apiVersion: v1 kind: Namespace metadata: name: minio-operator --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: tenants.minio.min.io spec: group: minio.min.io scope: Namespaced names: kind: Tenant singular: tenant plural: tenants versions: - name: v1 served: true storage: true schema: # openAPIV3Schema is the schema for validating custom objects. # Refer https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/#specifying-a-structural-schema # for more details openAPIV3Schema: type: object properties: spec: type: object x-kubernetes-preserve-unknown-fields: true properties: metadata: type: object x-kubernetes-preserve-unknown-fields: true image: type: string serviceName: type: string serviceAccountName: type: string zones: type: array items: type: object x-kubernetes-preserve-unknown-fields: true properties: name: type: string servers: type: integer volumesPerServer: type: integer volumeClaimTemplate: type: object x-kubernetes-preserve-unknown-fields: true resources: type: object x-kubernetes-preserve-unknown-fields: true nodeSelector: type: object x-kubernetes-preserve-unknown-fields: true affinity: type: object x-kubernetes-preserve-unknown-fields: true tolerations: type: object x-kubernetes-preserve-unknown-fields: true mountPath: type: string podManagementPolicy: type: string enum: [Parallel,OrderedReady] default: Parallel requestAutoCert: type: boolean default: false certConfig: type: object properties: commonName: type: string organizationName: type: array items: type: string dnsNames: type: array items: type: string version: type: string mountpath: type: string subpath: type: string nodeSelector: type: object x-kubernetes-preserve-unknown-fields: true credsSecret: type: object x-kubernetes-preserve-unknown-fields: true env: type: object x-kubernetes-preserve-unknown-fields: true console: type: object x-kubernetes-preserve-unknown-fields: true properties: metadata: type: object x-kubernetes-preserve-unknown-fields: true image: type: string replicas: type: integer default: 2 consoleSecret: type: object properties: name: type: string resources: type: object x-kubernetes-preserve-unknown-fields: true env: type: object x-kubernetes-preserve-unknown-fields: true kes: type: object x-kubernetes-preserve-unknown-fields: true properties: metadata: type: object x-kubernetes-preserve-unknown-fields: true image: type: string replicas: type: integer default: 2 kesSecret: type: object properties: name: type: string liveness: type: object properties: initialDelaySeconds: type: integer periodSeconds: type: integer timeoutSeconds: type: integer status: type: object properties: currentState: type: string subresources: # status enables the status subresource. status: {} additionalPrinterColumns: - name: Current State type: string jsonPath: ".status.currentState" --- apiVersion: v1 kind: ServiceAccount metadata: name: minio-operator namespace: default --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: minio-operator-role rules: - apiGroups: - "" resources: - namespaces - secrets - pods - services - events verbs: - get - watch - create - list - delete - apiGroups: - apps resources: - statefulsets - deployments verbs: - get - create - list - patch - watch - update - delete - apiGroups: - batch resources: - jobs verbs: - get - create - list - patch - watch - update - delete - apiGroups: - certificates.k8s.io resources: - certificatesigningrequests - certificatesigningrequests/approval - certificatesigningrequests/status verbs: - update - create - get - delete - apiGroups: - certificates.k8s.io resourceNames: - kubernetes.io/legacy-unknown resources: - signers verbs: - approve - sign - apiGroups: - minio.min.io resources: - '*' verbs: - '*' - apiGroups: - min.io resources: - '*' verbs: - '*' --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: minio-operator-binding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: minio-operator-role subjects: - kind: ServiceAccount name: minio-operator namespace: default --- apiVersion: apps/v1 kind: Deployment metadata: name: minio-operator namespace: default spec: replicas: 1 selector: matchLabels: name: minio-operator template: metadata: labels: name: minio-operator spec: containers: - image: minio/operator:v3.0.1 imagePullPolicy: IfNotPresent name: minio-operator serviceAccountName: minio-operator