Operator Helm Charts

MinIO 發布了 Helm Charts，適用於 Helm Operator Charts 和 Helm Tenant Charts。您可以使用這些圖表，透過 Helm 部署 MinIO Operator 和受管理的租戶。

以下頁面說明 MinIO Operator 的 values.yaml 圖表。如需 MinIO 租戶圖表的相關文件，請參閱租戶 Helm Charts

MinIO Operator Chart

參考

operator

Operator Helm Chart 的根金鑰

env

要傳遞給 Operator 部署的環境變數陣列。傳遞空陣列以使用預設值啟動 Operator。

例如

env:
- name: MINIO_OPERATOR_DEPLOYMENT_NAME
  valueFrom:
    fieldRef:
      fieldPath: metadata.labels['app.kubernetes.io/name']
- name: CLUSTER_DOMAIN
  value: "cluster.domain"
- name: WATCHED_NAMESPACE
  value: ""
- name: MINIO_OPERATOR_RUNTIME
  value: "OpenShift"

如需所有支援值的清單，請參閱 Operator 環境變數。

image

指定要用於部署的 Operator 容器映像。 image.tag 例如，以下將映像設定為 quay.io/minio/operator 儲存庫和 v6.0.3 標籤。如果容器中尚不存在該映像，則會提取該映像

image:
  repository: quay.io/minio/operator
  tag: v6.0.3
  pullPolicy: IfNotPresent

該圖表也支援根據摘要值指定映像

image:
  repository: quay.io/minio/operator@sha256
  digest: 28c80b379c75242c6fe793dfbf212f43c602140a0de5ebe3d9c2a3a7b9f9f983
  pullPolicy: IfNotPresent

sidecarImage

指定要在租戶 Pod 上部署的 sidecar 容器映像，用於初始化容器和 sidecar。只有在想要使用與預設值不同的版本，或想要設定自訂登錄時，才需要變更此項。 sidecarImage.tag 例如，以下將映像設定為 quay.io/minio/operator-sidecar 儲存庫和 v6.0.3 標籤。如果容器中尚不存在該映像，則會提取該映像

sidecarImage:
  repository: quay.io/minio/operator-sidecar
  tag: v6.0.3
  pullPolicy: IfNotPresent

該圖表也支援根據摘要值指定映像

sidecarImage:
  repository: quay.io/minio/operator-sidecar@sha256
  digest: a11947a230b80fb1b0bffa97173147a505d4f1207958f722e348d11ab9e972c1
  pullPolicy: IfNotPresent

imagePullSecrets

用於從私有 image.repository 提取映像的 Kubernetes 密碼陣列。目前僅支援一個陣列元素。

runtimeClassName

要用於 Operator Pod 的自訂容器執行時間名稱。

initContainers

要在 Operator Pod 之前啟動的 initContainers 陣列。請小心，因為 initContainer 失敗會阻止 Operator Pod 啟動。傳遞空陣列以正常啟動 Operator。

replicaCount

要部署的 Operator Pod 數量。較高的值可在工作節點發生故障時提高可用性。

叢集必須有足夠數量的可用工作節點來滿足請求。Operator Pod 預設以 Pod 反親和性部署，防止 Kubernetes 將多個 Pod 排程到單一工作節點上。

securityContext

用於部署 Operator 資源的 Kubernetes SecurityContext。

您可能需要修改這些值，以符合您叢集的安全性和存取設定。

containerSecurityContext

用於部署 Operator 容器的 Kubernetes SecurityContext。您可能需要修改這些值，以符合您叢集的安全性和存取設定。

volumes

Operator 可以將其掛載到 Pod 的 Volume 陣列。

磁碟區必須存在且 Operator Pod 能夠存取。

volumeMounts

與每個 Operator 容器相關聯的磁碟區掛載點陣列。

請依照以下方式指定陣列中的每個項目

volumeMounts:
- name: volumename
  mountPath: /path/to/mount

name 欄位必須對應到 volumes 陣列中的一個項目。

nodeSelector

任何要套用至 Operator Pod 的節點選擇器。

Kubernetes 排程器會使用這些選擇器來決定它可以將 Operator Pod 部署到哪些工作節點上。

如果沒有任何工作節點符合指定的選擇器，Operator 的部署將會失敗。

priorityClassName

要指派給 Operator Pod 的Pod 優先順序。

affinity

要套用至 Operator Pod 的親和性或反親和性設定。

這些設定決定了 Pod 在工作節點上的分佈，並且可以幫助防止或允許將 Pod 並置在相同的工作節點上。

tolerations

要與 Operator Pod 關聯的容忍標籤陣列。

這些設定決定了 Pod 在工作節點上的分佈。

topologySpreadConstraints

要與 Operator Pod 關聯的拓樸分散約束陣列。

這些設定決定了 Pod 在工作節點上的分佈。

resources

要與 Operator Pod 關聯的資源請求或限制。

這些設定可以控制每個 Pod 請求的最小和最大資源。如果沒有任何工作節點可以滿足指定的請求，Operator 可能會部署失敗。

YAML

###
# Root key for Operator Helm Chart
operator:
  ###
  # An array of environment variables to pass to the Operator deployment.
  # Pass an empty array to start Operator with defaults.
  #
  # For example:
  #
  # .. code-block:: yaml
  #
  #    env:
  #    - name: MINIO_OPERATOR_DEPLOYMENT_NAME
  #      valueFrom:
  #        fieldRef:
  #          fieldPath: metadata.labels['app.kubernetes.io/name']
  #    - name: CLUSTER_DOMAIN
  #      value: "cluster.domain"
  #    - name: WATCHED_NAMESPACE
  #      value: ""
  #    - name: MINIO_OPERATOR_RUNTIME
  #      value: "OpenShift"
  #
  # See `Operator environment variables <https://github.com/minio/operator/blob/master/docs/env-variables.md>`__ for a list of all supported values.
  env:
    - name: OPERATOR_STS_ENABLED
      value: "on"
  # An array of additional annotations to be applied to the operator service account
  serviceAccountAnnotations: []
  # additional labels to be applied to operator resources
  additionalLabels: {}
  ###
  # Specify the Operator container image to use for the deployment.
  # ``image.tag``
  # For example, the following sets the image to the ``quay.io/minio/operator`` repo and the v6.0.3 tag.
  # The container pulls the image if not already present:
  #
  # .. code-block:: yaml
  #
  #    image:
  #      repository: quay.io/minio/operator
  #      tag: v6.0.3
  #      pullPolicy: IfNotPresent
  #
  # The chart also supports specifying an image based on digest value:
  #
  # .. code-block:: yaml
  #
  #    image:
  #      repository: quay.io/minio/operator@sha256
  #      digest: 28c80b379c75242c6fe793dfbf212f43c602140a0de5ebe3d9c2a3a7b9f9f983
  #      pullPolicy: IfNotPresent
  #
  image:
    repository: quay.io/minio/operator
    tag: v6.0.3
    pullPolicy: IfNotPresent
  ###
  # Specify the sidecar container image to deploy on tenant pods for init container and sidecar.
  # Only need to change this if want to use a different version that the default, or want to set a custom registry.
  # ``sidecarImage.tag``
  # For example, the following sets the image to the ``quay.io/minio/operator-sidecar`` repo and the v6.0.3 tag.
  # The container pulls the image if not already present:
  #
  # .. code-block:: yaml
  #
  #    sidecarImage:
  #      repository: quay.io/minio/operator-sidecar
  #      tag: v6.0.3
  #      pullPolicy: IfNotPresent
  #
  # The chart also supports specifying an image based on digest value:
  #
  # .. code-block:: yaml
  #
  #    sidecarImage:
  #      repository: quay.io/minio/operator-sidecar@sha256
  #      digest: a11947a230b80fb1b0bffa97173147a505d4f1207958f722e348d11ab9e972c1
  #      pullPolicy: IfNotPresent
  #
  sidecarImage: {}
  ###
  #
  # An array of Kubernetes secrets to use for pulling images from a private ``image.repository``.
  # Only one array element is supported at this time.
  imagePullSecrets: [ ]
  ###
  #
  # The name of a custom `Container Runtime <https://kubernetes.dev.org.tw/docs/concepts/containers/runtime-class/>`__ to use for the Operator pods.
  runtimeClassName: ~
  ###
  # An array of `initContainers <https://kubernetes.dev.org.tw/docs/concepts/workloads/pods/init-containers/>`__ to start up before the Operator pods.
  # Exercise care as ``initContainer`` failures prevent Operator pods from starting.
  # Pass an empty array to start the Operator normally.
  initContainers: [ ]
  ###
  # The number of Operator pods to deploy.
  # Higher values increase availability in the event of worker node failures.
  #
  # The cluster must have sufficient number of available worker nodes to fulfill the request.
  # Operator pods deploy with pod anti-affinity by default, preventing Kubernetes from scheduling multiple pods onto a single Worker node.
  replicaCount: 2
  ###
  # The Kubernetes `SecurityContext <https://kubernetes.dev.org.tw/docs/tasks/configure-pod-container/security-context/>`__ to use for deploying Operator resources.
  #
  # You may need to modify these values to meet your cluster's security and access settings.
  securityContext:
    runAsUser: 1000
    runAsGroup: 1000
    runAsNonRoot: true
    fsGroup: 1000
  ###
  # The Kubernetes `SecurityContext <https://kubernetes.dev.org.tw/docs/tasks/configure-pod-container/security-context/>`__ to use for deploying Operator containers.
  # You may need to modify these values to meet your cluster's security and access settings.
  containerSecurityContext:
    runAsUser: 1000
    runAsGroup: 1000
    runAsNonRoot: true
    allowPrivilegeEscalation: false
    capabilities:
      drop:
        - ALL
    seccompProfile:
      type: RuntimeDefault
  ###
  # An array of `Volumes <https://kubernetes.dev.org.tw/docs/concepts/storage/volumes/>`__ which the Operator can mount to pods.
  #
  # The volumes must exist *and* be accessible to the Operator pods.
  volumes: [ ]
  ###
  # An array of volume mount points associated to each Operator container.
  #
  # Specify each item in the array as follows:
  #
  # .. code-block:: yaml
  #
  #    volumeMounts:
  #    - name: volumename
  #      mountPath: /path/to/mount
  #
  # The ``name`` field must correspond to an entry in the ``volumes`` array.
  volumeMounts: [ ]
  ###
  # Any `Node Selectors <https://kubernetes.dev.org.tw/docs/concepts/scheduling-eviction/assign-pod-node/>`__ to apply to Operator pods.
  #
  # The Kubernetes scheduler uses these selectors to determine which worker nodes onto which it can deploy Operator pods.
  #
  # If no worker nodes match the specified selectors, the Operator deployment will fail.
  nodeSelector: { }
  ###
  #
  # The `Pod Priority <https://kubernetes.dev.org.tw/docs/concepts/scheduling-eviction/pod-priority-preemption/>`__ to assign to Operator pods.
  priorityClassName: ""
  ###
  #
  # The `affinity <https://kubernetes.dev.org.tw/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/>`__ or anti-affinity settings to apply to Operator pods.
  #
  # These settings determine the distribution of pods across worker nodes and can help prevent or allow colocating pods onto the same worker nodes.
  affinity:
    podAntiAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        - labelSelector:
            matchExpressions:
              - key: name
                operator: In
                values:
                  - minio-operator
          topologyKey: kubernetes.io/hostname
  ###
  #
  # An array of `Toleration labels <https://kubernetes.dev.org.tw/docs/concepts/scheduling-eviction/taint-and-toleration/>`__ to associate to Operator pods.
  #
  # These settings determine the distribution of pods across worker nodes.
  tolerations: [ ]
  ###
  #
  # An array of `Topology Spread Constraints <https://kubernetes.dev.org.tw/docs/concepts/scheduling-eviction/topology-spread-constraints/>`__ to associate to Operator pods.
  #
  # These settings determine the distribution of pods across worker nodes.
  topologySpreadConstraints: [ ]
  ###
  #
  # The `Requests or Limits <https://kubernetes.dev.org.tw/docs/concepts/configuration/manage-resources-containers/>`__ for resources to associate to Operator pods.
  #
  # These settings can control the minimum and maximum resources requested for each pod.
  # If no worker nodes can meet the specified requests, the Operator may fail to deploy.
  resources:
    requests:
      cpu: 200m
      memory: 256Mi
      ephemeral-storage: 500Mi