repository: file://../../../library/common/2112.0.0
version: 2112.0.0
digest: sha256:47115d9b91afe42c8537dcf0fd8224f2f7d1c775f9ff860efa68a6b57d17d1c0
generated: "2021-12-06T21:24:36.62541+05:00"

2
test/minio/1.5.0/templates/NOTES.txt Normal file
View File

@@ -0,0 +1,2 @@
Minio can be accessed from the following URL:
http://$node_ip:{{ .Values.service.nodePort }}/

33
test/minio/1.5.0/templates/_cert.tpl Normal file
View File

@@ -0,0 +1,33 @@
{{/*
Formats volumeMount for Minio tls keys and trusted certs
*/}}
{{- define "minio.tlsKeysVolumeMount" -}}
{{- if eq (include "minio.certAvailable" .) "true" -}}
- name: cert-secret-volume
mountPath: "/etc/minio/certs"
- name: trusted-cert-secret-volume
mountPath: "/etc/minio/certs/CAs"
{{- end }}
{{- end -}}
{{/*
Formats volume for Minio tls keys and trusted certs
*/}}
{{- define "minio.tlsKeysVolume" -}}
{{- if eq (include "minio.certAvailable" .) "true" -}}
- name: cert-secret-volume
secret:
secretName: {{ include "minio.secretName" . }}
items:
- key: certPublicKey
path: public.crt
- key: certPrivateKey
path: private.key
- name: trusted-cert-secret-volume
secret:
secretName: {{ include "minio.secretName" . }}
items:
- key: certPublicKey
path: public.crt
{{- end }}
{{- end -}}

77
test/minio/1.5.0/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,77 @@
{{/*
Determine secret name.
*/}}
{{- define "minio.secretName" -}}
{{- include "common.names.fullname" . -}}
{{- end -}}
{{/*
Retrieve true/false if minio certificate is configured
*/}}
{{- define "minio.certAvailable" -}}
{{- if .Values.certificate -}}
{{- $values := (. | mustDeepCopy) -}}
{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate) -}}
{{- template "common.resources.cert_present" $values -}}
{{- else -}}
{{- false -}}
{{- end -}}
{{- end -}}
{{/*
Retrieve public key of minio certificate
*/}}
{{- define "minio.cert.publicKey" -}}
{{- $values := (. | mustDeepCopy) -}}
{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate "publicKey" true) -}}
{{ include "common.resources.cert" $values }}
{{- end -}}
{{/*
Retrieve private key of minio certificate
*/}}
{{- define "minio.cert.privateKey" -}}
{{- $values := (. | mustDeepCopy) -}}
{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate) -}}
{{ include "common.resources.cert" $values }}
{{- end -}}
{{/*
Retrieve scheme/protocol for minio
*/}}
{{- define "minio.scheme" -}}
{{- if eq (include "minio.certAvailable" .) "true" -}}
{{- print "https" -}}
{{- else -}}
{{- print "http" -}}
{{- end -}}
{{- end -}}
{{/*
Retrieve command for minio application
*/}}
{{- define "minio.commandArgs" -}}
{{- $arg := "/usr/bin/docker-entrypoint.sh minio -S /etc/minio/certs server --console-address=':9001'" -}}
{{- if .Values.distributedMode -}}
{{- cat $arg (join " " (concat (.Values.distributedIps | default list) (.Values.extraArgs | default list))) -}}
{{- else -}}
{{- cat $arg ((concat (list "/export") (.Values.extraArgs | default list)) | join " ") -}}
{{- end -}}
{{- end -}}
{{/*
Enable host networking
*/}}
{{- define "minio.hostNetworking" -}}
{{- if .Values.distributedMode -}}
{{- print "true" -}}
{{- else -}}
{{- print "false" -}}
{{- end -}}
{{- end -}}

6
test/minio/1.5.0/templates/configmap.yaml Normal file
View File

@@ -0,0 +1,6 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: minio-config
data:
protocol: {{ include "minio.scheme" . }}

69
test/minio/1.5.0/templates/deployment.yaml Normal file
View File

@@ -0,0 +1,69 @@
apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
name: {{ template "common.names.fullname" . }}
labels:
app: {{ template "common.names.name" . }}
chart: {{ template "common.names.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
annotations:
rollme: {{ randAlphaNum 5 | quote }}
spec:
replicas: {{ (default 1 .Values.replicas) }}
strategy:
type: {{ (default "Recreate" .Values.updateStrategy ) }}
selector:
matchLabels:
app: {{ template "common.names.name" . }}
release: {{ .Release.Name }}
template:
metadata:
name: {{ template "common.names.fullname" . }}
labels:
app: {{ template "common.names.name" . }}
release: {{ .Release.Name }}
{{- include "common.labels.selectorLabels" . | nindent 8 }}
annotations: {{ include "common.annotations" . | nindent 8 }}
spec:
securityContext:
runAsUser: {{ .Values.runAsUser }}
runAsGroup: {{ .Values.runAsGroup }}
serviceAccountName: {{ include "common.names.serviceAccountName" . | quote }}
hostNetwork: {{ include "minio.hostNetworking" . }}
containers:
- name: {{ .Chart.Name }}
{{ include "common.containers.imageConfig" .Values.image | nindent 10 }}
volumeMounts: {{ include "common.storage.configureAppVolumeMountsInContainer" .Values | nindent 12 }}
{{- include "minio.tlsKeysVolumeMount" . | nindent 12 }}
{{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }}
- name: extrappvolume-{{ $index }}
mountPath: {{ $hostPathConfiguration.mountPath }}
{{ end }}
command:
- "/bin/sh"
- "-ce"
- {{ include "minio.commandArgs" . }}
ports:
- name: api
containerPort: 9000
- name: console
containerPort: 9001
env:
{{ $secretName := (include "minio.secretName" .) }}
{{ $envList := (default list .Values.environmentVariables) }}
{{ if and (eq (include "minio.certAvailable" .) "true") .Values.minioDomain }}
{{ $envList = mustAppend $envList (dict "name" "MINIO_BROWSER_REDIRECT_URL" "value" (printf "%s://%s:%d" (include "minio.scheme" .) .Values.minioDomain (.Values.service.consolePort | int))) }}
{{ $envList = mustAppend $envList (dict "name" "MINIO_SERVER_URL" "value" (printf "%s://%s:%d" (include "minio.scheme" .) .Values.minioDomain (.Values.service.nodePort | int))) }}
{{ end }}
{{ $envList = mustAppend $envList (dict "name" "MINIO_ROOT_USER" "valueFromSecret" true "secretName" $secretName "secretKey" "accesskey") }}
{{ $envList = mustAppend $envList (dict "name" "MINIO_ROOT_PASSWORD" "valueFromSecret" true "secretName" $secretName "secretKey" "secretkey") }}
{{ include "common.containers.environmentVariables" (dict "environmentVariables" $envList) | nindent 12 }}
{{ include "common.networking.dnsConfiguration" .Values | nindent 6 }}
volumes: {{ include "common.storage.configureAppVolumes" .Values | nindent 8 }}
{{- include "minio.tlsKeysVolume" . | nindent 8 }}
{{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }}
- name: extrappvolume-{{ $index }}
hostPath:
path: {{ $hostPathConfiguration.hostPath }}
{{ end }}

27
test/minio/1.5.0/templates/pre-install-job.yaml Normal file
View File

@@ -0,0 +1,27 @@
apiVersion: batch/v1
kind: Job
metadata:
name: "{{ template "common.names.fullname" . }}-preinstall-job"
labels:
app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
helm.sh/chart: {{ template "common.names.chart" . }}
annotations:
"helm.sh/hook": pre-install
spec:
template:
metadata:
name: "{{ template "common.names.fullname" . }}-preinstall-hook"
labels:
app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
helm.sh/chart: {{ template "common.names.chart" . }}
spec:
restartPolicy: Never
containers:
- name: pre-install-job
image: "alpine:latest"
command: ["chown", "-R", "{{ .Values.runAsUser }}:{{ .Values.runAsGroup }}", "{{ .Values.appVolumeMounts.export.mountPath }}"]
volumeMounts: {{ include "common.storage.configureAppVolumeMountsInContainer" .Values | nindent 12 }}
volumes: {{ include "common.storage.configureAppVolumes" .Values | nindent 8 }}

13
test/minio/1.5.0/templates/secrets.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ template "minio.secretName" . }}
labels: {{ include "common.labels" . | nindent 4 }}
type: Opaque
data:
accesskey: {{ if .Values.accessKey }}{{ .Values.accessKey | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 20 | b64enc | quote }}{{ end }}
secretkey: {{ if .Values.secretKey }}{{ .Values.secretKey | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 40 | b64enc | quote }}{{ end }}
{{ if eq (include "minio.certAvailable" .) "true" }}
certPublicKey: {{ (include "minio.cert.publicKey" .) | toString | b64enc | quote }}
certPrivateKey: {{ (include "minio.cert.privateKey" .) | toString | b64enc | quote }}
{{ end }}

11
test/minio/1.5.0/templates/service.yaml Normal file
View File

@@ -0,0 +1,11 @@
{{ $svc := .Values.service }}
{{ $selectors := list }}
{{ $selectors = mustAppend $selectors (dict "key" "app" "value" (include "common.names.name" .) ) }}
{{ $selectors = mustAppend $selectors (dict "key" "release" "value" .Release.Name ) }}
{{ $ports := list }}
{{ $ports = mustAppend $ports (dict "name" "api" "port" $svc.nodePort "nodePort" $svc.nodePort "targetPort" 9000) }}
{{ $ports = mustAppend $ports (dict "name" "console" "port" $svc.consolePort "nodePort" $svc.consolePort "targetPort" 9001) }}
{{ $params := . }}
{{ $_ := set $params "commonService" (dict "type" "NodePort" "ports" $ports ) }}
{{ $_1 := set .Values "extraSelectorLabels" $selectors }}
{{ include "common.classes.service" $params }}

1
test/minio/1.5.0/templates/serviceaccount.yaml Normal file
View File

@@ -0,0 +1 @@
{{ include "common.serviceaccount" . }}

23
test/minio/1.5.0/test_values.yaml Normal file
View File

@@ -0,0 +1,23 @@
appVolumeMounts:
export:
emptyDir: true
mountPath: /export
distributedIps: []
distributedMode: false
dnsConfig:
options: []
emptyDirVolumes: true
environmentVariables: []
extraAppVolumeMounts: []
extraArgs: []
image:
pullPolicy: IfNotPresent
repository: minio/minio
tag: RELEASE.2022-01-28T02-28-16Z
minioDomain: null
service:
consolePort: 32325
nodePort: 32324
updateStrategy: RollingUpdate
runAsUser: 473
runAsGroup: 473

0
test/minio/1.5.0/values.yaml Normal file
View File