Only have nodeport service
This commit is contained in:
parent
4917a6214a
commit
ac0cfab7b7
|
@ -141,10 +141,6 @@ The following table lists the configurable parameters of the MinIO chart and the
|
|||
| `certsPath` | Default certs path location | `/etc/minio/certs` |
|
||||
| `mountPath` | Default mount location for persistent drive | `/export` |
|
||||
| `bucketRoot` | Directory from where minio should serve buckets. | Value of `.mountPath` |
|
||||
| `service.type` | Kubernetes service type | `ClusterIP` |
|
||||
| `service.port` | Kubernetes port where service is exposed | `9000` |
|
||||
| `service.externalIPs` | service external IP addresses | `nil` |
|
||||
| `service.annotations` | Service annotations | `{}` |
|
||||
| `persistence.enabled` | Use persistent volume to store data | `true` |
|
||||
| `persistence.size` | Size of persistent volume claim | `500Gi` |
|
||||
| `persistence.existingClaim` | Use an existing PVC to persist data | `nil` |
|
||||
|
@ -225,25 +221,6 @@ If a Persistent Volume Claim already exists, specify it during installation.
|
|||
$ helm install --set persistence.existingClaim=PVC_NAME minio/minio
|
||||
```
|
||||
|
||||
NetworkPolicy
|
||||
-------------
|
||||
|
||||
To enable network policy for MinIO,
|
||||
install [a networking plugin that implements the Kubernetes
|
||||
NetworkPolicy spec](https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy#before-you-begin),
|
||||
and set `networkPolicy.enabled` to `true`.
|
||||
|
||||
For Kubernetes v1.5 & v1.6, you must also turn on NetworkPolicy by setting
|
||||
the DefaultDeny namespace annotation. Note: this will enforce policy for _all_ pods in the namespace:
|
||||
|
||||
kubectl annotate namespace default "net.beta.kubernetes.io/network-policy={\"ingress\":{\"isolation\":\"DefaultDeny\"}}"
|
||||
|
||||
With NetworkPolicy enabled, traffic will be limited to just port 9000.
|
||||
|
||||
For more precise policy, set `networkPolicy.allowExternal=true`. This will
|
||||
only allow pods with the generated client label to connect to MinIO.
|
||||
This label will be displayed in the output of a successful install.
|
||||
|
||||
Configure TLS
|
||||
-------------
|
||||
|
||||
|
|
|
@ -31,17 +31,6 @@ Create chart name and version as used by the chart label.
|
|||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the appropriate apiVersion for networkpolicy.
|
||||
*/}}
|
||||
{{- define "minio.networkPolicy.apiVersion" -}}
|
||||
{{- if semverCompare ">=1.4-0, <1.7-0" .Capabilities.KubeVersion.Version -}}
|
||||
{{- print "extensions/v1beta1" -}}
|
||||
{{- else if semverCompare "^1.7-0" .Capabilities.KubeVersion.Version -}}
|
||||
{{- print "networking.k8s.io/v1beta1" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the appropriate apiVersion for deployment.
|
||||
*/}}
|
||||
|
|
|
@ -1,25 +0,0 @@
|
|||
{{- if .Values.networkPolicy.enabled }}
|
||||
kind: NetworkPolicy
|
||||
apiVersion: {{ template "minio.networkPolicy.apiVersion" . }}
|
||||
metadata:
|
||||
name: {{ template "minio.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "minio.name" . }}
|
||||
chart: {{ template "minio.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
podSelector:
|
||||
matchLabels:
|
||||
app: {{ template "minio.name" . }}
|
||||
release: {{ .Release.Name }}
|
||||
ingress:
|
||||
- ports:
|
||||
- port: {{ .Values.service.port }}
|
||||
{{- if not .Values.networkPolicy.allowExternal }}
|
||||
from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
{{ template "minio.name" . }}-client: "true"
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -11,37 +11,14 @@ metadata:
|
|||
chart: {{ template "minio.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
{{- if .Values.service.annotations }}
|
||||
annotations:
|
||||
{{ toYaml .Values.service.annotations | indent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if (or (eq .Values.service.type "ClusterIP" "") (empty .Values.service.type)) }}
|
||||
type: ClusterIP
|
||||
{{- if not (empty .Values.service.clusterIP) }}
|
||||
clusterIP: {{ .Values.service.clusterIP }}
|
||||
{{end}}
|
||||
{{- else if eq .Values.service.type "LoadBalancer" }}
|
||||
type: {{ .Values.service.type }}
|
||||
loadBalancerIP: {{ default "" .Values.service.loadBalancerIP }}
|
||||
{{- else }}
|
||||
type: {{ .Values.service.type }}
|
||||
{{- end }}
|
||||
type: "NodePort"
|
||||
ports:
|
||||
- name: {{ $scheme }}
|
||||
port: {{ .Values.service.port }}
|
||||
port: {{ .Values.service.nodePort }}
|
||||
protocol: TCP
|
||||
{{- if (and (eq .Values.service.type "NodePort") ( .Values.service.nodePort)) }}
|
||||
nodePort: {{ .Values.service.nodePort }}
|
||||
{{- else }}
|
||||
targetPort: 9000
|
||||
{{- end}}
|
||||
{{- if .Values.service.externalIPs }}
|
||||
externalIPs:
|
||||
{{- range $i , $ip := .Values.service.externalIPs }}
|
||||
- {{ $ip }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
selector:
|
||||
app: {{ template "minio.name" . }}
|
||||
release: {{ .Release.Name }}
|
||||
|
|
|
@ -93,33 +93,8 @@ persistence:
|
|||
##
|
||||
subPath: ""
|
||||
|
||||
## Expose the Minio service to be accessed from outside the cluster (LoadBalancer service).
|
||||
## or access it from within the cluster (ClusterIP service). Set the service type and the port to serve it.
|
||||
## ref: http://kubernetes.io/docs/user-guide/services/
|
||||
##
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
clusterIP: ~
|
||||
port: 9000
|
||||
nodePort: 32000
|
||||
|
||||
## List of IP addresses at which the Prometheus server service is available
|
||||
## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
|
||||
##
|
||||
externalIPs: []
|
||||
# - externalIp1
|
||||
|
||||
annotations: {}
|
||||
# prometheus.io/scrape: 'true'
|
||||
# prometheus.io/path: '/minio/prometheus/metrics'
|
||||
# prometheus.io/port: '9000'
|
||||
|
||||
## Use this field to add environment variables relevant to Minio server. These fields will be passed on to Minio container(s)
|
||||
## when Chart is deployed
|
||||
environment:
|
||||
## Please refer for comprehensive list https://docs.minio.io/docs/minio-server-configuration-guide.html
|
||||
|
||||
networkPolicy:
|
||||
enabled: false
|
||||
allowExternal: true
|
||||
|
|
Loading…
Reference in New Issue