minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-07-31 18:04:52 +03:00
Code Activity

DOCS-1076: Operator v5.0.11 Release (#1117)

Browse Source 
Closes #1076 

Smaller than I expected, and a few things I don't think we need to
document.

Staged:

-
http://192.241.195.202:9000/staging/DOCS-1076/k8s/developers/sts-for-operator.html
-
http://192.241.195.202:9000/staging/DOCS-1076/k8s/reference/kubectl-minio-plugin/kubectl-minio-tenant-create.html#kubectl.minio.tenant.create.-kes-image
-
http://192.241.195.202:9000/staging/DOCS-1076/k8s/reference/kubectl-minio-plugin/kubectl-minio-tenant-delete.html#kubectl.minio.tenant.delete.-retain-namespace
-
http://192.241.195.202:9000/staging/DOCS-1076/k8s/reference/operator-environment-variables.html

---------

Co-authored-by: Daryl White <53910321+djwfyi@users.noreply.github.com>
Co-authored-by: Andrea Longo <feorlen@users.noreply.github.com>
This commit is contained in:
Ravind Kumar
2024-01-31 19:17:57 -05:00
committed by GitHub
parent a210da5f61
commit a7acdcdfe8
11 changed files with 180 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
source/developers/sts-for-operator.rst
View File

@ -29,8 +29,10 @@ Benefits of STS for MinIO Operator include:
.. important:: .. important::
MinIO Operator launches with STS *disabled* by default. Starting with Operator v5.0.11, STS is *enabled* by default.
To use STS with the Operator, you must first explicitly enable it.
Previous versions of the Operator start with STS *disabled* by default.
To use STS with v5.0.10 or older versions of the Operator, you must first explicitly enable it.
The procedure on this page includes instructions to enable the STS API in the MinIO Operator. The procedure on this page includes instructions to enable the STS API in the MinIO Operator.
@ -68,12 +70,16 @@ STS for the MinIO Operator requires the following:
- MinIO Operator v5.0.0 or later. - MinIO Operator v5.0.0 or later.
- The deployment **must** have :ref:`TLS configured <minio-tls>`. - The deployment **must** have :ref:`TLS configured <minio-tls>`.
- :envvar:`OPERATOR_STS_ENABLED` environment variable set to ``on``. - (Required for Operator v5.0.0 - 5.0.10) :envvar:`OPERATOR_STS_ENABLED` environment variable set to ``on``.
Procedure Procedure
--------- ---------
1. Enable STS functionality for the deployment 1. Enable STS functionality for the deployment
.. note::
This step is optional for Operator version 5.0.11 or later.
.. code-block:: shell .. code-block:: shell
:class: copyable :class: copyable

16
source/includes/k8s/ext-tenant-crd.md
View File

@ -140,15 +140,6 @@ certificates manually added to the Operator.</p></td>
</tbody> </tbody>
</table> </table>
## CustomCertificateConfig
CustomCertificateConfig (`customCertificateConfig`) provides attributes
associated of the TLS certificates manually added to the Operator as
part of tenant creation. These fields contain no data if there are no
custom TLS certificates.
- [CustomCertificates](#customcertificates)
## CustomCertificates ## CustomCertificates
CustomCertificates (`customCertificates`) provides groupings of the TLS CustomCertificates (`customCertificates`) provides groupings of the TLS
@ -775,6 +766,13 @@ If provided, each pod on the Statefulset will run with the specified
RuntimeClassName, for more info <a RuntimeClassName, for more info <a
href="https://kubernetes.io/docs/concepts/containers/runtime-class/">https://kubernetes.io/docs/concepts/containers/runtime-class/</a></p></td> href="https://kubernetes.io/docs/concepts/containers/runtime-class/">https://kubernetes.io/docs/concepts/containers/runtime-class/</a></p></td>
</tr> </tr>
<tr class="odd">
<td
style="text-align: left;"><p><strong><code>reclaimStorage</code></strong>
<em>boolean</em></p></td>
<td style="text-align: left;"><p><strong>Optional</strong><br />
If true. Will delete the storage when tenant has been deleted.</p></td>
</tr>
</tbody> </tbody>
</table> </table>

21
source/includes/k8s/operator-values.yaml
View File

@ -30,14 +30,14 @@ operator:
### ###
# Specify the Operator container image to use for the deployment. # Specify the Operator container image to use for the deployment.
# ``image.tag`` # ``image.tag``
# For example, the following sets the image to the ``quay.io/minio/operator`` repo and the v5.0.10 tag. # For example, the following sets the image to the ``quay.io/minio/operator`` repo and the v5.0.11 tag.
# The container pulls the image if not already present: # The container pulls the image if not already present:
# #
# .. code-block:: yaml # .. code-block:: yaml
# #
# image: # image:
# repository: quay.io/minio/operator # repository: quay.io/minio/operator
# tag: v5.0.10 # tag: v5.0.11
# pullPolicy: IfNotPresent # pullPolicy: IfNotPresent
# #
# The chart also supports specifying an image based on digest value: # The chart also supports specifying an image based on digest value:
@ -51,7 +51,7 @@ operator:
# #
image: image:
repository: quay.io/minio/operator repository: quay.io/minio/operator
tag: v5.0.10 tag: v5.0.11
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
### ###
# #
@ -169,14 +169,14 @@ console:
### ###
# Specify the Operator Console container image to use for the deployment. # Specify the Operator Console container image to use for the deployment.
# ``image.tag`` # ``image.tag``
# For example, the following sets the image to the ``quay.io/minio/operator`` repo and the v5.0.10 tag. # For example, the following sets the image to the ``quay.io/minio/operator`` repo and the v5.0.11 tag.
# The container pulls the image if not already present: # The container pulls the image if not already present:
# #
# .. code-block:: yaml # .. code-block:: yaml
# #
# image: # image:
# repository: quay.io/minio/operator # repository: quay.io/minio/operator
# tag: v5.0.10 # tag: v5.0.11
# pullPolicy: IfNotPresent # pullPolicy: IfNotPresent
# #
# The chart also supports specifying an image based on digest value: # The chart also supports specifying an image based on digest value:
@ -191,7 +191,7 @@ console:
# The specified values should match that of ``operator.image`` to ensure predictable operations. # The specified values should match that of ``operator.image`` to ensure predictable operations.
image: image:
repository: quay.io/minio/operator repository: quay.io/minio/operator
tag: v5.0.10 tag: v5.0.11
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
### ###
# An array of environment variables to pass to the Operator Console deployment. # An array of environment variables to pass to the Operator Console deployment.
@ -291,7 +291,9 @@ console:
# An array of `Volumes <https://kubernetes.io/docs/concepts/storage/volumes/>`__ which the Operator Console can mount to pods. # An array of `Volumes <https://kubernetes.io/docs/concepts/storage/volumes/>`__ which the Operator Console can mount to pods.
# #
# The volumes must exist *and* be accessible to the Console pods. # The volumes must exist *and* be accessible to the Console pods.
volumes: [ ] volumes:
- name: tmp
emptyDir: {}
### ###
# An array of volume mount points associated to each Operator Console container. # An array of volume mount points associated to each Operator Console container.
# #
@ -304,4 +306,7 @@ console:
# mountPath: /path/to/mount # mountPath: /path/to/mount
# #
# The ``name`` field must correspond to an entry in the ``volumes`` array. # The ``name`` field must correspond to an entry in the ``volumes`` array.
volumeMounts: [ ] volumeMounts:
- name: tmp
readOnly: false
mountPath: /tmp/certs/CAs

10
source/includes/k8s/tenant-values.yaml
View File

@ -45,14 +45,14 @@ tenant:
### ###
# Specify the Operator container image to use for the deployment. # Specify the Operator container image to use for the deployment.
# ``image.tag`` # ``image.tag``
# For example, the following sets the image to the ``quay.io/minio/operator`` repo and the v5.0.10 tag. # For example, the following sets the image to the ``quay.io/minio/operator`` repo and the v5.0.11 tag.
# The container pulls the image if not already present: # The container pulls the image if not already present:
# #
# .. code-block:: yaml # .. code-block:: yaml
# #
# image: # image:
# repository: quay.io/minio/minio # repository: quay.io/minio/minio
# tag: RELEASE.2023-10-07T15-07-38Z # tag: RELEASE.2023-11-15T20-43-25Z
# pullPolicy: IfNotPresent # pullPolicy: IfNotPresent
# #
# The chart also supports specifying an image based on digest value: # The chart also supports specifying an image based on digest value:
@ -67,7 +67,7 @@ tenant:
# #
image: image:
repository: quay.io/minio/minio repository: quay.io/minio/minio
tag: RELEASE.2023-10-07T15-07-38Z tag: RELEASE.2023-11-15T20-43-25Z
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
### ###
# #
@ -332,14 +332,14 @@ tenant:
# # Image from tag (original behavior), for example: # # Image from tag (original behavior), for example:
# # image: # # image:
# # repository: quay.io/minio/kes # # repository: quay.io/minio/kes
# # tag: 2023-10-03T00-48-37Z # # tag: 2023-11-10T10-44-28Z
# # Image from digest (added after original behavior), for example: # # Image from digest (added after original behavior), for example:
# # image: # # image:
# # repository: quay.io/minio/kes@sha256 # # repository: quay.io/minio/kes@sha256
# # digest: fb15af611149892f357a8a99d1bcd8bf5dae713bd64c15e6eb27fbdb88fc208b # # digest: fb15af611149892f357a8a99d1bcd8bf5dae713bd64c15e6eb27fbdb88fc208b
# image: # image:
# repository: quay.io/minio/kes # repository: quay.io/minio/kes
# tag: 2023-10-03T00-48-37Z # tag: 2023-11-10T10-44-28Z
# pullPolicy: IfNotPresent # pullPolicy: IfNotPresent
# env: [ ] # env: [ ]
# replicas: 2 # replicas: 2

1
source/index.rst
View File

@ -213,6 +213,7 @@ For more about connecting to ``play``, see :ref:`MinIO Console play Login <minio
/reference/kubectl-minio-plugin /reference/kubectl-minio-plugin
/reference/operator-crd /reference/operator-crd
/reference/operator-chart-values /reference/operator-chart-values
/reference/operator-environment-variables
.. toctree:: .. toctree::
:titlesonly: :titlesonly:

2
source/operations/install-deploy-manage/deploy-minio-tenant.rst
View File

@ -594,7 +594,7 @@ The :guilabel:`Security` section displays TLS certificate settings for the MinIO
.. _create-tenant-encryption-section: .. _create-tenant-encryption-section:
1) The :guilabel:`Encryption` Section 8) The :guilabel:`Encryption` Section
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The :guilabel:`Encryption` section displays the :ref:`Server-Side Encryption (SSE) <minio-sse>` settings for the MinIO Tenant. The :guilabel:`Encryption` section displays the :ref:`Server-Side Encryption (SSE) <minio-sse>` settings for the MinIO Tenant.

88
source/reference/kubectl-minio-plugin.rst
View File

@ -89,94 +89,6 @@ Subcommands
- :mc:`~kubectl minio delete` - :mc:`~kubectl minio delete`
- :mc:`~kubectl minio version` - :mc:`~kubectl minio version`
Environment Variables
---------------------
The :ref:`MinIO Operator <minio-operator-installation>` uses the following environment variables during startup to set configuration settings.
Configure these variables in the ``minio-operator`` container.
Setting Environment Variables in Kubernetes
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To set these environment variables, modify the operator container's yaml at ``.spec.env`` or use the following ``kubectl`` command syntax:
.. code-block:: shell
:class: copyable
kubectl set env -n minio-operator deployment/minio-operator <ENV_VARIABLE>=<value> ... <ENV_VARIABLE2>=<value2>
Replace:
- ``minio-operator`` with the namespace for your Operator, if not using the default value.
- ``deployment/minio-operator`` with the deployment for your Operator, if not the default value.
(This is not common.)
- ``<ENV_VARIABLE>`` with the environment variable to set or modify.
- ``<value>`` with the value to use for the environment variable.
You can set or modify multiple environment variables by separating each ``VARIABLE=value`` pair with a space.
Available MinIO Operator Environment Variables
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. envvar:: MINIO_OPERATOR_CERTIFICATES_VERSION
Specifies the certificate API version to use.
Valid values are ``v1`` or ``v1beta1``.
When not specified, the default is the API Kubernetes provides.
.. envvar:: MINIO_OPERATOR_RUNTIME
Specify the type of runtime to use.
Valid values are ``EKS``, ``Rancher``, or ``OpenShift``.
Leave blank if none of the options apply.
When set as ``EKS``, the :envvar:`MINIO_OPERATOR_CSR_SIGNER_NAME` must be ``beta.eks.amazonaws.com/app-serving``.
.. envvar:: MINIO_OPERATOR_CSR_SIGNER_NAME
Override the default signer for certificate signing requests (CSRs).
When not specified, the default value is ``kubernetes.io/kubelet-serving``.
.. envvar:: OPERATOR_CERT_PASSWD
*Optional*
The password Operator should use to decrypt the private key in the TLS certificate for Operator.
.. envvar:: MINIO_OPERATOR_DEPLOYMENT_NAME
Specifies the namespace to create and use for Operator.
When not specified, the default value is ``minio-operator``.
.. envvar:: OPERATOR_STS_ENABLED
Toggle STS Service ``on`` or ``off``.
When not specified, the default value is ``off``.
.. envvar:: MINIO_CONSOLE_DEPLOYMENT_NAME
The name to use for the Operator Console.
When not specified, the default value is ``operator``.
.. envvar:: MINIO_CONSOLE_TLS_ENABLE
Toggle Console TLS service ``on`` or ``off``.
When not specified, the default value is ``off``.
.. envvar:: WATCHED_NAMESPACE
A comma-separated list of the namespace(s) Operator should watch for tenants.
When not specified, the default value is ``""`` to watch all namespaces.
.. toctree:: .. toctree::
:titlesonly: :titlesonly:
:hidden: :hidden:

12
source/reference/kubectl-minio-plugin/kubectl-minio-tenant-create.rst
View File

@ -81,6 +81,7 @@ Syntax
[--image] \ [--image] \
[--image-pull-secret] \ [--image-pull-secret] \
[--kes-config] \ [--kes-config] \
[--kes-image] \
[--namespace] \ [--namespace] \
[--output] \ [--output] \
[--pool] \ [--pool] \
@ -259,6 +260,17 @@ The command supports the following flags:
For more, see the `Github documentation <https://github.com/minio/operator/blob/master/examples/kes-secret.yaml>`__. For more, see the `Github documentation <https://github.com/minio/operator/blob/master/examples/kes-secret.yaml>`__.
.. mc-cmd:: --kes-image
:optional:
.. versionadded:: v5.0.11
The KES image to use when deploying KES pods in the tenant.
.. important::
You cannot downgrade KES images after deployment.
.. mc-cmd:: --namespace .. mc-cmd:: --namespace
:optional: :optional:

30
source/reference/kubectl-minio-plugin/kubectl-minio-tenant-delete.rst
View File

@ -43,14 +43,16 @@ Syntax
.. tab-item:: EXAMPLE .. tab-item:: EXAMPLE
The following example creates a MinIO Tenant in the namespace ``minio-tenant-1`` consisting of 4 MinIO servers with 8 drives each and a total capacity of 32Ti. The following example deletes a MinIO Tenant in the namespace ``minio-tenant-1``.
It keeps the namespace intact after deleting the tenant.
.. code-block:: shell .. code-block:: shell
:class: copyable :class: copyable
kubectl minio tenant delete \ kubectl minio tenant delete \
minio-tenant-1 \ minio-tenant-1 \
--namespace minio-tenant-1 --namespace minio-tenant-1 \
--retain-namespace
.. tab-item:: SYNTAX .. tab-item:: SYNTAX
@ -58,10 +60,11 @@ Syntax
.. code-block:: shell .. code-block:: shell
kubectl minio tenant delete \ kubectl minio tenant delete \
TENANT_NAME \ TENANT_NAME \
--force \ --force \
--namespace --namespace \
[--retain-namespace] \
Flags Flags
@ -82,4 +85,15 @@ The command supports the following flags:
.. mc-cmd:: --namespace .. mc-cmd:: --namespace
:required: :required:
The namespace scope to access. The namespace scope to access.
.. mc-cmd:: --retain-namespace
:optional:
Keeps the namespace after deleting the tenant.
Omit to delete the namespace after deleting the tenant.
.. warning::
Deleting a namespace deletes all resources associated to that namespace.

106
source/reference/operator-environment-variables.rst Normal file
View File

@ -0,0 +1,106 @@
.. _minio-operator-envvars:
====================================
MinIO Operator Environment Variables
====================================
.. default-domain:: minio
.. contents:: Table of Contents
The :ref:`MinIO Operator <minio-operator-installation>` uses the following environment variables during startup to set configuration settings.
Configure these variables in the ``minio-operator`` container.
Setting Environment Variables in Kubernetes
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To set these environment variables, modify the operator container's yaml at ``.spec.env`` or use the following ``kubectl`` command syntax:
.. code-block:: shell
:class: copyable
kubectl set env -n minio-operator deployment/minio-operator <ENV_VARIABLE>=<value> ... <ENV_VARIABLE2>=<value2>
Replace:
- ``minio-operator`` with the namespace for your Operator, if not using the default value.
- ``deployment/minio-operator`` with the deployment for your Operator, if not the default value.
(Most deployments use the default value.)
- ``<ENV_VARIABLE>`` with the environment variable to set or modify.
- ``<value>`` with the value to use for the environment variable.
You can set or modify multiple environment variables by separating each ``VARIABLE=value`` pair with a space.
Available MinIO Operator Environment Variables
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. envvar:: MINIO_OPERATOR_CERTIFICATES_VERSION
Specifies the certificate API version to use.
Valid values are ``v1`` or ``v1beta1``.
When not specified, the default is the API Kubernetes provides.
.. envvar:: MINIO_OPERATOR_RUNTIME
Specify the type of runtime to use.
Valid values are ``EKS``, ``Rancher``, or ``OpenShift``.
Leave blank if none of the options apply.
When set as ``EKS``, the :envvar:`MINIO_OPERATOR_CSR_SIGNER_NAME` must be ``beta.eks.amazonaws.com/app-serving``.
.. envvar:: MINIO_OPERATOR_CSR_SIGNER_NAME
Override the default signer for certificate signing requests (CSRs).
When not specified, the default value is ``kubernetes.io/kubelet-serving``.
.. envvar:: OPERATOR_CERT_PASSWD
*Optional*
The password Operator should use to decrypt the private key in the TLS certificate for Operator.
.. envvar:: MINIO_OPERATOR_DEPLOYMENT_NAME
Specifies the namespace to create and use for Operator.
When not specified, the default value is ``minio-operator``.
.. envvar:: OPERATOR_STS_ENABLED
Toggle STS Service ``on`` or ``off``.
.. versionchanged:: v5.0.11
When not specified, the default value is ``on``.
For versions prior to Operator 5.0.11, the default value was ``off``.
.. envvar:: MINIO_CONSOLE_DEPLOYMENT_NAME
The name to use for the Operator Console.
When not specified, the default value is ``operator``.
.. envvar:: MINIO_CONSOLE_TLS_ENABLE
Toggle Console TLS service ``on`` or ``off``.
When not specified, the default value is ``off``.
.. envvar:: MINIO_OPERATOR_IMAGE
.. versionadded:: v5.0.11
Specify the image of the MinIO instance sidecar container loaded by the Operator.
Omit to use the Operator image.
.. envvar:: WATCHED_NAMESPACE
A comma-separated list of the namespace(s) Operator should watch for tenants.
When not specified, the default value is ``""`` to watch all namespaces.

4
source/url-excludes.yaml
View File

@ -26,6 +26,7 @@ excludes:
- 'reference/kubectl-minio-plugin/kubectl-minio-version.rst' - 'reference/kubectl-minio-plugin/kubectl-minio-version.rst'
- 'reference/operator-crd.rst' - 'reference/operator-crd.rst'
- 'reference/operator-chart-values.rst' - 'reference/operator-chart-values.rst'
- 'reference/operator-environment-variables.rst'
--- ---
tag: macos tag: macos
excludes: excludes:
@ -48,6 +49,7 @@ excludes:
- 'reference/deprecated/*' - 'reference/deprecated/*'
- 'reference/operator-crd.rst' - 'reference/operator-crd.rst'
- 'reference/operator-chart-values.rst' - 'reference/operator-chart-values.rst'
- 'reference/operator-environment-variables.rst'
- 'developers/*' - 'developers/*'
- 'integrations/*' - 'integrations/*'
--- ---
@ -77,6 +79,7 @@ excludes:
- 'reference/deprecated/*' - 'reference/deprecated/*'
- 'reference/operator-crd.rst' - 'reference/operator-crd.rst'
- 'reference/operator-chart-values.rst' - 'reference/operator-chart-values.rst'
- 'reference/operator-environment-variables.rst'
- 'developers/*' - 'developers/*'
- 'integrations/*' - 'integrations/*'
--- ---
@ -102,6 +105,7 @@ excludes:
- 'reference/deprecated/*' - 'reference/deprecated/*'
- 'reference/operator-crd.rst' - 'reference/operator-crd.rst'
- 'reference/operator-chart-values.rst' - 'reference/operator-chart-values.rst'
- 'reference/operator-environment-variables.rst'
- 'developers/*' - 'developers/*'
- 'integrations/*' - 'integrations/*'
--- ---