This document explains the various fields supported by MinIO Operator and its CRD's and how to use these fields to deploy and access MinIO server clusters.
MinIO Operator creates native Kubernetes resources within the cluster. If the Tenant is named as tenant, resources and their names as created by MinIO Operator are:
- Headless Service:
tenant-hl-svc - StatefulSet:
tenant - Secret:
tenant-tls(IfrequestAutoCertis enabled) - CertificateSigningRequest:
tenant-csr(IfrequestAutoCertis enabled)
| Field | Description |
|---|---|
| kind | This defines the resource type to be created. MinIO Operator CRD defines the kind for MinIO server as Tenant. |
| metadata | This field allows a way to assign metadata to a Tenant. Labels and Annotations will be passed to all the member pods of this Tenant. For example, you can add Prometheus annotations here. Internally metadata is a struct type as explained here. |
| scheduler | Set custom scheduler for pods created by MinIO Operator. |
| spec | Defines the configuration of a MinIO Tenant object |
| spec.certConfig | When spec.requestAutoCert is enabled, use this field to pass additional parameters for certificate creation. |
| spec.credsSecret | Use this secret to assign custom credentials (access key and secret key) to the Tenant. |
| spec.env | Add MinIO specific environment variables to enable certain features. |
| spec.externalCertSecret | Set a list of external secrets with private key and certificate to be used to enable TLS on Tenant pods. Note that only spec.requestAutoCert or spec.externalCertSecret should be enabled at a time. Follow the document here to create the secret to be passed in this section. |
| spec.image | Set the container registry and image tag for MinIO server to be used in the Tenant. |
| spec.imagePullSecret | Defines the secret to be used for pulling the image from a private Docker image registry. |
| spec.mountPath | Set a custom mount path. This is the path where Persistent Volume (PV) gets mounted on Tenant pods. This is set to /export by default. |
| spec.podManagementPolicy | Define Pod Management policy for pods created by StatefulSet. This is set to Parallel by default. Refer to the documentation for details. |
| spec.requestAutoCert | Enable this to create use your Kubernetes cluster's root Certificate Authority (CA). |
| spec.serviceAccountName | Define a ServiceAccountName for the ServiceAccount to use to run MinIO pods created for this Tenant. Refer to this document for details. |
| spec.subPath | Set custom sub-path under mount path. This is the directory under mount path where the Persistent Volume (PV) gets mounted on Tenant pods. This is set to "" by default. |
| spec.kes | Defines the KES configuration. Refer to this. |
| spec.kes.annotations | If provided, use these annotations for KES Object Meta annotations. |
| spec.kes.configSecret | Secret to specify KES Configuration. This is a mandatory field. |
| spec.kes.image | Defines the KES image. |
| spec.kes.labels | If provided, use these labels for KES Object Meta labels. |
| spec.kes.nodeSelector | If provided, use these nodeSelector for KES Object Meta nodeSelector. |
| spec.pools | Add a new Pool field to expand the MinIO cluster. Read more on MinIO pools here. |
| spec.kes.replicas | Number of KES pods to be created. |
| spec.pools.nodeSelector | Add a selector which must be true for the Tenant pod to fit on a node. Refer this document for details. |
| spec.pools.resources | Specify CPU and Memory resources for each Tenant container. Refer this document for details. |
| spec.pools.runtimeClassName | If provided on the Tenant and the runtime class exists then each Tenant pod in the Statefulset will run with the specified RuntimeClassName. RuntimeClassName can also be provided manually on the console and operator pods. Specifically when using crun on the console, the following environment variable must be set:spec: env: - name: HOME value: /When using crun on a Tenant, this environment variable is automatically setup on the Tenant pods since it is required. Refer to this document for details. |
| spec.pools.securityContext | Define a security context for the Tenant pod. Refer to this document for details. |
| spec.pools.servers | Define the number of nodes to be created for current Tenant cluster. |
| spec.pools.volumeClaimTemplate | Specify the template to create Persistent Volume Claims (PVC) for Tenant pods. |
| spec.pools.volumesPerServer | Set the number of volume mounts per MinIO node. For example if you set spec.pools[0].Servers = 4, spec.pools[1].Servers = 8 and spec.volumesPerServer = 4, then you'll have total 12 MinIO Pods, with 4 volume mounts on each Pod. Note that volumesPerServer is static per cluster and that expanding a cluster will add new nodes. |
| spec.pools.tolerations | Define a toleration for the Tenant pod to match a taint. Refer this document for details. |
A complete list of values is available here in the API reference.