MinIO Custom Resource Definition
The MinIO Operator installs a Custom Resource Definition (CRD) that describes a MinIO Tenant object. The Operator uses this CRD for provisioning and managing Tenant resources within a Kubernetes cluster.
This page documents the CRD reference for use in customizing Operator-deployed Tenants. This documentation assumes familiarity with all referenced Kubernetes concepts, utilities, and procedures.
Operator CRD v2 Reference
Package v2 - This page provides a quick automatically generated
reference for the MinIO Operator Operator CRD v2 Reference
CRD. For more
complete documentation on the MinIO Operator CRD, see MinIO Kubernetes
Documentation.
The Operator CRD v2 Reference
API was released with the v4.0.0 MinIO Operator.
The MinIO Operator automatically converts existing tenants using the
/v1
API to /v2
.
Bucket
Bucket describes the default created buckets
Field | Description |
---|---|
|
|
|
|
|
CertificateConfig
CertificateConfig (certConfig
) defines controlling attributes
associated to any TLS certificate automatically generated by the
Operator as part of tenant creation. These fields have no effect if
spec.autoCert: false
.
Field | Description |
---|---|
|
Optional |
|
Optional |
|
Optional |
CertificateStatus
CertificateStatus keeps track of all the certificates managed by the operator
Field | Description |
---|---|
|
AutoCertEnabled registers whether we know if the tenant has autocert enabled |
|
Provides the output of the
|
CustomCertificateConfig
CustomCertificateConfig (customCertificateConfig
) provides attributes
associated of the TLS certificates manually added to the Operator as
part of tenant creation. These fields contain no data if there are no
custom TLS certificates.
CustomCertificates
CustomCertificates (customCertificates
) provides groupings of the TLS
certificates manually added to the Operator as part of tenant creation.
These fields contain no data if there are no custom TLS certificates.
Field | Description |
---|---|
|
Optional |
|
Optional |
|
Optional |
ExposeServices
ExposeServices (exposeServices
) defines the exposure of the MinIO
object storage and Console services.
Field | Description |
---|---|
|
Optional |
|
Optional |
Features
Features (features
) - Object describing which MinIO features to
enable/disable in the MinIO Tenant.
Field | Description |
---|---|
|
Optional |
|
Optional |
|
Optional |
HealthStatus (string)
HealthStatus represents whether the tenant is healthy, with decreased service or offline
KESConfig
KESConfig (kes
) defines the configuration of the MinIO Key Encryption
Service (KES) StatefulSet deployed as
part of the MinIO Tenant. KES supports Server-Side Encryption of objects
using an external Key Management Service (KMS).
Field | Description |
---|---|
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Required |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Specify the Security
Context of MinIO KES pods. The Operator supports only the following
pod security fields: |
|
Optional |
LocalCertificateReference
LocalCertificateReference (externalCertSecret
,
externalCaCertSecret
,clientCertSecret
) contains a Kubernetes secret
containing TLS certificates or Certificate Authority files for use with
enabling TLS in the MinIO Tenant.
Field | Description |
---|---|
|
Required |
|
Required |
Logging
Logging describes Logging for MinIO tenants.
Field | Description |
---|---|
|
|
|
|
|
Pool
Pool (pools
) defines a MinIO server pool on a Tenant. Each pool
consists of a set of MinIO server pods which “pool” their storage
resources for supporting object storage and retrieval requests. Each
server pool is independent of all others and supports horizontal scaling
of available storage resources in the MinIO Tenant.
See the MinIO Operator
CRD
reference for the pools
object for examples and more complete
documentation.
Field | Description |
---|---|
|
Optional |
|
Required The number of
MinIO server pods to deploy in the pool. The minimum value is
|
|
Required |
|
Required |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Specify the Security
Context of containers in the pool. The Operator supports only the
following container security fields: |
|
Optional |
|
Optional |
|
Optional |
PoolState (string)
PoolState represents the state of a pool
PoolStatus
PoolStatus keeps track of all the pools and their current state
Field | Description |
---|---|
|
|
|
|
|
LegacySecurityContext stands for Legacy SecurityContext. It represents that these pool was created before v4.2.3 when we introduced the default securityContext as non-root, thus we should keep running this Pool without a Security Context |
ServiceMetadata
ServiceMetadata (serviceMetadata
) defines custom labels and
annotations for the MinIO Object Storage service and/or MinIO Console
service.
Field | Description |
---|---|
|
Optional |
|
Optional |
|
Optional |
|
Optional |
SideCars
SideCars (sidecars
) defines a list of containers that the Operator
attaches to each MinIO server pods in the pool
.
Field | Description |
---|---|
|
Optional |
|
Optional |
|
Optional |
|
Optional |
Tenant
Tenant is a Kubernetes object describing a MinIO Tenant.
Field | Description |
---|---|
|
|
|
|
|
Refer to Kubernetes API documentation
for fields of |
|
|
|
Required |
TenantDomains
TenantDomains (domains
) - List of domains used to access the tenant
from outside the kubernetes clusters. this will only configure MinIO for
the domains listed, but external DNS configuration is still needed. The
listed domains should include schema and port if any is used, i.e.
https://minio.domain.com:8123
Field | Description |
---|---|
|
List of Domains used by MinIO. This will enable DNS style access to the object store where the bucket name is inferred from a subdomain in the domain. |
|
Domain used to expose the MinIO Console, this will configure the redirect on MinIO when visiting from the browser If Console is exposed via a subpath, the domain should include it, i.e. https://console.domain.com:8123/subpath/ |
TenantScheduler
TenantScheduler (scheduler
) - Object describing Kubernetes Scheduler
to use for deploying the MinIO Tenant.
Field | Description |
---|---|
|
Optional |
TenantSpec
TenantSpec (spec
) defines the configuration of a MinIO Tenant
object.
The following parameters are specific to the Operator CRD v2 Reference
MinIO CRD
API spec
definition added as part of the MinIO Operator v4.0.0.
For more complete documentation on this object, see the MinIO
Kubernetes
Documentation.
Field | Description |
---|---|
|
Required |
|
Optional |
|
Optional |
|
Optional |
|
optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Liveness Probe for container liveness. Container will be restarted if the probe fails. |
|
Readiness Probe for container readiness. Container will be removed from service endpoints if the probe fails. |
|
Startup Probe allows to configure a max grace period for a pod to start before getting traffic routed to it. |
|
S3 related features can be disabled or
enabled such as |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
|
Optional |
TenantUsage
TenantUsage are metrics regarding the usage and capacity of the tenant
Field | Description |
---|---|
|
Capacity the usage capacity of this tenant in bytes. |
|
Capacity the raw capacity of this tenant in bytes. |
|
Usage is how much data is managed by MinIO in bytes. |
|
Usage is the raw usage on disks in bytes. |
|
Tiers includes the usage of individual tiers in the tenant |
TierUsage
TierUsage represents the usage from a tier setup by the tenant
Field | Description |
---|---|
|
Name of the tier |
|
type of the tier |
|
TotalSize usage of the tier |