minio.yaml

Overview

The minio.yaml file is a Kubernetes manifest template designed for deploying a MinIO object storage service within a Kubernetes cluster using Helm templating. It defines the necessary Kubernetes resources to provision persistent storage, deploy a MinIO StatefulSet, and expose MinIO through a Service.

The main purpose of this file is to manage MinIO deployment in a reproducible, configurable, and scalable manner, integrating persistent storage (via PersistentVolumeClaim), ensuring stable network identity and storage (via StatefulSet), and enabling access to MinIO's S3-compatible API and web console (via Service).

Detailed Explanation of Components

1. PersistentVolumeClaim (PVC)

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: {{ include "ragflow.fullname" . }}-minio
  annotations:
    "helm.sh/resource-policy": keep
  labels:
    {{- include "ragflow.labels" . | nindent 4 }}
    app.kubernetes.io/component: minio
spec:
  {{- with .Values.minio.storage.className }}
  storageClassName: {{ . }}
  {{- end }}
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: {{ .Values.minio.storage.capacity }}

Purpose

• Requests persistent storage resources to persist MinIO data.

• Ensures data durability beyond pod lifecycle.

Key Fields

• storageClassName: (optional) Specifies the storage class to use.

• accessModes: ReadWriteOnce means the volume can be mounted as read-write by a single node.

• resources.requests.storage: The amount of storage requested for MinIO's data.

Helm Template Variables

• {{ include "ragflow.fullname" . }}: Generates a unique, full name for the MinIO resource.

• {{ .Values.minio.storage.capacity }}: Configurable storage size defined in Helm values.

• {{ .Values.minio.storage.className }}: Optional storage class from Helm values.

Usage Example

In values.yaml:

minio:
  storage:
    capacity: 10Gi
    className: standard

2. StatefulSet

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: {{ include "ragflow.fullname" . }}-minio
  labels:
    {{- include "ragflow.labels" . | nindent 4 }}
    app.kubernetes.io/component: minio
  annotations:
    checksum/config: {{ include (print $.Template.BasePath "/env.yaml") . | sha256sum }}
spec:
  replicas: 1
  selector:
    matchLabels:
      {{- include "ragflow.selectorLabels" . | nindent 6 }}
      app.kubernetes.io/component: minio
  {{- with .Values.minio.deployment.strategy }}
  strategy:
    {{- . | toYaml | nindent 4 }}
  {{- end }}
  template:
    metadata:
      labels:
        {{- include "ragflow.labels" . | nindent 8 }}
        app.kubernetes.io/component: minio
    spec:
      {{- if or .Values.imagePullSecrets .Values.minio.image.pullSecrets }}
      imagePullSecrets:
        {{- with .Values.imagePullSecrets }}
        {{- toYaml . | nindent 8 }}
        {{- end }}
        {{- with .Values.minio.image.pullSecrets }}
        {{- toYaml . | nindent 8 }}
        {{- end }}
      {{- end }}
      containers:
      - name: minio
        image: {{ .Values.minio.image.repository }}:{{ .Values.minio.image.tag }}
        {{- with .Values.minio.image.pullPolicy }}
        imagePullPolicy: {{ . }}
        {{- end }}
        envFrom:
          - secretRef:
              name: {{ include "ragflow.fullname" . }}-env-config
        args:
          - server
          - "--console-address=:9001"
          - "/data"
        ports:
          - containerPort: 9000
            name: s3
          - containerPort: 9001
            name: console
        {{- with .Values.minio.deployment.resources }}
        resources:
          {{- . | toYaml | nindent 10 }}
        {{- end }}
        volumeMounts:
          - mountPath: /data
            name: minio-data
      volumes:
        - name: minio-data
          persistentVolumeClaim:
            claimName: {{ include "ragflow.fullname" . }}-minio

Purpose

• Deploys the MinIO server as a StatefulSet to provide stable network IDs and persistent storage.

• Manages the lifecycle of MinIO pods with persistent storage attached.

Key Fields Explained

• replicas: Number of MinIO pods to run (default 1).

• selector.matchLabels: Ensures StatefulSet manages the correct pods.

• strategy: (optional) Deployment update strategy.

• template.spec.containers: Defines the MinIO container configuration.

  • image: MinIO Docker image from Helm values.

  • envFrom.secretRef: Loads environment variables from Kubernetes secrets.

  • args: Command line arguments for MinIO server:

    • server: run server mode.

    • --console-address=:9001: expose web console on port 9001.

    • /data: data directory inside container.

  • ports: Exposes MinIO S3 API on port 9000 and console on port 9001.

  • resources: (optional) Resource requests and limits.

  • volumeMounts: Mounts the persistent volume at /data.

• volumes: Connects the PVC named <fullname>-minio to the pod.

Helm Template Variables

• .Values.minio.image.repository, .tag, .pullPolicy: Image details.

• .Values.minio.deployment.resources: Resource constraints.

• imagePullSecrets: Secrets for private image registries.

• checksum/config: Annotation triggers pod restart when config changes.

Usage Example

In values.yaml:

minio:
  image:
    repository: minio/minio
    tag: RELEASE.2023-06-15T10-00-00Z
    pullPolicy: IfNotPresent
  deployment:
    strategy:
      type: RollingUpdate
    resources:
      limits:
        cpu: 500m
        memory: 512Mi
      requests:
        cpu: 250m
        memory: 256Mi

3. Service

apiVersion: v1
kind: Service
metadata:
  name: {{ include "ragflow.fullname" . }}-minio
  labels:
    {{- include "ragflow.labels" . | nindent 4 }}
    app.kubernetes.io/component: minio
spec:
  selector:
    {{- include "ragflow.selectorLabels" . | nindent 4 }}
    app.kubernetes.io/component: minio
  ports:
    - name: s3
      protocol: TCP
      port: 9000
      targetPort: s3
    - name: console
      protocol: TCP
      port: 9001
      targetPort: console
  type: {{ .Values.minio.service.type }}

Purpose

• Exposes the MinIO StatefulSet pods to internal or external clients.

• Provides access to:

  • MinIO S3 API on port 9000.

  • MinIO web console on port 9001.

Key Fields Explained

• selector: Matches pods with MinIO labels to route traffic.

• ports: Defines ports exposed by the service:

  • 9000 for S3 API.

  • 9001 for web console.

• type: Service type (ClusterIP, NodePort, LoadBalancer), configurable via Helm values.

Usage Example

In values.yaml:

minio:
  service:
    type: ClusterIP

Important Implementation Details

• Helm Templating: The file extensively uses Go templating functions (include, with, nindent, etc.) to inject values from Helm charts, providing flexibility and configurability.

• Resource Policy Annotation: The PVC has the annotation "helm.sh/resource-policy": keep which directs Helm to keep the PVC during uninstall or upgrade, preserving MinIO data.

• Checksum Annotation: The StatefulSet pod template uses a checksum annotation on an environment config file (env.yaml). This causes the pod to be recreated if environment variables change, ensuring configuration updates propagate.

• Volume Mounts and Persistence: The StatefulSet mounts the PVC to /data, the primary data directory for MinIO, ensuring data persistence.

Interaction with Other Parts of the System

• Helm Chart Values: This manifest depends on values defined in the Helm chart's values.yaml file under the minio key, such as image repository/tag, storage size, service type, and resource constraints.

• Secrets: Environment variables for MinIO (such as credentials) are injected via a Kubernetes Secret referenced as {{ include "ragflow.fullname" . }}-env-config.

• Other Ragflow Components: The labels and selectors use ragflow naming conventions to integrate with other components of the Ragflow ecosystem, ensuring proper service discovery and resource grouping.

• Persistent Storage: The PVC interacts with the underlying Kubernetes storage system to provide durable storage for MinIO.

• MinIO Console and API: The service exposes MinIO's API and console ports, enabling users or other services to access object storage and management UI.

Visual Diagram

The following flowchart illustrates the relationships and interactions between the main Kubernetes resources defined in minio.yaml:

flowchart TD
    PVC[PersistentVolumeClaim]
    StatefulSet[MinIO StatefulSet]
    Service[MinIO Service]

    PVC -->|Mounts volume| StatefulSet
    StatefulSet -->|Pods expose ports 9000 (S3) and 9001 (Console)| Service
    Service -->|Routes traffic| StatefulSet

    classDef k8sResource fill:#f9f,stroke:#333,stroke-width:1px,color:#000;
    class PVC,StatefulSet,Service k8sResource;

Summary

The minio.yaml file is a Helm-templated Kubernetes manifest that provisions a MinIO object storage deployment with persistent storage, controlled pod lifecycle, and network exposure. It is a critical part of managing scalable, durable, and accessible object storage in a Kubernetes environment, facilitating integration with cloud-native workflows and other components in the Ragflow system.

Usage Notes

• Customize storage size, image version, and service type in values.yaml.

• Manage secrets separately to provide MinIO credentials and other sensitive data.

• Monitor StatefulSet pod health and storage status to ensure reliable operation.

• Consider scaling replicas for high availability if your MinIO license and setup allow.

If you need further integration details or examples of Helm configuration for this deployment, please let me know!