diff --git a/test/minio/8.0.5/README.md b/test/minio/8.0.5/README.md index 6c10bc1b17..778db58b04 100755 --- a/test/minio/8.0.5/README.md +++ b/test/minio/8.0.5/README.md @@ -141,10 +141,6 @@ The following table lists the configurable parameters of the MinIO chart and the | `certsPath` | Default certs path location | `/etc/minio/certs` | | `mountPath` | Default mount location for persistent drive | `/export` | | `bucketRoot` | Directory from where minio should serve buckets. | Value of `.mountPath` | -| `service.type` | Kubernetes service type | `ClusterIP` | -| `service.port` | Kubernetes port where service is exposed | `9000` | -| `service.externalIPs` | service external IP addresses | `nil` | -| `service.annotations` | Service annotations | `{}` | | `persistence.enabled` | Use persistent volume to store data | `true` | | `persistence.size` | Size of persistent volume claim | `500Gi` | | `persistence.existingClaim` | Use an existing PVC to persist data | `nil` | @@ -225,25 +221,6 @@ If a Persistent Volume Claim already exists, specify it during installation. $ helm install --set persistence.existingClaim=PVC_NAME minio/minio ``` -NetworkPolicy -------------- - -To enable network policy for MinIO, -install [a networking plugin that implements the Kubernetes -NetworkPolicy spec](https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy#before-you-begin), -and set `networkPolicy.enabled` to `true`. - -For Kubernetes v1.5 & v1.6, you must also turn on NetworkPolicy by setting -the DefaultDeny namespace annotation. Note: this will enforce policy for _all_ pods in the namespace: - - kubectl annotate namespace default "net.beta.kubernetes.io/network-policy={\"ingress\":{\"isolation\":\"DefaultDeny\"}}" - -With NetworkPolicy enabled, traffic will be limited to just port 9000. - -For more precise policy, set `networkPolicy.allowExternal=true`. This will -only allow pods with the generated client label to connect to MinIO. -This label will be displayed in the output of a successful install. - Configure TLS ------------- diff --git a/test/minio/8.0.5/templates/_helpers.tpl b/test/minio/8.0.5/templates/_helpers.tpl index 63e23f1f7d..08964efb9a 100644 --- a/test/minio/8.0.5/templates/_helpers.tpl +++ b/test/minio/8.0.5/templates/_helpers.tpl @@ -31,17 +31,6 @@ Create chart name and version as used by the chart label. {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{/* -Return the appropriate apiVersion for networkpolicy. -*/}} -{{- define "minio.networkPolicy.apiVersion" -}} -{{- if semverCompare ">=1.4-0, <1.7-0" .Capabilities.KubeVersion.Version -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "^1.7-0" .Capabilities.KubeVersion.Version -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- end -}} -{{- end -}} - {{/* Return the appropriate apiVersion for deployment. */}} diff --git a/test/minio/8.0.5/templates/networkpolicy.yaml b/test/minio/8.0.5/templates/networkpolicy.yaml deleted file mode 100644 index de57f485fe..0000000000 --- a/test/minio/8.0.5/templates/networkpolicy.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.networkPolicy.enabled }} -kind: NetworkPolicy -apiVersion: {{ template "minio.networkPolicy.apiVersion" . }} -metadata: - name: {{ template "minio.fullname" . }} - labels: - app: {{ template "minio.name" . }} - chart: {{ template "minio.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - podSelector: - matchLabels: - app: {{ template "minio.name" . }} - release: {{ .Release.Name }} - ingress: - - ports: - - port: {{ .Values.service.port }} - {{- if not .Values.networkPolicy.allowExternal }} - from: - - podSelector: - matchLabels: - {{ template "minio.name" . }}-client: "true" - {{- end }} -{{- end }} diff --git a/test/minio/8.0.5/templates/service.yaml b/test/minio/8.0.5/templates/service.yaml index ea681e2207..f2a6a30e6e 100644 --- a/test/minio/8.0.5/templates/service.yaml +++ b/test/minio/8.0.5/templates/service.yaml @@ -11,37 +11,14 @@ metadata: chart: {{ template "minio.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} -{{- if .Values.service.annotations }} - annotations: -{{ toYaml .Values.service.annotations | indent 4 }} -{{- end }} spec: -{{- if (or (eq .Values.service.type "ClusterIP" "") (empty .Values.service.type)) }} - type: ClusterIP - {{- if not (empty .Values.service.clusterIP) }} - clusterIP: {{ .Values.service.clusterIP }} - {{end}} -{{- else if eq .Values.service.type "LoadBalancer" }} - type: {{ .Values.service.type }} - loadBalancerIP: {{ default "" .Values.service.loadBalancerIP }} -{{- else }} - type: {{ .Values.service.type }} -{{- end }} + type: "NodePort" ports: - name: {{ $scheme }} - port: {{ .Values.service.port }} + port: {{ .Values.service.nodePort }} protocol: TCP -{{- if (and (eq .Values.service.type "NodePort") ( .Values.service.nodePort)) }} nodePort: {{ .Values.service.nodePort }} -{{- else }} targetPort: 9000 -{{- end}} -{{- if .Values.service.externalIPs }} - externalIPs: -{{- range $i , $ip := .Values.service.externalIPs }} - - {{ $ip }} -{{- end }} -{{- end }} selector: app: {{ template "minio.name" . }} release: {{ .Release.Name }} diff --git a/test/minio/8.0.5/values.yaml b/test/minio/8.0.5/values.yaml index 0de1c00ca8..405e945c5c 100644 --- a/test/minio/8.0.5/values.yaml +++ b/test/minio/8.0.5/values.yaml @@ -93,33 +93,8 @@ persistence: ## subPath: "" -## Expose the Minio service to be accessed from outside the cluster (LoadBalancer service). -## or access it from within the cluster (ClusterIP service). Set the service type and the port to serve it. -## ref: http://kubernetes.io/docs/user-guide/services/ -## - service: - type: ClusterIP - clusterIP: ~ - port: 9000 nodePort: 32000 - ## List of IP addresses at which the Prometheus server service is available - ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips - ## - externalIPs: [] - # - externalIp1 - - annotations: {} - # prometheus.io/scrape: 'true' - # prometheus.io/path: '/minio/prometheus/metrics' - # prometheus.io/port: '9000' - -## Use this field to add environment variables relevant to Minio server. These fields will be passed on to Minio container(s) -## when Chart is deployed environment: ## Please refer for comprehensive list https://docs.minio.io/docs/minio-server-configuration-guide.html - -networkPolicy: - enabled: false - allowExternal: true