Add doc website (#2)
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
Host a small documentation website on a bucket Reviewed-on: #2
This commit is contained in:
parent
921c70a785
commit
a1ba3c8868
22
.drone.yml
22
.drone.yml
@ -14,3 +14,25 @@ steps:
|
|||||||
- cargo clippy -- -D warnings
|
- cargo clippy -- -D warnings
|
||||||
- cargo test
|
- cargo test
|
||||||
|
|
||||||
|
- name: doc
|
||||||
|
image: python
|
||||||
|
environment:
|
||||||
|
AWS_ACCESS_KEY_ID:
|
||||||
|
from_secret: AWS_ACCESS_KEY_ID
|
||||||
|
AWS_SECRET_ACCESS_KEY:
|
||||||
|
from_secret: AWS_SECRET_ACCESS_KEY
|
||||||
|
AWS_DEFAULT_REGION: us-east-1
|
||||||
|
when:
|
||||||
|
branch:
|
||||||
|
- master
|
||||||
|
commands:
|
||||||
|
# Build website
|
||||||
|
- pip install mkdocs-material
|
||||||
|
- mkdocs build --site-dir public
|
||||||
|
# Install AWS
|
||||||
|
- curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
|
||||||
|
- unzip awscliv2.zip
|
||||||
|
- ./aws/install
|
||||||
|
- aws configure set default.s3.signature_version s3v4
|
||||||
|
# Upload to bucket
|
||||||
|
- cd public && aws --endpoint-url https://s3.communiquons.org s3 sync . s3://miniok8sbucketsoperator-website
|
22
README.md
22
README.md
@ -1,24 +1,6 @@
|
|||||||
# MinioK8sBuckets
|
# MinioK8sBuckets
|
||||||
|
[![Build Status](https://drone.communiquons.org/api/badges/pierre/MinioK8sBuckets/status.svg)](https://drone.communiquons.org/pierre/MinioK8sBuckets)
|
||||||
|
|
||||||
Automatically create Minio buckets based on K8S Custom Resources.
|
Automatically create Minio buckets based on K8S Custom Resources.
|
||||||
|
|
||||||
## Installation
|
See the [docs](docs) to learn more.
|
||||||
1. Run the following commands:
|
|
||||||
```bash
|
|
||||||
kubectl apply -f https://raw.githubusercontent.com/pierre42100/MinioK8sBuckets/master/yaml/crd.yaml
|
|
||||||
kubectl apply -f https://raw.githubusercontent.com/pierre42100/MinioK8sBuckets/master/yaml/deployment.yaml
|
|
||||||
```
|
|
||||||
|
|
||||||
2. Deploy Minio
|
|
||||||
3. Create a MinioInstance & a MinioBucket (like in [our test](test/test-inside-cluster.yaml))
|
|
||||||
4. That's it!
|
|
||||||
|
|
||||||
|
|
||||||
## Development
|
|
||||||
Apply all K8s config files manually:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
cat yaml/*.yaml | kubectl apply -f -
|
|
||||||
```
|
|
||||||
|
|
||||||
Note : [mc tool](https://min.io/download) is required
|
|
116
docs/README.md
Normal file
116
docs/README.md
Normal file
@ -0,0 +1,116 @@
|
|||||||
|
# Minio K8S bucket operator
|
||||||
|
|
||||||
|
An operator to automatically create and update S3 buckets on Minio, with their accounts.
|
||||||
|
|
||||||
|
One deployed, this tool will allow you to automatically create Minio accounts associated with buckets.
|
||||||
|
|
||||||
|
|
||||||
|
## Pre-requisites
|
||||||
|
You will need:
|
||||||
|
|
||||||
|
* `kubectl` access to the target cluster
|
||||||
|
* A running Minio instance, and especially:
|
||||||
|
* The URL where the API of the instance can be reached
|
||||||
|
* The root credentials
|
||||||
|
|
||||||
|
|
||||||
|
## Installation
|
||||||
|
The operator can be installed using the following commands:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
kubectl apply -f https://raw.githubusercontent.com/pierre42100/MinioK8sBuckets/master/yaml/crd.yaml
|
||||||
|
kubectl apply -f https://raw.githubusercontent.com/pierre42100/MinioK8sBuckets/master/yaml/deployment.yaml
|
||||||
|
```
|
||||||
|
|
||||||
|
!!! warning "Known limitation"
|
||||||
|
The operator install a deployment on the `default` namespace. Currently, only this namespace is supported!
|
||||||
|
|
||||||
|
## Configure instance
|
||||||
|
In order to create buckets, the operator needs to know how to reach the Minio instance.
|
||||||
|
|
||||||
|
You first need to secret similar to that one:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: minio-root
|
||||||
|
type: Opaque
|
||||||
|
dyringData:
|
||||||
|
accessKey: <MINIO_ROOT_ACCESS_KEY>
|
||||||
|
secretKey: <MINIO_ROOT_SECRET_KEY>
|
||||||
|
```
|
||||||
|
|
||||||
|
Replace `<MINIO_ROOT_ACCESS_KEY>` and `<MINIO_ROOT_SECRET_KEY>` with the appropriate values.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
You can then declare a Minio instance simiarl to that one:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
apiVersion: "communiquons.org/v1"
|
||||||
|
kind: MinioInstance
|
||||||
|
metadata:
|
||||||
|
name: my-minio-instance
|
||||||
|
spec:
|
||||||
|
endpoint: https://minio.example.com/
|
||||||
|
credentials: minio-root
|
||||||
|
```
|
||||||
|
|
||||||
|
!!! note
|
||||||
|
Minio itself can be located outside of the Kubernetes cluster.
|
||||||
|
|
||||||
|
|
||||||
|
## Create a bucket
|
||||||
|
You are not ready to create your first bucket!
|
||||||
|
|
||||||
|
Here is a basic bucket example:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
apiVersion: "communiquons.org/v1"
|
||||||
|
kind: MinioBucket
|
||||||
|
metadata:
|
||||||
|
name: first-bucket
|
||||||
|
spec:
|
||||||
|
# The name of the minio instance
|
||||||
|
instance: my-minio-instance
|
||||||
|
# The name of the bucket to create
|
||||||
|
name: first-bucket
|
||||||
|
# The name of the secret that will be created
|
||||||
|
# by the operator which contains credentials to
|
||||||
|
# use to access the bucket
|
||||||
|
secret: first-bucket-secret
|
||||||
|
```
|
||||||
|
|
||||||
|
## More complete example
|
||||||
|
Here is a more complete example that makes use of all the available options:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
apiVersion: "communiquons.org/v1"
|
||||||
|
kind: MinioBucket
|
||||||
|
metadata:
|
||||||
|
name: my-bucket
|
||||||
|
spec:
|
||||||
|
instance: my-minio-instance
|
||||||
|
name: my-bucket
|
||||||
|
secret: my-bucket-secret
|
||||||
|
# This must be set to true to allow unauthenticated
|
||||||
|
# access to the bucket resources. Use this to host a
|
||||||
|
# static website for example
|
||||||
|
anonymous_read_access: true
|
||||||
|
# Enable versioning on the bucket => keep old versions
|
||||||
|
# of uploaded files
|
||||||
|
versioning: true
|
||||||
|
# If specified, a quota will be applied to the bucket, in bytes
|
||||||
|
quota: 1000000000
|
||||||
|
# Prevent files from being removed from the bucket. This parameter
|
||||||
|
# can not be changed, once the bucket has been created
|
||||||
|
lock: true
|
||||||
|
# Data retention policy. Versioning must be enabled to allow this
|
||||||
|
retention:
|
||||||
|
# The number of days data shall be kept
|
||||||
|
validity: 100
|
||||||
|
# compliance => nobody can bypass the policy
|
||||||
|
# governance => users with privileges might bypass policy restrictions
|
||||||
|
mode: compliance
|
||||||
|
```
|
20
mkdocs.yml
Normal file
20
mkdocs.yml
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
site_name: Minio K8S buckets operator
|
||||||
|
theme:
|
||||||
|
language: en
|
||||||
|
name: material
|
||||||
|
palette:
|
||||||
|
# Palette toggle for dark mode
|
||||||
|
- media: "(prefers-color-scheme: dark)"
|
||||||
|
scheme: slate
|
||||||
|
|
||||||
|
|
||||||
|
markdown_extensions:
|
||||||
|
- admonition
|
||||||
|
- pymdownx.details
|
||||||
|
- pymdownx.superfences
|
||||||
|
|
||||||
|
repo_url: https://gitea.communiquons.org/pierre/MinioK8sBuckets
|
||||||
|
edit_uri: src/branch/master/docs/
|
||||||
|
|
||||||
|
plugins:
|
||||||
|
- search
|
Loading…
Reference in New Issue
Block a user