Operator Helm Charts

###
# Root key for Operator Helm Chart
operator:
  ###
  # An array of environment variables to pass to the Operator deployment.
  # Pass an empty array to start Operator with defaults.
  #
  # For example:
  #
  # .. code-block:: yaml
  #
  #    env:
  #    - name: MINIO_OPERATOR_DEPLOYMENT_NAME
  #      valueFrom:
  #        fieldRef:
  #          fieldPath: metadata.labels['app.kubernetes.io/name']
  #    - name: CLUSTER_DOMAIN
  #      value: "cluster.domain"
  #    - name: WATCHED_NAMESPACE
  #      value: ""
  #    - name: MINIO_OPERATOR_RUNTIME
  #      value: "OpenShift"
  #
  # See `Operator environment variables <https://github.com/minio/operator/blob/master/docs/env-variables.md>`__ for a list of all supported values.
  env:
    - name: OPERATOR_STS_ENABLED
      value: "on"
  # An array of additional annotations to be applied to the operator service account
  serviceAccountAnnotations: []
  # additional labels to be applied to operator resources
  additionalLabels: {}
  ###
  # Specify the Operator container image to use for the deployment.
  # ``image.tag``
  # For example, the following sets the image to the ``quay.io/minio/operator`` repo and the v6.0.3 tag.
  # The container pulls the image if not already present:
  #
  # .. code-block:: yaml
  #
  #    image:
  #      repository: quay.io/minio/operator
  #      tag: v6.0.3
  #      pullPolicy: IfNotPresent
  #
  # The chart also supports specifying an image based on digest value:
  #
  # .. code-block:: yaml
  #
  #    image:
  #      repository: quay.io/minio/operator@sha256
  #      digest: 28c80b379c75242c6fe793dfbf212f43c602140a0de5ebe3d9c2a3a7b9f9f983
  #      pullPolicy: IfNotPresent
  #
  image:
    repository: quay.io/minio/operator
    tag: v6.0.3
    pullPolicy: IfNotPresent
  ###
  # Specify the sidecar container image to deploy on tenant pods for init container and sidecar.
  # Only need to change this if want to use a different version that the default, or want to set a custom registry.
  # ``sidecarImage.tag``
  # For example, the following sets the image to the ``quay.io/minio/operator-sidecar`` repo and the v6.0.3 tag.
  # The container pulls the image if not already present:
  #
  # .. code-block:: yaml
  #
  #    sidecarImage:
  #      repository: quay.io/minio/operator-sidecar
  #      tag: v6.0.3
  #      pullPolicy: IfNotPresent
  #
  # The chart also supports specifying an image based on digest value:
  #
  # .. code-block:: yaml
  #
  #    sidecarImage:
  #      repository: quay.io/minio/operator-sidecar@sha256
  #      digest: a11947a230b80fb1b0bffa97173147a505d4f1207958f722e348d11ab9e972c1
  #      pullPolicy: IfNotPresent
  #
  sidecarImage: {}
  ###
  #
  # An array of Kubernetes secrets to use for pulling images from a private ``image.repository``.
  # Only one array element is supported at this time.
  imagePullSecrets: [ ]
  ###
  #
  # The name of a custom `Container Runtime <https://kubernetes.dev.org.tw/docs/concepts/containers/runtime-class/>`__ to use for the Operator pods.
  runtimeClassName: ~
  ###
  # An array of `initContainers <https://kubernetes.dev.org.tw/docs/concepts/workloads/pods/init-containers/>`__ to start up before the Operator pods.
  # Exercise care as ``initContainer`` failures prevent Operator pods from starting.
  # Pass an empty array to start the Operator normally.
  initContainers: [ ]
  ###
  # The number of Operator pods to deploy.
  # Higher values increase availability in the event of worker node failures.
  #
  # The cluster must have sufficient number of available worker nodes to fulfill the request.
  # Operator pods deploy with pod anti-affinity by default, preventing Kubernetes from scheduling multiple pods onto a single Worker node.
  replicaCount: 2
  ###
  # The Kubernetes `SecurityContext <https://kubernetes.dev.org.tw/docs/tasks/configure-pod-container/security-context/>`__ to use for deploying Operator resources.
  #
  # You may need to modify these values to meet your cluster's security and access settings.
  securityContext:
    runAsUser: 1000
    runAsGroup: 1000
    runAsNonRoot: true
    fsGroup: 1000
  ###
  # The Kubernetes `SecurityContext <https://kubernetes.dev.org.tw/docs/tasks/configure-pod-container/security-context/>`__ to use for deploying Operator containers.
  # You may need to modify these values to meet your cluster's security and access settings.
  containerSecurityContext:
    runAsUser: 1000
    runAsGroup: 1000
    runAsNonRoot: true
    allowPrivilegeEscalation: false
    capabilities:
      drop:
        - ALL
    seccompProfile:
      type: RuntimeDefault
  ###
  # An array of `Volumes <https://kubernetes.dev.org.tw/docs/concepts/storage/volumes/>`__ which the Operator can mount to pods.
  #
  # The volumes must exist *and* be accessible to the Operator pods.
  volumes: [ ]
  ###
  # An array of volume mount points associated to each Operator container.
  #
  # Specify each item in the array as follows:
  #
  # .. code-block:: yaml
  #
  #    volumeMounts:
  #    - name: volumename
  #      mountPath: /path/to/mount
  #
  # The ``name`` field must correspond to an entry in the ``volumes`` array.
  volumeMounts: [ ]
  ###
  # Any `Node Selectors <https://kubernetes.dev.org.tw/docs/concepts/scheduling-eviction/assign-pod-node/>`__ to apply to Operator pods.
  #
  # The Kubernetes scheduler uses these selectors to determine which worker nodes onto which it can deploy Operator pods.
  #
  # If no worker nodes match the specified selectors, the Operator deployment will fail.
  nodeSelector: { }
  ###
  #
  # The `Pod Priority <https://kubernetes.dev.org.tw/docs/concepts/scheduling-eviction/pod-priority-preemption/>`__ to assign to Operator pods.
  priorityClassName: ""
  ###
  #
  # The `affinity <https://kubernetes.dev.org.tw/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/>`__ or anti-affinity settings to apply to Operator pods.
  #
  # These settings determine the distribution of pods across worker nodes and can help prevent or allow colocating pods onto the same worker nodes.
  affinity:
    podAntiAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        - labelSelector:
            matchExpressions:
              - key: name
                operator: In
                values:
                  - minio-operator
          topologyKey: kubernetes.io/hostname
  ###
  #
  # An array of `Toleration labels <https://kubernetes.dev.org.tw/docs/concepts/scheduling-eviction/taint-and-toleration/>`__ to associate to Operator pods.
  #
  # These settings determine the distribution of pods across worker nodes.
  tolerations: [ ]
  ###
  #
  # An array of `Topology Spread Constraints <https://kubernetes.dev.org.tw/docs/concepts/scheduling-eviction/topology-spread-constraints/>`__ to associate to Operator pods.
  #
  # These settings determine the distribution of pods across worker nodes.
  topologySpreadConstraints: [ ]
  ###
  #
  # The `Requests or Limits <https://kubernetes.dev.org.tw/docs/concepts/configuration/manage-resources-containers/>`__ for resources to associate to Operator pods.
  #
  # These settings can control the minimum and maximum resources requested for each pod.
  # If no worker nodes can meet the specified requests, the Operator may fail to deploy.
  resources:
    requests:
      cpu: 200m
      memory: 256Mi
      ephemeral-storage: 500Mi