Documentation ¶
Overview ¶
Package v2 - This page provides a quick automatically generated reference for the MinIO Operator `minio.min.io/v2` CRD. For more complete documentation on the MinIO Operator CRD, see https://min.io/docs/minio/kubernetes/upstream/index.html[MinIO Kubernetes Documentation]. +
The `minio.min.io/v2` API was released with the v4.0.0 MinIO Operator. The MinIO Operator automatically converts existing tenants using the `/v1` API to `/v2`. +
+groupName=minio.min.io +versionName=v2
Index ¶
- Constants
- Variables
- func CompactJSONString(jsonObject string) (string, error)
- func ExtractTar(filesToExtract []string, basePath, tarFileName string) error
- func GenerateCredentials() (accessKey, secretKey string, err error)
- func GenerateTenantConfigurationFile(configuration map[string]string) string
- func GetClusterDomain() string
- func GetMonitoringInterval() int
- func GetNSFromFile() string
- func GetOpenshiftCSRSignerCAFromFile() []byte
- func GetOpenshiftServiceCAFromFile() []byte
- func GetPodCAFromFile() []byte
- func GetPrivateKeyFilePath(serviceName string) string
- func GetPrometheusName() string
- func GetPrometheusNamespace() string
- func GetPublicCertFilePath(serviceName string) string
- func GetTenantKesImage() string
- func GetTenantMinIOImage() string
- func IsContainersEnvUpdated(existingContainers, expectedContainers []corev1.Container) bool
- func IsEnvUpdated(old, new map[string]string) bool
- func Kind(kind string) schema.GroupKind
- func MergeMaps(a, b map[string]string) map[string]string
- func MustGetSystemCertPool() *x509.CertPool
- func ParseRawConfiguration(configuration []byte) (config map[string][]byte)
- func ReleaseTagToReleaseTime(releaseTag string) (releaseTime time.Time, err error)
- func Resource(resource string) schema.GroupResource
- func ToMap(envs []corev1.EnvVar) map[string]string
- type AuditConfig
- type Bucket
- type CertificateConfig
- type CertificateStatus
- type CustomCertificateConfig
- type CustomCertificates
- type ExposeServices
- type Features
- type HealthStatus
- type KESConfig
- type LocalCertificateReference
- type Logging
- type Pool
- type PoolState
- type PoolStatus
- type ServiceMetadata
- type SideCars
- type Tenant
- func (t *Tenant) AllMinIOHosts() []string
- func (t *Tenant) AutoCert() bool
- func (t *Tenant) BucketDNS() bool
- func (t *Tenant) ConfigurationSecretName() string
- func (t *Tenant) ConsoleCIServiceName() string
- func (t *Tenant) ConsoleCSRName() string
- func (t *Tenant) ConsoleCommonName() string
- func (t *Tenant) ConsoleDeploymentName() string
- func (t *Tenant) ConsolePodLabels() map[string]string
- func (t *Tenant) ConsoleServerHost() string
- func (t *Tenant) ConsoleTLSSecretName() string
- func (t *Tenant) ConsoleVolMountName() string
- func (t *Tenant) CreateBuckets(minioClient *minio.Client, buckets ...Bucket) (created bool, err error)
- func (t *Tenant) CreateUsers(madmClnt *madmin.AdminClient, userCredentialSecrets []*corev1.Secret, ...) error
- func (in *Tenant) DeepCopy() *Tenant
- func (in *Tenant) DeepCopyInto(out *Tenant)
- func (in *Tenant) DeepCopyObject() runtime.Object
- func (t *Tenant) EnsureDefaults() *Tenant
- func (t *Tenant) ExternalCaCerts() bool
- func (t *Tenant) ExternalCert() bool
- func (t *Tenant) ExternalClientCert() bool
- func (t *Tenant) ExternalClientCerts() bool
- func (t *Tenant) GenBearerToken(accessKey, secretKey string) string
- func (t *Tenant) GetBindingName() string
- func (t *Tenant) GetDomainHosts() []string
- func (t *Tenant) GetEnvVars() (env []corev1.EnvVar)
- func (t *Tenant) GetKESEnvVars() (env []corev1.EnvVar)
- func (t *Tenant) GetRoleName() string
- func (t *Tenant) GetTenantServiceURL() (svcURL string)
- func (t *Tenant) HasCertConfig() bool
- func (t *Tenant) HasConfigurationSecret() bool
- func (t *Tenant) HasConsoleDomains() bool
- func (t *Tenant) HasCredsSecret() bool
- func (t *Tenant) HasEnv(envName string) bool
- func (t *Tenant) HasGCPCredentialSecretForKES() bool
- func (t *Tenant) HasGCPWorkloadIdentityPoolForKES() bool
- func (t *Tenant) HasKESEnabled() bool
- func (t *Tenant) HasMinIODomains() bool
- func (t *Tenant) HasPrometheusOperatorEnabled() bool
- func (*Tenant) Hub()
- func (t *Tenant) KESCSRName() string
- func (t *Tenant) KESClientCert() bool
- func (t *Tenant) KESExternalCert() bool
- func (t *Tenant) KESHLServiceName() string
- func (t *Tenant) KESHosts() []string
- func (t *Tenant) KESJobName() string
- func (t *Tenant) KESPodLabels() map[string]string
- func (t *Tenant) KESReplicas() int32
- func (t *Tenant) KESServiceEndpoint() string
- func (t *Tenant) KESServiceHost() string
- func (t *Tenant) KESStatefulSetName() string
- func (t *Tenant) KESTLSSecretName() string
- func (t *Tenant) KESVolMountName() string
- func (t *Tenant) KESWildCardName() string
- func (t *Tenant) LegacyStatefulsetName(pool *Pool) string
- func (t *Tenant) MinIOBucketBaseDomain() string
- func (t *Tenant) MinIOBucketBaseWildcardDomain() string
- func (t *Tenant) MinIOCIServiceName() string
- func (t *Tenant) MinIOCSRName() string
- func (t *Tenant) MinIOClientCSRName() string
- func (t *Tenant) MinIOClientTLSSecretName() string
- func (t *Tenant) MinIOEndpoints(hostsTemplate string) (endpoints []string)
- func (t *Tenant) MinIOFQDNServiceName() string
- func (t *Tenant) MinIOFQDNServiceNameAndNamespace() string
- func (t *Tenant) MinIOFQDNShortServiceName() string
- func (t *Tenant) MinIOHLPodAddress(podName string) string
- func (t *Tenant) MinIOHLPodHostname(podName string) string
- func (t *Tenant) MinIOHLServiceName() string
- func (t *Tenant) MinIOHeadlessServiceHost() string
- func (t *Tenant) MinIOHealthCheck(tr *http.Transport) bool
- func (t *Tenant) MinIOHosts() (hosts []string)
- func (t *Tenant) MinIOPodLabels() map[string]string
- func (t *Tenant) MinIOServerEndpoint() string
- func (t *Tenant) MinIOServerHostAddress() string
- func (t *Tenant) MinIOStatefulSetNameForPool(z *Pool) string
- func (t *Tenant) MinIOTLSSecretName() string
- func (t *Tenant) MinIOWildCardName() string
- func (t *Tenant) NewMinIOAdmin(minioSecret map[string][]byte, tr *http.Transport) (*madmin.AdminClient, error)
- func (t *Tenant) NewMinIOAdminForAddress(address string, minioSecret map[string][]byte, tr *http.Transport) (*madmin.AdminClient, error)
- func (t *Tenant) NewMinIOUser(minioSecret map[string][]byte, tr *http.Transport) (*minio.Client, error)
- func (t *Tenant) NewMinIOUserForAddress(address string, minioSecret map[string][]byte, tr *http.Transport) (*minio.Client, error)
- func (t *Tenant) ObjectRef() corev1.ObjectReference
- func (t *Tenant) OwnerRef() []metav1.OwnerReference
- func (t *Tenant) PoolStatefulsetName(pool *Pool) string
- func (t *Tenant) PrometheusConfigJobName() string
- func (t *Tenant) PrometheusConfigMapName() string
- func (t *Tenant) PrometheusOperatorAddlConfigJobName() string
- func (t *Tenant) TLS() bool
- func (t *Tenant) TemplatedMinIOHosts(hostsTemplate string) (hosts []string)
- func (t *Tenant) UpdateURL(ltag string, overrideURL string) (string, error)
- func (t *Tenant) Validate() error
- func (t *Tenant) ValidateDomains() error
- func (t *Tenant) VolumePathForPool(pool *Pool) string
- type TenantDomains
- type TenantList
- type TenantScheduler
- type TenantSpec
- type TenantStatus
- type TenantUsage
- type TierUsage
Constants ¶
const ( MinIOServerURL = "MINIO_SERVER_URL" MinIODomain = "MINIO_DOMAIN" MinIOBrowserRedirectURL = "MINIO_BROWSER_REDIRECT_URL" )
Webhook API constants
const CSRNameSuffix = "-csr"
CSRNameSuffix specifies the suffix added to Tenant name to create a CSR
const CfgFile = CfgPath + "config.env"
CfgFile is the Configuration File for MinIO
const CfgPath = "/tmp/minio/"
CfgPath is the location of the MinIO Configuration File
const ConsoleAdminPolicyName = "consoleAdmin"
ConsoleAdminPolicyName denotes the policy name for Console user
const ConsoleName = "-console"
ConsoleName specifies the default container name for Console
const ConsolePort = 9090
ConsolePort specifies the default Console port number.
const ConsoleServicePortName = "http-console"
ConsoleServicePortName specifies the default Console Service's port name.
const ConsoleServiceTLSPortName = "https-console"
ConsoleServiceTLSPortName specifies the default Console Service's port name.
const ConsoleTLSPort = 9443
ConsoleTLSPort specifies the default Console port number for HTTPS.
const ConsoleTenantLabel = "v1.min.io/console"
ConsoleTenantLabel is applied to the Console pods of a Tenant cluster
const DefaultImagePullPolicy = corev1.PullIfNotPresent
DefaultImagePullPolicy specifies the policy to image pulls
const DefaultKESImage = "minio/kes:2023-11-10T10-44-28Z"
DefaultKESImage specifies the latest KES Docker hub image
const DefaultKESReplicas = 2
DefaultKESReplicas specifies the default number of KES pods to be created if not specified
const DefaultMinIOImage = "minio/minio:RELEASE.2023-11-15T20-43-25Z"
DefaultMinIOImage specifies the default MinIO Docker hub image
const DefaultMinIOUpdateURL = "https://dl.min.io/server/minio/release/" + runtime.GOOS + "-" + runtime.GOARCH + "/archive/"
DefaultMinIOUpdateURL specifies the default MinIO URL where binaries are pulled from during MinIO upgrades
const DefaultMonitoringInterval = 3
DefaultMonitoringInterval is how often we run monitoring on tenants
const DefaultPodManagementPolicy = appsv1.ParallelPodManagement
DefaultPodManagementPolicy specifies default pod management policy as expllained here https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies
const DefaultPrometheusNamespace = "default"
DefaultPrometheusNamespace is the default namespace for prometheus
const DefaultUpdateStrategy = "RollingUpdate"
DefaultUpdateStrategy specifies default pod update policy as explained here https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
const KESConfigMountPath = "/tmp/kes"
KESConfigMountPath specifies the path where KES config file and all secrets are mounted We keep this to /tmp, so it doesn't require any special permissions
const KESContainerName = "kes"
KESContainerName specifies the default container name for KES
const KESHLSvcNameSuffix = "-kes-hl-svc"
KESHLSvcNameSuffix specifies the suffix added to Tenant name to create a headless service for KES
const KESInstanceLabel = "v1.min.io/kes"
KESInstanceLabel is applied to the KES pods of a Tenant cluster
const KESMinIOKey = "my-minio-key"
KESMinIOKey is the name of key that KES creates on the KMS backend
const KESName = "-kes"
KESName specifies the default container name for KES
const KESPort = 7373
KESPort specifies the default KES Service's port number.
const KESServicePortName = "http-kes"
KESServicePortName specifies the default KES Service's port name.
const MinIOCRDResourceKind = "Tenant"
MinIOCRDResourceKind is the Kind of Cluster.
const MinIOCertPath = "/tmp/certs"
MinIOCertPath is the path where all MinIO certs are mounted
const MinIOHLSvcNameSuffix = "-hl"
MinIOHLSvcNameSuffix specifies the suffix added to Tenant name to create a headless service
const MinIOPort = 9000
MinIOPort specifies the default Tenant port number.
const MinIOPortLoadBalancerSVC = 80
MinIOPortLoadBalancerSVC specifies the default Service port number for the load balancer service.
const MinIOPrometheusPathCluster = "/minio/v2/metrics/cluster"
MinIOPrometheusPathCluster is the path where MinIO tenant exposes cluster Prometheus metrics
const MinIOPrometheusScrapeInterval = 30 * time.Second
MinIOPrometheusScrapeInterval defines how frequently to scrape targets.
const MinIOSFTPPort = 8022
MinIOSFTPPort specifies the default Tenant SFTP port number.
const MinIOServerName = "minio"
MinIOServerName specifies the default container name for Tenant
const MinIOServiceHTTPPortName = "http-minio"
MinIOServiceHTTPPortName specifies the default Service's http port name, e.g. for automatic protocol selection in Istio
const MinIOServiceHTTPSPortName = "https-minio"
MinIOServiceHTTPSPortName specifies the default Service's https port name, e.g. for automatic protocol selection in Istio
const MinIOServiceSFTPPortName = "sftp-minio"
MinIOServiceSFTPPortName specifies the default Service's FTP port name
const MinIOTLSPortLoadBalancerSVC = 443
MinIOTLSPortLoadBalancerSVC specifies the default Service TLS port number for the load balancer service.
const MinIOVolumeMountPath = "/export"
MinIOVolumeMountPath specifies the default mount path for MinIO volumes
const MinIOVolumeName = "export"
MinIOVolumeName specifies the default volume name for MinIO volumes
const MinIOVolumeSubPath = ""
MinIOVolumeSubPath specifies the default sub path under mount path
const PoolLabel = "v1.min.io/pool"
PoolLabel is applied to all components in a Pool of a Tenant cluster
const PrometheusAddlScrapeConfigKey = "prometheus-additional.yaml"
PrometheusAddlScrapeConfigKey is the key in secret data
const PrometheusAddlScrapeConfigSecret = "minio-prom-additional-scrape-config"
PrometheusAddlScrapeConfigSecret is the name of the secrets which contains the scrape config
const PrometheusName = "PROMETHEUS_NAME"
PrometheusName is the name of the prometheus
const PrometheusNamespace = "PROMETHEUS_NAMESPACE"
PrometheusNamespace is the namespace of the prometheus
const Revision = "min.io/revision"
Revision is applied to all statefulsets
const StatefulSetLegacyPrefix = "zone"
StatefulSetLegacyPrefix by old operators
const StatefulSetPrefix = "ss"
StatefulSetPrefix used by statefulsets
const TenantConfigurationSecretSuffix = "-configuration"
TenantConfigurationSecretSuffix specifies the suffix added to tenant name to create the configuration secret name
const TenantLabel = "v1.min.io/tenant"
TenantLabel is applied to all components of a Tenant cluster
const TmpPath = "/tmp"
TmpPath /tmp path inside the container file system
const Version = "v2"
Version specifies the API Version
const ZoneLabel = "v1.min.io/zone"
ZoneLabel is used for compatibility with tenants deployed prior to operator 4.0.0
Variables ¶
var ( // SchemeBuilder collects the scheme builder functions for the MinIO // Operator API. SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) // AddToScheme applies the SchemeBuilder functions to a specified scheme. AddToScheme = SchemeBuilder.AddToScheme )
var DefaultEllipticCurve = elliptic.P256()
DefaultEllipticCurve specifies the default elliptic curve to be used for key generation
var DefaultOrgName = []string{"system:nodes"}
DefaultOrgName specifies the default Org name to be used in automatic certificate generation
var DefaultQueryInterval = time.Second * 5
DefaultQueryInterval specifies the interval between each query for CSR Status
var DefaultQueryTimeout = time.Minute * 20
DefaultQueryTimeout specifies the timeout for query for CSR Status
var SchemeGroupVersion = schema.GroupVersion{Group: operator.GroupName, Version: Version}
SchemeGroupVersion is group version used to register these objects
var TLSSecretSuffix = "-tls"
TLSSecretSuffix is the suffix applied to Tenant name to create the TLS secret
Functions ¶
func CompactJSONString ¶
CompactJSONString removes white spaces, tabs and line return
func ExtractTar ¶
ExtractTar extracts all tar files from the list `filesToExtract` and puts the files in the `basePath` location
func GenerateCredentials ¶
GenerateCredentials - creates randomly generated credentials of maximum allowed length.
func GenerateTenantConfigurationFile ¶
GenerateTenantConfigurationFile :
func GetClusterDomain ¶
func GetClusterDomain() string
GetClusterDomain returns the Kubernetes cluster domain
func GetMonitoringInterval ¶
func GetMonitoringInterval() int
GetMonitoringInterval returns how ofter we should query tenants for cluster/health
func GetNSFromFile ¶
func GetNSFromFile() string
GetNSFromFile assumes the operator is running inside a k8s pod and extract the current namespace from the /var/run/secrets/kubernetes.io/serviceaccount/namespace file
func GetOpenshiftCSRSignerCAFromFile ¶
func GetOpenshiftCSRSignerCAFromFile() []byte
GetOpenshiftCSRSignerCAFromFile extracts the tls.crt certificate in Openshift deployments coming from the mounted secret openshift-csr-signer-ca
func GetOpenshiftServiceCAFromFile ¶
func GetOpenshiftServiceCAFromFile() []byte
GetOpenshiftServiceCAFromFile extracts the service-ca.crt certificate in Openshift deployments coming from configmap openshift-service-ca.crt
func GetPodCAFromFile ¶
func GetPodCAFromFile() []byte
GetPodCAFromFile assumes the operator is running inside a k8s pod and extract the current ca certificate from /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
func GetPrivateKeyFilePath ¶
GetPrivateKeyFilePath return the path to the key file based for the serviceName
func GetPrometheusName ¶
func GetPrometheusName() string
GetPrometheusName returns namespace of the prometheus managed by prometheus operator
func GetPrometheusNamespace ¶
func GetPrometheusNamespace() string
GetPrometheusNamespace returns namespace of the prometheus managed by prometheus operator
func GetPublicCertFilePath ¶
GetPublicCertFilePath return the path to the certificate file based for the serviceName
func GetTenantKesImage ¶
func GetTenantKesImage() string
GetTenantKesImage returns the default KES Image for a tenant
func GetTenantMinIOImage ¶
func GetTenantMinIOImage() string
GetTenantMinIOImage returns the default MinIO image for a tenant
func IsContainersEnvUpdated ¶
IsContainersEnvUpdated compare environment variables of existing and expected containers and returns true if there is a change
func IsEnvUpdated ¶
IsEnvUpdated looks for new env vars in the old env vars and returns true if new env vars are not found
func MustGetSystemCertPool ¶
MustGetSystemCertPool - return system CAs or empty pool in case of error (or windows)
func ParseRawConfiguration ¶
ParseRawConfiguration map[string][]byte representation of the MinIO config.env file
func ReleaseTagToReleaseTime ¶
ReleaseTagToReleaseTime - converts a 'RELEASE.2017-09-29T19-16-56Z.hotfix' into the build time
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
Types ¶
type AuditConfig ¶
type AuditConfig struct { // *Required* + // // Specify the amount of storage to request in Gigabytes (GB) for storing audit logs. // +optional DiskCapacityGB *int `json:"diskCapacityGB,omitempty"` }
AuditConfig defines configuration parameters for Audit (type) logs
func (*AuditConfig) DeepCopy ¶
func (in *AuditConfig) DeepCopy() *AuditConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditConfig.
func (*AuditConfig) DeepCopyInto ¶
func (in *AuditConfig) DeepCopyInto(out *AuditConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Bucket ¶
type Bucket struct { Name string `json:"name,omitempty"` Region string `json:"region,omitempty"` ObjectLocking bool `json:"objectLock,omitempty"` }
Bucket describes the default created buckets
func (*Bucket) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Bucket.
func (*Bucket) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CertificateConfig ¶
type CertificateConfig struct { // *Optional* + // // The `CommonName` or `CN` attribute to associate to automatically generated TLS certificates. + CommonName string `json:"commonName,omitempty"` // *Optional* + // // Specify one or more `OrganizationName` or `O` attributes to associate to automatically generated TLS certificates. + OrganizationName []string `json:"organizationName,omitempty"` // *Optional* + // // Specify one or more x.509 Subject Alternative Names (SAN) to associate to automatically generated TLS certificates. MinIO Server pods use SNI to determine which certificate to respond with based on the requested hostname. DNSNames []string `json:"dnsNames,omitempty"` }
CertificateConfig (`certConfig`) defines controlling attributes associated to any TLS certificate automatically generated by the Operator as part of tenant creation. These fields have no effect if `spec.autoCert: false`.
func (*CertificateConfig) DeepCopy ¶
func (in *CertificateConfig) DeepCopy() *CertificateConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateConfig.
func (*CertificateConfig) DeepCopyInto ¶
func (in *CertificateConfig) DeepCopyInto(out *CertificateConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CertificateStatus ¶
type CertificateStatus struct { // AutoCertEnabled registers whether we know if the tenant has autocert enabled // +nullable AutoCertEnabled *bool `json:"autoCertEnabled,omitempty"` // Provides the output of the `client`, `minio`, and`minioCAs` custom TLS certificates manually added to the Operator. // +nullable CustomCertificates *CustomCertificates `json:"customCertificates,omitempty"` }
CertificateStatus keeps track of all the certificates managed by the operator
func (*CertificateStatus) DeepCopy ¶
func (in *CertificateStatus) DeepCopy() *CertificateStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateStatus.
func (*CertificateStatus) DeepCopyInto ¶
func (in *CertificateStatus) DeepCopyInto(out *CertificateStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CustomCertificateConfig ¶
type CustomCertificateConfig struct { // *Optional* + // // Output one or more `CertName` attributes associated with the manually provided TLS certificates. + CertName string `json:"certName,omitempty"` // *Optional* + // // Output one or more `Domains` attributes associated with the manually provided TLS certificates. + Domains []string `json:"domains,omitempty"` // *Optional* + // // Output one or more `Expiry` attributes associated with the manually provided TLS certificates. + Expiry string `json:"expiry,omitempty"` // *Optional* + // // Output one or more `ExpiresIn` attributes associated with the manually provided TLS certificates. + ExpiresIn string `json:"expiresIn,omitempty"` // *Optional* + // // Output one or more `SerialNo` attributes associated with the manually provided TLS certificates. + SerialNo string `json:"serialNo,omitempty"` }
CustomCertificateConfig (`customCertificateConfig`) provides attributes associated of the TLS certificates manually added to the Operator as part of tenant creation. These fields contain no data if there are no custom TLS certificates.
func (*CustomCertificateConfig) DeepCopy ¶
func (in *CustomCertificateConfig) DeepCopy() *CustomCertificateConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomCertificateConfig.
func (*CustomCertificateConfig) DeepCopyInto ¶
func (in *CustomCertificateConfig) DeepCopyInto(out *CustomCertificateConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CustomCertificates ¶
type CustomCertificates struct { // *Optional* + // // Client Client []*CustomCertificateConfig `json:"client,omitempty"` // *Optional* + // // Minio Minio []*CustomCertificateConfig `json:"minio,omitempty"` // *Optional* + // // Certificate Authorities MinioCAs []*CustomCertificateConfig `json:"minioCAs,omitempty"` }
CustomCertificates (`customCertificates`) provides groupings of the TLS certificates manually added to the Operator as part of tenant creation. These fields contain no data if there are no custom TLS certificates.
func (*CustomCertificates) DeepCopy ¶
func (in *CustomCertificates) DeepCopy() *CustomCertificates
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomCertificates.
func (*CustomCertificates) DeepCopyInto ¶
func (in *CustomCertificates) DeepCopyInto(out *CustomCertificates)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ExposeServices ¶
type ExposeServices struct { // *Optional* + // // Directs the Operator to expose the MinIO service. Defaults to `false`. + // +optional MinIO bool `json:"minio,omitempty"` // *Optional* + // // Directs the Operator to expose the MinIO Console service. Defaults to `false`. + // +optional Console bool `json:"console,omitempty"` }
ExposeServices (`exposeServices`) defines the exposure of the MinIO object storage and Console services. +
func (*ExposeServices) DeepCopy ¶
func (in *ExposeServices) DeepCopy() *ExposeServices
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExposeServices.
func (*ExposeServices) DeepCopyInto ¶
func (in *ExposeServices) DeepCopyInto(out *ExposeServices)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Features ¶
type Features struct { // *Optional* + // // Specify `true` to allow clients to access buckets using the DNS path `<bucket>.minio.default.svc.cluster.local`. Defaults to `false`. // BucketDNS bool `json:"bucketDNS,omitempty"` // *Optional* + // // Specify a list of domains used to access MinIO and Console. // Domains *TenantDomains `json:"domains,omitempty"` // *Optional* + // // Starts minio server with SFTP support EnableSFTP *bool `json:"enableSFTP,omitempty"` }
Features (`features`) - Object describing which MinIO features to enable/disable in the MinIO Tenant. +
func (*Features) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Features.
func (*Features) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type HealthStatus ¶
type HealthStatus string
HealthStatus represents whether the tenant is healthy, with decreased service or offline
const ( // HealthStatusGreen indicates a healthy tenant: all drives online HealthStatusGreen HealthStatus = "green" // HealthStatusYellow indicates a decreased resilience tenant, some drives offline HealthStatusYellow HealthStatus = "yellow" // HealthStatusRed indicates the tenant is offline, or lost write quorum HealthStatusRed HealthStatus = "red" )
type KESConfig ¶
type KESConfig struct { // *Optional* + // // Specify the number of replica KES pods to deploy in the tenant. Defaults to `2`. // +optional Replicas int32 `json:"replicas,omitempty"` // *Optional* + // // The Docker image to use for deploying MinIO KES. Defaults to {kes-image}. + // +optional Image string `json:"image,omitempty"` // *Optional* + // // The pull policy for the MinIO Docker image. Specify one of the following: + // // * `Always` + // // * `Never` + // // * `IfNotPresent` (Default) + // // Refer to the Kubernetes documentation for details https://kubernetes.io/docs/concepts/containers/images#updating-images ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"` // *Optional* + // // The https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/[Kubernetes Service Account] to use for running MinIO KES pods created as part of the Tenant. + // +optional ServiceAccountName string `json:"serviceAccountName,omitempty"` // *Required* + // // Specify a https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes opaque secret] which contains environment variables to use for setting up the MinIO KES service. + // // See the https://github.com/lgj101/operator/blob/master/examples/kes-secret.yaml[MinIO Operator `console-secret.yaml`] for an example. Configuration *corev1.LocalObjectReference `json:"kesSecret"` // *Optional* + // // Enables TLS with SNI support on each MinIO KES pod in the tenant. If `externalCertSecret` is omitted *and* `spec.requestAutoCert` is set to `false`, MinIO KES pods deploy *without* TLS enabled. + // // Specify a https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes TLS secret]. The MinIO Operator copies the specified certificate to every MinIO pod in the tenant. When the MinIO pod/service responds to a TLS connection request, it uses SNI to select the certificate with matching `subjectAlternativeName`. + // // Specify an object containing the following fields: + // // * - `name` - The name of the Kubernetes secret containing the TLS certificate. + // // * - `type` - Specify `kubernetes.io/tls` + // // See the https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-minio-tenant.html#procedure-command-line[MinIO Operator CRD] reference for examples and more complete documentation on configuring TLS for MinIO Tenants. // +optional ExternalCertSecret *LocalCertificateReference `json:"externalCertSecret,omitempty"` // *Optional* + // // Specify a a https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes TLS secret] containing a custom root Certificate Authority and x.509 certificate to use for performing mTLS authentication with an external Key Management Service, such as Hashicorp Vault. + // // Specify an object containing the following fields: + // // * - `name` - The name of the Kubernetes secret containing the Certificate Authority and x.509 Certificate. + // // * - `type` - Specify `kubernetes.io/tls` + // +optional ClientCertSecret *LocalCertificateReference `json:"clientCertSecret,omitempty"` // *Optional* + // // Specify the GCP default credentials to be used for KES to authenticate to GCP key store // // +optional GCPCredentialSecretName string `json:"gcpCredentialSecretName,omitempty"` // *Optional* + // // Specify the name of the workload identity pool (This is required for generating service account token) // // +optional GCPWorkloadIdentityPool string `json:"gcpWorkloadIdentityPool,omitempty"` // *Optional* + // // If provided, use these annotations for KES Object Meta annotations // +optional Annotations map[string]string `json:"annotations,omitempty"` // *Optional* + // // If provided, use these labels for KES Object Meta labels // +optional Labels map[string]string `json:"labels,omitempty"` // *Optional* + // // Object specification for specifying CPU and memory https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/[resource allocations] or limits in the MinIO tenant. + // +optional Resources corev1.ResourceRequirements `json:"resources,omitempty"` // *Optional* + // // The filter for the Operator to apply when selecting which nodes on which to deploy MinIO KES pods. The Operator only selects those nodes whose labels match the specified selector. + // // See the Kubernetes documentation on https://kubernetes.io/docs/concepts/configuration/assign-pod-node/[Assigning Pods to Nodes] for more information. // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` // *Optional* + // // Specify one or more https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/[Kubernetes tolerations] to apply to MinIO KES pods. // +optional Tolerations []corev1.Toleration `json:"tolerations,omitempty"` // *Optional* + // // Specify node affinity, pod affinity, and pod anti-affinity for the KES pods. + // +optional Affinity *corev1.Affinity `json:"affinity,omitempty"` // *Optional* + // // Specify one or more https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/[Kubernetes Topology Spread Constraints] to apply to pods deployed in the MinIO pool. // +optional TopologySpreadConstraints []corev1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` // *Optional* + // // If provided, use this as the name of the key that KES creates on the KMS backend // +optional KeyName string `json:"keyName,omitempty"` // Specify the https://kubernetes.io/docs/tasks/configure-pod-container/security-context/[Security Context] of MinIO KES pods. The Operator supports only the following pod security fields: + // // * `fsGroup` + // // * `fsGroupChangePolicy` + // // * `runAsGroup` + // // * `runAsNonRoot` + // // * `runAsUser` + // // * `seLinuxOptions` + // +optional SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"` // *Optional* + // // If provided, the MinIO Operator adds the specified environment variables when deploying the KES resource. // +optional Env []corev1.EnvVar `json:"env,omitempty"` }
KESConfig (`kes`) defines the configuration of the https://github.com/minio/kes[MinIO Key Encryption Service] (KES) StatefulSet deployed as part of the MinIO Tenant. KES supports Server-Side Encryption of objects using an external Key Management Service (KMS). +
func (*KESConfig) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KESConfig.
func (*KESConfig) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*KESConfig) EqualImage ¶
EqualImage returns true if config image and current input image are same
type LocalCertificateReference ¶
type LocalCertificateReference struct { // *Required* + // // The name of the Kubernetes secret containing the TLS certificate or Certificate Authority file. + Name string `json:"name"` // *Required* + // // The type of Kubernetes secret. Specify `kubernetes.io/tls` + Type string `json:"type,omitempty"` }
LocalCertificateReference (`externalCertSecret`, `externalCaCertSecret`,`clientCertSecret`) contains a Kubernetes secret containing TLS certificates or Certificate Authority files for use with enabling TLS in the MinIO Tenant. +
func (*LocalCertificateReference) DeepCopy ¶
func (in *LocalCertificateReference) DeepCopy() *LocalCertificateReference
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalCertificateReference.
func (*LocalCertificateReference) DeepCopyInto ¶
func (in *LocalCertificateReference) DeepCopyInto(out *LocalCertificateReference)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Logging ¶
type Logging struct { JSON bool `json:"json,omitempty"` Anonymous bool `json:"anonymous,omitempty"` Quiet bool `json:"quiet,omitempty"` }
Logging describes Logging for MinIO tenants.
func (*Logging) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Logging.
func (*Logging) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Pool ¶
type Pool struct { // *Optional* + // // Specify the name of the pool. The Operator automatically generates the pool name if this field is omitted. // +optional Name string `json:"name,omitempty"` // *Required* // // The number of MinIO server pods to deploy in the pool. The minimum value is `2`. // // The MinIO Operator requires a minimum of `4` volumes per pool. Specifically, the result of `pools.servers X pools.volumesPerServer` must be greater than `4`. + Servers int32 `json:"servers"` // *Required* + // // The number of Persistent Volume Claims to generate for each MinIO server pod in the pool. + // // The MinIO Operator requires a minimum of `4` volumes per pool. Specifically, the result of `pools.servers X pools.volumesPerServer` must be greater than `4`. + VolumesPerServer int32 `json:"volumesPerServer"` // *Required* + // // Specify the configuration options for the MinIO Operator to use when generating Persistent Volume Claims for the MinIO tenant. + // VolumeClaimTemplate *corev1.PersistentVolumeClaim `json:"volumeClaimTemplate"` // *Optional* + // // Object specification for specifying CPU and memory https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/[resource allocations] or limits in the MinIO tenant. + // +optional Resources corev1.ResourceRequirements `json:"resources,omitempty"` // *Optional* + // // The filter for the Operator to apply when selecting which nodes on which to deploy pods in the pool. The Operator only selects those nodes whose labels match the specified selector. + // // See the Kubernetes documentation on https://kubernetes.io/docs/concepts/configuration/assign-pod-node/[Assigning Pods to Nodes] for more information. // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` // *Optional* + // // Specify node affinity, pod affinity, and pod anti-affinity for pods in the MinIO pool. + // +optional Affinity *corev1.Affinity `json:"affinity,omitempty"` // *Optional* + // // Specify one or more https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/[Kubernetes tolerations] to apply to pods deployed in the MinIO pool. // +optional Tolerations []corev1.Toleration `json:"tolerations,omitempty"` // *Optional* + // // Specify one or more https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/[Kubernetes Topology Spread Constraints] to apply to pods deployed in the MinIO pool. // +optional TopologySpreadConstraints []corev1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` // *Optional* + // // Specify the https://kubernetes.io/docs/tasks/configure-pod-container/security-context/[Security Context] of pods in the pool. The Operator supports only the following pod security fields: + // // * `fsGroup` + // // * `fsGroupChangePolicy` + // // * `runAsGroup` + // // * `runAsNonRoot` + // // * `runAsUser` + // // +optional SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"` // Specify the https://kubernetes.io/docs/tasks/configure-pod-container/security-context/[Security Context] of containers in the pool. The Operator supports only the following container security fields: + // // * `runAsGroup` + // // * `runAsNonRoot` + // // * `runAsUser` + // // +optional ContainerSecurityContext *corev1.SecurityContext `json:"containerSecurityContext,omitempty"` // *Optional* + // // Specify custom labels and annotations to append to the Pool. // +optional // *Optional* + // // If provided, use these annotations for the Pool Objects Meta annotations (Statefulset and Pod template) // +optional Annotations map[string]string `json:"annotations,omitempty"` // *Optional* + // // If provided, use these labels for the Pool Objects Meta annotations (Statefulset and Pod template) // +optional Labels map[string]string `json:"labels,omitempty"` // *Optional* + // // If provided, each pod on the Statefulset will run with the specified RuntimeClassName, for more info https://kubernetes.io/docs/concepts/containers/runtime-class/ // +optional RuntimeClassName *string `json:"runtimeClassName,omitempty"` // *Optional* + // // If true. Will delete the storage when tenant has been deleted. // +optional ReclaimStorage *bool `json:"reclaimStorage,omitempty"` }
Pool (`pools`) defines a MinIO server pool on a Tenant. Each pool consists of a set of MinIO server pods which "pool" their storage resources for supporting object storage and retrieval requests. Each server pool is independent of all others and supports horizontal scaling of available storage resources in the MinIO Tenant. +
See the https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-minio-tenant.html#procedure-command-line[MinIO Operator CRD] reference for the `pools` object for examples and more complete documentation. +
func (*Pool) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Pool.
func (*Pool) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PoolState ¶
type PoolState string
PoolState represents the state of a pool
const ( // PoolNotCreated of a pool when it's not even created yet PoolNotCreated PoolState = "PoolNotCreated" // PoolCreated indicates a pool was created PoolCreated PoolState = "PoolCreated" // PoolInitialized indicates if a pool has been observed to be online PoolInitialized PoolState = "PoolInitialized" )
type PoolStatus ¶
type PoolStatus struct { SSName string `json:"ssName"` State PoolState `json:"state"` // LegacySecurityContext stands for Legacy SecurityContext. It represents that these pool was created before v4.2.3 when // we introduced the default securityContext as non-root, thus we should keep running this Pool without a // Security Context // +optional LegacySecurityContext bool `json:"legacySecurityContext"` }
PoolStatus keeps track of all the pools and their current state
func (*PoolStatus) DeepCopy ¶
func (in *PoolStatus) DeepCopy() *PoolStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PoolStatus.
func (*PoolStatus) DeepCopyInto ¶
func (in *PoolStatus) DeepCopyInto(out *PoolStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ServiceMetadata ¶
type ServiceMetadata struct { // *Optional* + // // If provided, append these labels to the MinIO service // +optional MinIOServiceLabels map[string]string `json:"minioServiceLabels,omitempty"` // *Optional* + // // If provided, append these annotations to the MinIO service // +optional MinIOServiceAnnotations map[string]string `json:"minioServiceAnnotations,omitempty"` // *Optional* + // // If provided, append these labels to the Console service // +optional ConsoleServiceLabels map[string]string `json:"consoleServiceLabels,omitempty"` // *Optional* + // // If provided, append these annotations to the Console service // +optional ConsoleServiceAnnotations map[string]string `json:"consoleServiceAnnotations,omitempty"` }
ServiceMetadata (`serviceMetadata`) defines custom labels and annotations for the MinIO Object Storage service and/or MinIO Console service. +
func (*ServiceMetadata) DeepCopy ¶
func (in *ServiceMetadata) DeepCopy() *ServiceMetadata
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceMetadata.
func (*ServiceMetadata) DeepCopyInto ¶
func (in *ServiceMetadata) DeepCopyInto(out *ServiceMetadata)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SideCars ¶
type SideCars struct { // *Optional* + // // List of containers to run inside the Pod // +patchMergeKey=name // +patchStrategy=merge Containers []corev1.Container `json:"containers,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=containers"` // *Optional* + // // volumeClaimTemplates is a list of claims that pods are allowed to reference. // The StatefulSet controller is responsible for mapping network identities to // claims in a way that maintains the identity of a pod. Every claim in // this list must have at least one matching (by name) volumeMount in one // container in the template. A claim in this list takes precedence over // any volumes in the template, with the same name. // +TODO: Define the behavior if a claim already exists with the same name. // +optional VolumeClaimTemplates []corev1.PersistentVolumeClaim `json:"volumeClaimTemplates,omitempty" protobuf:"bytes,4,rep,name=volumeClaimTemplates"` // *Optional* + // // List of volumes that can be mounted by containers belonging to the pod. // More info: https://kubernetes.io/docs/concepts/storage/volumes // +optional // +patchMergeKey=name // +patchStrategy=merge,retainKeys Volumes []corev1.Volume `json:"volumes,omitempty" patchStrategy:"merge,retainKeys" patchMergeKey:"name" protobuf:"bytes,1,rep,name=volumes"` // *Optional* + // // sidecar's Resource, initcontainer will use that if set. // +optional Resources *corev1.ResourceRequirements `json:"resources,omitempty"` }
SideCars (`sidecars`) defines a list of containers that the Operator attaches to each MinIO server pods in the `pool`.
func (*SideCars) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SideCars.
func (*SideCars) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Tenant ¶
type Tenant struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Scheduler TenantScheduler `json:"scheduler,omitempty"` // *Required* + // // The root field for the MinIO Tenant object. Spec TenantSpec `json:"spec"` // Status provides details of the state of the Tenant // +optional Status TenantStatus `json:"status"` }
Tenant is a https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/[Kubernetes object] describing a MinIO Tenant. + +genclient +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +k8s:defaulter-gen=true +kubebuilder:object:root=true +kubebuilder:object:generate=true +kubebuilder:subresource:status +kubebuilder:resource:scope=Namespaced,shortName=tenant,singular=tenant +kubebuilder:printcolumn:name="State",type="string",JSONPath=".status.currentState" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:storageversion
func (*Tenant) AllMinIOHosts ¶
AllMinIOHosts returns the all the individual domain names relevant for current Tenant
func (*Tenant) AutoCert ¶
AutoCert is enabled by default, otherwise we return the user provided value
func (*Tenant) ConfigurationSecretName ¶
ConfigurationSecretName returns name of secret used to store the tenant configuration
func (*Tenant) ConsoleCIServiceName ¶
ConsoleCIServiceName returns the name for Console Cluster IP Service
func (*Tenant) ConsoleCSRName ¶
ConsoleCSRName returns the name of CSR that generated if AutoTLS is enabled for Console Namespace adds uniqueness to the CSR name (single Console tenant per namsepace) since CSR is not a namespaced resource
func (*Tenant) ConsoleCommonName ¶
ConsoleCommonName returns the CommonName to be used in the csr template
func (*Tenant) ConsoleDeploymentName ¶
ConsoleDeploymentName returns the name for Console Deployment
func (*Tenant) ConsolePodLabels ¶
ConsolePodLabels returns the default labels for Console Pod
func (*Tenant) ConsoleServerHost ¶
ConsoleServerHost returns ClusterIP service Host for current Console Tenant
func (*Tenant) ConsoleTLSSecretName ¶
ConsoleTLSSecretName returns the name of Secret that has Console TLS related Info (Cert & Private Key)
func (*Tenant) ConsoleVolMountName ¶
ConsoleVolMountName returns the name of Secret that has TLS related Info (Cert & Private Key)
func (*Tenant) CreateBuckets ¶
func (t *Tenant) CreateBuckets(minioClient *minio.Client, buckets ...Bucket) (created bool, err error)
CreateBuckets creates buckets and skips if bucket already present
func (*Tenant) CreateUsers ¶
func (t *Tenant) CreateUsers(madmClnt *madmin.AdminClient, userCredentialSecrets []*corev1.Secret, tenantConfiguration map[string][]byte) error
CreateUsers creates a list of admin users on MinIO, optionally creating users is disabled.
func (*Tenant) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Tenant.
func (*Tenant) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Tenant) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*Tenant) EnsureDefaults ¶
EnsureDefaults will ensure that if a user omits and fields in the spec that are required, we set some sensible defaults. For example a user can choose to omit the version and number of members.
func (*Tenant) ExternalCaCerts ¶
ExternalCaCerts returns true is the user has provided a additional CA certificates for MinIO
func (*Tenant) ExternalCert ¶
ExternalCert returns true is the user has provided a secret that contains CA cert, server cert and server key
func (*Tenant) ExternalClientCert ¶
ExternalClientCert returns true is the user has provided a secret that contains CA client cert, server cert and server key
func (*Tenant) ExternalClientCerts ¶
ExternalClientCerts returns true is the user has provided additional client certificates
func (*Tenant) GenBearerToken ¶
GenBearerToken returns the JWT token for current Tenant for Prometheus authentication
func (*Tenant) GetBindingName ¶
GetBindingName returns the binding name we will use for the tenant
func (*Tenant) GetDomainHosts ¶
GetDomainHosts returns a list of hosts in the .spec.features.domains.minio list to configure MINIO_DOMAIN
func (*Tenant) GetEnvVars ¶
GetEnvVars returns the environment variables for tenant deployment.
func (*Tenant) GetKESEnvVars ¶
GetKESEnvVars returns the environment variables for the KES deployment.
func (*Tenant) GetRoleName ¶
GetRoleName returns the role name we will use for the tenant
func (*Tenant) GetTenantServiceURL ¶
GetTenantServiceURL gets tenant's service url with the proper scheme and port
func (*Tenant) HasCertConfig ¶
HasCertConfig returns true if the user has provided a certificate config
func (*Tenant) HasConfigurationSecret ¶
HasConfigurationSecret returns true if the user has provided a configuration for a Tenant else false
func (*Tenant) HasConsoleDomains ¶
HasConsoleDomains indicates whether a domain is being specified for Console
func (*Tenant) HasCredsSecret ¶
HasCredsSecret returns true if the user has provided a secret for a Tenant else false
func (*Tenant) HasEnv ¶
HasEnv returns whether an environment variable is defined in the .spec.env field
func (*Tenant) HasGCPCredentialSecretForKES ¶
HasGCPCredentialSecretForKES returns if GCP cred secret is set in KES for fleet workload identity support.
func (*Tenant) HasGCPWorkloadIdentityPoolForKES ¶
HasGCPWorkloadIdentityPoolForKES returns if GCP worload identity pool secret is set in KES for fleet workload identity support.
func (*Tenant) HasKESEnabled ¶
HasKESEnabled checks if kes configuration is provided by user
func (*Tenant) HasMinIODomains ¶
HasMinIODomains indicates whether domains are being specified for MinIO
func (*Tenant) HasPrometheusOperatorEnabled ¶
HasPrometheusOperatorEnabled checks if Prometheus service monitor has been enabled
func (*Tenant) KESCSRName ¶
KESCSRName returns the name of CSR that generated if AutoTLS is enabled for KES Namespace adds uniqueness to the CSR name (single KES tenant per namsepace) since CSR is not a namespaced resource
func (*Tenant) KESClientCert ¶
KESClientCert returns true is the user has provided a secret that contains CA cert, client cert and client key for KES pods
func (*Tenant) KESExternalCert ¶
KESExternalCert returns true is the user has provided a secret that contains CA cert, server cert and server key for KES pods
func (*Tenant) KESHLServiceName ¶
KESHLServiceName returns the name of headless service that is created to manage the StatefulSet of this Tenant
func (*Tenant) KESJobName ¶
KESJobName returns the name for KES Key Job
func (*Tenant) KESPodLabels ¶
KESPodLabels returns the default labels for KES Pod
func (*Tenant) KESReplicas ¶
KESReplicas returns the number of total KES replicas required for this cluster
func (*Tenant) KESServiceEndpoint ¶
KESServiceEndpoint similar to KESServiceHost but a URL with current scheme
func (*Tenant) KESServiceHost ¶
KESServiceHost returns headless service Host for KES in current Tenant
func (*Tenant) KESStatefulSetName ¶
KESStatefulSetName returns the name for KES StatefulSet
func (*Tenant) KESTLSSecretName ¶
KESTLSSecretName returns the name of Secret that has KES TLS related Info (Cert & Private Key)
func (*Tenant) KESVolMountName ¶
KESVolMountName returns the name of Secret that has TLS related Info (Cert & Private Key)
func (*Tenant) KESWildCardName ¶
KESWildCardName returns the wild card name managed by headless service created for KES StatefulSet in current Tenant
func (*Tenant) LegacyStatefulsetName ¶
LegacyStatefulsetName returns the name of a statefulset for a given pool
func (*Tenant) MinIOBucketBaseDomain ¶
MinIOBucketBaseDomain returns the base domain name for buckets
func (*Tenant) MinIOBucketBaseWildcardDomain ¶
MinIOBucketBaseWildcardDomain returns the base domain name for buckets
func (*Tenant) MinIOCIServiceName ¶
MinIOCIServiceName returns the name of Cluster IP service that is created to communicate with current MinIO StatefulSet pods
func (*Tenant) MinIOCSRName ¶
MinIOCSRName returns the name of CSR that is generated if AutoTLS is enabled Namespace adds uniqueness to the CSR name (single MinIO tenant per namsepace) since CSR is not a namespaced resource
func (*Tenant) MinIOClientCSRName ¶
MinIOClientCSRName returns the name of CSR that is generated for Client side authentication Used by KES Pods
func (*Tenant) MinIOClientTLSSecretName ¶
MinIOClientTLSSecretName returns the name of Secret that has TLS related Info (Cert & Private Key) for MinIO <-> KES client side authentication.
func (*Tenant) MinIOEndpoints ¶
MinIOEndpoints similar to MinIOHosts but as URLs
func (*Tenant) MinIOFQDNServiceName ¶
MinIOFQDNServiceName returns the name of the service created for the tenant.
func (*Tenant) MinIOFQDNServiceNameAndNamespace ¶
MinIOFQDNServiceNameAndNamespace returns the name of the service created for the tenant up to namespace, ie: minio.default
func (*Tenant) MinIOFQDNShortServiceName ¶
MinIOFQDNShortServiceName returns the name of the service created for the tenant up to svc, ie: minio.default.svc
func (*Tenant) MinIOHLPodAddress ¶
MinIOHLPodAddress similar to MinIOFQDNServiceName but returns pod hostname with port
func (*Tenant) MinIOHLPodHostname ¶
MinIOHLPodHostname returns the full address of a particular MinIO pod.
func (*Tenant) MinIOHLServiceName ¶
MinIOHLServiceName returns the name of headless service that is created to manage the StatefulSet of this Tenant
func (*Tenant) MinIOHeadlessServiceHost ¶
MinIOHeadlessServiceHost returns headless service Host for current Tenant
func (*Tenant) MinIOHealthCheck ¶
MinIOHealthCheck check MinIO cluster health
func (*Tenant) MinIOHosts ¶
MinIOHosts returns the domain names in ellipses format created for current Tenant
func (*Tenant) MinIOPodLabels ¶
MinIOPodLabels returns the default labels for MinIO Pod
func (*Tenant) MinIOServerEndpoint ¶
MinIOServerEndpoint similar to MinIOServerHostAddress but a URL with current scheme
func (*Tenant) MinIOServerHostAddress ¶
MinIOServerHostAddress similar to MinIOFQDNServiceName but returns host with port
func (*Tenant) MinIOStatefulSetNameForPool ¶
MinIOStatefulSetNameForPool returns the name for MinIO StatefulSet
func (*Tenant) MinIOTLSSecretName ¶
MinIOTLSSecretName returns the name of Secret that has TLS related Info (Cert & Private Key)
func (*Tenant) MinIOWildCardName ¶
MinIOWildCardName returns the wild card name for all MinIO Pods in current StatefulSet
func (*Tenant) NewMinIOAdmin ¶
func (t *Tenant) NewMinIOAdmin(minioSecret map[string][]byte, tr *http.Transport) (*madmin.AdminClient, error)
NewMinIOAdmin initializes a new madmin.Client for operator interaction
func (*Tenant) NewMinIOAdminForAddress ¶
func (t *Tenant) NewMinIOAdminForAddress(address string, minioSecret map[string][]byte, tr *http.Transport) (*madmin.AdminClient, error)
NewMinIOAdminForAddress initializes a new madmin.Client for operator interaction
func (*Tenant) NewMinIOUser ¶
func (t *Tenant) NewMinIOUser(minioSecret map[string][]byte, tr *http.Transport) (*minio.Client, error)
NewMinIOUser initializes a new console user
func (*Tenant) NewMinIOUserForAddress ¶
func (t *Tenant) NewMinIOUserForAddress(address string, minioSecret map[string][]byte, tr *http.Transport) (*minio.Client, error)
NewMinIOUserForAddress initializes a new console user
func (*Tenant) ObjectRef ¶
func (t *Tenant) ObjectRef() corev1.ObjectReference
ObjectRef returns the ObjectReference to be added to all resources created by Tenant
func (*Tenant) OwnerRef ¶
func (t *Tenant) OwnerRef() []metav1.OwnerReference
OwnerRef returns the OwnerReference to be added to all resources created by Tenant
func (*Tenant) PoolStatefulsetName ¶
PoolStatefulsetName returns the name of a statefulset for a given pool
func (*Tenant) PrometheusConfigJobName ¶
PrometheusConfigJobName returns the name of the prometheus job
func (*Tenant) PrometheusConfigMapName ¶
PrometheusConfigMapName returns name of the config map for Prometheus.
func (*Tenant) PrometheusOperatorAddlConfigJobName ¶
PrometheusOperatorAddlConfigJobName returns the name of the prometheus job when prometheus operator is enabled
func (*Tenant) TemplatedMinIOHosts ¶
TemplatedMinIOHosts returns the domain names in ellipses format created for current Tenant without the service part
func (*Tenant) Validate ¶
Validate returns an error if any configuration of the MinIO Tenant is invalid
func (*Tenant) ValidateDomains ¶
ValidateDomains checks the validity of the domains configured on the tenant
func (*Tenant) VolumePathForPool ¶
VolumePathForPool returns the paths for MinIO mounts based on total number of volumes on a given pool
type TenantDomains ¶
type TenantDomains struct { // List of Domains used by MinIO. This will enable DNS style access to the object store where the bucket name is // inferred from a subdomain in the domain. Minio []string `json:"minio,omitempty"` // Domain used to expose the MinIO Console, this will configure the redirect on MinIO when visiting from the browser // If Console is exposed via a subpath, the domain should include it, i.e. https://console.domain.com:8123/subpath/ Console string `json:"console,omitempty"` }
TenantDomains (`domains`) - List of domains used to access the tenant from outside the kubernetes clusters. this will only configure MinIO for the domains listed, but external DNS configuration is still needed. The listed domains should include schema and port if any is used, i.e. https://minio.domain.com:8123
func (*TenantDomains) DeepCopy ¶
func (in *TenantDomains) DeepCopy() *TenantDomains
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantDomains.
func (*TenantDomains) DeepCopyInto ¶
func (in *TenantDomains) DeepCopyInto(out *TenantDomains)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TenantList ¶
type TenantList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` Items []Tenant `json:"items"` }
TenantList is a list of Tenant resources
func (*TenantList) DeepCopy ¶
func (in *TenantList) DeepCopy() *TenantList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantList.
func (*TenantList) DeepCopyInto ¶
func (in *TenantList) DeepCopyInto(out *TenantList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*TenantList) DeepCopyObject ¶
func (in *TenantList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type TenantScheduler ¶
type TenantScheduler struct { // *Optional* + // // Specify the name of the https://kubernetes.io/docs/concepts/scheduling-eviction/kube-scheduler/[Kubernetes scheduler] to be used to schedule Tenant pods Name string `json:"name"` }
TenantScheduler (`scheduler`) - Object describing Kubernetes Scheduler to use for deploying the MinIO Tenant.
func (*TenantScheduler) DeepCopy ¶
func (in *TenantScheduler) DeepCopy() *TenantScheduler
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantScheduler.
func (*TenantScheduler) DeepCopyInto ¶
func (in *TenantScheduler) DeepCopyInto(out *TenantScheduler)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TenantSpec ¶
type TenantSpec struct { // *Required* + // // An array of objects describing each MinIO server pool deployed in the MinIO Tenant. Each pool consists of a set of MinIO server pods which "pool" their storage resources for supporting object storage and retrieval requests. Each server pool is independent of all others and supports horizontal scaling of available storage resources in the MinIO Tenant. + // // The MinIO Tenant `spec` *must have* at least *one* element in the `pools` array. + // // See the https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-minio-tenant.html[MinIO Operator CRD] reference for the `pools` object for examples and more complete documentation. Pools []Pool `json:"pools"` // *Optional* + // // The Docker image to use when deploying `minio` server pods. Defaults to {minio-image}. + // // +optional Image string `json:"image,omitempty"` // *Optional* + // // Specify the secret key to use for pulling images from a private Docker repository. + // +optional ImagePullSecret corev1.LocalObjectReference `json:"imagePullSecret,omitempty"` // *Optional* + // // Pod Management Policy for pod created by StatefulSet // +optional PodManagementPolicy appsv1.PodManagementPolicyType `json:"podManagementPolicy,omitempty"` // *optional* + // // Specify a https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes opaque secret] to use for setting the MinIO root access key and secret key. Specify the secret as `name: <secret>`. The Kubernetes secret must contain the following fields: + // // * `data.accesskey` - The access key for the root credentials + // // * `data.secretkey` - The secret key for the root credentials + // // // +optional CredsSecret *corev1.LocalObjectReference `json:"credsSecret,omitempty"` // *Optional* + // // If provided, the MinIO Operator adds the specified environment variables when deploying the Tenant resource. // +optional Env []corev1.EnvVar `json:"env,omitempty"` // *Optional* + // // Enables TLS with SNI support on each MinIO pod in the tenant. If `externalCertSecret` is omitted *and* `requestAutoCert` is set to `false`, the MinIO Tenant deploys *without* TLS enabled. + // // Specify an array of https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes TLS secrets]. The MinIO Operator copies the specified certificates to every MinIO server pod in the tenant. When the MinIO pod/service responds to a TLS connection request, it uses SNI to select the certificate with matching `subjectAlternativeName`. + // // Each element in the `externalCertSecret` array is an object containing the following fields: + // // * - `name` - The name of the Kubernetes secret containing the TLS certificate. + // // * - `type` - Specify `kubernetes.io/tls` + // // See the https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-minio-tenant.html#create-tenant-security-section[MinIO Operator CRD] reference for examples and more complete documentation on configuring TLS for MinIO Tenants. // +optional ExternalCertSecret []*LocalCertificateReference `json:"externalCertSecret,omitempty"` // *Optional* + // // Allows MinIO server pods to verify client TLS certificates signed by a Certificate Authority not in the pod's trust store. + // // Specify an array of https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes TLS secrets]. The MinIO Operator copies the specified certificates to every MinIO server pod in the tenant. + // // Each element in the `externalCertSecret` array is an object containing the following fields: + // // * - `name` - The name of the Kubernetes secret containing the Certificate Authority. + // // * - `type` - Specify `kubernetes.io/tls`. + // // See the https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-minio-tenant.html#create-tenant-security-section[MinIO Operator CRD] reference for examples and more complete documentation on configuring TLS for MinIO Tenants. // +optional ExternalCaCertSecret []*LocalCertificateReference `json:"externalCaCertSecret,omitempty"` // *Optional* + // // Enables mTLS authentication between the MinIO Tenant pods and https://github.com/minio/kes[MinIO KES]. *Required* for enabling connectivity between the MinIO Tenant and MinIO KES. + // // Specify a https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes TLS secrets]. The MinIO Operator copies the specified certificate to every MinIO server pod in the tenant. The secret *must* contain the following fields: + // // * `name` - The name of the Kubernetes secret containing the TLS certificate. + // // * `type` - Specify `kubernetes.io/tls` + // // The specified certificate *must* correspond to an identity on the KES server. See the https://github.com/minio/kes/wiki/Configuration#policy-configuration[KES Wiki] for more information on KES identities. + // // If deploying KES with the MinIO Operator, include the hash of the certificate as part of the <<k8s-api-github-com-minio-operator-pkg-apis-minio-min-io-v2-kesconfig,`kes`>> object specification. + // // See the https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-minio-tenant.html#create-tenant-security-section[MinIO Operator CRD] reference for examples and more complete documentation on configuring TLS for MinIO Tenants. // // +optional ExternalClientCertSecret *LocalCertificateReference `json:"externalClientCertSecret,omitempty"` // *Optional* + // // Provide support for mounting additional client certificate into MinIO Tenant pods // Multiple client certificates will be mounted using the following folder structure: + // //* certs + // //* * client-0 + // //* * * client.crt + // //* * * client.key + // //* * client-1 + // //* * * client.crt + // //* * * client.key + // //* * * client-2 + // //* * client.crt + // //* * * client.key + // // Specify a https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes TLS secrets]. The MinIO Operator copies the specified certificate to every MinIO server pod in the tenant that later can be referenced using environment variables. The secret *must* contain the following fields: + // // * `name` - The name of the Kubernetes secret containing the TLS certificate. + // // * `type` - Specify `kubernetes.io/tls` + // // +optional ExternalClientCertSecrets []*LocalCertificateReference `json:"externalClientCertSecrets,omitempty"` // *Optional* + // // Mount path for MinIO volume (PV). Defaults to `/export` // +optional Mountpath string `json:"mountPath,omitempty"` // *Optional* + // // Subpath inside mount path. This is the directory where MinIO stores data. Default to `""“ (empty) // +optional Subpath string `json:"subPath,omitempty"` // *Optional* + // // Enables using https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/[Kubernetes-based TLS certificate generation] and signing for pods and services in the MinIO Tenant. + // // * Specify `true` to explicitly enable automatic certificate generate (Default). + // // * Specify `false` to disable automatic certificate generation. + // // If `requestAutoCert` is set to `false` *and* `externalCertSecret` is omitted, the MinIO Tenant deploys *without* TLS enabled. // // See the https://min.io/docs/minio/kubernetes/upstream/operations/install-deploy-manage/deploy-minio-tenant.html#create-tenant-security-section[MinIO Operator CRD] reference for examples and more complete documentation on configuring TLS for MinIO Tenants. // +optional RequestAutoCert *bool `json:"requestAutoCert,omitempty"` // Liveness Probe for container liveness. Container will be restarted if the probe fails. // +optional Liveness *corev1.Probe `json:"liveness,omitempty"` // Readiness Probe for container readiness. Container will be removed from service endpoints if the probe fails. // +optional Readiness *corev1.Probe `json:"readiness,omitempty"` // Startup Probe allows to configure a max grace period for a pod to start before getting traffic routed to it. // +optional Startup *corev1.Probe `json:"startup,omitempty"` // S3 related features can be disabled or enabled such as `bucketDNS` etc. Features *Features `json:"features,omitempty"` // *Optional* + // // Enables setting the `CommonName`, `Organization`, and `dnsName` attributes for all TLS certificates automatically generated by the Operator. Configuring this object has no effect if `requestAutoCert` is `false`. + // +optional CertConfig *CertificateConfig `json:"certConfig,omitempty"` // *Optional* + // // Directs the MinIO Operator to deploy the https://github.com/minio/kes[MinIO Key Encryption Service] (KES) using the specified configuration. The MinIO KES supports performing server-side encryption of objects on the MiNIO Tenant. + // // //+optional KES *KESConfig `json:"kes,omitempty"` // *Optional* + // // Directs the MinIO Operator to use prometheus operator. + // // Tenant scrape configuration will be added to prometheus managed by the prometheus-operator. //+optional PrometheusOperator bool `json:"prometheusOperator,omitempty"` // *Optional* + // // The https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/[Kubernetes Service Account] to use for running MinIO pods created as part of the Tenant. + // +optional ServiceAccountName string `json:"serviceAccountName,omitempty"` // *Optional* + // // Indicates the Pod priority and therefore importance of a Pod relative to other Pods in the cluster. // This is applied to MinIO pods only. + // // Refer Kubernetes https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass[Priority Class documentation] for more complete documentation. // +optional PriorityClassName string `json:"priorityClassName,omitempty"` // *Optional* + // // The pull policy for the MinIO Docker image. Specify one of the following: + // // * `Always` + // // * `Never` + // // * `IfNotPresent` (Default) + // // Refer Kubernetes documentation for details https://kubernetes.io/docs/concepts/containers/images#updating-images ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"` // *Optional* + // // A list of containers to run as sidecars along every MinIO Pod deployed in the tenant. // +optional SideCars *SideCars `json:"sideCars,omitempty"` // *Optional* + // // Directs the Operator to expose the MinIO and/or Console services. + // +optional ExposeServices *ExposeServices `json:"exposeServices,omitempty"` // *Optional* + // // Specify custom labels and annotations to append to the MinIO service and/or Console service. // +optional ServiceMetadata *ServiceMetadata `json:"serviceMetadata,omitempty"` // *Optional* + // // An array of https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes opaque secrets] to use for generating MinIO users during tenant provisioning. + // // Each element in the array is an object consisting of a key-value pair `name: <string>`, where the `<string>` references an opaque Kubernetes secret. + // // Each referenced Kubernetes secret must include the following fields: + // // * `CONSOLE_ACCESS_KEY` - The "Username" for the MinIO user + // // * `CONSOLE_SECRET_KEY` - The "Password" for the MinIO user + // // The Operator creates each user with the `consoleAdmin` policy by default. You can change the assigned policy after the Tenant starts. + // +optional Users []*corev1.LocalObjectReference `json:"users,omitempty"` // *Optional* + // // Create buckets when creating a new tenant. Skip if bucket with given name already exists // +optional Buckets []Bucket `json:"buckets,omitempty"` // *Optional* + // // Enable JSON, Anonymous logging for MinIO tenants. // +optional Logging *Logging `json:"logging,omitempty"` // *Optional* + // // Specify a secret that contains additional environment variable configurations to be used for the MinIO pools. // The secret is expected to have a key named config.env containing all exported environment variables for MinIO+ // +optional Configuration *corev1.LocalObjectReference `json:"configuration,omitempty"` // *Optional* + // // Add custom initContainers to StatefulSet // +optional InitContainers []corev1.Container `json:"initContainers,omitempty"` // *Optional* + // // If provided, statefulset will add these volumes. You should set the rules for the corresponding volumes and volume mounts. We will not test this rule, k8s will show the result. // +optional AdditionalVolumes []corev1.Volume `json:"additionalVolumes,omitempty"` // *Optional* + // // If provided, statefulset will add these volumes. You should set the rules for the corresponding volumes and volume mounts. We will not test this rule, k8s will show the result. // +optional AdditionalVolumeMounts []corev1.VolumeMount `json:"additionalVolumeMounts,omitempty"` }
TenantSpec (`spec`) defines the configuration of a MinIO Tenant object. +
The following parameters are specific to the `minio.min.io/v2` MinIO CRD API `spec` definition added as part of the MinIO Operator v4.0.0. +
For more complete documentation on this object, see the https://min.io/docs/minio/kubernetes/upstream/operations/installation.html[MinIO Kubernetes Documentation]. +
func (*TenantSpec) DeepCopy ¶
func (in *TenantSpec) DeepCopy() *TenantSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantSpec.
func (*TenantSpec) DeepCopyInto ¶
func (in *TenantSpec) DeepCopyInto(out *TenantSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TenantStatus ¶
type TenantStatus struct { CurrentState string `json:"currentState"` AvailableReplicas int32 `json:"availableReplicas"` Revision int32 `json:"revision"` SyncVersion string `json:"syncVersion"` // Keeps track of all the TLS certificates managed by the operator // +nullable Certificates CertificateStatus `json:"certificates"` // All the pools get an individual status // +nullable Pools []PoolStatus `json:"pools"` // *Optional* + // // Minimum number of disks that need to be online WriteQuorum int32 `json:"writeQuorum,omitempty"` // *Optional* + // // Total number of drives online for the tenant DrivesOnline int32 `json:"drivesOnline,omitempty"` // *Optional* + // // Total number of drives offline DrivesOffline int32 `json:"drivesOffline,omitempty"` // *Optional* + // // Drives with healing going on DrivesHealing int32 `json:"drivesHealing,omitempty"` // *Optional* + // // Health State of the tenant HealthStatus HealthStatus `json:"healthStatus,omitempty"` // *Optional* + // // Health Message regarding the State of the tenant HealthMessage string `json:"healthMessage,omitempty"` // *Optional* + // // If set, we will wait until cleared for up a given time WaitingOnReady *metav1.Time `json:"waitingOnReady,omitempty"` // *Optional* + // // Information about tenant usage Usage TenantUsage `json:"usage,omitempty"` // Health Message regarding the State of the tenant // ProvisionedUsers keeps track for telling if operator already created initial users for the tenant ProvisionedUsers bool `json:"provisionedUsers,omitempty"` // *Optional* + // // Health Message regarding the State of the tenant // ProvisionedBuckets keeps track for telling if operator already created initial buckets for the tenant ProvisionedBuckets bool `json:"provisionedBuckets,omitempty"` }
TenantStatus is the status for a Tenant resource
func (*TenantStatus) DeepCopy ¶
func (in *TenantStatus) DeepCopy() *TenantStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantStatus.
func (*TenantStatus) DeepCopyInto ¶
func (in *TenantStatus) DeepCopyInto(out *TenantStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TenantUsage ¶
type TenantUsage struct { // Capacity the usage capacity of this tenant in bytes. // +optional Capacity int64 `json:"capacity,omitempty"` // Capacity the raw capacity of this tenant in bytes. // +optional RawCapacity int64 `json:"rawCapacity,omitempty"` // Usage is how much data is managed by MinIO in bytes. // +optional Usage int64 `json:"usage,omitempty"` // Usage is the raw usage on disks in bytes. // +optional RawUsage int64 `json:"rawUsage,omitempty"` // Tiers includes the usage of individual tiers in the tenant // +optional Tiers []TierUsage `json:"tiers,omitempty"` }
TenantUsage are metrics regarding the usage and capacity of the tenant
func (*TenantUsage) DeepCopy ¶
func (in *TenantUsage) DeepCopy() *TenantUsage
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenantUsage.
func (*TenantUsage) DeepCopyInto ¶
func (in *TenantUsage) DeepCopyInto(out *TenantUsage)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TierUsage ¶
type TierUsage struct { // Name of the tier Name string `json:"Name"` // type of the tier Type string `json:"Type,omitempty"` // TotalSize usage of the tier TotalSize int64 `json:"totalSize"` }
TierUsage represents the usage from a tier setup by the tenant
func (*TierUsage) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TierUsage.
func (*TierUsage) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.