Last active
September 29, 2020 22:29
-
-
Save papagala/383450fe69b681a2bb035deb9404a202 to your computer and use it in GitHub Desktop.
MinIO values file for helm chart https://hub.helm.sh/charts/minio/minio
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Provide a name in place of minio for `app:` labels | |
| ## | |
| nameOverride: "" | |
| ## Provide a name to substitute for the full names of resources | |
| ## | |
| fullnameOverride: "" | |
| ## set kubernetes cluster domain where minio is running | |
| ## | |
| clusterDomain: cluster.local | |
| ## Set default image, imageTag, and imagePullPolicy. mode is used to indicate the | |
| ## | |
| image: | |
| repository: minio/minio | |
| tag: RELEASE.2020-08-08T04-50-06Z | |
| pullPolicy: IfNotPresent | |
| ## Set default image, imageTag, and imagePullPolicy for the `mc` (the minio | |
| ## client used to create a default bucket). | |
| ## | |
| mcImage: | |
| repository: minio/mc | |
| tag: RELEASE.2020-08-08T02-33-58Z | |
| pullPolicy: IfNotPresent | |
| ## Set default image, imageTag, and imagePullPolicy for the `jq` (the JSON | |
| ## process used to create secret for prometheus ServiceMonitor). | |
| ## | |
| helmKubectlJqImage: | |
| repository: bskim45/helm-kubectl-jq | |
| tag: 3.1.0 | |
| pullPolicy: IfNotPresent | |
| ## minio server mode, i.e. standalone or distributed. | |
| ## Distributed Minio ref: https://docs.minio.io/docs/distributed-minio-quickstart-guide | |
| ## | |
| mode: standalone | |
| ## Additional arguments to pass to minio binary | |
| extraArgs: [] | |
| ## Update strategy for Deployments | |
| DeploymentUpdate: | |
| type: RollingUpdate | |
| maxUnavailable: 0 | |
| maxSurge: 100% | |
| ## Update strategy for StatefulSets | |
| StatefulSetUpdate: | |
| updateStrategy: RollingUpdate | |
| ## Pod priority settings | |
| ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ | |
| ## | |
| priorityClassName: "" | |
| ## Set default accesskey, secretkey, Minio config file path, volume mount path and | |
| ## number of nodes (only used for Minio distributed mode) | |
| ## AccessKey and secretKey is generated when not set | |
| ## Distributed Minio ref: https://docs.minio.io/docs/distributed-minio-quickstart-guide | |
| ## | |
| existingSecret: "" | |
| accessKey: "<YOUR_USERNAME>" | |
| secretKey: "<YOUR_PASSWORD>" | |
| certsPath: "/etc/minio/certs/" | |
| configPathmc: "/etc/minio/mc/" | |
| mountPath: "/export" | |
| ## Override the root directory which the minio server should serve from. | |
| ## If left empty, it defaults to the value of {{ .Values.mountPath }} | |
| ## If defined, it must be a sub-directory of the path specified in {{ .Values.mountPath }} | |
| bucketRoot: "" | |
| # Number of drives attached to a node | |
| drivesPerNode: 1 | |
| # Number of MinIO containers running | |
| replicas: 4 | |
| # Number of expanded MinIO clusters | |
| zones: 1 | |
| ## TLS Settings for Minio | |
| tls: | |
| enabled: false | |
| ## Create a secret with private.key and public.crt files and pass that here. Ref: https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret | |
| certSecret: "" | |
| publicCrt: public.crt | |
| privateKey: private.key | |
| ## Enable persistence using Persistent Volume Claims | |
| ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ | |
| ## | |
| persistence: | |
| enabled: true | |
| ## A manually managed Persistent Volume and Claim | |
| ## Requires persistence.enabled: true | |
| ## If defined, PVC must be created manually before volume will be bound | |
| existingClaim: "" | |
| ## minio data Persistent Volume Storage Class | |
| ## If defined, storageClassName: <storageClass> | |
| ## If set to "-", storageClassName: "", which disables dynamic provisioning | |
| ## If undefined (the default) or set to null, no storageClassName spec is | |
| ## set, choosing the default provisioner. (gp2 on AWS, standard on | |
| ## GKE, AWS & OpenStack) | |
| ## | |
| ## Storage class of PV to bind. By default it looks for standard storage class. | |
| ## If the PV uses a different storage class, specify that here. | |
| storageClass: "" | |
| VolumeName: "" | |
| accessMode: ReadWriteOnce | |
| size: 500Gi | |
| ## If subPath is set mount a sub folder of a volume instead of the root of the volume. | |
| ## This is especially handy for volume plugins that don't natively support sub mounting (like glusterfs). | |
| ## | |
| subPath: "" | |
| ## Expose the Minio service to be accessed from outside the cluster (LoadBalancer service). | |
| ## or access it from within the cluster (ClusterIP service). Set the service type and the port to serve it. | |
| ## ref: http://kubernetes.io/docs/user-guide/services/ | |
| ## | |
| service: | |
| type: ClusterIP | |
| clusterIP: ~ | |
| port: 9000 | |
| nodePort: 32000 | |
| ## List of IP addresses at which the Prometheus server service is available | |
| ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips | |
| ## | |
| externalIPs: [] | |
| # - externalIp1 | |
| annotations: {} | |
| # prometheus.io/scrape: 'true' | |
| # prometheus.io/path: '/minio/prometheus/metrics' | |
| # prometheus.io/port: '9000' | |
| ## Configure Ingress based on the documentation here: https://kubernetes.io/docs/concepts/services-networking/ingress/ | |
| ## | |
| imagePullSecrets: [] | |
| # - name: "image-pull-secret" | |
| ingress: | |
| enabled: true | |
| labels: {} | |
| # node-role.kubernetes.io/ingress: platform | |
| annotations: {} | |
| # kubernetes.io/ingress.class: nginx | |
| # kubernetes.io/tls-acme: "true" | |
| # kubernetes.io/ingress.allow-http: "false" | |
| # kubernetes.io/ingress.global-static-ip-name: "" | |
| # nginx.ingress.kubernetes.io/secure-backends: "true" | |
| # nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" | |
| # nginx.ingress.kubernetes.io/whitelist-source-range: 0.0.0.0/0 | |
| path: / | |
| # Assumes you already have a tls and host with a Kubernetes secret. | |
| # Mor info (https://docs.microsoft.com/en-us/azure/aks/ingress-own-tls#create-kubernetes-secret-for-the-tls-certificate) | |
| tls: | |
| - hosts: | |
| - "<your_host>" | |
| secretName: <your_nginx_ingress_server_secret> | |
| # - secretName: chart-example-tls | |
| hosts: | |
| - "<your host>" | |
| ## Node labels for pod assignment | |
| ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ | |
| ## | |
| nodeSelector: {} | |
| tolerations: [] | |
| affinity: {} | |
| ## Add stateful containers to have security context, if enabled MinIO will run as this | |
| ## user and group NOTE: securityContext is only enabled if persistence.enabled=true | |
| securityContext: | |
| enabled: true | |
| runAsUser: 1000 | |
| runAsGroup: 1000 | |
| fsGroup: 1000 | |
| # Additational pod annotations | |
| podAnnotations: {} | |
| # Additional pod labels | |
| podLabels: {} | |
| ## Liveness and Readiness probe values. | |
| ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ | |
| livenessProbe: | |
| initialDelaySeconds: 5 | |
| periodSeconds: 5 | |
| timeoutSeconds: 1 | |
| successThreshold: 1 | |
| failureThreshold: 1 | |
| readinessProbe: | |
| initialDelaySeconds: 30 | |
| periodSeconds: 5 | |
| ## Set this to 1s higher than MINIO_API_READY_DEADLINE | |
| timeoutSeconds: 6 | |
| successThreshold: 1 | |
| failureThreshold: 3 | |
| ## Configure resource requests and limits | |
| ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ | |
| ## | |
| resources: | |
| requests: | |
| memory: 4Gi | |
| ## Create a bucket after minio install | |
| ## | |
| defaultBucket: | |
| enabled: false | |
| ## If enabled, must be a string with length > 0 | |
| name: bucket | |
| ## Can be one of none|download|upload|public | |
| policy: none | |
| ## Purge if bucket exists already | |
| purge: false | |
| ## Create multiple buckets after minio install | |
| ## Enabling `defaultBucket` will take priority over this list | |
| ## | |
| buckets: [] | |
| # - name: bucket1 | |
| # policy: none | |
| # purge: false | |
| # - name: bucket2 | |
| # policy: none | |
| # purge: false | |
| ## Additional Annotations for the Kubernetes Batch (make-bucket-job) | |
| makeBucketJob: | |
| podAnnotations: | |
| annotations: | |
| ## Additional Annotations for the Kubernetes Batch (update-prometheus-secret) | |
| updatePrometheusJob: | |
| podAnnotations: | |
| annotations: | |
| s3gateway: | |
| enabled: true | |
| replicas: 1 | |
| serviceEndpoint: "https://s3.amazonaws.<your_bucket_name>/mlflow/artifacts/" | |
| accessKey: "" | |
| secretKey: "" | |
| ## Use minio as an azure blob gateway, you should disable data persistence so no volume claim are created. | |
| ## https://docs.minio.io/docs/minio-gateway-for-azure | |
| azuregateway: | |
| enabled: false | |
| # Number of parallel instances | |
| replicas: 4 | |
| ## Use minio as GCS (Google Cloud Storage) gateway, you should disable data persistence so no volume claim are created. | |
| ## https://docs.minio.io/docs/minio-gateway-for-gcs | |
| gcsgateway: | |
| enabled: false | |
| # Number of parallel instances | |
| replicas: 4 | |
| # credential json file of service account key | |
| gcsKeyJson: "" | |
| # Google cloud project-id | |
| projectId: "" | |
| ossgateway: | |
| enabled: false | |
| # Number of parallel instances | |
| replicas: 4 | |
| endpointURL: "" | |
| ## Use minio on NAS backend | |
| ## https://docs.minio.io/docs/minio-gateway-for-nas | |
| nasgateway: | |
| enabled: false | |
| # Number of parallel instances | |
| replicas: 4 | |
| # For NAS Gateway, you may want to bind the PVC to a specific PV. To ensure that happens, PV to bind to should have | |
| # a label like "pv: <value>", use value here. | |
| pv: ~ | |
| ## Use minio as Backblaze B2 gateway | |
| ## https://github.com/minio/minio/blob/master/docs/gateway/b2.md | |
| b2gateway: | |
| enabled: false | |
| # Number of parallel instances | |
| replicas: 4 | |
| ## Use this field to add environment variables relevant to Minio server. These fields will be passed on to Minio container(s) | |
| ## when Chart is deployed | |
| environment: | |
| MINIO_API_READY_DEADLINE: "5s" | |
| ## Please refer for comprehensive list https://docs.minio.io/docs/minio-server-configuration-guide.html | |
| networkPolicy: | |
| enabled: false | |
| allowExternal: true | |
| ## PodDisruptionBudget settings | |
| ## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ | |
| ## | |
| podDisruptionBudget: | |
| enabled: false | |
| maxUnavailable: 1 | |
| ## Specify the service account to use for the Minio pods. If 'create' is set to 'false' | |
| ## and 'name' is left unspecified, the account 'default' will be used. | |
| serviceAccount: | |
| create: false | |
| ## The name of the service account to use. If 'create' is 'true', a service account with that name | |
| ## will be created. Otherwise, a name will be auto-generated. | |
| name: <your_service_account_with_IAM_for_service_account_access_to_s3> | |
| metrics: | |
| # Metrics can not be disabled yet: https://github.com/minio/minio/issues/7493 | |
| serviceMonitor: | |
| enabled: false | |
| additionalLabels: {} | |
| # namespace: monitoring | |
| # interval: 30s | |
| # scrapeTimeout: 10s | |
| ## ETCD settings: https://github.com/minio/minio/blob/master/docs/sts/etcd.md | |
| etcd: | |
| endpoints: [] | |
| pathPrefix: "" | |
| corednsPathPrefix: "" | |
| clientCert: "" | |
| clientCertKey: "" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment