Skip to content

Commit

Permalink
Add Support for Kustomize based scripts to setup Operator (#141)
Browse files Browse the repository at this point in the history
  • Loading branch information
nitisht authored Jun 9, 2020
1 parent bc63c2d commit 9c0009f
Show file tree
Hide file tree
Showing 8 changed files with 275 additions and 10 deletions.
13 changes: 7 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -21,20 +21,21 @@ MinIO-Operator brings native MinIO, [MCS](https://github.com/minio/mcs), and [KE
- Kubernetes version v1.17.0 and above for compatibility. MinIO Operator uses `k8s/client-go` v0.18.0.
- `kubectl` configured to refer to a Kubernetes cluster.
- Create the required PVs as [explained here](https://github.com/minio/minio-operator/blob/master/docs/creating-pv-manually.md).
- Optional: `kustomize` installed as [explained here](https://github.com/kubernetes-sigs/kustomize/blob/master/docs/INSTALL.md#installation).

### Create Operator and related resources
### Create Operator Deployment

To start MinIO-Operator, use the `minio-operator.yaml` file.
To start MinIO-Operator with default configuration, use the `minio-operator.yaml` file.

```bash
kubectl apply -f https://raw.githubusercontent.com/minio/minio-operator/master/minio-operator.yaml
```

This will create all relevant resources required for the Operator to work.

You could install the MinIO Operator a custom namespace by customizing the `minio-operator.yaml` file or using [kustomize](https://github.com/kubernetes-sigs/kustomize)
Advanced users can leverage [kustomize](https://github.com/kubernetes-sigs/kustomize) to customize operator configuration

```bash
git clone https://github.com/minio/minio-operator
cd operator-deployment
kustomize build | kubectl apply -f -
```

Expand All @@ -50,7 +51,7 @@ kubectl apply -f https://raw.githubusercontent.com/minio/minio-operator/master/e

Add an [external service](https://kubernetes.io/docs/concepts/services-networking/service/) in MinIOInstance definition to enable Service based access to the MinIOInstance pods. Refer [the example here](https://github.com/minio/minio-operator/blob/master/examples/minioinstance.yaml?raw=true) for details on how to setup service based access for MinIOInstance pods.

### Expose MinIO via Istio
### Advanced: Expose MinIO via Istio

Istio >= 1.4 has support for headless Services, so instead of creating an explicit `Service` for the created MinIO instance, you can also directly target the headless Service that is created by the operator.

Expand Down
4 changes: 0 additions & 4 deletions kustomization.yaml

This file was deleted.

91 changes: 91 additions & 0 deletions operator-deployment/crd.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: minioinstances.operator.min.io
spec:
group: operator.min.io
scope: Namespaced
names:
kind: MinIOInstance
singular: minioinstance
plural: minioinstances
versions:
- name: v1
served: true
storage: true
schema:
# openAPIV3Schema is the schema for validating custom objects.
# Refer https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/#specifying-a-structural-schema
# for more details
openAPIV3Schema:
type: object
properties:
spec:
type: object
x-kubernetes-preserve-unknown-fields: true
properties:
replicas:
type: integer
minimum: 1
maximum: 32
image:
type: string
serviceName:
type: string
volumesPerServer:
type: integer
mountPath:
type: string
podManagementPolicy:
type: string
enum: [Parallel,OrderedReady]
default: Parallel
requestAutoCert:
type: boolean
default: false
version:
type: string
mountpath:
type: string
subpath:
type: string
mcs:
type: object
x-kubernetes-preserve-unknown-fields: true
properties:
image:
type: string
replicas:
type: integer
default: 2
mcsSecret:
type: object
properties:
name:
type: string
kes:
type: object
x-kubernetes-preserve-unknown-fields: true
properties:
image:
type: string
replicas:
type: integer
default: 2
kesSecret:
type: object
properties:
name:
type: string
status:
type: object
properties:
currentState:
type: string
subresources:
# status enables the status subresource.
status: {}
additionalPrinterColumns:
- name: Current State
type: string
jsonPath: ".status.currentState"
25 changes: 25 additions & 0 deletions operator-deployment/deployment.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: minio-operator
namespace: default
spec:
replicas: 1
selector:
matchLabels:
name: minio-operator
template:
metadata:
labels:
name: minio-operator
spec:
serviceAccountName: minio-operator
containers:
- name: minio-operator
image: minio/k8s-operator:2.0.5
imagePullPolicy: IfNotPresent
env:
- name: CLUSTER_DOMAIN
value: $(CLUSTER_DOMAIN)
- name: WATCHED_NAMESPACE
value: $(WATCHED_NAMESPACE)
63 changes: 63 additions & 0 deletions operator-deployment/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: minio-operator

# Configure number of MinIO Operator Deployment Replicas
replicas:
- name: minio-operator
count: 1

# Configure repo and tag of MinIO Operator Image
images:
- name: minio/k8s-operator
newName: minio/k8s-operator
newTag: 2.0.5

# Configure the Cluster Domain and NameSpace to Watch
configMapGenerator:
- name: operator-env
literals:
- CLUSTER_DOMAIN="cluster.local"
- WATCHED_NAMESPACE="default"

# Configure the Namespace and ServiceAccount name
patchesJson6902:
- target:
version: v1
kind: ServiceAccount
name: minio-operator
patch: |-
- op: replace
path: /metadata/name
value: "minio-operator"
- target:
version: v1
kind: Namespace
name: minio-operator
patch: |-
- op: replace
path: /metadata/name
value: "minio-operator"
vars:
- name: CLUSTER_DOMAIN
objref:
kind: ConfigMap
name: operator-env
apiVersion: v1
fieldref:
fieldpath: data.CLUSTER_DOMAIN
- name: WATCHED_NAMESPACE
objref:
kind: ConfigMap
name: operator-env
apiVersion: v1
fieldref:
fieldpath: data.WATCHED_NAMESPACE

resources:
- namespace.yaml
- service-account.yaml
- crd.yaml
- rbac.yaml
- deployment.yaml
4 changes: 4 additions & 0 deletions operator-deployment/namespace.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: minio-operator
80 changes: 80 additions & 0 deletions operator-deployment/rbac.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: minio-operator-role
rules:
- apiGroups:
- ""
resources:
- namespaces
- secrets
- pods
- services
- events
verbs:
- get
- watch
- create
- list
- delete
- apiGroups:
- apps
resources:
- statefulsets
- deployments
verbs:
- get
- create
- list
- patch
- watch
- update
- delete
- apiGroups:
- batch
resources:
- jobs
verbs:
- get
- create
- list
- patch
- watch
- update
- delete
- apiGroups:
- "certificates.k8s.io"
resources:
- "certificatesigningrequests"
- "certificatesigningrequests/approval"
- "certificatesigningrequests/status"
verbs:
- update
- create
- get
- delete
- apiGroups:
- operator.min.io
resources:
- "*"
verbs:
- "*"
- apiGroups:
- min.io
resources:
- "*"
verbs:
- "*"
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: minio-operator-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: minio-operator-role
subjects:
- kind: ServiceAccount
name: minio-operator
namespace: default
5 changes: 5 additions & 0 deletions operator-deployment/service-account.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: minio-operator
namespace: default

0 comments on commit 9c0009f

Please sign in to comment.