apiVersion: appplatform.wcp.vmware.com/v1alpha2 kind: SupervisorServiceDefinition metadata: labels: appplatform.vmware.com/serviceId: minio appplatform.vmware.com/serviceVersion: 2.0.10 controller-tools.k8s.io: "1.0" managedBy: vSphere-AppPlatform name: minio-def-2.0.10 namespace: vmware-system-supervisor-services spec: crdYaml: content: |+ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.4.7 creationTimestamp: null name: nodemonitors.vmware.min.io spec: group: vmware.min.io names: kind: NodeMonitor listKind: NodeMonitorList plural: nodemonitors shortNames: - nodemonitor singular: nodemonitor scope: Cluster versions: - name: v1alpha1 schema: openAPIV3Schema: description: NodeMonitor configures the domains for which client requests a managed certificate. It also provides the current status of the certficate. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: 'Specification of the storage topology. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.' properties: condition: description: Condition for which this node was placed under monitoring type: string required: - condition type: object status: description: NodeMonitorStatus defines the observed state of NodeMonitor properties: error: description: Error that has occurred on the node. Present only when there is an error. type: string type: object type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.4.7 creationTimestamp: null name: podmonitors.vmware.min.io spec: group: vmware.min.io names: kind: PodMonitor listKind: PodMonitorList plural: podmonitors shortNames: - podmonitor singular: podmonitor scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: PodMonitor configures the domains for which client requests a managed certificate. It also provides the current status of the certficate. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: 'Specification of the storage topology. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.' properties: missingCondition: description: missingCondition type: string missingSince: description: indiciatnig since when this pod is missing format: date-time type: string podName: description: Name of the pod being monitored type: string required: - missingCondition - missingSince - podName type: object status: description: PodMonitorStatus defines the observed state of PodMonitor properties: error: description: Error that has occurred on the pvc. Present only when there is an error. type: string type: object type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.4.7 creationTimestamp: null name: pvcmonitors.vmware.min.io spec: group: vmware.min.io names: kind: PVCMonitor listKind: PVCMonitorList plural: pvcmonitors shortNames: - pvcmonitor singular: pvcmonitor scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: PVCMonitor configures the domains for which client requests a managed certificate. It also provides the current status of the certficate. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: 'Specification of the storage topology. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.' properties: inaccessibleSince: description: Opaque parameters describing attributes of the pvc format: date-time type: string persistentVolumeClaim: description: Name of the pvc being monitored type: string required: - inaccessibleSince - persistentVolumeClaim type: object status: description: PVCMonitorStatus defines the observed state of PVCMonitor properties: error: description: Error that has occurred on the pvc. Present only when there is an error. type: string type: object type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 operator.min.io/version: v5.0.14 name: tenants.minio.min.io spec: group: minio.min.io names: kind: Tenant listKind: TenantList plural: tenants shortNames: - tenant singular: tenant scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.currentState name: State type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v2 schema: openAPIV3Schema: properties: apiVersion: type: string kind: type: string metadata: type: object scheduler: properties: name: type: string required: - name type: object spec: properties: additionalVolumeMounts: items: properties: mountPath: type: string mountPropagation: type: string name: type: string readOnly: type: boolean subPath: type: string subPathExpr: type: string required: - mountPath - name type: object type: array additionalVolumes: items: properties: awsElasticBlockStore: properties: fsType: type: string partition: format: int32 type: integer readOnly: type: boolean volumeID: type: string required: - volumeID type: object azureDisk: properties: cachingMode: type: string diskName: type: string diskURI: type: string fsType: type: string kind: type: string readOnly: type: boolean required: - diskName - diskURI type: object azureFile: properties: readOnly: type: boolean secretName: type: string shareName: type: string required: - secretName - shareName type: object cephfs: properties: monitors: items: type: string type: array path: type: string readOnly: type: boolean secretFile: type: string secretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic user: type: string required: - monitors type: object cinder: properties: fsType: type: string readOnly: type: boolean secretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic volumeID: type: string required: - volumeID type: object configMap: properties: defaultMode: format: int32 type: integer items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array name: type: string optional: type: boolean type: object x-kubernetes-map-type: atomic csi: properties: driver: type: string fsType: type: string nodePublishSecretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic readOnly: type: boolean volumeAttributes: additionalProperties: type: string type: object required: - driver type: object downwardAPI: properties: defaultMode: format: int32 type: integer items: items: properties: fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: format: int32 type: integer path: type: string resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic required: - path type: object type: array type: object emptyDir: properties: medium: type: string sizeLimit: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: properties: volumeClaimTemplate: properties: metadata: properties: annotations: additionalProperties: type: string type: object finalizers: items: type: string type: array labels: additionalProperties: type: string type: object name: type: string namespace: type: string type: object spec: properties: accessModes: items: type: string type: array dataSource: properties: apiGroup: type: string kind: type: string name: type: string required: - kind - name type: object x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: type: string kind: type: string name: type: string namespace: type: string required: - kind - name type: object resources: properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object selector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: type: string volumeMode: type: string volumeName: type: string type: object required: - spec type: object type: object fc: properties: fsType: type: string lun: format: int32 type: integer readOnly: type: boolean targetWWNs: items: type: string type: array wwids: items: type: string type: array type: object flexVolume: properties: driver: type: string fsType: type: string options: additionalProperties: type: string type: object readOnly: type: boolean secretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic required: - driver type: object flocker: properties: datasetName: type: string datasetUUID: type: string type: object gcePersistentDisk: properties: fsType: type: string partition: format: int32 type: integer pdName: type: string readOnly: type: boolean required: - pdName type: object gitRepo: properties: directory: type: string repository: type: string revision: type: string required: - repository type: object glusterfs: properties: endpoints: type: string path: type: string readOnly: type: boolean required: - endpoints - path type: object hostPath: properties: path: type: string type: type: string required: - path type: object iscsi: properties: chapAuthDiscovery: type: boolean chapAuthSession: type: boolean fsType: type: string initiatorName: type: string iqn: type: string iscsiInterface: type: string lun: format: int32 type: integer portals: items: type: string type: array readOnly: type: boolean secretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic targetPortal: type: string required: - iqn - lun - targetPortal type: object name: type: string nfs: properties: path: type: string readOnly: type: boolean server: type: string required: - path - server type: object persistentVolumeClaim: properties: claimName: type: string readOnly: type: boolean required: - claimName type: object photonPersistentDisk: properties: fsType: type: string pdID: type: string required: - pdID type: object portworxVolume: properties: fsType: type: string readOnly: type: boolean volumeID: type: string required: - volumeID type: object projected: properties: defaultMode: format: int32 type: integer sources: items: properties: clusterTrustBundle: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic name: type: string optional: type: boolean path: type: string signerName: type: string required: - path type: object configMap: properties: items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array name: type: string optional: type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: properties: items: items: properties: fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: format: int32 type: integer path: type: string resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic required: - path type: object type: array type: object secret: properties: items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array name: type: string optional: type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: properties: audience: type: string expirationSeconds: format: int64 type: integer path: type: string required: - path type: object type: object type: array type: object quobyte: properties: group: type: string readOnly: type: boolean registry: type: string tenant: type: string user: type: string volume: type: string required: - registry - volume type: object rbd: properties: fsType: type: string image: type: string keyring: type: string monitors: items: type: string type: array pool: type: string readOnly: type: boolean secretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic user: type: string required: - image - monitors type: object scaleIO: properties: fsType: type: string gateway: type: string protectionDomain: type: string readOnly: type: boolean secretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic sslEnabled: type: boolean storageMode: type: string storagePool: type: string system: type: string volumeName: type: string required: - gateway - secretRef - system type: object secret: properties: defaultMode: format: int32 type: integer items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array optional: type: boolean secretName: type: string type: object storageos: properties: fsType: type: string readOnly: type: boolean secretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic volumeName: type: string volumeNamespace: type: string type: object vsphereVolume: properties: fsType: type: string storagePolicyID: type: string storagePolicyName: type: string volumePath: type: string required: - volumePath type: object required: - name type: object type: array buckets: items: properties: name: type: string objectLock: type: boolean region: type: string type: object type: array certConfig: properties: commonName: type: string dnsNames: items: type: string type: array organizationName: items: type: string type: array type: object configuration: properties: name: type: string type: object x-kubernetes-map-type: atomic credsSecret: properties: name: type: string type: object x-kubernetes-map-type: atomic env: items: properties: name: type: string value: type: string valueFrom: properties: configMapKeyRef: properties: key: type: string name: type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array exposeServices: properties: console: type: boolean minio: type: boolean type: object externalCaCertSecret: items: properties: name: type: string type: type: string required: - name type: object type: array externalCertSecret: items: properties: name: type: string type: type: string required: - name type: object type: array externalClientCertSecret: properties: name: type: string type: type: string required: - name type: object externalClientCertSecrets: items: properties: name: type: string type: type: string required: - name type: object type: array features: properties: bucketDNS: type: boolean domains: properties: console: type: string minio: items: type: string type: array type: object enableSFTP: type: boolean type: object image: type: string imagePullPolicy: type: string imagePullSecret: properties: name: type: string type: object x-kubernetes-map-type: atomic initContainers: items: properties: args: items: type: string type: array command: items: type: string type: array env: items: properties: name: type: string value: type: string valueFrom: properties: configMapKeyRef: properties: key: type: string name: type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array envFrom: items: properties: configMapRef: properties: name: type: string optional: type: boolean type: object x-kubernetes-map-type: atomic prefix: type: string secretRef: properties: name: type: string optional: type: boolean type: object x-kubernetes-map-type: atomic type: object type: array image: type: string imagePullPolicy: type: string lifecycle: properties: postStart: properties: exec: properties: command: items: type: string type: array type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object sleep: properties: seconds: format: int64 type: integer required: - seconds type: object tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object type: object preStop: properties: exec: properties: command: items: type: string type: array type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object sleep: properties: seconds: format: int64 type: integer required: - seconds type: object tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object type: object type: object livenessProbe: properties: exec: properties: command: items: type: string type: array type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object name: type: string ports: items: properties: containerPort: format: int32 type: integer hostIP: type: string hostPort: format: int32 type: integer name: type: string protocol: default: TCP type: string required: - containerPort type: object type: array x-kubernetes-list-map-keys: - containerPort - protocol x-kubernetes-list-type: map readinessProbe: properties: exec: properties: command: items: type: string type: array type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object resizePolicy: items: properties: resourceName: type: string restartPolicy: type: string required: - resourceName - restartPolicy type: object type: array x-kubernetes-list-type: atomic resources: properties: claims: items: properties: name: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object restartPolicy: type: string securityContext: properties: allowPrivilegeEscalation: type: boolean capabilities: properties: add: items: type: string type: array drop: items: type: string type: array type: object privileged: type: boolean procMount: type: string readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: properties: level: type: string role: type: string type: type: string user: type: string type: object seccompProfile: properties: localhostProfile: type: string type: type: string required: - type type: object windowsOptions: properties: gmsaCredentialSpec: type: string gmsaCredentialSpecName: type: string hostProcess: type: boolean runAsUserName: type: string type: object type: object startupProbe: properties: exec: properties: command: items: type: string type: array type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object stdin: type: boolean stdinOnce: type: boolean terminationMessagePath: type: string terminationMessagePolicy: type: string tty: type: boolean volumeDevices: items: properties: devicePath: type: string name: type: string required: - devicePath - name type: object type: array volumeMounts: items: properties: mountPath: type: string mountPropagation: type: string name: type: string readOnly: type: boolean subPath: type: string subPathExpr: type: string required: - mountPath - name type: object type: array workingDir: type: string required: - name type: object type: array kes: properties: affinity: properties: nodeAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: preference: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchFields: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array type: object x-kubernetes-map-type: atomic weight: format: int32 type: integer required: - preference - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: items: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchFields: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array type: object x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object x-kubernetes-map-type: atomic type: object podAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: podAffinityTerm: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object type: array type: object podAntiAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: podAffinityTerm: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object type: array type: object type: object annotations: additionalProperties: type: string type: object clientCertSecret: properties: name: type: string type: type: string required: - name type: object containerSecurityContext: properties: allowPrivilegeEscalation: type: boolean capabilities: properties: add: items: type: string type: array drop: items: type: string type: array type: object privileged: type: boolean procMount: type: string readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: properties: level: type: string role: type: string type: type: string user: type: string type: object seccompProfile: properties: localhostProfile: type: string type: type: string required: - type type: object windowsOptions: properties: gmsaCredentialSpec: type: string gmsaCredentialSpecName: type: string hostProcess: type: boolean runAsUserName: type: string type: object type: object env: items: properties: name: type: string value: type: string valueFrom: properties: configMapKeyRef: properties: key: type: string name: type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array externalCertSecret: properties: name: type: string type: type: string required: - name type: object gcpCredentialSecretName: type: string gcpWorkloadIdentityPool: type: string image: type: string imagePullPolicy: type: string kesSecret: properties: name: type: string type: object x-kubernetes-map-type: atomic keyName: type: string labels: additionalProperties: type: string type: object nodeSelector: additionalProperties: type: string type: object replicas: format: int32 type: integer resources: properties: claims: items: properties: name: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object securityContext: properties: fsGroup: format: int64 type: integer fsGroupChangePolicy: type: string runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: properties: level: type: string role: type: string type: type: string user: type: string type: object seccompProfile: properties: localhostProfile: type: string type: type: string required: - type type: object supplementalGroups: items: format: int64 type: integer type: array sysctls: items: properties: name: type: string value: type: string required: - name - value type: object type: array windowsOptions: properties: gmsaCredentialSpec: type: string gmsaCredentialSpecName: type: string hostProcess: type: boolean runAsUserName: type: string type: object type: object serviceAccountName: type: string tolerations: items: properties: effect: type: string key: type: string operator: type: string tolerationSeconds: format: int64 type: integer value: type: string type: object type: array topologySpreadConstraints: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer nodeAffinityPolicy: type: string nodeTaintsPolicy: type: string topologyKey: type: string whenUnsatisfiable: type: string required: - maxSkew - topologyKey - whenUnsatisfiable type: object type: array required: - kesSecret type: object lifecycle: properties: postStart: properties: exec: properties: command: items: type: string type: array type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object type: object preStop: properties: exec: properties: command: items: type: string type: array type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object type: object type: object liveness: properties: exec: properties: command: items: type: string type: array type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object logging: properties: anonymous: type: boolean json: type: boolean quiet: type: boolean type: object mountPath: type: string podManagementPolicy: type: string pools: items: properties: affinity: properties: nodeAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: preference: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchFields: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array type: object x-kubernetes-map-type: atomic weight: format: int32 type: integer required: - preference - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: items: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchFields: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array type: object x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object x-kubernetes-map-type: atomic type: object podAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: podAffinityTerm: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object type: array type: object podAntiAffinity: properties: preferredDuringSchedulingIgnoredDuringExecution: items: properties: podAffinityTerm: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object weight: format: int32 type: integer required: - podAffinityTerm - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic namespaces: items: type: string type: array topologyKey: type: string required: - topologyKey type: object type: array type: object type: object annotations: additionalProperties: type: string type: object containerSecurityContext: properties: allowPrivilegeEscalation: type: boolean capabilities: properties: add: items: type: string type: array drop: items: type: string type: array type: object privileged: type: boolean procMount: type: string readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: properties: level: type: string role: type: string type: type: string user: type: string type: object seccompProfile: properties: localhostProfile: type: string type: type: string required: - type type: object windowsOptions: properties: gmsaCredentialSpec: type: string gmsaCredentialSpecName: type: string hostProcess: type: boolean runAsUserName: type: string type: object type: object labels: additionalProperties: type: string type: object name: type: string nodeSelector: additionalProperties: type: string type: object reclaimStorage: type: boolean resources: properties: claims: items: properties: name: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object runtimeClassName: type: string securityContext: properties: fsGroup: format: int64 type: integer fsGroupChangePolicy: type: string runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: properties: level: type: string role: type: string type: type: string user: type: string type: object seccompProfile: properties: localhostProfile: type: string type: type: string required: - type type: object supplementalGroups: items: format: int64 type: integer type: array sysctls: items: properties: name: type: string value: type: string required: - name - value type: object type: array windowsOptions: properties: gmsaCredentialSpec: type: string gmsaCredentialSpecName: type: string hostProcess: type: boolean runAsUserName: type: string type: object type: object servers: format: int32 type: integer x-kubernetes-validations: - message: servers is immutable rule: self == oldSelf tolerations: items: properties: effect: type: string key: type: string operator: type: string tolerationSeconds: format: int64 type: integer value: type: string type: object type: array topologySpreadConstraints: items: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: items: type: string type: array x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer nodeAffinityPolicy: type: string nodeTaintsPolicy: type: string topologyKey: type: string whenUnsatisfiable: type: string required: - maxSkew - topologyKey - whenUnsatisfiable type: object type: array volumeClaimTemplate: properties: apiVersion: type: string kind: type: string metadata: properties: annotations: additionalProperties: type: string type: object finalizers: items: type: string type: array labels: additionalProperties: type: string type: object name: type: string namespace: type: string type: object spec: properties: accessModes: items: type: string type: array dataSource: properties: apiGroup: type: string kind: type: string name: type: string required: - kind - name type: object x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: type: string kind: type: string name: type: string namespace: type: string required: - kind - name type: object resources: properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object selector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: type: string volumeMode: type: string volumeName: type: string type: object status: properties: accessModes: items: type: string type: array allocatedResourceStatuses: additionalProperties: type: string type: object x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object capacity: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object conditions: items: properties: lastProbeTime: format: date-time type: string lastTransitionTime: format: date-time type: string message: type: string reason: type: string status: type: string type: type: string required: - status - type type: object type: array currentVolumeAttributesClassName: type: string modifyVolumeStatus: properties: status: type: string targetVolumeAttributesClassName: type: string required: - status type: object phase: type: string type: object type: object volumesPerServer: format: int32 type: integer x-kubernetes-validations: - message: volumesPerServer is immutable rule: self == oldSelf required: - name - servers - volumeClaimTemplate - volumesPerServer type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map priorityClassName: type: string prometheusOperator: type: boolean readiness: properties: exec: properties: command: items: type: string type: array type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object requestAutoCert: type: boolean serviceAccountName: type: string serviceMetadata: properties: consoleServiceAnnotations: additionalProperties: type: string type: object consoleServiceLabels: additionalProperties: type: string type: object minioServiceAnnotations: additionalProperties: type: string type: object minioServiceLabels: additionalProperties: type: string type: object type: object sideCars: properties: containers: items: properties: args: items: type: string type: array command: items: type: string type: array env: items: properties: name: type: string value: type: string valueFrom: properties: configMapKeyRef: properties: key: type: string name: type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array envFrom: items: properties: configMapRef: properties: name: type: string optional: type: boolean type: object x-kubernetes-map-type: atomic prefix: type: string secretRef: properties: name: type: string optional: type: boolean type: object x-kubernetes-map-type: atomic type: object type: array image: type: string imagePullPolicy: type: string lifecycle: properties: postStart: properties: exec: properties: command: items: type: string type: array type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object sleep: properties: seconds: format: int64 type: integer required: - seconds type: object tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object type: object preStop: properties: exec: properties: command: items: type: string type: array type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object sleep: properties: seconds: format: int64 type: integer required: - seconds type: object tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object type: object type: object livenessProbe: properties: exec: properties: command: items: type: string type: array type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object name: type: string ports: items: properties: containerPort: format: int32 type: integer hostIP: type: string hostPort: format: int32 type: integer name: type: string protocol: default: TCP type: string required: - containerPort type: object type: array x-kubernetes-list-map-keys: - containerPort - protocol x-kubernetes-list-type: map readinessProbe: properties: exec: properties: command: items: type: string type: array type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object resizePolicy: items: properties: resourceName: type: string restartPolicy: type: string required: - resourceName - restartPolicy type: object type: array x-kubernetes-list-type: atomic resources: properties: claims: items: properties: name: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object restartPolicy: type: string securityContext: properties: allowPrivilegeEscalation: type: boolean capabilities: properties: add: items: type: string type: array drop: items: type: string type: array type: object privileged: type: boolean procMount: type: string readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: properties: level: type: string role: type: string type: type: string user: type: string type: object seccompProfile: properties: localhostProfile: type: string type: type: string required: - type type: object windowsOptions: properties: gmsaCredentialSpec: type: string gmsaCredentialSpecName: type: string hostProcess: type: boolean runAsUserName: type: string type: object type: object startupProbe: properties: exec: properties: command: items: type: string type: array type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object stdin: type: boolean stdinOnce: type: boolean terminationMessagePath: type: string terminationMessagePolicy: type: string tty: type: boolean volumeDevices: items: properties: devicePath: type: string name: type: string required: - devicePath - name type: object type: array volumeMounts: items: properties: mountPath: type: string mountPropagation: type: string name: type: string readOnly: type: boolean subPath: type: string subPathExpr: type: string required: - mountPath - name type: object type: array workingDir: type: string required: - name type: object type: array resources: properties: claims: items: properties: name: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object volumeClaimTemplates: items: properties: apiVersion: type: string kind: type: string metadata: properties: annotations: additionalProperties: type: string type: object finalizers: items: type: string type: array labels: additionalProperties: type: string type: object name: type: string namespace: type: string type: object spec: properties: accessModes: items: type: string type: array dataSource: properties: apiGroup: type: string kind: type: string name: type: string required: - kind - name type: object x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: type: string kind: type: string name: type: string namespace: type: string required: - kind - name type: object resources: properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object selector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: type: string volumeMode: type: string volumeName: type: string type: object status: properties: accessModes: items: type: string type: array allocatedResourceStatuses: additionalProperties: type: string type: object x-kubernetes-map-type: granular allocatedResources: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object capacity: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object conditions: items: properties: lastProbeTime: format: date-time type: string lastTransitionTime: format: date-time type: string message: type: string reason: type: string status: type: string type: type: string required: - status - type type: object type: array currentVolumeAttributesClassName: type: string modifyVolumeStatus: properties: status: type: string targetVolumeAttributesClassName: type: string required: - status type: object phase: type: string type: object type: object type: array volumes: items: properties: awsElasticBlockStore: properties: fsType: type: string partition: format: int32 type: integer readOnly: type: boolean volumeID: type: string required: - volumeID type: object azureDisk: properties: cachingMode: type: string diskName: type: string diskURI: type: string fsType: type: string kind: type: string readOnly: type: boolean required: - diskName - diskURI type: object azureFile: properties: readOnly: type: boolean secretName: type: string shareName: type: string required: - secretName - shareName type: object cephfs: properties: monitors: items: type: string type: array path: type: string readOnly: type: boolean secretFile: type: string secretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic user: type: string required: - monitors type: object cinder: properties: fsType: type: string readOnly: type: boolean secretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic volumeID: type: string required: - volumeID type: object configMap: properties: defaultMode: format: int32 type: integer items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array name: type: string optional: type: boolean type: object x-kubernetes-map-type: atomic csi: properties: driver: type: string fsType: type: string nodePublishSecretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic readOnly: type: boolean volumeAttributes: additionalProperties: type: string type: object required: - driver type: object downwardAPI: properties: defaultMode: format: int32 type: integer items: items: properties: fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: format: int32 type: integer path: type: string resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic required: - path type: object type: array type: object emptyDir: properties: medium: type: string sizeLimit: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: properties: volumeClaimTemplate: properties: metadata: properties: annotations: additionalProperties: type: string type: object finalizers: items: type: string type: array labels: additionalProperties: type: string type: object name: type: string namespace: type: string type: object spec: properties: accessModes: items: type: string type: array dataSource: properties: apiGroup: type: string kind: type: string name: type: string required: - kind - name type: object x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: type: string kind: type: string name: type: string namespace: type: string required: - kind - name type: object resources: properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object selector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: type: string volumeMode: type: string volumeName: type: string type: object required: - spec type: object type: object fc: properties: fsType: type: string lun: format: int32 type: integer readOnly: type: boolean targetWWNs: items: type: string type: array wwids: items: type: string type: array type: object flexVolume: properties: driver: type: string fsType: type: string options: additionalProperties: type: string type: object readOnly: type: boolean secretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic required: - driver type: object flocker: properties: datasetName: type: string datasetUUID: type: string type: object gcePersistentDisk: properties: fsType: type: string partition: format: int32 type: integer pdName: type: string readOnly: type: boolean required: - pdName type: object gitRepo: properties: directory: type: string repository: type: string revision: type: string required: - repository type: object glusterfs: properties: endpoints: type: string path: type: string readOnly: type: boolean required: - endpoints - path type: object hostPath: properties: path: type: string type: type: string required: - path type: object iscsi: properties: chapAuthDiscovery: type: boolean chapAuthSession: type: boolean fsType: type: string initiatorName: type: string iqn: type: string iscsiInterface: type: string lun: format: int32 type: integer portals: items: type: string type: array readOnly: type: boolean secretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic targetPortal: type: string required: - iqn - lun - targetPortal type: object name: type: string nfs: properties: path: type: string readOnly: type: boolean server: type: string required: - path - server type: object persistentVolumeClaim: properties: claimName: type: string readOnly: type: boolean required: - claimName type: object photonPersistentDisk: properties: fsType: type: string pdID: type: string required: - pdID type: object portworxVolume: properties: fsType: type: string readOnly: type: boolean volumeID: type: string required: - volumeID type: object projected: properties: defaultMode: format: int32 type: integer sources: items: properties: clusterTrustBundle: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic name: type: string optional: type: boolean path: type: string signerName: type: string required: - path type: object configMap: properties: items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array name: type: string optional: type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: properties: items: items: properties: fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: format: int32 type: integer path: type: string resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic required: - path type: object type: array type: object secret: properties: items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array name: type: string optional: type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: properties: audience: type: string expirationSeconds: format: int64 type: integer path: type: string required: - path type: object type: object type: array type: object quobyte: properties: group: type: string readOnly: type: boolean registry: type: string tenant: type: string user: type: string volume: type: string required: - registry - volume type: object rbd: properties: fsType: type: string image: type: string keyring: type: string monitors: items: type: string type: array pool: type: string readOnly: type: boolean secretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic user: type: string required: - image - monitors type: object scaleIO: properties: fsType: type: string gateway: type: string protectionDomain: type: string readOnly: type: boolean secretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic sslEnabled: type: boolean storageMode: type: string storagePool: type: string system: type: string volumeName: type: string required: - gateway - secretRef - system type: object secret: properties: defaultMode: format: int32 type: integer items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array optional: type: boolean secretName: type: string type: object storageos: properties: fsType: type: string readOnly: type: boolean secretRef: properties: name: type: string type: object x-kubernetes-map-type: atomic volumeName: type: string volumeNamespace: type: string type: object vsphereVolume: properties: fsType: type: string storagePolicyID: type: string storagePolicyName: type: string volumePath: type: string required: - volumePath type: object required: - name type: object type: array type: object startup: properties: exec: properties: command: items: type: string type: array type: object failureThreshold: format: int32 type: integer grpc: properties: port: format: int32 type: integer service: type: string required: - port type: object httpGet: properties: host: type: string httpHeaders: items: properties: name: type: string value: type: string required: - name - value type: object type: array path: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true scheme: type: string required: - port type: object initialDelaySeconds: format: int32 type: integer periodSeconds: format: int32 type: integer successThreshold: format: int32 type: integer tcpSocket: properties: host: type: string port: anyOf: - type: integer - type: string x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: format: int64 type: integer timeoutSeconds: format: int32 type: integer type: object subPath: type: string users: items: properties: name: type: string type: object x-kubernetes-map-type: atomic type: array required: - pools type: object status: properties: availableReplicas: format: int32 type: integer certificates: nullable: true properties: autoCertEnabled: nullable: true type: boolean customCertificates: nullable: true properties: client: items: properties: certName: type: string domains: items: type: string type: array expiresIn: type: string expiry: type: string serialNo: type: string type: object type: array minio: items: properties: certName: type: string domains: items: type: string type: array expiresIn: type: string expiry: type: string serialNo: type: string type: object type: array minioCAs: items: properties: certName: type: string domains: items: type: string type: array expiresIn: type: string expiry: type: string serialNo: type: string type: object type: array type: object type: object currentState: type: string drivesHealing: format: int32 type: integer drivesOffline: format: int32 type: integer drivesOnline: format: int32 type: integer healthMessage: type: string healthStatus: type: string pools: items: properties: legacySecurityContext: type: boolean ssName: type: string state: type: string required: - ssName - state type: object nullable: true type: array provisionedBuckets: type: boolean provisionedUsers: type: boolean revision: format: int32 type: integer syncVersion: type: string usage: properties: capacity: format: int64 type: integer rawCapacity: format: int64 type: integer rawUsage: format: int64 type: integer tiers: items: properties: Name: type: string Type: type: string totalSize: format: int64 type: integer required: - Name - totalSize type: object type: array usage: format: int64 type: integer type: object waitingOnReady: format: date-time type: string writeQuorum: format: int32 type: integer required: - availableReplicas - certificates - currentState - pools - revision - syncVersion type: object required: - spec type: object served: true storage: true subresources: status: {} format: plain description: MinIO is a high-performance, cloud-native object store. Compatible with the Amazon S3 API, it scales seamlessly to hundreds of PBs and is simple to deploy and manage. eula: "MinIO Evaluation License Agreement\n\tThis MinIO Evaluation License Agreement (this “Agreement”) contains the terms and conditions that govern your access to and use of the Service Offerings (as defined below) and is an agreement between MinIO, Inc (“MinIO”) and you or the entity you represent. This Agreement shall become effective (“Effective Date”) when both You and MinIO have executed it and delivered counterparts of such signatures to the other party. You represent to us that you are lawfully able to enter into contracts. If you are entering into this Agreement for an entity, such as the company you work for, you represent to us that you have legal authority to bind that entity.\n\n\tPLEASE READ THIS AGREEMENT CAREFULLY BEFORE PURCHASING AND/OR USING SOFTWARE OR SERVICE OFFERINGS FROM MinIO.\n\n\tEVALUATION LICENSE. You are licensing the Software and Service Offerings for evaluation purposes, Your use of the Software and Service Offerings is only permitted in a non-production environment and for the period limited by this Agreement. Notwithstanding any other provision in this Agreement, an Evaluation License of the Software and Service Offerings is provided “AS-IS” without indemnification,support or warranty of any kind, expressed or implied\n\n\t1. Definitions. The following terms have the following meanings:\n\t1.1. “Affiliate“ means in respect of a party, any entity that from time to time, directly or indirectly, Controls, is Controlled by, or is under common Control with that party and any other entity agreed in writing by the parties as being an Affiliate in respect of either party;\n\t1.2. “Confidential Information” means information a party designates as confidential or reasonably considers as confidential, and includes pricing information on an Order Form. In addition, any software provided under this Agreement that is not made generally available to the public without an obligation of confidentiality shall be considered the Confidential Information of MinIO. “Confidential Information” excludes information that is (a) or becomes publicly available through no fault of the recipient, (b) received from a third party without a duty of confidentiality, (c) independently developed by the receiving party without breaching this Agreement, or (d) rightfully known or lawfully in the possession of the receiving party prior to disclosure from the other party, or (e) the information is licensed under an Open Source License (as defined by the Open Source Initiative (https://opensource.org/)).\n\t1.3. “Content” means software (including machine images), data, text, audio, video or images.\n\t1.4. “Customer,” “you” and “your” means the organization that enters into this Agreement and/or agrees to an Order Form.\n\t1.5. “Documentation” means the instructions, specifications and information regarding the Services or the Software available at https://subnet.min.io and https://docs.min.io\n\t1.6. “MinIO,” “we,” “our” and “us” means the MinIO, a Delaware corporation.\n\t1.7. “Order Form” means an ordering document for Subscriptions signed by both parties that refers to this Agreement, or submitted by you through our platform.\n\t1.8. “Service Offerings” means the Support Services (including associated APIs), MinIO SUBNET, MinIO Content, MinIO Software, MinIO Object Storage Suite, Subscription and Support, MinIO Marks, and any other product or service provided by us under this Agreement.\n\t1.9. “Supported Software” means any software included in your Subscription.\n\t1.10. “Subscription” means a time-bound subscription for MinIO Service Offerings including subscription to SUBNET, Services or Support or Consulting Services provided through SUBNET.\n\t1.11. “SUBNET” is the digital service platform through which Customers engage with MinIO and its Service Offerings.\n\t1.12. “Services” means Support Services included in a Subscription.\n\t1.13. “Term” means the term of this Agreement described in Section 8\n\t1.14. “Termination Date” means the effective date of termination provided in accordance with Section 8, in a notice from one party to the other.\n\t1.15. “Your Content” means all software, data (including Personal Data), text, images, audio, video, photographs, non-MinIO or third party applications, and other content and material, in any format, provided by You or any of Your Users that is stored in, or run on or through, the Services Offerings. Services under this Agreement, MinIO Software, other MinIO products and services, and MinIO intellectual property, and all derivative works thereof, do not fall within the meaning of the term “Your Content”. Your Content includes any Third Party Content that is brought by You into the Services by Your use of the Services or any MinIO provided tools\n\t2. Order and Structure\n\t2.1. Generally. You may access and use the Service Offerings in accordance with this Agreement. You will comply with the terms of this Agreement and all MinIO, rules and regulations applicable to your use of the Service Offerings.\n\t2.2. Services. We may provide you with direct-to engineering support delivered via SUBNET or any other means of our choice.\n\t2.3. Registration and your Account. To register to use the Service Offerings, you must create a username and password with a valid email address, a valid form of payment and provide us with the information requested in the registration process. Unless explicitly permitted by the Service Terms, you will only create one account per email address. You will provide complete and accurate information during the registration process and will update your information to ensure it remains accurate. You will not disclose your username, password or two-factor authentication information to any unauthorized persons. Neither you nor any End User will use the Services or Software in any manner or for any purpose other than as expressly permitted by this Agreement. You are responsible for all activities in your account, regardless of whether undertaken by you, your employees or a third party (including contractors or agents), and MinIO is not responsible for unauthorized access to your account. You will contact us immediately if you believe unauthorized activity has occurred in your account or if your account information is lost or stolen.\n\t3. Use of The Service Offerings\n\t3.1. Except as otherwise provided in this Agreement, You are responsible for all activities that occur under your account, and agree to notify MinIO immediately of any unauthorized use. Your Affiliates may enter into separate Agreements directly with us and you may allow an Affiliate to use your Subscriptions as long as you are responsible for the Affiliate’s compliance with this Agreement. You may not sell your subscription. You are responsible for identifying and authenticating all Users, for approving access by such Users to the Services Offerings, for controlling against unauthorized access by Users, and for maintaining the confidentiality of usernames, passwords and account information. You do not acquire under this Agreement any right or license to use the Services in excess of the scope and/or duration stated in this Agreement. Upon the end of the term of this Agreement, Your right to access and use the Subscription Services will terminate.\n\t3.2. You are responsible for properly configuring and using the Service Offerings and otherwise taking appropriate action to secure, protect and backup your accounts and Your Content and Data.\n\t3.3. You shall have sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness and ownership of all of Your Content and Your Applications.\n\t3.4. You agree not to use or permit use of the Services, including by uploading, emailing, posting, publishing or otherwise transmitting any material, including Your Content, Your Applications and Third Party Content, for any purpose that may violate applicable MinIO policies or terms.\n\t3.5. You are required to accept all patches, bug fixes, updates, maintenance and service packs (collectively, “Patches”) necessary for the proper function and security of the Service Offerings, including for the Programs and all software.\n\t4. Intellectual Property Rights\n\t4.1. You represent and warrant to us that: (i) you have all rights in your data necessary to grant the rights contemplated by this Agreement; and (ii) none of your data violates this Agreement, any applicable law or any third party’s intellectual property or other right.\n\t4.2. Except as provided in this Section 4, You retain all ownership and intellectual property rights in and to Your Content and Your Applications. MinIO or its licensors retain all ownership and intellectual property rights to the Service Offerings and derivative works thereof, and to anything developed or delivered by or on behalf of MinIO under this Agreement. Except as provided in this Section 4, nothing in this Agreement shall assign to Customer any intellectual property rights owned by MinIO and, for the avoidance of doubt, all intellectual property rights in and to any custom feature of the Supported Software created by MinIO, or the results of any unique implementation of the Supported Software by MinIO for Customer, or derivative works thereof shall continue to be owned by MinIO. MinIO may include software that is openly and freely licensed under the terms of a public license designated by a third party (“Open Source Software”). Nothing in these Terms shall be construed to limit your rights under such Open Source or similar license terms.\n\t4.3. Service Offerings License Grant. During the term of this Agreement and except as otherwise set forth in this Agreement, you have a non-exclusive, non-assignable, non-sublicensable, non-transferable limited right to access and use our “Service Offerings“ based support and maintenance services that you subscribed to including anything developed by MinIO and delivered to you as in accordance with this Agreement. MinIO develops and supports certain Software (“Supported Software”) and provides it as part of the Service Offerings. Subject to the terms of this Agreement, MinIO grants to you a limited, revocable, non-exclusive, non-sublicensable, non-transferable license to copy and use the Supported Software solely in connection with your permitted use of the Service Offerings. Except as provided in this Section 4.3, you obtain no rights under this Agreement from us to the Service Offerings, including any related intellectual property rights. As part of the Service Offerings, some MinIO Supported Software and Third-Party Content may be provided to you under separate Open Source licenses. Nothing in these Terms shall be construed to limit your rights under such Open Source or similar license terms.\n\t4.4. You are not obligated to provide us with any suggestions or other feedback about the Service Offerings or otherwise, but if you do, we may use and modify this feedback without any restriction or payment.\n\t4.5. License Restrictions. Customer shall not attempt to copy, duplicate, modify, create derivative works from or distribute all or any portion of the Service Offerings including the Supported Software or the Services; access all or any part of the Services in order to build a product or service which competes with the MinIO Services. Customer shall not attempt to and shall not assist any third party to: (a) make the Support Services available to any third parties (other than affiliates of Customer); (b) distribute any Software or other materials that have been made available to Customer by MinIO in connection with the Support Services. You will make every reasonable effort to prevent unauthorized third parties from accessing the Services and shall notify MinIO promptly of any such unauthorized access or use. You may not, or cause or permit others to modify, make derivative works of, disassemble, decompile, or reverse engineer any part of the Service Offerings (the foregoing prohibition includes but is not limited to review of data structures or similar materials produced by MinIO), or access or use the Services in order to build or support, and/or assist a third party in building or supporting, products or Services competitive to MinIO. You may not, or cause or permit others to license, sell, rent, lease, transfer, assign, distribute, display, host, outsource, disclose, permit timesharing, or otherwise commercially exploit or make the Service Offerings, MinIO Programs, Supported Software, MinIO Content, Services Environments or materials available, to any third party, other than as expressly permitted under the terms of the applicable order. Except as expressly provided herein no part of the Service Offerings may be copied, reproduced, distributed, republished, downloaded, displayed, posted or transmitted in any form or by any means, including but not limited to electronic, mechanical, photocopying, recording, or other means. You may only use the MinIO Marks in accordance with the MinIO Trademark Use Guidelines and Policy.\n\t5. Data Protection\n\t5.1. In performing the Services, MinIO will comply with the MinIO Services Privacy Policy, which is available at https://min.io/privacy-policy and incorporated herein by reference. The MinIO Services Privacy Policy is subject to change at MinIO’s discretion.\n\t5.2. Your Content may not include any sensitive or special data that imposes specific data security or data protection obligations on MinIO in addition to or different from those specified in the Service Specifications.\n\t6. Payments and Fees.\n\tNo payment is due under this Agreement.\n\t7. Confidentiality\n\tBy virtue of this Agreement, the parties may have access to information that is confidential to one another. We each agree to disclose only information that is required for the performance of obligations under this Agreement. Neither Party shall use the Confidential Information of the other Party for any purpose except to exercise its rights and perform its obligations under this Agreement. Neither Party shall disclose, or permit to be disclosed, either directly or indirectly, any Confidential Information of the other Party, except: (a) to its officers, employees, consultants and legal advisors who have a “need to know” such Confidential Information, who have been apprised of this restriction and who are themselves bound by non-disclosure obligations at least as restrictive as those set forth in this Agreement; or (b) where the Receiving Party becomes legally compelled to disclose Confidential Information. Each Party will take reasonable measures to protect the secrecy of, and avoid disclosure and unauthorized use of, the Confidential Information of the other Party, and will take at least those measures that it takes to protect its own confidential information of a like nature. The Receiving Party will use reasonable efforts to provide timely notice of any legally compelled disclosure to facilitate confidential treatment of Disclosing Party’s Confidential Information and will furnish only that portion of Confidential Information that it is legally required to disclose after exercising reasonable efforts to obtain assurance that such information will receive confidential treatment.\n\t8. Term and Termination\n\tThe term of this Agreement begins on the Effective Date and, unless terminated as provided below, continues in force for a period of 60 days from the Effective Date. . Either party may terminate this Agreement upon fifteen days prior written notice if the other party is in material breach of any term of this Agreement and fails to cure the breach within the fifteen-day period. A party who provides notice of breach must include in the notice a description of the alleged breach in reasonable detail. Upon termination or expiration of this Agreement, You shall discontinue use of the MinIo Software and Service Offerings.\n\t9. Representations and Warranties\n\tEach party hereby represents and warrants that it has the full power to enter into this Agreement.\n\tTHE SERVICE OFFERINGS AND THE SUPPORTED SOFTWARE ARE PROVIDED “AS IS” AND WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED AND MinIO HEREBY EXPRESSLY DISCLAIMS THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE. MinIO DOES NOT GUARANTEE OR WARRANT THAT THE USE OF THE SERVICE OFFERINGS OR SUPPORTED SOFTWARE WILL BE UNINTERRUPTED, COMPLY WITH REGULATORY REQUIREMENTS, BE ERROR-FREE, OR THAT MinIO WILL CORRECT ALL SOFTWARE PROBLEMS OR THAT ANY CONTENT WILL BE SECURE OR NOT OTHERWISE LOST OR ALTERED.\n\t10. Limitation of liability\n\tTO THE EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL MinIO OR OUR AFFILIATES BE LIABLE FOR ANY LOSS OF DATA, LOSS OF INCOME, LOSS OF OPPORTUNITY OR PROFITS, COST OF RECOVERY OR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL OR INDIRECT DAMAGES ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY.\n\tYOU ACKNOWLEDGE THAT MinIO DOES NOT CONTROL THE TRANSFER OF DATA OVER COMMUNICATIONS FACILITIES, INCLUDING THE INTERNET, AND THAT THE SERVICES MAY BE SUBJECT TO LIMITATIONS, DELAYS, AND OTHER PROBLEMS INHERENT IN THE USE OF SUCH COMMUNICATIONS FACILITIES. MINIO IS NOT RESPONSIBLE FOR ANY DELAYS, DELIVERY FAILURES, OR OTHER DAMAGE RESULTING FROM SUCH PROBLEMS. MinIO IS NOT RESPONSIBLE FOR ANY ISSUES RELATED TO THE PERFORMANCE, OPERATION OR SECURITY OF THE SERVICES THAT ARISE FROM YOUR CONTENT, YOUR APPLICATIONS OR THIRD PARTY CONTENT. MinIO DOES NOT MAKE ANY REPRESENTATION OR WARRANTY REGARDING THE RELIABILITY, ACCURACY, COMPLETENESS, CORRECTNESS, OR USEFULNESS OF THIRD PARTY CONTENT, AND DISCLAIMS ALL LIABILITIES ARISING FROM OR RELATED TO THIRD PARTY CONTENT.\n\tFURTHER, MinIO WILL NOT BE RESPONSIBLE FOR ANY COMPENSATION, REIMBURSEMENT, OR DAMAGES ARISING IN CONNECTION WITH: (A) YOUR INABILITY TO USE THE SERVICES, INCLUDING AS A RESULT OF ANY (I) TERMINATION OR SUSPENSION OF THIS AGREEMENT OR YOUR USE OF OR ACCESS TO THE SERVICE OFFERINGS, (II) OUR DISCONTINUATION OF ANY OR ALL OF THE SERVICE OFFERINGS, OR, (III) WITHOUT LIMITING ANY OBLIGATIONS UNDER THE SERVICE LEVEL AGREEMENTS, ANY UNANTICIPATED OR UNSCHEDULED DOWNTIME OF ALL OR A PORTION OF THE SERVICES FOR ANY REASON; (B) THE COST OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; (C) ANY INVESTMENTS, EXPENDITURES, OR COMMITMENTS BY YOU IN CONNECTION WITH THIS AGREEMENT OR YOUR USE OF OR ACCESS TO THE SERVICE OFFERINGS; OR (D) ANY UNAUTHORIZED ACCESS TO, ALTERATION OF, OR THE DELETION, DESTRUCTION, DAMAGE, LOSS OR FAILURE TO STORE ANY OF YOUR CONTENT OR OTHER DATA.\n\tIN NO EVENT SHALL THE AGGREGATE LIABILITY OF MinIO FOR ANY AND ALL CLAIMS RELATED TO THE SUBJECT MATTER OF THIS AGREEMENT EXCEED THE FEES PAID BY CUSTOMER DURING THE 12 MONTHS IMMEDIATELY PRECEDING THE FIRST DATE ON WHICH THE APPLICABLE CAUSE OF ACTION AROSE. THE LIMITATIONS OF LIABILITY IN THIS SECTION WILL APPLY EVEN IF MinIO HAS BEEN ADVISED OF THE POSSIBILITY OF ANY DAMAGE. THE PARTIES ACKNOWLEDGE THAT THE LIMITATIONS OF LIABILITY IN THIS SECTION REFLECT THE APPROPRIATE ALLOCATION OF RISK BETWEEN THE PARTIES AND THAT THESE LIMITATIONS OF LIABILITY SHALL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE.\n\t11. General\n\t11.1. Independent Contractor. MinIO is an independent contractor, and nothing in this Agreement or related to MinIO’s performance hereunder will be construed to create an employment or agency relationship between Customer and MinIO.\n\t11.2. Assignment. Neither Party may assign this Agreement or any of its rights or obligations under this Agreement without the prior written consent of the other Party; provided that MinIO may assign this Agreement without the written consent of Customer as part of a corporate reorganization, upon a change of control, consolidation, merger, reincorporation, sale of all or substantially all of its assets related to this Agreement, or in connection with a similar transaction or series of transactions. Effective upon such assignment, the assignee is deemed substituted for MinIO as a party to this Agreement and MinIO is fully released from all of its obligations and duties to perform under this Agreement. Any assignment or transfer in violation of this Section will be void. Subject to the foregoing, this Agreement will be binding upon and inure to the benefit of the Parties and their respective permitted successors and assigns. MinIO may freely subcontract the Support Services to third parties.\n\t11.3. Entire Agreement. This Agreement, including the Addendum and any other documents, policies incorporated by reference into this Agreement and the information which is incorporated into this Agreement by written reference (including reference to information contained in a URL or referenced policy), contains the entire agreement relating to the subject matter contained herein and supersedes all prior or contemporaneous agreements, written or oral, between the Parties. Except as set forth herein, neither this Agreement nor any Order may be modified or amended except in a written amendment signed by both Parties.\n\t11.4. Audit. MinIO may audit Your use of the Service Offerings (e.g., through use of software tools) to assess whether Your use of the Service Offerings is in accordance with this Agreement. You agree to cooperate with MinIO’s audit and provide reasonable assistance and access to information.Any such audit shall not unreasonably interfere with Your normal business operations.\n\t11.5. Export Restrictions. MinIO may supply Customer with technical data that is subject to export control restrictions under the MinIO and regulations of the United States. MinIO will not be responsible for Customer’s compliance with applicable export obligations or requirements for this technical data. Customer agrees to comply with all applicable export control restrictions And to obtain all required authorizations, permits, or licenses to export, re-export or import, as required. Without limiting the foregoing, you agree that you will not export, disclose, re-export or transfer the such data, directly or indirectly, to: (a) any U.S. embargoed destination; or (b) anyone on(or controlled by a person or entity on)a U.S. government restricted persons list, including those who have been prohibited from participating in U.S. export transactions by any federal agency of the U.S. government. You remain solely responsible for Your regulatory compliance in connection with Your use of the Services.\n\t11.6. Notice. Notices under this Agreement will be in writing and effective on the delivery date. We may provide any notice to you under this Agreement by posting a notice on the site for the applicable Services or sending a message to the email address associated with your account. To give us notice under this Agreement, you must send us your notice by certified mail, return receipt requested,postage prepaid to Attention: Legal Department, MinIO, Inc. 530B University Avenue, Palo Alto, California 94301\n\t11.7. Waiver. No term of this Agreement shall be considered waived and no breach excused by either Party unless made in writing. No consent, waiver, or excuse by either Party, express or implied, of any provision of this Agreement shall constitute a consent, waiver or excuse of any other breach of that or any other provision of this Agreement.\n\t11.8. Severability. If any provision of this Agreement is held illegal or unenforceable by any court of competent jurisdiction, such provision shall be deemed severed from the remaining provisions of this Agreement and shall not affect or impair the validity or enforceability of the remaining provisions of this Agreement. The Parties hereto agree to replace any such illegal or unenforceable provision with a new provision that has the most nearly similar permissible economic or other effect.\n\t11.9. Controlling Law. This Agreement will be governed by the MinIO of the State of California, without reference to conflict of MinIO principles. In any dispute arising out of this Agreement, Customer and MinIO each consent to the exclusive personal jurisdiction and venue in the state and federal courts within Santa Clara County, California. The Parties exclude the provisions of the United Nations Convention on Contracts for the International Sale of Goods from this Agreement and any transactions that may be implemented in connection with this Agreement.\n" label: MinIO operatorYaml: content: |+ {{ if .Values.registryUsername }} apiVersion: v1 kind: Secret metadata: name: {{ .service.prefix }}-regcred namespace: {{ .service.namespace }} data: .dockerconfigjson: {{ printf "{\"auths\": {\"%s\": {\"auth\": \"%s\"}}}" .Values.registryName (printf "%s:%s" .Values.registryUsername .Values.registryPasswd | b64enc) | b64enc }} type: kubernetes.io/dockerconfigjson {{ end }} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.15.0 operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io operator.min.io/version: v5.0.15 name: miniojobs.job.min.io spec: group: job.min.io names: kind: MinIOJob listKind: MinIOJobList plural: miniojobs shortNames: - miniojob singular: miniojob scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .spec.tenant.name name: Tenant type: string - jsonPath: .spec.status.phase name: Phase type: string name: v1alpha1 schema: openAPIV3Schema: properties: apiVersion: type: string kind: type: string metadata: type: object spec: properties: commands: items: properties: args: additionalProperties: type: string type: object command: items: type: string type: array dependsOn: items: type: string type: array env: items: properties: name: type: string value: type: string valueFrom: properties: configMapKeyRef: properties: key: type: string name: default: "" type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic secretKeyRef: properties: key: type: string name: default: "" type: string optional: type: boolean required: - key type: object x-kubernetes-map-type: atomic type: object required: - name type: object type: array envFrom: items: properties: configMapRef: properties: name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic prefix: type: string secretRef: properties: name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic type: object type: array name: type: string op: type: string resources: properties: claims: items: properties: name: type: string required: - name type: object type: array x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object volumeMounts: items: properties: mountPath: type: string mountPropagation: type: string name: type: string readOnly: type: boolean recursiveReadOnly: type: string subPath: type: string subPathExpr: type: string required: - mountPath - name type: object type: array volumes: items: properties: awsElasticBlockStore: properties: fsType: type: string partition: format: int32 type: integer readOnly: type: boolean volumeID: type: string required: - volumeID type: object azureDisk: properties: cachingMode: type: string diskName: type: string diskURI: type: string fsType: type: string kind: type: string readOnly: type: boolean required: - diskName - diskURI type: object azureFile: properties: readOnly: type: boolean secretName: type: string shareName: type: string required: - secretName - shareName type: object cephfs: properties: monitors: items: type: string type: array x-kubernetes-list-type: atomic path: type: string readOnly: type: boolean secretFile: type: string secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic user: type: string required: - monitors type: object cinder: properties: fsType: type: string readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic volumeID: type: string required: - volumeID type: object configMap: properties: defaultMode: format: int32 type: integer items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array x-kubernetes-list-type: atomic name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic csi: properties: driver: type: string fsType: type: string nodePublishSecretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic readOnly: type: boolean volumeAttributes: additionalProperties: type: string type: object required: - driver type: object downwardAPI: properties: defaultMode: format: int32 type: integer items: items: properties: fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: format: int32 type: integer path: type: string resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic required: - path type: object type: array x-kubernetes-list-type: atomic type: object emptyDir: properties: medium: type: string sizeLimit: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: properties: volumeClaimTemplate: properties: metadata: properties: annotations: additionalProperties: type: string type: object finalizers: items: type: string type: array labels: additionalProperties: type: string type: object name: type: string namespace: type: string type: object spec: properties: accessModes: items: type: string type: array x-kubernetes-list-type: atomic dataSource: properties: apiGroup: type: string kind: type: string name: type: string required: - kind - name type: object x-kubernetes-map-type: atomic dataSourceRef: properties: apiGroup: type: string kind: type: string name: type: string namespace: type: string required: - kind - name type: object resources: properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object type: object selector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic storageClassName: type: string volumeAttributesClassName: type: string volumeMode: type: string volumeName: type: string type: object required: - spec type: object type: object fc: properties: fsType: type: string lun: format: int32 type: integer readOnly: type: boolean targetWWNs: items: type: string type: array x-kubernetes-list-type: atomic wwids: items: type: string type: array x-kubernetes-list-type: atomic type: object flexVolume: properties: driver: type: string fsType: type: string options: additionalProperties: type: string type: object readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic required: - driver type: object flocker: properties: datasetName: type: string datasetUUID: type: string type: object gcePersistentDisk: properties: fsType: type: string partition: format: int32 type: integer pdName: type: string readOnly: type: boolean required: - pdName type: object gitRepo: properties: directory: type: string repository: type: string revision: type: string required: - repository type: object glusterfs: properties: endpoints: type: string path: type: string readOnly: type: boolean required: - endpoints - path type: object hostPath: properties: path: type: string type: type: string required: - path type: object iscsi: properties: chapAuthDiscovery: type: boolean chapAuthSession: type: boolean fsType: type: string initiatorName: type: string iqn: type: string iscsiInterface: type: string lun: format: int32 type: integer portals: items: type: string type: array x-kubernetes-list-type: atomic readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic targetPortal: type: string required: - iqn - lun - targetPortal type: object name: type: string nfs: properties: path: type: string readOnly: type: boolean server: type: string required: - path - server type: object persistentVolumeClaim: properties: claimName: type: string readOnly: type: boolean required: - claimName type: object photonPersistentDisk: properties: fsType: type: string pdID: type: string required: - pdID type: object portworxVolume: properties: fsType: type: string readOnly: type: boolean volumeID: type: string required: - volumeID type: object projected: properties: defaultMode: format: int32 type: integer sources: items: properties: clusterTrustBundle: properties: labelSelector: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic name: type: string optional: type: boolean path: type: string signerName: type: string required: - path type: object configMap: properties: items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array x-kubernetes-list-type: atomic name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: properties: items: items: properties: fieldRef: properties: apiVersion: type: string fieldPath: type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: format: int32 type: integer path: type: string resourceFieldRef: properties: containerName: type: string divisor: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: type: string required: - resource type: object x-kubernetes-map-type: atomic required: - path type: object type: array x-kubernetes-list-type: atomic type: object secret: properties: items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array x-kubernetes-list-type: atomic name: default: "" type: string optional: type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: properties: audience: type: string expirationSeconds: format: int64 type: integer path: type: string required: - path type: object type: object type: array x-kubernetes-list-type: atomic type: object quobyte: properties: group: type: string readOnly: type: boolean registry: type: string tenant: type: string user: type: string volume: type: string required: - registry - volume type: object rbd: properties: fsType: type: string image: type: string keyring: type: string monitors: items: type: string type: array x-kubernetes-list-type: atomic pool: type: string readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic user: type: string required: - image - monitors type: object scaleIO: properties: fsType: type: string gateway: type: string protectionDomain: type: string readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic sslEnabled: type: boolean storageMode: type: string storagePool: type: string system: type: string volumeName: type: string required: - gateway - secretRef - system type: object secret: properties: defaultMode: format: int32 type: integer items: items: properties: key: type: string mode: format: int32 type: integer path: type: string required: - key - path type: object type: array x-kubernetes-list-type: atomic optional: type: boolean secretName: type: string type: object storageos: properties: fsType: type: string readOnly: type: boolean secretRef: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic volumeName: type: string volumeNamespace: type: string type: object vsphereVolume: properties: fsType: type: string storagePolicyID: type: string storagePolicyName: type: string volumePath: type: string required: - volumePath type: object required: - name type: object type: array type: object type: array containerSecurityContext: properties: allowPrivilegeEscalation: type: boolean appArmorProfile: properties: localhostProfile: type: string type: type: string required: - type type: object capabilities: properties: add: items: type: string type: array x-kubernetes-list-type: atomic drop: items: type: string type: array x-kubernetes-list-type: atomic type: object privileged: type: boolean procMount: type: string readOnlyRootFilesystem: type: boolean runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: properties: level: type: string role: type: string type: type: string user: type: string type: object seccompProfile: properties: localhostProfile: type: string type: type: string required: - type type: object windowsOptions: properties: gmsaCredentialSpec: type: string gmsaCredentialSpecName: type: string hostProcess: type: boolean runAsUserName: type: string type: object type: object execution: default: parallel enum: - parallel - sequential type: string failureStrategy: default: continueOnFailure enum: - continueOnFailure - stopOnFailure type: string imagePullPolicy: type: string imagePullSecret: items: properties: name: default: "" type: string type: object x-kubernetes-map-type: atomic type: array mcImage: default: quay.io/minio/mc:latest type: string securityContext: properties: appArmorProfile: properties: localhostProfile: type: string type: type: string required: - type type: object fsGroup: format: int64 type: integer fsGroupChangePolicy: type: string runAsGroup: format: int64 type: integer runAsNonRoot: type: boolean runAsUser: format: int64 type: integer seLinuxOptions: properties: level: type: string role: type: string type: type: string user: type: string type: object seccompProfile: properties: localhostProfile: type: string type: type: string required: - type type: object supplementalGroups: items: format: int64 type: integer type: array x-kubernetes-list-type: atomic sysctls: items: properties: name: type: string value: type: string required: - name - value type: object type: array x-kubernetes-list-type: atomic windowsOptions: properties: gmsaCredentialSpec: type: string gmsaCredentialSpecName: type: string hostProcess: type: boolean runAsUserName: type: string type: object type: object serviceAccountName: type: string tenant: properties: name: type: string namespace: type: string required: - name - namespace type: object required: - commands - serviceAccountName - tenant type: object status: properties: commands: items: properties: message: type: string name: type: string result: type: string required: - result type: object type: array message: type: string phase: type: string type: object type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.15.0 operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io operator.min.io/version: v5.0.15 name: policybindings.sts.min.io spec: group: sts.min.io names: kind: PolicyBinding listKind: PolicyBindingList plural: policybindings shortNames: - policybinding singular: policybinding scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.currentState name: State type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1alpha1 schema: openAPIV3Schema: properties: apiVersion: type: string kind: type: string metadata: type: object spec: properties: application: properties: namespace: type: string serviceaccount: type: string required: - namespace - serviceaccount type: object policies: items: type: string type: array required: - application - policies type: object status: properties: currentState: type: string usage: nullable: true properties: authotizations: format: int64 type: integer type: object required: - currentState - usage type: object type: object served: true storage: false subresources: status: {} - additionalPrinterColumns: - jsonPath: .status.currentState name: State type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1beta1 schema: openAPIV3Schema: properties: apiVersion: type: string kind: type: string metadata: type: object spec: properties: application: properties: namespace: type: string serviceaccount: type: string required: - namespace - serviceaccount type: object policies: items: type: string type: array required: - application - policies type: object status: properties: currentState: type: string usage: nullable: true properties: authotizations: format: int64 type: integer type: object required: - currentState - usage type: object type: object served: true storage: true subresources: status: {} --- apiVersion: v1 kind: ServiceAccount metadata: annotations: operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io name: '{{ .service.prefix }}-console-sa' namespace: '{{ .service.namespace }}' --- apiVersion: v1 kind: ServiceAccount metadata: annotations: operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io name: '{{ .service.prefix }}-minio-operator' namespace: '{{ .service.namespace }}' --- apiVersion: v1 kind: ServiceAccount metadata: name: '{{ .service.prefix }}-vsphere-sa' namespace: '{{ .service.namespace }}' --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io name: '{{ .service.prefix }}-console-sa-role' rules: - apiGroups: - "" resources: - secrets verbs: - get - watch - create - list - patch - update - delete - deletecollection - apiGroups: - "" resources: - namespaces - services - events - resourcequotas - nodes verbs: - get - watch - create - list - patch - apiGroups: - "" resources: - pods verbs: - get - watch - create - list - patch - delete - deletecollection - apiGroups: - "" resources: - persistentvolumeclaims verbs: - deletecollection - list - get - watch - update - apiGroups: - storage.k8s.io resources: - storageclasses verbs: - get - watch - create - list - patch - apiGroups: - apps resources: - statefulsets - deployments verbs: - get - create - list - patch - watch - update - delete - apiGroups: - batch resources: - jobs verbs: - get - create - list - patch - watch - update - delete - apiGroups: - certificates.k8s.io resources: - certificatesigningrequests - certificatesigningrequests/approval - certificatesigningrequests/status verbs: - update - create - get - delete - list - apiGroups: - minio.min.io resources: - '*' verbs: - '*' - apiGroups: - min.io resources: - '*' verbs: - '*' - apiGroups: - "" resources: - persistentvolumes verbs: - get - list - watch - create - delete - apiGroups: - "" resources: - persistentvolumeclaims verbs: - get - list - watch - update - apiGroups: - "" resources: - events verbs: - create - list - watch - update - patch - apiGroups: - snapshot.storage.k8s.io resources: - volumesnapshots verbs: - get - list - apiGroups: - snapshot.storage.k8s.io resources: - volumesnapshotcontents verbs: - get - list - apiGroups: - storage.k8s.io resources: - csinodes verbs: - get - list - watch - apiGroups: - storage.k8s.io resources: - volumeattachments verbs: - get - list - watch - apiGroups: - "" resources: - endpoints verbs: - get - list - watch - create - update - delete - apiGroups: - coordination.k8s.io resources: - leases verbs: - get - list - watch - create - update - delete - apiGroups: - apiextensions.k8s.io resources: - customresourcedefinitions verbs: - get - list - watch - create - update - delete - apiGroups: - "" resources: - pod - pods/log verbs: - get - list - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io name: '{{ .service.prefix }}-minio-operator-role' rules: - apiGroups: - policy resourceNames: - wcp-privileged-psp resources: - podsecuritypolicies verbs: - use - apiGroups: - apiextensions.k8s.io resources: - customresourcedefinitions verbs: - get - update - apiGroups: - "" resources: - persistentvolumeclaims verbs: - get - update - list - delete - apiGroups: - "" resources: - namespaces - nodes verbs: - get - watch - list - apiGroups: - "" resources: - pods - services - events - configmaps verbs: - get - watch - create - list - delete - deletecollection - update - patch - apiGroups: - "" resources: - secrets verbs: - get - watch - create - update - list - delete - deletecollection - apiGroups: - "" resources: - serviceaccounts verbs: - create - delete - get - list - patch - update - watch - apiGroups: - rbac.authorization.k8s.io resources: - roles - rolebindings verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps resources: - statefulsets - deployments - deployments/finalizers verbs: - get - create - list - patch - watch - update - delete - apiGroups: - batch resources: - jobs verbs: - get - create - list - patch - watch - update - delete - apiGroups: - certificates.k8s.io resources: - certificatesigningrequests - certificatesigningrequests/approval - certificatesigningrequests/status verbs: - update - create - get - delete - list - apiGroups: - certificates.k8s.io resourceNames: - kubernetes.io/legacy-unknown - kubernetes.io/kube-apiserver-client - kubernetes.io/kubelet-serving - beta.eks.amazonaws.com/app-serving resources: - signers verbs: - approve - sign - apiGroups: - authentication.k8s.io resources: - tokenreviews verbs: - create - apiGroups: - minio.min.io - sts.min.io - job.min.io resources: - '*' verbs: - '*' - apiGroups: - min.io resources: - '*' verbs: - '*' - apiGroups: - monitoring.coreos.com resources: - prometheuses verbs: - '*' - apiGroups: - coordination.k8s.io resources: - leases verbs: - get - update - create - apiGroups: - policy resources: - poddisruptionbudgets verbs: - create - delete - get - list - patch - update - deletecollection --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: '{{ .service.prefix }}-vsphere-aggregated-edit' rules: - apiGroups: - minio.min.io resources: - tenants verbs: - create - update - patch - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: rbac.authorization.k8s.io/aggregate-to-view: "true" name: '{{ .service.prefix }}-vsphere-aggregated-view' rules: - apiGroups: - minio.min.io resources: - tenants verbs: - get - list - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: '{{ .service.prefix }}-vsphere-sa-role' rules: - apiGroups: - policy resourceNames: - wcp-privileged-psp resources: - podsecuritypolicies verbs: - use - apiGroups: - "" resources: - namespaces - events - nodes - resourcequotas - statefulsets - resourcequotas verbs: - get - watch - create - list - patch - apiGroups: - "" resources: - secrets verbs: - get - watch - create - list - patch - deletecollection - apiGroups: - storage.k8s.io resources: - storageclasses verbs: - get - watch - create - list - patch - apiGroups: - "" resources: - services verbs: - get - update - apiGroups: - "" resources: - pods verbs: - get - watch - create - list - patch - delete - apiGroups: - "" resources: - configmaps verbs: - get - create - update - apiGroups: - "" resources: - persistentvolumeclaims verbs: - get - update - delete - list - watch - deletecollection - apiGroups: - networking.k8s.io resources: - networkpolicies verbs: - list - watch - get - create - apiGroups: - storage.k8s.io resources: - storageclasses verbs: - get - watch - create - list - patch - apiGroups: - apps resources: - statefulsets - deployments verbs: - get - create - list - patch - watch - update - delete - apiGroups: - batch resources: - jobs verbs: - get - create - list - patch - watch - update - delete - apiGroups: - certificates.k8s.io resources: - certificatesigningrequests - certificatesigningrequests/approval - certificatesigningrequests/status verbs: - update - create - get - apiGroups: - minio.min.io resources: - '*' verbs: - '*' - apiGroups: - min.io resources: - '*' verbs: - '*' - apiGroups: - cns.vmware.com resources: - '*' verbs: - list - get - apiGroups: - vmware.min.io resources: - '*' verbs: - '*' --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io name: '{{ .service.prefix }}-console-sa-binding' roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: '{{ .service.prefix }}-console-sa-role' subjects: - kind: ServiceAccount name: '{{ .service.prefix }}-console-sa' namespace: '{{ .service.namespace }}' --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: annotations: operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io name: '{{ .service.prefix }}-minio-operator-binding' roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: '{{ .service.prefix }}-minio-operator-role' subjects: - kind: ServiceAccount name: '{{ .service.prefix }}-minio-operator' namespace: '{{ .service.namespace }}' --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: '{{ .service.prefix }}-minio-operator-default-sa-binding' roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: '{{ .service.prefix }}-minio-operator-role' subjects: - kind: ServiceAccount name: default namespace: '{{ .service.namespace }}' --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: '{{ .service.prefix }}-minio-vsphere-default-sa-binding' roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: '{{ .service.prefix }}-vsphere-sa-role' subjects: - kind: ServiceAccount name: default namespace: '{{ .service.namespace }}' --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: '{{ .service.prefix }}-vsphere-sa-binding' roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: '{{ .service.prefix }}-vsphere-sa-role' subjects: - kind: ServiceAccount name: '{{ .service.prefix }}-vsphere-sa' namespace: '{{ .service.namespace }}' --- apiVersion: v1 data: health_en: "io.minio=MinIO\nminio=MinIO Service\nminio.storage.short=Storage Status \nminio.storage.desc=Storage shows the health status per MinIO instance in its corresponding namespace\nminio.storage.testname=Storage\nminio.storage.table.label=MinIO Instances\nminio.storage.columns.instance=MinIO Instance \nminio.storage.columns.namespace=Namespace \nminio.storage.columns.healthstatus=Health \nminio.storage.columns.healthmessage=Comments\nminio.storage.columns.onlinedisks=Online Disks\nminio.storage.columns.offlinedisks=Offline Disks\nminio.storage.columns.healingdisks=Healing Disks\nio.min.vsphere=MinIO Volumes" kind: ConfigMap metadata: labels: vmware.vsphere.health: catalog name: '{{ .service.prefix }}-catalog' namespace: '{{ .service.namespace }}' --- apiVersion: v1 data: CONSOLE_PORT: "9090" CONSOLE_TLS_PORT: "9443" kind: ConfigMap metadata: annotations: operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io name: '{{ .service.prefix }}-console-env' namespace: '{{ .service.namespace }}' --- apiVersion: v1 kind: Secret metadata: annotations: kubernetes.io/service-account.name: console-sa operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io name: '{{ .service.prefix }}-console-sa-secret' namespace: '{{ .service.namespace }}' type: kubernetes.io/service-account-token --- apiVersion: v1 kind: Service metadata: annotations: operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io labels: app.kubernetes.io/instance: minio-operator app.kubernetes.io/name: operator name: minio-operator name: operator namespace: '{{ .service.namespace }}' spec: ports: - name: http port: 4221 selector: name: minio-operator operator: leader type: ClusterIP --- apiVersion: v1 kind: Service metadata: annotations: operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io labels: app.kubernetes.io/instance: minio-operator app.kubernetes.io/name: operator name: console name: '{{ .service.prefix }}-console' namespace: '{{ .service.namespace }}' spec: ports: - name: http port: 9090 - name: https port: 9443 selector: app: console --- apiVersion: v1 kind: Service metadata: annotations: operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io labels: name: minio-operator name: '{{ .service.prefix }}-sts' namespace: '{{ .service.namespace }}' spec: ports: - name: https port: 4223 targetPort: 4223 selector: name: minio-operator type: ClusterIP --- apiVersion: v1 kind: Service metadata: labels: name: minio-vsphere name: '{{ .service.prefix }}-vsphere' namespace: '{{ .service.namespace }}' spec: ports: - name: https port: 4233 selector: app: minio-vsphere type: ClusterIP --- apiVersion: apps/v1 kind: Deployment metadata: annotations: operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io labels: app.kubernetes.io/instance: minio-operator app.kubernetes.io/name: operator name: '{{ .service.prefix }}-console' namespace: '{{ .service.namespace }}' spec: replicas: 1 selector: matchLabels: app: console template: metadata: annotations: operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io labels: app: console app.kubernetes.io/instance: minio-operator-console app.kubernetes.io/name: operator spec: {{ if .Values.registryUsername }} imagePullSecrets: - name: {{ .service.prefix }}-regcred {{ end }} containers: - args: - ui - --certs-dir=/tmp/certs image: '{{ .Values.registryName | default "quay.io/" }}{{or (empty .Values.registryName) (hasSuffix "/" (printf "%s" .Values.registryName)) | ternary "" "/"}}minio/operator:v5.0.17@sha256:1f6627fe2b2ddec6ae42b5d1ad16bb9b138ced3f9b1cdce013a1fa13c922ba28' imagePullPolicy: IfNotPresent name: console ports: - containerPort: 9090 name: http - containerPort: 9443 name: https securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL runAsGroup: 1000 runAsNonRoot: true runAsUser: 1000 seccompProfile: type: RuntimeDefault volumeMounts: - mountPath: /tmp/certs name: tls-certificates - mountPath: /tmp/certs/CAs name: tmp serviceAccountName: '{{ .service.prefix }}-console-sa' volumes: - name: tls-certificates projected: sources: - secret: items: - key: public.crt path: public.crt - key: public.crt path: CAs/public.crt - key: private.key path: private.key - key: tls.crt path: tls.crt - key: tls.crt path: CAs/tls.crt - key: tls.key path: tls.key name: console-tls optional: true - emptyDir: {} name: tmp --- apiVersion: apps/v1 kind: Deployment metadata: annotations: operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io labels: app.kubernetes.io/instance: minio-operator app.kubernetes.io/name: operator name: '{{ .service.prefix }}-minio-operator' namespace: '{{ .service.namespace }}' spec: replicas: 1 selector: matchLabels: name: minio-operator strategy: type: Recreate template: metadata: annotations: operator.min.io/authors: MinIO, Inc. operator.min.io/license: AGPLv3 operator.min.io/support: https://subnet.min.io labels: app.kubernetes.io/instance: minio-operator app.kubernetes.io/name: operator managedBy: minio name: minio-operator spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: name operator: In values: - minio-operator topologyKey: kubernetes.io/hostname {{ if .Values.registryUsername }} imagePullSecrets: - name: {{ .service.prefix }}-regcred {{ end }} containers: - args: - controller env: - name: MINIO_OPERATOR_DEPLOYMENT_NAME value: '{{ .service.prefix }}-minio-operator' - name: HOSTNAME valueFrom: fieldRef: fieldPath: metadata.name - name: MINIO_CONSOLE_TLS_ENABLE value: "off" - name: OPERATOR_STS_ENABLED value: "on" image: '{{ .Values.registryName | default "quay.io/" }}{{or (empty .Values.registryName) (hasSuffix "/" (printf "%s" .Values.registryName)) | ternary "" "/"}}minio/operator:v5.0.17@sha256:1f6627fe2b2ddec6ae42b5d1ad16bb9b138ced3f9b1cdce013a1fa13c922ba28' imagePullPolicy: IfNotPresent name: minio-operator resources: requests: cpu: 200m ephemeral-storage: 500Mi memory: 1024Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL runAsGroup: 1000 runAsNonRoot: true runAsUser: 1000 seccompProfile: type: RuntimeDefault serviceAccountName: '{{ .service.prefix }}-minio-operator' --- apiVersion: apps/v1 kind: Deployment metadata: name: '{{ .service.prefix }}-vsphere' namespace: '{{ .service.namespace }}' spec: replicas: 3 selector: matchLabels: app: minio-vsphere template: metadata: labels: app: minio-vsphere managedBy: minio spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app operator: In values: - minio-vsphere topologyKey: kubernetes.io/hostname {{ if .Values.registryUsername }} imagePullSecrets: - name: {{ .service.prefix }}-regcred {{ end }} containers: - args: - server - --tls-certificate - /certs/tls.crt - --tls-key - /certs/tls.key - --host - 0.0.0.0 - --tls-host - 0.0.0.0 env: - name: MINIO_VSPHERE_DEPLOYMENT_NAME value: '{{ .service.prefix }}-vsphere' - name: MINIO_VSPHERE_REBUILD_TIMER value: '{{ .Values.rebuildTimer | default "360" }}' - name: MINIO_VSPHERE_ENABLE_AUTO_FIX value: '{{ .Values.enableAutoFix | default "off" }}' - name: MINIO_VSPHERE_HMAC_JWT_SECRET value: '{{randAlphaNum 32}}' - name: MINIO_VSPHERE_PBKDF_PASSPHRASE value: '{{randAlphaNum 32}}' - name: MINIO_VSPHERE_PBKDF_SALT value: '{{randAlphaNum 32}}' image: '{{ .Values.registryName | default "quay.io/" }}{{or (empty .Values.registryName) (hasSuffix "/" (printf "%s" .Values.registryName)) | ternary "" "/"}}miniodev/vsphere:v2.0.10@sha256:60ff785b362789fa12e4903cf2cabb02cbdca9255b265e8045245a17b3677f44' imagePullPolicy: IfNotPresent name: minio-vsphere ports: - containerPort: 4233 name: https resources: requests: memory: 512Mi volumeMounts: - mountPath: /certs name: certs readOnly: true - args: - ui env: - name: OPERATOR_HMAC_JWT_SECRET value: '{{randAlphaNum 32}}' - name: OPERATOR_PBKDF_PASSPHRASE value: '{{randAlphaNum 32}}' - name: OPERATOR_PBKDF_SALT value: '{{randAlphaNum 32}}' - name: CONSOLE_OPERATOR_MODE value: "on" - name: OPERATOR_HOSTNAME value: localhost - name: OPERATOR_MINIO_IMAGE value: minio/minio:RELEASE.2024-08-03T04-33-23Z image: '{{ .Values.registryName | default "quay.io/" }}{{or (empty .Values.registryName) (hasSuffix "/" (printf "%s" .Values.registryName)) | ternary "" "/"}}minio/operator:v5.0.17@sha256:1f6627fe2b2ddec6ae42b5d1ad16bb9b138ced3f9b1cdce013a1fa13c922ba28' imagePullPolicy: IfNotPresent name: console resources: requests: memory: 512Mi serviceAccountName: '{{ .service.prefix }}-vsphere-sa' volumes: - name: certs secret: secretName: minio-plugin-tls-secret --- apiVersion: apps/v1 kind: Deployment metadata: name: '{{ .service.prefix }}-vsphere-controller' namespace: '{{ .service.namespace }}' spec: replicas: 1 selector: matchLabels: app: minio-vsphere-controller template: metadata: annotations: appplatform.vmware.com/vsphere-emm-integrated: "true" labels: app: minio-vsphere-controller managedBy: minio spec: {{ if .Values.registryUsername }} imagePullSecrets: - name: {{ .service.prefix }}-regcred {{ end }} containers: - args: - controller env: - name: MINIO_VSPHERE_PLUGIN_VERSION value: v2.0.10 image: '{{ .Values.registryName | default "quay.io/" }}{{or (empty .Values.registryName) (hasSuffix "/" (printf "%s" .Values.registryName)) | ternary "" "/"}}miniodev/vsphere:v2.0.10@sha256:60ff785b362789fa12e4903cf2cabb02cbdca9255b265e8045245a17b3677f44' imagePullPolicy: IfNotPresent name: minio-vsphere resources: requests: memory: 1024Mi - command: - ./sidecar image: '{{ .Values.registryName | default "quay.io/" }}{{or (empty .Values.registryName) (hasSuffix "/" (printf "%s" .Values.registryName)) | ternary "" "/"}}miniodev/vsphere:v2.0.10@sha256:60ff785b362789fa12e4903cf2cabb02cbdca9255b265e8045245a17b3677f44' imagePullPolicy: Always name: sidecar resources: requests: memory: 128Mi serviceAccountName: '{{ .service.prefix }}-vsphere-sa' --- apiVersion: appplatform.wcp.vmware.com/v1beta1 kind: VCUIPlugin metadata: labels: controller-tools.k8s.io: "1.0" name: '{{ .service.prefix }}-vsphere-plugin' namespace: '{{ .service.namespace }}' spec: name: minio uiBackendSecret: '{{ .service.prefix }}-plugin-tls-secret' uiBackendService: '{{ .service.prefix }}-vsphere' vSphereExtensionKey: io.min.vsphere vSphereUiPluginUrl: /plugin.json version: 2.1.0 --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: '{{ .service.prefix }}-operator-allow' namespace: '{{ .service.namespace }}' spec: ingress: - {} podSelector: matchLabels: managedBy: minio policyTypes: - Ingress --- apiVersion: psp.wcp.vmware.com/v1beta1 kind: PersistenceServiceConfiguration metadata: name: '{{ .service.prefix }}-psp-config' namespace: '{{ .service.namespace }}' spec: enableHostLocalStorage: true serviceID: minio format: plain serviceID: minio version: 2.0.10 status: {}