apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: minioinstances.operator.min.io spec: group: operator.min.io scope: Namespaced names: kind: MinIOInstance singular: minioinstance plural: minioinstances versions: - name: v1 served: true storage: true schema: # openAPIV3Schema is the schema for validating custom objects. # Refer https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/#specifying-a-structural-schema # for more details openAPIV3Schema: type: object properties: spec: type: object x-kubernetes-preserve-unknown-fields: true properties: replicas: type: integer minimum: 1 maximum: 32 image: type: string serviceName: type: string volumesPerServer: type: integer mountPath: type: string podManagementPolicy: type: string enum: [Parallel, OrderedReady] default: Parallel requestAutoCert: type: boolean default: false version: type: string mountpath: type: string subpath: type: string mcs: type: object x-kubernetes-preserve-unknown-fields: true properties: image: type: string replicas: type: integer default: 2 mcsSecret: type: object properties: name: type: string kes: type: object x-kubernetes-preserve-unknown-fields: true properties: image: type: string replicas: type: integer default: 2 kesSecret: type: object properties: name: type: string status: type: object properties: currentState: type: string subresources: # status enables the status subresource. status: {} additionalPrinterColumns: - name: Current State type: string jsonPath: ".status.currentState" --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: minio-operator-role rules: - apiGroups: - "" resources: - namespaces - secrets - pods - services - events verbs: - get - watch - create - list - delete - apiGroups: - apps resources: - statefulsets - deployments verbs: - get - create - list - patch - watch - update - delete - apiGroups: - batch resources: - jobs verbs: - get - create - list - patch - watch - update - delete - apiGroups: - "certificates.k8s.io" resources: - "certificatesigningrequests" - "certificatesigningrequests/approval" - "certificatesigningrequests/status" verbs: - update - create - get - delete - apiGroups: - operator.min.io resources: - "*" verbs: - "*" - apiGroups: - min.io resources: - "*" verbs: - "*" --- apiVersion: v1 kind: ServiceAccount metadata: name: minio-operator namespace: default --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: minio-operator-binding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: minio-operator-role subjects: - kind: ServiceAccount name: minio-operator namespace: default --- apiVersion: apps/v1 kind: Deployment metadata: name: minio-operator namespace: default spec: replicas: 1 selector: matchLabels: name: minio-operator template: metadata: labels: name: minio-operator spec: serviceAccountName: minio-operator containers: - name: minio-operator image: minio/k8s-operator:2.0.9 imagePullPolicy: IfNotPresent # To specify cluster domain, un comment the following: # env: # - name: CLUSTER_DOMAIN # value: mycluster.mydomain