truenas/chart
1
0
Fork 0
mirror of https://github.com/truenas/charts.git synced 2026-04-24 18:41:41 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
c5d6bb427e7fc4d68405486c190535264ddf85e1
chart/library/ix-dev/test/minio/templates/_minio.tpl
Stavros Kois 0042e1c56d minio/test - migrate storage section (adds acl), update container image (#1994) 
* bump version and common

* update values

* update templtes

* update ui

* add migration

* missed one

* keep version on test train in order to test migration in storage section

* fix migration value

* update appversion to reflect the actual version
2024-01-04 13:58:14 +02:00

146 lines
4.5 KiB
Smarty
Raw Blame History

{{- define "minio.workload" -}}
workload:
minio:
enabled: true
primary: true
type: Deployment
podSpec:
hostNetwork: {{ include "minio.hostnetwork" $ }}
containers:
minio:
enabled: true
primary: true
imageSelector: image
securityContext:
runAsUser: {{ .Values.minioRunAs.user }}
runAsGroup: {{ .Values.minioRunAs.group }}
envFrom:
- secretRef:
name: minio-creds
args:
- server
- "--address"
- {{ printf ":%v" .Values.minioNetwork.apiPort | quote }}
- "--console-address"
- {{ printf ":%v" .Values.minioNetwork.webPort | quote }}
{{- if .Values.minioNetwork.certificateID }}
- "--certs-dir"
- "/.minio/certs"
{{- end -}}
{{- if .Values.minioLogging.anonymous }}
- "--anonymous"
{{- end -}}
{{- if .Values.minioLogging.quiet }}
- "--quiet"
{{- end }}
probes:
liveness:
enabled: true
type: {{ include "minio.scheme" $ }}
port: "{{ .Values.minioNetwork.apiPort }}"
path: /minio/health/live
readiness:
enabled: true
type: {{ include "minio.scheme" $ }}
port: "{{ .Values.minioNetwork.apiPort }}"
path: /minio/health/live
startup:
enabled: true
type: {{ include "minio.scheme" $ }}
port: "{{ .Values.minioNetwork.apiPort }}"
path: /minio/health/live
initContainers:
{{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions"
"UID" .Values.minioRunAs.user
"GID" .Values.minioRunAs.group
"type" "install") | nindent 8 -}}
{{- if .Values.minioLogging.logsearch.enabled }}
logsearch-wait:
enabled: true
type: init
imageSelector: bashImage
resources:
limits:
cpu: 500m
memory: 256Mi
envFrom:
- secretRef:
name: minio-creds
command: bash
args:
- -c
- |
echo "Pinging Logsearch API for readiness..."
until wget --spider --quiet --timeout=3 --tries=1 ${MINIO_LOG_QUERY_URL}/status; do
echo "Waiting for Logsearch API (${MINIO_LOG_QUERY_URL}/status) to be ready..."
sleep 2
done
echo "Logsearch API is ready"
{{- end }}
{{/* Service */}}
service:
minio:
enabled: true
primary: true
type: NodePort
targetSelector: minio
ports:
api:
enabled: true
primary: true
port: {{ .Values.minioNetwork.apiPort }}
nodePort: {{ .Values.minioNetwork.apiPort }}
targetSelector: minio
webui:
enabled: true
port: {{ .Values.minioNetwork.webPort }}
nodePort: {{ .Values.minioNetwork.webPort }}
targetSelector: minio
{{/* Persistence */}}
persistence:
{{- range $idx, $storage := .Values.minioStorage }}
{{ printf "data%v" (int $idx) }}:
enabled: true
{{- include "minio.storage.ci.migration" (dict "storage" $storage) }}
{{- include "ix.v1.common.app.storageOptions" (dict "storage" $storage) | nindent 4 }}
targetSelector:
minio:
minio:
mountPath: {{ $storage.mountPath }}
{{- if and (eq $storage.type "ixVolume") (not ($storage.ixVolumeConfig | default dict).aclEnable) }}
01-permissions:
mountPath: /mnt/directories{{ $storage.mountPath }}
{{- end }}
{{- end }}
# Minio writes temporary files to this directory. Adding this as an emptyDir,
# So we don't have to set readOnlyRootFilesystem to false
tempdir:
enabled: true
type: emptyDir
targetSelector:
minio:
minio:
mountPath: /.minio
{{- if .Values.minioNetwork.certificateID }}
cert:
enabled: true
type: secret
objectName: minio-cert
defaultMode: "0600"
items:
- key: tls.key
path: private.key
- key: tls.crt
path: public.crt
- key: tls.crt
path: CAs/public.crt
targetSelector:
minio:
minio:
mountPath: /.minio/certs
readOnly: true
{{- end -}}
{{- end -}}
Reference in New Issue View Git Blame Copy Permalink