k3s-cluster/cluster/apps/database/minio/helm-release.yaml

132 lines
3.2 KiB
YAML

apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
name: minio
namespace: database
spec:
interval: 5m
chart:
spec:
chart: app-template
version: 1.3.x
sourceRef:
kind: HelmRepository
name: bjws-charts
namespace: flux-system
values:
image:
repository: quay.io/minio/minio
tag: RELEASE.2023-04-13T03-08-07Z
env:
TZ: "America/New_York"
MINIO_UPDATE: "off"
MINIO_BROWSER_REDIRECT_URL: "https://minio.${SECRET_NEW_DOMAIN}"
MINIO_SERVER_URL: "https://s3.${SECRET_NEW_DOMAIN}"
envFrom:
- secretRef:
name: minio-secret
args: ["server", "/data", "--console-address", ":9090"]
service:
main:
enabled: true
ports:
http:
port: &console-port 9090
api:
enabled: true
port: &api-port 9000
serviceMonitor:
main:
enabled: true
labels:
release: kube-prometheus-stack
endpoints:
- port: api
interval: 15s
scrapeTimeout: 5s
path: /minio/v2/metrics/cluster
bearerTokenSecret:
name: minio-metrics-token
key: bearerToken
probes:
liveness: &probes
enabled: true
custom: true
spec:
httpGet:
path: /minio/health/live
port: *api-port
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
readiness: *probes
startup:
enabled: false
ingress:
main:
enabled: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
traefik.ingress.kubernetes.io/router.entrypoints: websecure
hosts:
- host: &console-host minio.${SECRET_NEW_DOMAIN}
paths:
- path: /
pathType: Prefix
service:
port: *console-port
tls:
- hosts:
- *console-host
secretName: wildcard-main-tls
s3:
enabled: true
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
traefik.ingress.kubernetes.io/router.entrypoints: websecure
hosts:
- host: &api-host s3.${SECRET_NEW_DOMAIN}
paths:
- path: /
pathType: Prefix
service:
port: *api-port
- host: &api-host-wildcard "*.s3.${SECRET_NEW_DOMAIN}"
paths:
- path: /
pathType: Prefix
service:
port: *api-port
tls:
- hosts:
- *api-host
- *api-host-wildcard
secretName: wildcard-main-tls
podSecurityContext:
runAsUser: 10000
runAsGroup: 10000
fsGroup: 100
fsGroupChangePolicy: "OnRootMismatch"
persistence:
storage:
enabled: true
type: hostPath
hostPath: /mnt/MainPool/Kubernetes/databases/minio
mountPath: /data
resources:
requests:
memory: 100Mi
cpu: 10m
limits:
memory: 750Mi