{{- if eq .Values.mode "distributed" }} {{ $poolCount := .Values.pools | int }} {{ $nodeCount := .Values.replicas | int }} {{ $replicas := mul $poolCount $nodeCount }} {{ $drivesPerNode := .Values.drivesPerNode | int }} {{ $scheme := .Values.tls.enabled | ternary "https" "http" }} {{ $mountPath := .Values.mountPath }} {{ $bucketRoot := or ($.Values.bucketRoot) ($.Values.mountPath) }} {{ $subPath := .Values.persistence.subPath }} {{ $penabled := .Values.persistence.enabled }} {{ $accessMode := .Values.persistence.accessMode }} {{ $storageClass := .Values.persistence.storageClass }} {{ $psize := .Values.persistence.size }} apiVersion: v1 kind: Service metadata: name: {{ template "minio.fullname" . }}-svc labels: app: {{ template "minio.name" . }} chart: {{ template "minio.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: publishNotReadyAddresses: true clusterIP: None ports: - name: {{ $scheme }} port: {{ .Values.service.port }} protocol: TCP targetPort: {{ .Values.minioAPIPort }} selector: app: {{ template "minio.name" . }} release: {{ .Release.Name }} --- apiVersion: {{ template "minio.statefulset.apiVersion" . }} kind: StatefulSet metadata: name: {{ template "minio.fullname" . }} labels: app: {{ template "minio.name" . }} chart: {{ template "minio.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} {{- if .Values.additionalLabels }} {{- toYaml .Values.additionalLabels | nindent 4 }} {{- end }} {{- if .Values.additionalAnnotations }} annotations: {{- toYaml .Values.additionalAnnotations | nindent 4 }} {{- end }} spec: updateStrategy: type: {{ .Values.statefulSetUpdate.updateStrategy }} podManagementPolicy: "Parallel" serviceName: {{ template "minio.fullname" . }}-svc replicas: {{ $replicas }} selector: matchLabels: app: {{ template "minio.name" . }} release: {{ .Release.Name }} template: metadata: name: {{ template "minio.fullname" . }} labels: app: {{ template "minio.name" . }} release: {{ .Release.Name }} {{- if .Values.podLabels }} {{- toYaml .Values.podLabels | nindent 8 }} {{- end }} annotations: {{- if not .Values.ignoreChartChecksums }} checksum/secrets: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} {{- end }} {{- if .Values.podAnnotations }} {{- toYaml .Values.podAnnotations | nindent 8 }} {{- end }} spec: {{- if .Values.priorityClassName }} priorityClassName: "{{ .Values.priorityClassName }}" {{- end }} {{- if .Values.runtimeClassName }} runtimeClassName: "{{ .Values.runtimeClassName }}" {{- end }} {{- if and .Values.securityContext.enabled .Values.persistence.enabled }} securityContext: {{- omit .Values.securityContext "enabled" | toYaml | nindent 8 }} {{- end }} {{- if .Values.serviceAccount.create }} serviceAccountName: {{ .Values.serviceAccount.name }} {{- end }} containers: - name: {{ .Chart.Name }} image: {{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} command: [ "/bin/sh", "-ce", "/usr/bin/docker-entrypoint.sh minio server {{- range $i := until $poolCount }}{{ $factor := mul $i $nodeCount }}{{ $endIndex := add $factor $nodeCount }}{{ $beginIndex := mul $i $nodeCount }} {{ $scheme }}://{{ template `minio.fullname` $ }}-{{ `{` }}{{ $beginIndex }}...{{ sub $endIndex 1 }}{{ `}`}}.{{ template `minio.fullname` $ }}-svc.{{ $.Release.Namespace }}.svc{{if (gt $drivesPerNode 1)}}{{ $bucketRoot }}-{{ `{` }}0...{{ sub $drivesPerNode 1 }}{{ `}` }}{{ else }}{{ $bucketRoot }}{{end }}{{- end }} -S {{ .Values.certsPath }} --address :{{ .Values.minioAPIPort }} --console-address :{{ .Values.minioConsolePort }} {{- template `minio.extraArgs` . }}" ] volumeMounts: {{- if $penabled }} {{- if (gt $drivesPerNode 1) }} {{- range $i := until $drivesPerNode }} - name: export-{{ $i }} mountPath: {{ $mountPath }}-{{ $i }} {{- if and $penabled $subPath }} subPath: {{ $subPath }} {{- end }} {{- end }} {{- else }} - name: export mountPath: {{ $mountPath }} {{- if and $penabled $subPath }} subPath: {{ $subPath }} {{- end }} {{- end }} {{- end }} {{- if .Values.extraSecret }} - name: extra-secret mountPath: "/tmp/minio-config-env" {{- end }} {{- include "minio.tlsKeysVolumeMount" . | indent 12 }} {{- if .Values.extraVolumeMounts }} {{- toYaml .Values.extraVolumeMounts | nindent 12 }} {{- end }} ports: - name: {{ $scheme }} containerPort: {{ .Values.minioAPIPort }} - name: {{ $scheme }}-console containerPort: {{ .Values.minioConsolePort }} env: - name: MINIO_ROOT_USER valueFrom: secretKeyRef: name: {{ template "minio.secretName" . }} key: rootUser - name: MINIO_ROOT_PASSWORD valueFrom: secretKeyRef: name: {{ template "minio.secretName" . }} key: rootPassword {{- if .Values.extraSecret }} - name: MINIO_CONFIG_ENV_FILE value: "/tmp/minio-config-env/config.env" {{- end }} {{- if .Values.metrics.serviceMonitor.public }} - name: MINIO_PROMETHEUS_AUTH_TYPE value: "public" {{- end }} {{- if .Values.oidc.enabled }} - name: MINIO_IDENTITY_OPENID_CONFIG_URL value: {{ .Values.oidc.configUrl }} - name: MINIO_IDENTITY_OPENID_CLIENT_ID {{- if and .Values.oidc.existingClientSecretName .Values.oidc.existingClientIdKey }} valueFrom: secretKeyRef: name: {{ .Values.oidc.existingClientSecretName }} key: {{ .Values.oidc.existingClientIdKey }} {{- else }} value: {{ .Values.oidc.clientId }} {{- end }} - name: MINIO_IDENTITY_OPENID_CLIENT_SECRET {{- if and .Values.oidc.existingClientSecretName .Values.oidc.existingClientSecretKey }} valueFrom: secretKeyRef: name: {{ .Values.oidc.existingClientSecretName }} key: {{ .Values.oidc.existingClientSecretKey }} {{- else }} value: {{ .Values.oidc.clientSecret }} {{- end }} - name: MINIO_IDENTITY_OPENID_CLAIM_NAME value: {{ .Values.oidc.claimName }} - name: MINIO_IDENTITY_OPENID_CLAIM_PREFIX value: {{ .Values.oidc.claimPrefix }} - name: MINIO_IDENTITY_OPENID_SCOPES value: {{ .Values.oidc.scopes }} - name: MINIO_IDENTITY_OPENID_COMMENT value: {{ .Values.oidc.comment }} - name: MINIO_IDENTITY_OPENID_REDIRECT_URI value: {{ .Values.oidc.redirectUri }} - name: MINIO_IDENTITY_OPENID_DISPLAY_NAME value: {{ .Values.oidc.displayName }} {{- end }} {{- range $key, $val := .Values.environment }} - name: {{ $key }} value: {{ tpl $val $ | quote }} {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- if and .Values.securityContext.enabled .Values.persistence.enabled }} {{- with .Values.containerSecurityContext }} securityContext: {{ toYaml . | nindent 12}} {{- end }} {{- end }} {{- with .Values.extraContainers }} {{- if eq (typeOf .) "string" }} {{- tpl . $ | nindent 8 }} {{- else }} {{- toYaml . | nindent 8 }} {{- end }} {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- include "minio.imagePullSecrets" . | indent 6 }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} {{- if and (gt $replicas 1) (ge .Capabilities.KubeVersion.Major "1") (ge .Capabilities.KubeVersion.Minor "19") }} {{- with .Values.topologySpreadConstraints }} topologySpreadConstraints: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} volumes: - name: minio-user secret: secretName: {{ template "minio.secretName" . }} {{- if .Values.extraSecret }} - name: extra-secret secret: secretName: {{ .Values.extraSecret }} {{- end }} {{- include "minio.tlsKeysVolume" . | indent 8 }} {{- if .Values.extraVolumes }} {{- toYaml .Values.extraVolumes | nindent 8 }} {{- end }} {{- if .Values.persistence.enabled }} volumeClaimTemplates: {{- if gt $drivesPerNode 1 }} {{- range $diskId := until $drivesPerNode}} - apiVersion: v1 kind: PersistentVolumeClaim metadata: name: export-{{ $diskId }} {{- if $.Values.persistence.annotations }} annotations: {{- toYaml $.Values.persistence.annotations | nindent 10 }} {{- end }} spec: accessModes: [ {{ $accessMode | quote }} ] {{- if $storageClass }} storageClassName: {{ $storageClass }} {{- end }} resources: requests: storage: {{ $psize }} {{- end }} {{- else }} - apiVersion: v1 kind: PersistentVolumeClaim metadata: name: export {{- if $.Values.persistence.annotations }} annotations: {{- toYaml $.Values.persistence.annotations | nindent 10 }} {{- end }} spec: accessModes: [ {{ $accessMode | quote }} ] {{- if $storageClass }} storageClassName: {{ $storageClass }} {{- end }} resources: requests: storage: {{ $psize }} {{- end }} {{- end }} {{- end }}