Implement base operator #1

Merged
pierre merged 21 commits from operator into master 2023-05-08 16:20:17 +00:00
6 changed files with 117 additions and 34 deletions
Showing only changes of commit b25b7aa2a5 - Show all commits

6
Dockerfile Normal file
View File

@ -0,0 +1,6 @@
FROM debian:bullseye-slim
COPY minio-operator /usr/local/bin/minio-operator
COPY mc /usr/local/bin/mc
ENTRYPOINT /usr/local/bin/minio-operator

14
build_docker_image.sh Executable file
View File

@ -0,0 +1,14 @@
#!/bin/bash
cargo build --release
TEMP_DIR=$(mktemp -d)
cp target/release/minio-operator "$TEMP_DIR"
# Download mc
wget -O "$TEMP_DIR/mc" https://dl.min.io/client/mc/release/linux-amd64/mc
chmod +x "$TEMP_DIR/mc"
docker build -f Dockerfile "$TEMP_DIR" -t pierre42100/minio_operator
rm -r $TEMP_DIR

View File

@ -7,3 +7,4 @@ spec:
instance: my-minio-instance instance: my-minio-instance
name: second-bucket name: second-bucket
secret: second-bucket-secret secret: second-bucket-secret
versioning: false

View File

@ -0,0 +1,25 @@
apiVersion: v1
kind: Secret
metadata:
name: minio-root
type: Opaque
data:
accessKey: bWluaW9hZG1pbg==
secretKey: bWluaW9hZG1pbg==
---
apiVersion: "communiquons.org/v1"
kind: MinioInstance
metadata:
name: my-minio-instance
spec:
endpoint: http://192.168.2.103:9000/
credentials: minio-root
---
apiVersion: "communiquons.org/v1"
kind: MinioBucket
metadata:
name: first-bucket
spec:
instance: my-minio-instance
name: first-bucket
secret: first-bucket-secret

70
yaml/deployment.yaml Normal file
View File

@ -0,0 +1,70 @@
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: true
metadata:
name: minio-operator
namespace: default
labels:
app: minio-operator
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: minio-operator
namespace: default
rules:
- apiGroups: ["communiquons.org"]
resources: ["minioinstances", "miniobuckets"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "create"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: minio-operator
namespace: default
subjects:
- kind: ServiceAccount
name: minio-operator
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: minio-operator
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: minio-operator
labels:
app: minio-operator
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: minio-operator
template:
metadata:
labels:
app: minio-operator
spec:
serviceAccountName: minio-operator
containers:
- name: minio-operator
image: pierre42100/minio_operator
resources:
limits:
memory: 300Mi
cpu: "0.1"
requests:
memory: 150Mi
cpu: "0.01"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL

View File

@ -1,33 +0,0 @@
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: true
metadata:
name: minio-buckets
namespace: default
labels:
app: minio
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: minio-buckets
namespace: default
rules:
- apiGroups: ["communiquons.org"]
resources: ["minioinstances", "miniobuckets"]
verbs: ["get", "watch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: minio-buckets
namespace: default
subjects:
- kind: ServiceAccount
name: minio-buckets
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: minio-buckets
---