You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
explain operator-ca-tls prefixed secrets behavior in operator namespace
Operator STS
Updated from v1alpha1 to v1beta1
Explain STS is (will be) moved to it's own controller
Fields immutable
spec.pools.*.volumesPerServer and spec.pools.*.servers fields are immutable once created, this was introduced in Fields immutable #2070 on v5.0.15
Explain why are immutable after creation
Field spec.pools.*.name is required starting v5.0.15
Explain how to get the default name Operator sets and how to update the existing tenants to include this field.
Make sure field name is optional in Helm chart, but helm chart sets a default value
Headless service port name is now renamed based on TLS settings
Headless service now changes port name from http-minio to https-minio when TLS is enabled, this is introduced on #2135, be aware to configure Ingress or any other resources that reference this por name accordingly.
details
When .spec.requestAutocert is false and .spec. externalCertSecret is empty, then no TLS encryption in transit is enabled for the tenant, and the 3 services created in the namespace have a prefixed http- service port:
the same, minio exposes port http-minio and headless service {tenant-name}-hl exposes port http-minio.
However, when TLS is enable (because of .spec.requestAutocert is true or .spec. externalCertSecret is provided) then the port names for {tenant-name}-console and minio services were renamed to have prefix https-.
But headless service port was not renamed, it was kept as http-minio, starting this version the 3 services behave the same way and rename the port with a https- prefix.
The text was updated successfully, but these errors were encountered:
Okay, I've read and understood the instructions. I'll begin by creating a PR to explain the part I'm most familiar with, which is the MinIO Jobs feature. After that, I'll pass it to the team for review. We can add the rest of the requested documentation in separate PRs later on.
This is a check list of breaking changes to remind document for following Operator release, we did something similar with version 5.0.0 here https://github.com/minio/operator/blob/master/docs/notes/v5.0.0.md
Introducing MinIO Job
Sidecar container
TLS refactors
operator-ca-tls
prefixed secrets behavior in operator namespaceOperator STS
v1alpha1
tov1beta1
Fields immutable
spec.pools.*.volumesPerServer
andspec.pools.*.servers
fields are immutable once created, this was introduced in Fields immutable #2070 on v5.0.15Field
spec.pools.*.name
is required starting v5.0.15name
Operator sets and how to update the existing tenants to include this field.name
is optional in Helm chart, but helm chart sets a default valueHeadless service port name is now renamed based on TLS settings
Headless service now changes port name from
http-minio
tohttps-minio
when TLS is enabled, this is introduced on #2135, be aware to configure Ingress or any other resources that reference this por name accordingly.details
When
.spec.requestAutocert
isfalse
and.spec. externalCertSecret
is empty, then no TLS encryption in transit is enabled for the tenant, and the 3 services created in the namespace have a prefixedhttp-
service port:{tenant-name}-console
exposes porthttp-console
example
the same,
minio
exposes porthttp-minio
and headless service{tenant-name}-hl
exposes porthttp-minio
.However, when TLS is enable (because of
.spec.requestAutocert
istrue
or.spec. externalCertSecret
is provided) then the port names for{tenant-name}-console
andminio
services were renamed to have prefixhttps-
.example
But headless service port was not renamed, it was kept as
http-minio
, starting this version the 3 services behave the same way and rename the port with ahttps-
prefix.The text was updated successfully, but these errors were encountered: