summaryrefslogtreecommitdiffstats
path: root/vnfs/DAaaS/deploy/minio/templates
diff options
context:
space:
mode:
Diffstat (limited to 'vnfs/DAaaS/deploy/minio/templates')
-rw-r--r--vnfs/DAaaS/deploy/minio/templates/NOTES.txt44
-rwxr-xr-xvnfs/DAaaS/deploy/minio/templates/_helper_create_bucket.txt89
-rw-r--r--vnfs/DAaaS/deploy/minio/templates/_helpers.tpl43
-rw-r--r--vnfs/DAaaS/deploy/minio/templates/configmap.yaml12
-rw-r--r--vnfs/DAaaS/deploy/minio/templates/deployment.yaml195
-rw-r--r--vnfs/DAaaS/deploy/minio/templates/ingress.yaml39
-rw-r--r--vnfs/DAaaS/deploy/minio/templates/networkpolicy.yaml25
-rwxr-xr-xvnfs/DAaaS/deploy/minio/templates/post-install-create-bucket-job.yaml59
-rw-r--r--vnfs/DAaaS/deploy/minio/templates/pvc.yaml27
-rw-r--r--vnfs/DAaaS/deploy/minio/templates/secrets.yaml18
-rw-r--r--vnfs/DAaaS/deploy/minio/templates/service.yaml46
-rw-r--r--vnfs/DAaaS/deploy/minio/templates/statefulset.yaml141
12 files changed, 738 insertions, 0 deletions
diff --git a/vnfs/DAaaS/deploy/minio/templates/NOTES.txt b/vnfs/DAaaS/deploy/minio/templates/NOTES.txt
new file mode 100644
index 00000000..b690f502
--- /dev/null
+++ b/vnfs/DAaaS/deploy/minio/templates/NOTES.txt
@@ -0,0 +1,44 @@
+{{- if eq .Values.service.type "ClusterIP" "NodePort" }}
+Minio can be accessed via port {{ .Values.service.port }} on the following DNS name from within your cluster:
+{{ template "minio.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
+
+To access Minio from localhost, run the below commands:
+
+ 1. export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+
+ 2. kubectl port-forward $POD_NAME 9000 --namespace {{ .Release.Namespace }}
+
+Read more about port forwarding here: http://kubernetes.io/docs/user-guide/kubectl/kubectl_port-forward/
+
+You can now access Minio server on http://localhost:9000. Follow the below steps to connect to Minio server with mc client:
+
+ 1. Download the Minio mc client - https://docs.minio.io/docs/minio-client-quickstart-guide
+
+ 2. mc config host add {{ template "minio.fullname" . }}-local http://localhost:9000 {{ .Values.accessKey }} {{ .Values.secretKey }} S3v4
+
+ 3. mc ls {{ template "minio.fullname" . }}-local
+
+Alternately, you can use your browser or the Minio SDK to access the server - https://docs.minio.io/categories/17
+{{- end }}
+{{- if eq .Values.service.type "LoadBalancer" }}
+Minio can be accessed via port {{ .Values.service.port }} on an external IP address. Get the service external IP address by:
+kubectl get svc --namespace {{ .Release.Namespace }} -l app={{ template "minio.fullname" . }}
+
+Note that the public IP may take a couple of minutes to be available.
+
+You can now access Minio server on http://<External-IP>:9000. Follow the below steps to connect to Minio server with mc client:
+
+ 1. Download the Minio mc client - https://docs.minio.io/docs/minio-client-quickstart-guide
+
+ 2. mc config host add {{ template "minio.fullname" . }}-local http://<External-IP>:{{ .Values.service.port }} {{ .Values.accessKey }} {{ .Values.secretKey }} S3v4
+
+ 3. mc ls {{ template "minio.fullname" . }}-local
+
+Alternately, you can use your browser or the Minio SDK to access the server - https://docs.minio.io/categories/17
+{{- end }}
+
+{{ if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }}
+Note: Since NetworkPolicy is enabled, only pods with label
+{{ template "minio.fullname" . }}-client=true"
+will be able to connect to this minio cluster.
+{{- end }}
diff --git a/vnfs/DAaaS/deploy/minio/templates/_helper_create_bucket.txt b/vnfs/DAaaS/deploy/minio/templates/_helper_create_bucket.txt
new file mode 100755
index 00000000..95528793
--- /dev/null
+++ b/vnfs/DAaaS/deploy/minio/templates/_helper_create_bucket.txt
@@ -0,0 +1,89 @@
+#!/bin/sh
+set -e ; # Have script exit in the event of a failed command.
+
+# connectToMinio
+# Use a check-sleep-check loop to wait for Minio service to be available
+connectToMinio() {
+ SCHEME=$1
+ ATTEMPTS=0 ; LIMIT=29 ; # Allow 30 attempts
+ set -e ; # fail if we can't read the keys.
+ ACCESS=$(cat /config/accesskey) ; SECRET=$(cat /config/secretkey) ;
+ set +e ; # The connections to minio are allowed to fail.
+ echo "Connecting to Minio server: $SCHEME://$MINIO_ENDPOINT:$MINIO_PORT" ;
+ MC_COMMAND="mc config host add myminio $SCHEME://$MINIO_ENDPOINT:$MINIO_PORT $ACCESS $SECRET" ;
+ $MC_COMMAND ;
+ STATUS=$? ;
+ until [ $STATUS = 0 ]
+ do
+ ATTEMPTS=`expr $ATTEMPTS + 1` ;
+ echo \"Failed attempts: $ATTEMPTS\" ;
+ if [ $ATTEMPTS -gt $LIMIT ]; then
+ exit 1 ;
+ fi ;
+ sleep 2 ; # 1 second intervals between attempts
+ $MC_COMMAND ;
+ STATUS=$? ;
+ done ;
+ set -e ; # reset `e` as active
+ return 0
+}
+
+# checkBucketExists ($bucket)
+# Check if the bucket exists, by using the exit code of `mc ls`
+checkBucketExists() {
+ BUCKET=$1
+ CMD=$(/usr/bin/mc ls myminio/$BUCKET > /dev/null 2>&1)
+ return $?
+}
+
+# createBucket ($bucket, $policy, $purge)
+# Ensure bucket exists, purging if asked to
+createBucket() {
+ BUCKET=$1
+ POLICY=$2
+ PURGE=$3
+
+ # Purge the bucket, if set & exists
+ # Since PURGE is user input, check explicitly for `true`
+ if [ $PURGE = true ]; then
+ if checkBucketExists $BUCKET ; then
+ echo "Purging bucket '$BUCKET'."
+ set +e ; # don't exit if this fails
+ /usr/bin/mc rm -r --force myminio/$BUCKET
+ set -e ; # reset `e` as active
+ else
+ echo "Bucket '$BUCKET' does not exist, skipping purge."
+ fi
+ fi
+
+ # Create the bucket if it does not exist
+ if ! checkBucketExists $BUCKET ; then
+ echo "Creating bucket '$BUCKET'"
+ /usr/bin/mc mb myminio/$BUCKET
+ else
+ echo "Bucket '$BUCKET' already exists."
+ fi
+
+ # At this point, the bucket should exist, skip checking for existence
+ # Set policy on the bucket
+ echo "Setting policy of bucket '$BUCKET' to '$POLICY'."
+ /usr/bin/mc policy $POLICY myminio/$BUCKET
+}
+
+# Try connecting to Minio instance
+{{- if .Values.tls.enabled }}
+scheme=https
+{{- else }}
+scheme=http
+{{- end }}
+connectToMinio $scheme
+
+{{- if or .Values.defaultBucket.enabled }}
+# Create the bucket
+createBucket {{ .Values.defaultBucket.name }} {{ .Values.defaultBucket.policy }} {{ .Values.defaultBucket.purge }}
+{{ else if .Values.buckets }}
+# Create the buckets
+{{- range .Values.buckets }}
+createBucket {{ .name }} {{ .policy }} {{ .purge }}
+{{- end }}
+{{- end }}
diff --git a/vnfs/DAaaS/deploy/minio/templates/_helpers.tpl b/vnfs/DAaaS/deploy/minio/templates/_helpers.tpl
new file mode 100644
index 00000000..c8fe9ba7
--- /dev/null
+++ b/vnfs/DAaaS/deploy/minio/templates/_helpers.tpl
@@ -0,0 +1,43 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "minio.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "minio.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "minio.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Return the appropriate apiVersion for networkpolicy.
+*/}}
+{{- define "minio.networkPolicy.apiVersion" -}}
+{{- if semverCompare ">=1.4-0, <1.7-0" .Capabilities.KubeVersion.GitVersion -}}
+{{- print "extensions/v1beta1" -}}
+{{- else if semverCompare "^1.7-0" .Capabilities.KubeVersion.GitVersion -}}
+{{- print "networking.k8s.io/v1" -}}
+{{- end -}}
+{{- end -}}
diff --git a/vnfs/DAaaS/deploy/minio/templates/configmap.yaml b/vnfs/DAaaS/deploy/minio/templates/configmap.yaml
new file mode 100644
index 00000000..cb11fcd7
--- /dev/null
+++ b/vnfs/DAaaS/deploy/minio/templates/configmap.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ template "minio.fullname" . }}
+ labels:
+ app: {{ template "minio.name" . }}
+ chart: {{ template "minio.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+ initialize: |-
+{{ include (print $.Template.BasePath "/_helper_create_bucket.txt") . | indent 4 }}
diff --git a/vnfs/DAaaS/deploy/minio/templates/deployment.yaml b/vnfs/DAaaS/deploy/minio/templates/deployment.yaml
new file mode 100644
index 00000000..af335b2d
--- /dev/null
+++ b/vnfs/DAaaS/deploy/minio/templates/deployment.yaml
@@ -0,0 +1,195 @@
+{{- if eq .Values.mode "standalone" }}
+apiVersion: apps/v1beta2
+kind: Deployment
+metadata:
+ name: {{ template "minio.fullname" . }}
+ labels:
+ app: {{ template "minio.name" . }}
+ chart: {{ template "minio.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ strategy:
+ type: {{ .Values.DeploymentUpdate.type }}
+ rollingUpdate:
+ maxSurge: {{ .Values.DeploymentUpdate.maxSurge }}
+ maxUnavailable: {{ .Values.DeploymentUpdate.maxUnavailable }}
+ {{- if .Values.nasgateway.enabled }}
+ replicas: {{ .Values.nasgateway.replicas }}
+ {{- end }}
+ {{- if .Values.s3gateway.enabled }}
+ replicas: {{ .Values.s3gateway.replicas }}
+ {{- end }}
+ {{- if .Values.azuregateway.enabled }}
+ replicas: {{ .Values.azuregateway.replicas }}
+ {{- end }}
+ {{- if .Values.gcsgateway.enabled }}
+ replicas: {{ .Values.gcsgateway.replicas }}
+ {{- end }}
+ {{- if .Values.ossgateway.enabled }}
+ replicas: {{ .Values.ossgateway.replicas }}
+ {{- end }}
+ selector:
+ matchLabels:
+ app: {{ template "minio.name" . }}
+ release: {{ .Release.Name }}
+ template:
+ metadata:
+ name: {{ template "minio.fullname" . }}
+ labels:
+ app: {{ template "minio.name" . }}
+ release: {{ .Release.Name }}
+ {{- if .Values.podAnnotations }}
+ annotations:
+{{ toYaml .Values.podAnnotations | indent 8 }}
+ {{- end }}
+ spec:
+ {{- if .Values.priorityClassName }}
+ priorityClassName: "{{ .Values.priorityClassName }}"
+ {{- end }}
+ containers:
+ - name: {{ .Chart.Name }}
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ {{- if .Values.s3gateway.enabled }}
+ command: [ "/bin/sh",
+ "-ce",
+ "/usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} gateway s3 {{ .Values.s3gateway.serviceEndpoint }}" ]
+ {{- else }}
+ {{- if .Values.azuregateway.enabled }}
+ command: [ "/bin/sh",
+ "-ce",
+ "/usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} gateway azure" ]
+ {{- else }}
+ {{- if .Values.gcsgateway.enabled }}
+ command: [ "/bin/sh",
+ "-ce",
+ "/usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} gateway gcs {{ .Values.gcsgateway.projectId }}" ]
+ {{- else }}
+ {{- if .Values.ossgateway.enabled }}
+ command: [ "/bin/sh",
+ "-ce",
+ "cp /tmp/config.json {{ .Values.configPath }} &&
+ /usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} gateway oss {{ .Values.ossgateway.endpointURL }}" ]
+ {{- else }}
+ {{- if .Values.nasgateway.enabled }}
+ command: [ "/bin/sh",
+ "-ce",
+ "/usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} gateway nas {{ .Values.mountPath }}" ]
+ {{- else }}
+ command: [ "/bin/sh",
+ "-ce",
+ "/usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} server {{ .Values.mountPath }}" ]
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ volumeMounts:
+ {{- if and .Values.persistence.enabled (not .Values.gcsgateway.enabled) (not .Values.azuregateway.enabled) (not .Values.s3gateway.enabled) }}
+ - name: export
+ mountPath: {{ .Values.mountPath }}
+ {{- if .Values.persistence.subPath }}
+ subPath: "{{ .Values.persistence.subPath }}"
+ {{- end }}
+ {{- end }}
+ {{- if .Values.gcsgateway.enabled }}
+ - name: minio-user
+ mountPath: "/etc/credentials"
+ readOnly: true
+ {{- end }}
+ - name: minio-config-dir
+ mountPath: {{ .Values.configPath }}
+ {{- if .Values.tls.enabled }}
+ - name: cert-secret-volume
+ mountPath: {{ .Values.configPath }}certs
+ {{ end }}
+ ports:
+ - name: service
+ containerPort: 9000
+ env:
+ - name: MINIO_ACCESS_KEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "minio.fullname" . }}{{ end }}
+ key: accesskey
+ - name: MINIO_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "minio.fullname" . }}{{ end }}
+ key: secretkey
+ {{- if .Values.gcsgateway.enabled }}
+ - name: GOOGLE_APPLICATION_CREDENTIALS
+ value: "/etc/credentials/gcs_key.json"
+ {{- end }}
+ {{- range $key, $val := .Values.environment }}
+ - name: {{ $key }}
+ value: {{ $val | quote }}
+ {{- end}}
+ livenessProbe:
+ httpGet:
+ path: /minio/health/live
+ port: service
+ {{- if .Values.tls.enabled }}
+ scheme: HTTPS
+ {{ else }}
+ scheme: HTTP
+ {{- end }}
+ initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.livenessProbe.successThreshold }}
+ failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+ readinessProbe:
+ httpGet:
+ {{- if .Values.tls.enabled }}
+ scheme: HTTPS
+ {{- end }}
+ path: /minio/health/ready
+ port: service
+ periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.readinessProbe.successThreshold }}
+ failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+ resources:
+{{ toYaml .Values.resources | indent 12 }}
+{{- with .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml . | indent 8 }}
+{{- end }}
+{{- with .Values.affinity }}
+ affinity:
+{{ toYaml . | indent 8 }}
+{{- end }}
+{{- with .Values.tolerations }}
+ tolerations:
+{{ toYaml . | indent 8 }}
+{{- end }}
+ volumes:
+ {{- if and (not .Values.gcsgateway.enabled) (not .Values.azuregateway.enabled) (not .Values.s3gateway.enabled) }}
+ - name: export
+ {{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ .Values.persistence.existingClaim | default (include "minio.fullname" .) }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
+ {{- end }}
+ - name: minio-user
+ secret:
+ secretName: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "minio.fullname" . }}{{ end }}
+ - name: minio-config-dir
+ emptyDir: {}
+ {{- if .Values.tls.enabled }}
+ - name: cert-secret-volume
+ secret:
+ secretName: {{ .Values.tls.certSecret }}
+ items:
+ - key: {{ .Values.tls.publicCrt }}
+ path: public.crt
+ - key: {{ .Values.tls.privateKey }}
+ path: private.key
+ - key: {{ .Values.tls.publicCrt }}
+ path: CAs/public.crt
+ {{ end }}
+{{- end }}
diff --git a/vnfs/DAaaS/deploy/minio/templates/ingress.yaml b/vnfs/DAaaS/deploy/minio/templates/ingress.yaml
new file mode 100644
index 00000000..5168b861
--- /dev/null
+++ b/vnfs/DAaaS/deploy/minio/templates/ingress.yaml
@@ -0,0 +1,39 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "minio.fullname" . -}}
+{{- $servicePort := .Values.service.port -}}
+{{- $ingressPath := .Values.ingress.path -}}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ $fullName }}
+ labels:
+ app: {{ template "minio.name" . }}
+ chart: {{ template "minio.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+{{- with .Values.ingress.annotations }}
+ annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.ingress.tls }}
+ tls:
+ {{- range .Values.ingress.tls }}
+ - hosts:
+ {{- range .hosts }}
+ - {{ . | quote }}
+ {{- end }}
+ secretName: {{ .secretName }}
+ {{- end }}
+{{- end }}
+ rules:
+ {{- range .Values.ingress.hosts }}
+ - host: {{ . | quote }}
+ http:
+ paths:
+ - path: {{ $ingressPath }}
+ backend:
+ serviceName: {{ $fullName }}
+ servicePort: {{ $servicePort }}
+ {{- end }}
+{{- end }}
diff --git a/vnfs/DAaaS/deploy/minio/templates/networkpolicy.yaml b/vnfs/DAaaS/deploy/minio/templates/networkpolicy.yaml
new file mode 100644
index 00000000..de57f485
--- /dev/null
+++ b/vnfs/DAaaS/deploy/minio/templates/networkpolicy.yaml
@@ -0,0 +1,25 @@
+{{- if .Values.networkPolicy.enabled }}
+kind: NetworkPolicy
+apiVersion: {{ template "minio.networkPolicy.apiVersion" . }}
+metadata:
+ name: {{ template "minio.fullname" . }}
+ labels:
+ app: {{ template "minio.name" . }}
+ chart: {{ template "minio.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ podSelector:
+ matchLabels:
+ app: {{ template "minio.name" . }}
+ release: {{ .Release.Name }}
+ ingress:
+ - ports:
+ - port: {{ .Values.service.port }}
+ {{- if not .Values.networkPolicy.allowExternal }}
+ from:
+ - podSelector:
+ matchLabels:
+ {{ template "minio.name" . }}-client: "true"
+ {{- end }}
+{{- end }}
diff --git a/vnfs/DAaaS/deploy/minio/templates/post-install-create-bucket-job.yaml b/vnfs/DAaaS/deploy/minio/templates/post-install-create-bucket-job.yaml
new file mode 100755
index 00000000..c581338a
--- /dev/null
+++ b/vnfs/DAaaS/deploy/minio/templates/post-install-create-bucket-job.yaml
@@ -0,0 +1,59 @@
+{{- if or .Values.defaultBucket.enabled .Values.buckets }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ template "minio.fullname" . }}-make-bucket-job
+ labels:
+ app: {{ template "minio.name" . }}
+ chart: {{ template "minio.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ annotations:
+ "helm.sh/hook": post-install,post-upgrade
+ "helm.sh/hook-delete-policy": hook-succeeded
+spec:
+ template:
+ metadata:
+ labels:
+ app: {{ template "minio.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ restartPolicy: OnFailure
+{{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+ volumes:
+ - name: minio-configuration
+ projected:
+ sources:
+ - configMap:
+ name: {{ template "minio.fullname" . }}
+ - secret:
+ name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "minio.fullname" . }}{{ end }}
+ {{- if .Values.tls.enabled }}
+ - name: cert-secret-volume-mc
+ secret:
+ secretName: {{ .Values.tls.certSecret }}
+ items:
+ - key: {{ .Values.tls.publicCrt }}
+ path: CAs/public.crt
+ {{ end }}
+ containers:
+ - name: minio-mc
+ image: "{{ .Values.mcImage.repository }}:{{ .Values.mcImage.tag }}"
+ imagePullPolicy: {{ .Values.mcImage.pullPolicy }}
+ command: ["/bin/sh", "/config/initialize"]
+ env:
+ - name: MINIO_ENDPOINT
+ value: {{ template "minio.fullname" . }}
+ - name: MINIO_PORT
+ value: {{ .Values.service.port | quote }}
+ volumeMounts:
+ - name: minio-configuration
+ mountPath: /config
+ {{- if .Values.tls.enabled }}
+ - name: cert-secret-volume-mc
+ mountPath: {{ .Values.configPathmc }}certs
+ {{ end }}
+{{- end }}
diff --git a/vnfs/DAaaS/deploy/minio/templates/pvc.yaml b/vnfs/DAaaS/deploy/minio/templates/pvc.yaml
new file mode 100644
index 00000000..3f4cbb03
--- /dev/null
+++ b/vnfs/DAaaS/deploy/minio/templates/pvc.yaml
@@ -0,0 +1,27 @@
+{{- if eq .Values.mode "standalone" }}
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: {{ template "minio.fullname" . }}
+ labels:
+ app: {{ template "minio.name" . }}
+ chart: {{ template "minio.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+{{- if and .Values.nasgateway.enabled .Values.nasgateway.pv }}
+ selector:
+ matchLabels:
+ pv: {{ .Values.nasgateway.pv | quote }}
+{{- end }}
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
+{{- if .Values.persistence.storageClass }}
+ storageClassName: {{ .Values.persistence.storageClass | quote }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/vnfs/DAaaS/deploy/minio/templates/secrets.yaml b/vnfs/DAaaS/deploy/minio/templates/secrets.yaml
new file mode 100644
index 00000000..b01e0d3c
--- /dev/null
+++ b/vnfs/DAaaS/deploy/minio/templates/secrets.yaml
@@ -0,0 +1,18 @@
+{{- if not .Values.existingSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ template "minio.fullname" . }}
+ labels:
+ app: {{ template "minio.name" . }}
+ chart: {{ template "minio.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+ accesskey: {{ .Values.accessKey | b64enc }}
+ secretkey: {{ .Values.secretKey | b64enc }}
+{{- if .Values.gcsgateway.enabled }}
+ gcs_key.json: {{ .Values.gcsgateway.gcsKeyJson | b64enc }}
+{{- end }}
+{{- end }}
diff --git a/vnfs/DAaaS/deploy/minio/templates/service.yaml b/vnfs/DAaaS/deploy/minio/templates/service.yaml
new file mode 100644
index 00000000..0799b287
--- /dev/null
+++ b/vnfs/DAaaS/deploy/minio/templates/service.yaml
@@ -0,0 +1,46 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ template "minio.fullname" . }}
+ labels:
+ app: {{ template "minio.name" . }}
+ chart: {{ template "minio.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+{{- if .Values.service.annotations }}
+ annotations:
+{{ toYaml .Values.service.annotations | indent 4 }}
+{{- end }}
+spec:
+{{- if (or (eq .Values.service.type "ClusterIP" "") (empty .Values.service.type)) }}
+ {{- if eq .Values.mode "distributed" }}
+ clusterIP: None
+ {{- else }}
+ type: ClusterIP
+ {{- end }}
+ {{- if not (empty .Values.service.clusterIP) }}
+ clusterIP: {{ .Values.service.clusterIP }}
+ {{end}}
+{{- else if eq .Values.service.type "LoadBalancer" }}
+ type: {{ .Values.service.type }}
+ loadBalancerIP: {{ default "" .Values.service.loadBalancerIP }}
+{{- else }}
+ type: {{ .Values.service.type }}
+{{- end }}
+ ports:
+ - name: service
+ port: 9000
+ targetPort: {{ .Values.service.port }}
+ protocol: TCP
+{{- if (and (eq .Values.service.type "NodePort") ( .Values.service.nodePort)) }}
+ nodePort: {{ .Values.service.nodePort }}
+{{- end}}
+{{- if .Values.service.externalIPs }}
+ externalIPs:
+{{- range $i , $ip := .Values.service.externalIPs }}
+ - {{ $ip }}
+{{- end }}
+{{- end }}
+ selector:
+ app: {{ template "minio.name" . }}
+ release: {{ .Release.Name }}
diff --git a/vnfs/DAaaS/deploy/minio/templates/statefulset.yaml b/vnfs/DAaaS/deploy/minio/templates/statefulset.yaml
new file mode 100644
index 00000000..447b671d
--- /dev/null
+++ b/vnfs/DAaaS/deploy/minio/templates/statefulset.yaml
@@ -0,0 +1,141 @@
+{{- if eq .Values.mode "distributed" }}
+{{ $nodeCount := .Values.replicas | int }}
+apiVersion: apps/v1beta1
+kind: StatefulSet
+metadata:
+ name: {{ template "minio.fullname" . }}
+ labels:
+ app: {{ template "minio.name" . }}
+ chart: {{ template "minio.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ updateStrategy:
+ type: {{ .Values.StatefulSetUpdate.updateStrategy }}
+ serviceName: {{ template "minio.fullname" . }}
+ replicas: {{ .Values.replicas }}
+ selector:
+ matchLabels:
+ app: {{ template "minio.name" . }}
+ release: {{ .Release.Name }}
+ template:
+ metadata:
+ name: {{ template "minio.fullname" . }}
+ labels:
+ app: {{ template "minio.name" . }}
+ release: {{ .Release.Name }}
+ {{- if .Values.podAnnotations }}
+ annotations:
+{{ toYaml .Values.podAnnotations | indent 8 }}
+ {{- end }}
+ spec:
+ {{- if .Values.priorityClassName }}
+ priorityClassName: "{{ .Values.priorityClassName }}"
+ {{- end }}
+ containers:
+ - name: {{ .Chart.Name }}
+ image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ {{- if .Values.tls.enabled }}
+ command: [ "/bin/sh",
+ "-ce",
+ "/usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} server
+ {{- range $i := until $nodeCount }}
+ https://{{ template `minio.fullname` $ }}-{{ $i }}.{{ template `minio.fullname` $ }}.{{ $.Release.Namespace }}.svc.{{ $.Values.clusterDomain }}{{ $.Values.mountPath }}
+ {{- end }}" ]
+ {{ else }}
+ command: [ "/bin/sh",
+ "-ce",
+ "/usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} server
+ {{- range $i := until $nodeCount }}
+ http://{{ template `minio.fullname` $ }}-{{ $i }}.{{ template `minio.fullname` $ }}.{{ $.Release.Namespace }}.svc.{{ $.Values.clusterDomain }}{{ $.Values.mountPath }}
+ {{- end }}" ]
+ {{ end }}
+ volumeMounts:
+ - name: export
+ mountPath: {{ .Values.mountPath }}
+ {{- if and .Values.persistence.enabled .Values.persistence.subPath }}
+ subPath: "{{ .Values.persistence.subPath }}"
+ {{- end }}
+ - name: minio-config-dir
+ mountPath: {{ .Values.configPath }}
+ {{- if .Values.tls.enabled }}
+ - name: cert-secret-volume
+ mountPath: {{ .Values.configPath }}certs
+ {{ end }}
+ ports:
+ - name: service
+ containerPort: 9000
+ env:
+ - name: MINIO_ACCESS_KEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "minio.fullname" . }}{{ end }}
+ key: accesskey
+ - name: MINIO_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "minio.fullname" . }}{{ end }}
+ key: secretkey
+ {{- range $key, $val := .Values.environment }}
+ - name: {{ $key }}
+ value: {{ $val | quote }}
+ {{- end}}
+ livenessProbe:
+ httpGet:
+ path: /minio/health/live
+ port: service
+ {{- if .Values.tls.enabled }}
+ scheme: HTTPS
+ {{ else }}
+ scheme: HTTP
+ {{- end }}
+ initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+ periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+ timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+ successThreshold: {{ .Values.livenessProbe.successThreshold }}
+ failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+ resources:
+{{ toYaml .Values.resources | indent 12 }}
+ {{- with .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml . | indent 8 }}
+ {{- end }}
+ {{- with .Values.affinity }}
+ affinity:
+{{ toYaml . | indent 8 }}
+ {{- end }}
+ {{- with .Values.tolerations }}
+ tolerations:
+{{ toYaml . | indent 8 }}
+ {{- end }}
+ volumes:
+ - name: minio-user
+ secret:
+ secretName: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "minio.fullname" . }}{{ end }}
+ - name: minio-config-dir
+ emptyDir: {}
+ {{- if .Values.tls.enabled }}
+ - name: cert-secret-volume
+ secret:
+ secretName: {{ .Values.tls.certSecret }}
+ items:
+ - key: {{ .Values.tls.publicCrt }}
+ path: public.crt
+ - key: {{ .Values.tls.privateKey }}
+ path: private.key
+ - key: {{ .Values.tls.publicCrt }}
+ path: CAs/public.crt
+ {{ end }}
+ volumeClaimTemplates:
+ - metadata:
+ name: export
+ spec:
+ accessModes: [ {{ .Values.persistence.accessMode | quote }} ]
+ {{- if .Values.persistence.storageClass }}
+ storageClassName: {{ .Values.persistence.storageClass }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size }}
+{{- end }}