Update the Operator API name and group (#176)

metadata:
  name: tenant.minio.min.io
spec:
  group: minio.min.io
  scope: Namespaced
  names:
    kind: Tenant
    singular: tenant
    plural: tenants

Co-authored-by: Daniel Valdivia <hola@danielvaldivia.com>

README.md

@@ -43,12 +43,12 @@ kustomize build | kubectl apply -f -
 Once MinIO-Operator deployment is running, you can create MinIO instances using the below command
 
 ```
-kubectl apply -f https://raw.githubusercontent.com/minio/minio-operator/master/examples/minioinstance.yaml
+kubectl apply -f https://raw.githubusercontent.com/minio/minio-operator/master/examples/tenant.yaml
 ```
 
-### Access MinIOInstance via Service
+### Access Tenant via Service
 
-Add an [external service](https://kubernetes.io/docs/concepts/services-networking/service/) in MinIOInstance definition to enable Service based access to the MinIOInstance pods. Refer [the example here](https://github.com/minio/minio-operator/blob/master/examples/minioinstance.yaml?raw=true) for details on how to setup service based access for MinIOInstance pods.
+Add an [external service](https://kubernetes.io/docs/concepts/services-networking/service/) in Tenant definition to enable Service based access to the Tenant pods. Refer [the example here](https://github.com/minio/minio-operator/blob/master/examples/tenant.yaml?raw=true) for details on how to setup service based access for Tenant pods.
 
 ### Environment variables
 

docs/adding-zones.md

@@ -12,7 +12,7 @@ Read more about MinIO Zones design in [MinIO Docs](https://github.com/minio/mini
 Assuming you have a MinIO cluster with single zone, `zone-0` with 4 drives (as shown in [examples](https://github.com/minio/minio-operator/tree/master/examples)). You can dd a new zone `zone-1` with 4 drives using `kubectl patch` command.
 
 ```
-kubectl patch minioinstances.operator.min.io minio --patch "$(cat examples/patch.yaml)" --type=merge
+kubectl patch tenants.minio.min.io minio --patch "$(cat examples/patch.yaml)" --type=merge
 ```
 
 If you're using a custom configuration (e.g. multiple zones or higher number of drives per zone), make sure to change `patch.yaml` accordingly.
@@ -37,7 +37,7 @@ If your MinIO Operator configuration has [KES](https://github.com/minio/minio-op
 
 - When new zones are added, Operator invalidates older self signed TLS certificates and the related secrets. Operator then creates new certificate signing requests (CSR). This is because there are new MinIO nodes that must be added in certificate DNS names. The administrator must approve these CSRs for MinIO server to be deployed again. Unless the CSR are approved, Operator will not create MinIO StatefulSet pods.
 
-- If you're using your own certificates, as explained [here](https://github.com/minio/minio-operator/blob/master/docs/tls.md#pass-certificate-secret-to-minioinstance), please ensure to use/update proper certificates that allow older and new MinIO nodes.
+- If you're using your own certificates, as explained [here](https://github.com/minio/minio-operator/blob/master/docs/tls.md#pass-certificate-secret-to-tenant), please ensure to use/update proper certificates that allow older and new MinIO nodes.
 
 ## Downtime
 

docs/kes.md

@@ -15,7 +15,7 @@ This document explains how to enable KES with MinIO Operator.
 
 ### Enable KES Configuration
 
-KES Configuration is a part of MinIOInstance yaml file. Check the sample file [available here](https://raw.githubusercontent.com/minio/minio-operator/master/examples/minioinstance-kes.yaml). The config offers below options
+KES Configuration is a part of Tenant yaml file. Check the sample file [available here](https://raw.githubusercontent.com/minio/minio-operator/master/examples/tenant-kes.yaml). The config offers below options
 
 #### KES Fields
 
@@ -32,13 +32,13 @@ KES Configuration is a part of MinIOInstance yaml file. Check the sample file [a
 Once you have updated the yaml file per your requirement, use `kubectl` to create the MinIO instance like
 
 ```
-kubectl create -f examples/minioinstance-kes.yaml
+kubectl create -f examples/tenant-kes.yaml
 ```
 
 Alternatively, you can deploy the example like this
 
 ```
-kubectl create -f https://raw.githubusercontent.com/minio/minio-operator/master/examples/minioinstance-kes.yaml
+kubectl create -f https://raw.githubusercontent.com/minio/minio-operator/master/examples/tenant-kes.yaml
 ```
 
 KES uses CSR for self signed certificate generation. KES requires three certificates/key pairs for working

docs/mcs.md

@@ -13,7 +13,7 @@ This document explains how to enable MCS with MinIO Operator.
 
 ### Enable MCS Configuration
 
-MCS Configuration is a part of MinIOInstance yaml file. Check the sample file [available here](https://raw.githubusercontent.com/minio/minio-operator/master/examples/minioinstance-mcs.yaml). The config offers below options
+MCS Configuration is a part of Tenant yaml file. Check the sample file [available here](https://raw.githubusercontent.com/minio/minio-operator/master/examples/tenant-mcs.yaml). The config offers below options
 
 #### MCS Fields
 
@@ -22,21 +22,21 @@ MCS Configuration is a part of MinIOInstance yaml file. Check the sample file [a
 | spec.mcs | Defines the mcs configuration. mcs is a graphical user interface for MinIO. Refer [this](https://github.com/minio/mcs) |
 | spec.mcs.image | Defines the mcs image |
 | spec.mcs.replicas | Number of MCS pods to be created. |
-| spec.mcs.mcsSecret | Use this secret to assign mcs credentials to MinIOInstance. |
+| spec.mcs.mcsSecret | Use this secret to assign mcs credentials to Tenant. |
 | spec.mcs.metadata | This allows a way to map metadata to the mcs container. Internally `metadata` is a struct type as [explained here](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#ObjectMeta). |
 
 ### Create MinIO Instance
 
 Once you have updated the yaml file per your requirement, use `kubectl` to create the MinIO instance like
 
 ```
-kubectl create -f examples/minioinstance-mcs.yaml
+kubectl create -f examples/tenant-mcs.yaml
 ```
 
 Alternatively, you can deploy the example like this
 
 ```
-kubectl create -f https://raw.githubusercontent.com/minio/minio-operator/master/examples/minioinstance-mcs.yaml
+kubectl create -f https://raw.githubusercontent.com/minio/minio-operator/master/examples/tenant-mcs.yaml
 ```
 
 Above example file uses CSR for self signed certificate generation. MinIO requires one certificates/key pair 

docs/operator-fields.md

@@ -4,45 +4,45 @@
 
 This document explains the various fields supported by MinIO Operator and its CRD's and how to use these fields to deploy and access MinIO server clusters.
 
-MinIO Operator creates native Kubernetes resources within the cluster. If the MinIOInstance is named as `minioinstance`, resources and their names as created by MinIO Operator are:
+MinIO Operator creates native Kubernetes resources within the cluster. If the Tenant is named as `tenant`, resources and their names as created by MinIO Operator are:
 
-- Headless Service: `minioinstance-hl-svc`
-- StatefulSet: `minioinstance`
-- Secret: `minioinstance-tls` (If `requestAutoCert` is enabled)
-- CertificateSigningRequest: `minioinstance-csr` (If `requestAutoCert` is enabled)
+- Headless Service: `tenant-hl-svc`
+- StatefulSet: `tenant`
+- Secret: `tenant-tls` (If `requestAutoCert` is enabled)
+- CertificateSigningRequest: `tenant-csr` (If `requestAutoCert` is enabled)
 
-## MinIOInstance Fields
+## Tenant Fields
 
 | Field                 | Description |
 |-----------------------|-------------|
-| kind                  | This defines the resource type to be created. MinIO Operator CRD defines the `kind` for MinIO server as `MinIOInstance`.|
-| metadata              | This field allows a way to assign metadata to a MinIOInstance. Internally `metadata` is a struct type as [explained here](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#ObjectMeta).|
+| kind                  | This defines the resource type to be created. MinIO Operator CRD defines the `kind` for MinIO server as `Tenant`.|
+| metadata              | This field allows a way to assign metadata to a Tenant. Internally `metadata` is a struct type as [explained here](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#ObjectMeta).|
 | scheduler             | Set custom scheduler for pods created by MinIO Operator.|
-| spec.metadata         | Define the object metadata to be passed to all the members pods of this MinIOInstance. This allows adding annotations and labels. For example,you can add Prometheus annotations here. Internally  `metadata` is a struct type as [explained here](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#ObjectMeta).|
-| spec.image            | Set the container registry and image tag for MinIO server to be used in the MinIOInstance.|
+| spec.metadata         | Define the object metadata to be passed to all the members pods of this Tenant. This allows adding annotations and labels. For example,you can add Prometheus annotations here. Internally  `metadata` is a struct type as [explained here](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#ObjectMeta).|
+| spec.image            | Set the container registry and image tag for MinIO server to be used in the Tenant.|
 | spec.zones            | Set the number of servers per MinIO Zone. Add a new Zone field to expand the MinIO cluster. Read more on [MinIO zones here](https://github.com/minio/minio/blob/master/docs/distributed/DESIGN.md).|
 | spec.volumesPerServer | Set the number of volume mounts per MinIO node. For example if you set `spec.zones[0].Servers = 4`, `spec.zones[1].Servers = 8` and `spec.volumesPerServer = 4`, then you'll have total 12 MinIO Pods, with 4 volume mounts on each Pod. Note that  `volumesPerServer` is static per cluster, expanding a cluster will add new nodes. |
 | spec.imagePullSecret  | Defines the secret to be used for pull image from a private Docker image. |
-| spec.credsSecret      | Use this secret to assign custom credentials (access key and secret key) to MinIOInstance.|
-| spec.replicas         | Define the number of nodes to be created for current MinIOInstance cluster.|
+| spec.credsSecret      | Use this secret to assign custom credentials (access key and secret key) to Tenant.|
+| spec.replicas         | Define the number of nodes to be created for current Tenant cluster.|
 | spec.podManagementPolicy | Define Pod Management policy for pods created by StatefulSet. This is set to `Parallel` by default. Refer [the documentation](https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy) for details. |
-| spec.mountPath | Set custom mount path. This is the path where PV gets mounted on MinIOInstance pods. This is set to `/export` by default. |
-| spec.subPath | Set custom sub-path under mount path. This is the directory under mount path where PV gets mounted on MinIOInstance pods. This is set to `""` by default. |
-| spec.volumeClaimTemplate | Specify the template to create Persistent Volume Claims for MinIOInstance pods.
+| spec.mountPath | Set custom mount path. This is the path where PV gets mounted on Tenant pods. This is set to `/export` by default. |
+| spec.subPath | Set custom sub-path under mount path. This is the directory under mount path where PV gets mounted on Tenant pods. This is set to `""` by default. |
+| spec.volumeClaimTemplate | Specify the template to create Persistent Volume Claims for Tenant pods.
 | spec.env | Add MinIO specific environment variables to enable certain features. |
 | spec.requestAutoCert | Enable this to create use your Kubernetes cluster's root Certificate Authority (CA). |
 | spec.certConfig | When `spec.requestAutoCert` is enabled, use this field to pass additional parameters for certificate creation. |
-| spec.externalCertSecret | Set an external secret with private key and certificate to be used to enabled TLS on MinIOInstance pods. Note that only one of `spec.requestAutoCert` or `spec.externalCertSecret` should be enabled at a time. Follow [the document here](https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret) to create the secret to be passed in this section. |
-| spec.resources | Specify CPU and Memory resources for each MinIOInstance container. Refer [this document](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/#resource-types) for details. |
-| spec.liveness | Add liveness check for MinIOInstance containers. Refer [this document](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#define-a-liveness-command) for details. |
-| spec.nodeSelector | Add a selector which must be true for the MinIOInstance pod to fit on a node. Refer [this document](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) for details.|
-| spec.tolerations | Define a toleration for the MinIOInstance pod to match on a taint. Refer [this document](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) for details. |
-| spec.securityContext | Define a security context for the MinIOInstance pod. Refer [this document](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) for details. |
-| spec.serviceAccountName | Define a ServiceAccountName for the ServiceAccount to use to run MinIO pods created for this MinIOInstance. Refer [this document](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) for details. |
+| spec.externalCertSecret | Set an external secret with private key and certificate to be used to enabled TLS on Tenant pods. Note that only one of `spec.requestAutoCert` or `spec.externalCertSecret` should be enabled at a time. Follow [the document here](https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret) to create the secret to be passed in this section. |
+| spec.resources | Specify CPU and Memory resources for each Tenant container. Refer [this document](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/#resource-types) for details. |
+| spec.liveness | Add liveness check for Tenant containers. Refer [this document](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#define-a-liveness-command) for details. |
+| spec.nodeSelector | Add a selector which must be true for the Tenant pod to fit on a node. Refer [this document](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/) for details.|
+| spec.tolerations | Define a toleration for the Tenant pod to match on a taint. Refer [this document](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) for details. |
+| spec.securityContext | Define a security context for the Tenant pod. Refer [this document](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) for details. |
+| spec.serviceAccountName | Define a ServiceAccountName for the ServiceAccount to use to run MinIO pods created for this Tenant. Refer [this document](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) for details. |
 | spec.mcs | Defines the mcs configuration. mcs is a graphical user interface for MinIO. Refer [this](https://github.com/minio/mcs) |
 | spec.mcs.image | Defines the mcs image. |
 | spec.mcs.replicas | Number of MCS pods to be created. |
-| spec.mcs.mcsSecret | Use this secret to assign mcs credentials to MinIOInstance. |
+| spec.mcs.mcsSecret | Use this secret to assign mcs credentials to Tenant. |
 | spec.mcs.metadata | This allows a way to map metadata to the mcs container. Internally `metadata` is a struct type as [explained here](https://godoc.org/k8s.io/apimachinery/pkg/apis/meta/v1#ObjectMeta). |
 | spec.kes | Defines the KES configuration. Refer [this](https://github.com/minio/kes) |
 | spec.kes.replicas | Number of KES pods to be created. |

docs/pod-security-policy.md

@@ -10,7 +10,7 @@ This document explains how to apply `PodSecurityPolicy` to MinIO Pods created by
 You can create a MinIO cluster with single zone, `zone-0` with 4 drives, with a custom `PodSecurityPolicy` applied to all the MinIO Pods created by the Operator.
 
 ```
-kubectl create -f https://github.com/minio/minio-operator/tree/master/examples/minioinstance-pod-security-policy.yaml
+kubectl create -f https://github.com/minio/minio-operator/tree/master/examples/tenant-pod-security-policy.yaml
 ```
 
 This file creates a custom PodSecurityPolicy with these fields:

docs/tls.md

@@ -3,31 +3,31 @@
 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
 [![Docker Pulls](https://img.shields.io/docker/pulls/minio/k8s-operator.svg?maxAge=604800)](https://hub.docker.com/r/minio/k8s-operator)
 
-This document explains how to enable TLS on MinIOInstance pods. These are the approaches to enable TLS for MinIO:
+This document explains how to enable TLS on Tenant pods. These are the approaches to enable TLS for MinIO:
 
 ## Automatic TLS
 
 This approach creates TLS certificates automatically using the Kubernetes cluster root Certificate Authority (CA) to establish trust. In this approach, MinIO Operator creates a private key, and a certificate signing request (CSR) which is submitted via the `certificates.k8s.io` API for signing. Automatic TLS approach creates other certificates required for KES as well as explained in [KES document](./kes.md).
 
-To enable automatic CSR generation on MinIOInstance, set `requestAutoCert` field in the config file to `true`. Optionally you can also pass additional configuration parameters to be used under `certConfig` section. The `certConfig` section currently supports below fields:
+To enable automatic CSR generation on Tenant, set `requestAutoCert` field in the config file to `true`. Optionally you can also pass additional configuration parameters to be used under `certConfig` section. The `certConfig` section currently supports below fields:
 
 - CommonName: By default this is set to a wild card domain name as per [Kubernetes StatefulSet Pod Identity](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-identity). Set it any other value as per your requirements.
 
 - Organization: By default set to `Acme Co`. Change it to the name of your organization.
 
-- DNSNames: By default set to list of all pod DNS names that are part of current MinIOInstance cluster. Any value added under this section will be appended to the list of existing pod DNS names.
+- DNSNames: By default set to list of all pod DNS names that are part of current Tenant cluster. Any value added under this section will be appended to the list of existing pod DNS names.
 
-Once you enable `requestAutoCert` field and create the MinIOInstance, MinIO Operator creates a CSR for this instance and sends to the Kubernetes API server. MinIO Operator will then approve the CSR. After the CSR is approved and Certificate available, MinIO operator downloads the certificate and then mounts the Private Key and Certificate within the MinIOInstance pod.
+Once you enable `requestAutoCert` field and create the Tenant, MinIO Operator creates a CSR for this instance and sends to the Kubernetes API server. MinIO Operator will then approve the CSR. After the CSR is approved and Certificate available, MinIO operator downloads the certificate and then mounts the Private Key and Certificate within the Tenant pod.
 
-## Pass Certificate Secret to MinIOInstance
+## Pass Certificate Secret to Tenant
 
 This approach involves acquiring a CA signed or self-signed certificate and use a Kubernetes Secret resource to store this information. Once you have the key and certificate file available, create a Kubernetes Secret using
 
 ```bash
 kubectl create secret generic tls-ssl-minio --from-file=path/to/private.key --from-file=path/to/public.crt
 ```
 
-Once created, set the name of Secret (here it is `tls-ssl-minio`) under `spec.externalCertSecret` field. Then create the MinIOInstance. MinIO Operator will use this Secret to fetch key and certificate and mount it to relevant locations inside the MinIOInstance pods. 
+Once created, set the name of Secret (here it is `tls-ssl-minio`) under `spec.externalCertSecret` field. Then create the Tenant. MinIO Operator will use this Secret to fetch key and certificate and mount it to relevant locations inside the Tenant pods. 
 
 ### Using Kubernetes TLS
 

examples/patch.yaml

@@ -1,5 +1,5 @@
-apiVersion: operator.min.io/v1
-kind: MinIOInstance
+apiVersion: minio.min.io/v1
+kind: Tenant
 metadata:
   name: minio
 spec: