## Secret to be used as MinIO Root Credentials apiVersion:v1 kind:Secret metadata: name:minio-creds-secret type:Opaque data: ## Access Key for MinIO Tenant, base64 encoded (echo -n 'minio' | base64) accesskey:bWluaW8= ## Secret Key for MinIO Tenant, base64 encoded (echo -n 'minio123' | base64) secretkey:bWluaW8xMjM= --- ## MinIO Tenant Definition apiVersion:minio.min.io/v2 kind:Tenant metadata: name:minio-demo ## Optionally pass labels to be applied to the statefulset pods labels: app:minio ## Annotations for MinIO Tenant Pods annotations: prometheus.io/path:/minio/v2/metrics/cluster prometheus.io/port:"9000" prometheus.io/scrape:"true"
## If a scheduler is specified here, Tenant pods will be dispatched by specified scheduler. ## If not specified, the Tenant pods will be dispatched by default scheduler. # scheduler: # name: my-custom-scheduler
spec: ## Registry location and Tag to download MinIO Server image image:minio/minio:RELEASE.2021-08-25T00-41-18Z imagePullPolicy:IfNotPresent
## Secret with credentials to be used by MinIO Tenant. ## Refers to the secret object created above. credsSecret: name:minio-creds-secret
## Specification for MinIO Pool(s) in this Tenant. pools: ## Servers specifies the number of MinIO Tenant Pods / Servers in this pool. ## For standalone mode, supply 1. For distributed mode, supply 4 or more. ## Note that the operator does not support upgrading from standalone to distributed mode. -servers:1
## volumesPerServer specifies the number of volumes attached per MinIO Tenant Pod / Server. volumesPerServer:4
## This VolumeClaimTemplate is used across all the volumes provisioned for MinIO Tenant in this Pool. volumeClaimTemplate: metadata: name:data spec: storageClassName:longhorn accessModes: -ReadWriteOnce resources: requests: storage:1Gi
## Mount path where PV will be mounted inside container(s). mountPath:/export ## Sub path inside Mount path where MinIO stores data. # subPath: /data
## Use this field to provide a list of Secrets with external certificates. This can be used to to configure ## TLS for MinIO Tenant pods. Create secrets as explained here: ## https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret # externalCertSecret: # - name: tls-ssl-minio # type: kubernetes.io/tls
## Enable automatic Kubernetes based certificate generation and signing as explained in ## https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster requestAutoCert:false
## Enable S3 specific features such as Bucket DNS which would allow `buckets` to be ## accessible as DNS entries of form `<bucketname>.minio.default.svc.cluster.local` s3: ## This feature is turned off by default bucketDNS:false
## This field is used only when "requestAutoCert" is set to true. Use this field to set CommonName ## for the auto-generated certificate. Internal DNS name for the pod will be used if CommonName is ## not provided. DNS name format is *.minio.default.svc.cluster.local certConfig: commonName:"" organizationName: [] dnsNames: []
## PodManagement policy for MinIO Tenant Pods. Can be "OrderedReady" or "Parallel" ## Refer https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy ## for details. podManagementPolicy:Parallel
我们就使用这个文件创建一个minio租户
1 2 3 4 5 6 7 8 9 10
[root@master-01 demo]# kubectl apply -f demo.yaml -n test secret/minio-creds-secret created tenant.minio.min.io/minio-demo created [root@master-01 demo]# kubectl -n test get pod NAME READY STATUS RESTARTS AGE minio-demo-ss-0-0 0/1 Running 0 7s [root@master-01 demo]# kubectl -n test get tenants NAME STATE AGE minio-demo Provisioning MinIO Statefulset 18s
## Secret to be used as MinIO Root Credentials apiVersion: v1 kind: Secret metadata: name: minio-creds-secret type: Opaque data: ## Access Key for MinIO Tenant, base64 encoded (echo -n 'minio' | base64) accesskey: bWluaW8= ## Secret Key for MinIO Tenant, base64 encoded (echo -n 'minio123' | base64) secretkey: bWluaW8xMjM= --- ## MinIO Tenant Definition apiVersion: minio.min.io/v2 kind: Tenant metadata: name: minio-prometheus ## Optionally pass labels to be applied to the statefulset pods labels: app: minio ## Annotations for MinIO Tenant Pods annotations: prometheus.io/path: /minio/v2/metrics/cluster prometheus.io/port: "9000" prometheus.io/scrape: "true"
## If a scheduler is specified here, Tenant pods will be dispatched by specified scheduler. ## If not specified, the Tenant pods will be dispatched by default scheduler. # scheduler: # name: my-custom-scheduler
spec: ## Registry location and Tag to download MinIO Server image image: minio/minio:RELEASE.2021-08-25T00-41-18Z imagePullPolicy: IfNotPresent
## Secret with credentials to be used by MinIO Tenant. ## Refers to the secret object created above. credsSecret: name: minio-creds-secret
## Specification for MinIO Pool(s) in this Tenant. pools: ## Servers specifies the number of MinIO Tenant Pods / Servers in this pool. ## For standalone mode, supply 1. For distributed mode, supply 4 or more. ## Note that the operator does not support upgrading from standalone to distributed mode. - servers: 1
## volumesPerServer specifies the number of volumes attached per MinIO Tenant Pod / Server. volumesPerServer: 4
## This VolumeClaimTemplate is used across all the volumes provisioned for MinIO Tenant in this Pool. volumeClaimTemplate: metadata: name: data spec: accessModes: - ReadWriteOnce resources: requests: storage: 1Gi
## Mount path where PV will be mounted inside container(s). mountPath: /export ## Sub path inside Mount path where MinIO stores data. # subPath: /data
## Use this field to provide a list of Secrets with external certificates. This can be used to to configure ## TLS for MinIO Tenant pods. Create secrets as explained here: ## https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret # externalCertSecret: # - name: tls-ssl-minio # type: kubernetes.io/tls
## Enable automatic Kubernetes based certificate generation and signing as explained in ## https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster requestAutoCert: true
## Enable S3 specific features such as Bucket DNS which would allow `buckets` to be ## accessible as DNS entries of form `<bucketname>.minio.default.svc.cluster.local` s3: ## This feature is turned off by default bucketDNS: false
## This field is used only when "requestAutoCert" is set to true. Use this field to set CommonName ## for the auto-generated certificate. Internal DNS name for the pod will be used if CommonName is ## not provided. DNS name format is *.minio.default.svc.cluster.local certConfig: commonName: "" organizationName: [] dnsNames: []
## PodManagement policy for MinIO Tenant Pods. Can be "OrderedReady" or "Parallel" ## Refer https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy ## for details. podManagementPolicy: Parallel
[root@master-01 demo]# kubectl apply -f demo-prometheus.yaml -n minio secret/minio-creds-secret created tenant.minio.min.io/minio-prometheus created [root@master-01 demo]# kubectl get pod -n minio NAME READY STATUS RESTARTS AGE minio-prometheus-prometheus-0 2/2 Running 0 3m6s minio-prometheus-ss-0-0 1/1 Running 0 4m [root@master-01 demo]# kubectl -n minio get servicemonitors.monitoring.coreos.com NAME AGE minio-prometheus-prometheus 5m19s
这里我们在控制台上看到新创建的minio-prometheus租户的state是Provisioning Prometheus service monitor