mimir values.yaml📜
minio-tenant📜
Type: object
address: minio.mimir.svc.cluster.local
enabled: false
tenant:
buckets:
- name: mimir
configSecret:
accessKey: minio
name: mimir-objstore-creds
secretKey: minio123
defaultUserCredentials:
password: supersecret
username: mimir-user
metrics:
enabled: false
memory: 128M
port: 9000
pools:
- containerSecurityContext:
capabilities:
drop:
- ALL
labels:
app: minio
app.kubernetes.io/name: minio
name: pool-0
securityContext:
fsGroup: 1001
runAsGroup: 1001
runAsUser: 1001
servers: 4
size: 750Mi
volumesPerServer: 4
users:
- name: mimir-user-credentials
waitJob:
enabled: false
Description: Configuration for the Big Bang MinIO tenant subchart. See repo https://repo1.dso.mil/big-bang/product/packages/minio for configuring values.yaml
minio-tenant.enabled📜
Type: bool
false
Description: Enable MinIO instance support, must have minio-operator installed
minio-tenant.tenant.configSecret📜
Type: object
accessKey: minio
name: mimir-objstore-creds
secretKey: minio123
Description: MinIO root credentials
minio-tenant.tenant.buckets📜
Type: list
- name: mimir
Description: Buckets to be provisioned to for tenant
minio-tenant.tenant.users📜
Type: list
- name: mimir-user-credentials
Description: Name of the Secret that will contain the defaultUserCredentials generated for Tenant User
minio-tenant.tenant.defaultUserCredentials📜
Type: object
password: supersecret
username: mimir-user
Description: User credentials to create as a secret for above user. Otherwise password is randomly generated. This auth is not required to be set or reclaimed for minio use with mimir
networkPolicies.enabled📜
Type: bool
true
Description: Toggle networkPolicies
networkPolicies.controlPlaneCidr📜
Type: string
"0.0.0.0/0"
Description: Control Plane CIDR, defaults to 0.0.0.0/0, use kubectl get endpoints -n default kubernetes to get the CIDR range needed for your cluster Must be an IP CIDR range (x.x.x.x/x - ideally with /32 for the specific IP of a single endpoint, broader range for multiple masters/endpoints) Used by package NetworkPolicies to allow Kube API access
networkPolicies.additionalPolicies📜
Type: list
[]
networkPolicies.egress📜
Type: object
{}
istio.enabled📜
Type: bool
false
Description: Toggle istio configuration
istio.hardened📜
Type: object
alloy:
enabled: true
namespaces:
- monitoring
principals:
- cluster.local/ns/monitoring/sa/monitoring-alloy
customAuthorizationPolicies: []
customServiceEntries: []
enabled: false
grafana:
enabled: true
namespaces:
- monitoring
principals:
- cluster.local/ns/monitoring/sa/monitoring-grafana
minio:
enabled: true
minioOperator:
enabled: true
namespaces:
- minio-operator
principals:
- cluster.local/ns/minio-operator/sa/minio-operator
outboundTrafficPolicyMode: REGISTRY_ONLY
prometheus:
enabled: true
namespaces:
- monitoring
principals:
- cluster.local/ns/monitoring/sa/monitoring-monitoring-kube-prometheus
Description: Default peer authentication values
istio.mtls.mode📜
Type: string
"STRICT"
Description: STRICT = Allow only mutual TLS traffic, PERMISSIVE = Allow both plain text and mutual TLS traffic
bbtests.enabled📜
Type: bool
false
bbtests.cypress.enabled📜
Type: bool
true
bbtests.cypress.artifacts📜
Type: bool
true
bbtests.cypress.envs.cypress_grafana_url📜
Type: string
"http://monitoring-grafana.monitoring.svc.cluster.local"
bbtests.cypress.scripts.image📜
Type: string
"registry1.dso.mil/ironbank/big-bang/base:2.1.0"
bbtests.cypress.scripts.envs.MIMIR_URL📜
Type: string
"http://mimir-mimir-distributor.mimir.svc:8080"