-
Notifications
You must be signed in to change notification settings - Fork 0
MINIO_CONSOLE_TLS_ENABLE
Cesar Celis Hernandez edited this page Sep 15, 2023
·
1 revision
MINIO_CONSOLE_TLS_ENABLE
is the only variable that matters in Operator.
operator/pkg/controller/console.go
const (
// ConsoleTLSEnv Env variable to turn on / off Console TLS.
ConsoleTLSEnv = "MINIO_CONSOLE_TLS_ENABLE"
// DefaultConsoleDeploymentName is the default name of the console deployment
DefaultConsoleDeploymentName = "console"
// OperatorConsoleTLSSecretName is the name of secret created with TLS certs for Operator console
OperatorConsoleTLSSecretName = "console-tls"
)
// isOperatorConsoleTLS Internal func, reads MINIO_CONSOLE_TLS_ENABLE ENV to identify if Operator Console TLS is enabled, default "off"
func isOperatorConsoleTLS() bool {
value, set := os.LookupEnv(ConsoleTLSEnv)
// By default, Console TLS is NOT used.
return set && value == "on"
}
operator/pkg/controller/main-controller.go
// 1) we need to make sure we have console TLS certificates (if enabled)
if isOperatorConsoleTLS() {
klog.Info("Waiting for Console TLS")
go func() {
if utils.GetOperatorRuntime() == common.OperatorRuntimeOpenshift {
klog.Infof("Console TLS is enabled, skipping TLS certificate generation on Openshift deployment")
} else {
klog.Infof("Console TLS is enabled, starting console TLS certificate setup")
err := c.recreateOperatorConsoleCertsIfRequired(ctx)
if err != nil {
panic(err)
}
klog.Infof("Restarting Console pods")
err = c.rolloutRestartDeployment(getConsoleDeploymentName())
if err != nil {
klog.Errorf("Console deployment didn't restart: %s", err)
}
}
}()
} else {
klog.Infof("Console TLS is not enabled")
}