Deprecate the Krew plugin (minio#2051)

Signed-off-by: Daniel Valdivia <[email protected]>

.gitignore

@@ -5,10 +5,8 @@ minio-operator
 !tenant/
 .idea/
 dist/
-kubectl-minio/kubectl-minio
 *.minisig
 *.zip
-kubectl-minio/crds
 *.log
 .vscode
 minio.yaml

.goreleaser.yml

@@ -33,32 +33,6 @@ builds:
       - -s -w -X github.com/minio/operator/pkg.ReleaseTag={{.Tag}} -X github.com/minio/operator/pkg.CommitID={{.FullCommit}} -X github.com/minio/operator/pkg.Version={{.Version}} -X github.com/minio/operator/pkg.ShortCommitID={{.ShortCommit}} -X github.com/minio/operator/pkg.ReleaseTime={{.Date}}
     flags:
       - -trimpath
-    hooks:
-      post: ./package.sh {{ .Path }}
-
-  - id: kubectl-minio
-    dir: kubectl-minio
-    binary: kubectl-minio
-    goos:
-      - linux
-      - darwin
-      - windows
-    goarch:
-      - amd64
-      - arm64
-      - ppc64le
-      - s390x
-    ignore:
-      - goos: windows
-        goarch: arm64
-    env:
-      - CGO_ENABLED=0
-    ldflags:
-      - -s -w -X github.com/minio/kubectl-minio/cmd.version={{.Tag}}
-    flags:
-      - -trimpath
-    hooks:
-      post: ./package.sh {{ .Path }}
 
 archives:
   - allow_different_binary_count: true

Makefile

@@ -18,7 +18,6 @@ HELM_TEMPLATES=$(HELM_HOME)/templates
 KUSTOMIZE_HOME=resources
 KUSTOMIZE_CRDS=$(KUSTOMIZE_HOME)/base/crds/
 
-PLUGIN_HOME=kubectl-minio
 
 all: build
 
@@ -42,7 +41,7 @@ operator: binary
 docker: operator
 	@docker buildx build --no-cache --load --platform linux/$(GOARCH) -t $(TAG) .
 
-build: regen-crd verify plugin operator docker
+build: regen-crd verify operator docker
 
 install: all
 
@@ -79,17 +78,6 @@ regen-crd-docs:
 	@${GOPATH}/bin/crd-ref-docs --source-path=./pkg/apis/sts.min.io/v1alpha1  --config=docs/templates/config.yaml --renderer=asciidoctor --output-path=docs/policybinding_crd.adoc --templates-dir=docs/templates/asciidoctor/
 	@${GOPATH}/bin/crd-ref-docs --source-path=./pkg/apis/job.min.io/v1alpha1  --config=docs/templates/config.yaml --renderer=asciidoctor --output-path=docs/job_crd.adoc --templates-dir=docs/templates/asciidoctor/
 
-plugin: regen-crd
-	@echo "Building 'kubectl-minio' binary"
-	@(cd $(PLUGIN_HOME); \
-		go vet ./... && \
-		go test -race ./... && \
-		GO111MODULE=on ${GOPATH}/bin/golangci-lint cache clean && \
-		GO111MODULE=on ${GOPATH}/bin/golangci-lint run --timeout=5m --config ../.golangci.yml)
-
-plugin-binary: plugin
-	@(cd $(PLUGIN_HOME) && CGO_ENABLED=0 go build -trimpath --ldflags $(LDFLAGS) -o kubectl-minio .)
-
 generate-code:
 	@./k8s/update-codegen.sh
 

README.md

@@ -47,15 +47,6 @@ status.
 For more complete documentation on using the MinIO Console, see the
 [MinIO Console Github Repository](https://github.com/minio/console).
 
-## MinIO Operator and `kubectl` Plugin
-
-The MinIO Operator extends the Kubernetes API to support deploying MinIO-specific
-resources as a Tenant in a Kubernetes cluster.
-
-The MinIO `kubectl minio` plugin wraps the Operator to provide a simplified interface
-for deploying and managing MinIO Tenants in a Kubernetes cluster through the
-`kubectl` command line tool.
-
 # Deploy the MinIO Operator and Create a Tenant
 
 This procedure installs the MinIO Operator and creates a 4-node MinIO Tenant for supporting object storage operations in
@@ -65,10 +56,12 @@ a Kubernetes cluster.
 
 ### Kubernetes 1.21 or Later
 
-Starting with Operator v5.0.0, MinIO requires Kubernetes version 1.21.0 or later. You must upgrade your Kubernetes cluster to 1.21.0 or later to use Operator
+Starting with Operator v5.0.0, MinIO requires Kubernetes version 1.21.0 or later. You must upgrade your Kubernetes
+cluster to 1.21.0 or later to use Operator
 v5.0.0+.
 
-Starting with Operator v4.0.0, MinIO requires Kubernetes version 1.19.0 or later.  Previous versions of the Operator supported Kubernetes 1.17.0 or later. You must upgrade your Kubernetes cluster to 1.19.0 or later to use Operator
+Starting with Operator v4.0.0, MinIO requires Kubernetes version 1.19.0 or later. Previous versions of the Operator
+supported Kubernetes 1.17.0 or later. You must upgrade your Kubernetes cluster to 1.19.0 or later to use Operator
 v4.0.0+.
 
 This procedure assumes the host machine has [`kubectl`](https://kubernetes.io/docs/tasks/tools) installed and configured
@@ -80,7 +73,7 @@ MinIO supports no more than *one* MinIO Tenant per Namespace. The following `kub
 for the MinIO Tenant.
 
 ```sh
-kubectl create namespace minio-tenant-1
+kubectl create namespace minio-tenant
 ```
 
 The MinIO Operator Console supports creating a namespace as part of the Tenant Creation procedure.
@@ -166,13 +159,13 @@ performance:
 ## Procedure
 
 ### 1) Install the MinIO Operator via Kustomization
-Follow the  [Install `kustomize`](https://kubectl.docs.kubernetes.io/installation/kustomize/)  guide for your host system before starting this procedure.
+
+The standard `kubectl` tool ships with support
+for [kustomize](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/) out of the box, so you can
+use that to install MiniO Operator.
 
 ```sh
-VERSION=v5.0.11
-TIMEOUT=120 # By default is 27, sometimes connection is slow, allow more time to fetch it.
-kustomize build "github.com/minio/operator/resources/?timeout=120&ref=${VERSION}" > operator.yaml
-kubectl apply -f operator.yaml
+kubectl kustomize github.com/minio/operator\?ref=v5.0.14
 ```
 
 Run the following command to verify the status of the Operator:

docs/expansion.md

@@ -1,43 +1,88 @@
 # Adding capacity to a MinIO Tenant [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
 
-This document explains how to expand an existing MinIO Tenant with Operator. This is only applicable to a Tenant (MinIO Deployment) created by MinIO Operator.
+This document explains how to expand an existing MinIO Tenant with Operator. This is only applicable to a Tenant (MinIO
+Deployment) created by MinIO Operator.
 
-MinIO expansion is done in terms of MinIO pools, read more about the design in [MinIO Docs](https://github.com/minio/minio/blob/master/docs/distributed).
+MinIO expansion is done in terms of MinIO pools, read more about the design
+in [MinIO Docs](https://github.com/minio/minio/blob/master/docs/distributed).
 
 ## Getting Started
 
-You can add capacity to the tenant using `kubectl minio` plugin, or using the MinIO Operator Console.
+You can add capacity to the tenant using editing your tenant yaml or using the MinIO Operator Console.
 
 ```
-kubectl minio tenant expand TENANT_NAME --servers SERVERS --volumes TOTAL_VOLUMES --capacity TOTAL_RAW_CAPACITY
+kubectl -n NAMESPACE edit tenant TENANT_NAME
 ```
 
-Remember to replace `TENANT_NAME` with tenant name where you want to add volumes, `SERVERS` with the number of servers to be added to the tenant, `TOTAL_VOLUMES` with the total number of volumes to be added to tenant and `TOTAL_RAW_CAPACITY` with the total raw capacity to be added to the tenant.
+Modify the `.spec.pools` section to add an additional pool. For example, to add a pool with 4 drives, modify the yaml
+as:
+
+```yaml
+spec:
+  pools:
+      ...
+        - servers: 4
+    ## For naming of the pool, you can use any name, but keeping sequential numbers is recommended.
+        name: pool-1
+    ## volumesPerServer specifies the number of volumes attached per MinIO Tenant Pod / Server.
+        volumesPerServer: 4
+    ## This VolumeClaimTemplate is used across all the volumes provisioned for MinIO Tenant in this Pool.
+        volumeClaimTemplate:
+          metadata:
+            name: data
+          spec:
+            accessModes:
+              - ReadWriteOnce
+            resources:
+              requests:
+                storage: 2Gi
+```
 
 **NOTE**: Important points to consider _before_ using Tenant expansion:
 
-- During Tenant expansion, MinIO Operator removes the existing StatefulSet and creates a new StatefulSet with required number of Pods. This means, there is a  downtime during expansion, as the pods are terminated and created again. As existing StatefulSet pods are terminated, its PVCs are also deleted. It is _very important_ to ensure PVs bound to MinIO StatefulSet PVCs are not deleted at this time to avoid data loss. We recommend configuring every PV with reclaim policy [`retain`](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#retain), to ensure the PV is not deleted. If you attempt Tenant expansion while the PV reclaim policy is set to something else, it may lead to data loss. If you have the reclaim policy set to something else, change it as explained in [Kubernetes documents](https://kubernetes.io/docs/tasks/administer-Tenant/change-pv-reclaim-policy/).
+- During Tenant expansion, MinIO Operator removes the existing StatefulSet and creates a new StatefulSet with required
+  number of Pods. This means, there is a downtime during expansion, as the pods are terminated and created again. As
+  existing StatefulSet pods are terminated, its PVCs are also deleted. It is _very important_ to ensure PVs bound to
+  MinIO StatefulSet PVCs are not deleted at this time to avoid data loss. We recommend configuring every PV with reclaim
+  policy [`retain`](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#retain), to ensure the PV is not
+  deleted. If you attempt Tenant expansion while the PV reclaim policy is set to something else, it may lead to data
+  loss. If you have the reclaim policy set to something else, change it as explained
+  in [Kubernetes documents](https://kubernetes.io/docs/tasks/administer-Tenant/change-pv-reclaim-policy/).
 
 - MinIO server currently doesn't support reducing storage capacity.
 
 ## Underlying Details in Tenant Expansion
 
 ### What are MinIO pools
 
-A MinIO pool is a self-contained entity with same SLA's (read/write quorum) for each object. There are no limits on how many pools can be combined. After adding of a pool, MinIO simply uses the least used pool. All pools are for all purposes are invisible to an any application, and MinIO handles the pools internally. 
+A MinIO pool is a self-contained entity with same SLA's (read/write quorum) for each object. There are no limits on how
+many pools can be combined. After adding of a pool, MinIO simply uses the least used pool. All pools are for all
+purposes are invisible to an any application, and MinIO handles the pools internally.
 
 ### Rules of Adding pools
 
-There is only one requirement, i.e. based on initial pool's erasure set count (say `n`), new pools are expected to have a minimum of `n` drives to match the original Tenant SLA, or it should be in multiples of `n`. For example if initial set count is 4, new pools should have at least 4 or multiple of 4 drives.
+There is only one requirement, i.e. based on initial pool's erasure set count (say `n`), new pools are expected to have
+a minimum of `n` drives to match the original Tenant SLA, or it should be in multiples of `n`. For example if initial
+set count is 4, new pools should have at least 4 or multiple of 4 drives.
 
 ### Effects on KES/TLS Enabled Instance
 
-If your MinIO Operator configuration has [KES](https://github.com/minio/operator/blob/master/docs/kes.md) or [Automatic TLS](https://github.com/minio/operator/blob/master/docs/tls.md#automatic-csr-generation) enabled, there are additional considerations:
+If your MinIO Operator configuration has [KES](https://github.com/minio/operator/blob/master/docs/kes.md)
+or [Automatic TLS](https://github.com/minio/operator/blob/master/docs/tls.md#automatic-csr-generation) enabled, there
+are additional considerations:
 
-- When new pools are added, Operator invalidates older self-signed TLS certificates and the related secrets. Operator then creates new certificate signing requests (CSR). This is because there are new MinIO nodes that must be added in certificate DNS names. The administrator must approve these CSRs for MinIO server to be deployed again. Unless the CSR are approved, Operator will not create MinIO StatefulSet pods.
+- When new pools are added, Operator invalidates older self-signed TLS certificates and the related secrets. Operator
+  then creates new certificate signing requests (CSR). This is because there are new MinIO nodes that must be added in
+  certificate DNS names. The administrator must approve these CSRs for MinIO server to be deployed again. Unless the CSR
+  are approved, Operator will not create MinIO StatefulSet pods.
 
-- If you're using your own certificates, as explained [here](https://github.com/minio/operator/blob/master/docs/tls.md#pass-certificate-secret-to-tenant), please ensure to use/update proper certificates that allow older and new MinIO nodes.
+- If you're using your own certificates, as
+  explained [here](https://github.com/minio/operator/blob/master/docs/tls.md#pass-certificate-secret-to-tenant), please
+  ensure to use/update proper certificates that allow older and new MinIO nodes.
 
 ## Downtime
 
-The Tenant expansion process requires removing the existing StatefulSet and creating a new StatefulSet with the required number of pods. Kubernetes automatically terminates and re-creates pods and PVCs during this process. Since MinIO requires at least (Volumes/2)+1 volumes to support regular read and write operations, the expansion process may result in a period of downtime where MinIO returns errors for read and write operations.
+The Tenant expansion process requires removing the existing StatefulSet and creating a new StatefulSet with the required
+number of pods. Kubernetes automatically terminates and re-creates pods and PVCs during this process. Since MinIO
+requires at least (Volumes/2)+1 volumes to support regular read and write operations, the expansion process may result
+in a period of downtime where MinIO returns errors for read and write operations.

docs/kes.md

@@ -7,24 +7,28 @@ This document explains how to enable KES with MinIO Operator.
 ### Prerequisites
 
 - MinIO Operator up and running as explained in the [document here](https://github.com/minio/operator#operator-setup).
-- Install [`kubectl minio` plugin](https://github.com/minio/operator/tree/master/kubectl-minio#install-plugin).
-- KES requires a KMS backend in [configuration](https://raw.githubusercontent.com/minio/operator/master/examples/kes-secret.yaml). Currently KES supports [AWS Secrets Manager](https://github.com/minio/kes/wiki/AWS-SecretsManager) and [Hashicorp Vault](https://github.com/minio/kes/wiki/Hashicorp-Vault-Keystore) as KMS backend for production.S Set up one of these as the KMS backend before setting up KES.
+- KES requires a KMS backend
+  in [configuration](https://raw.githubusercontent.com/minio/operator/master/examples/kes-secret.yaml). Currently KES
+  supports [AWS Secrets Manager](https://github.com/minio/kes/wiki/AWS-SecretsManager)
+  and [Hashicorp Vault](https://github.com/minio/kes/wiki/Hashicorp-Vault-Keystore) as KMS backend for production.S Set
+  up one of these as the KMS backend before setting up KES.
 
 ### Create MinIO Tenant
 
-Use `kubectl minio` plugin to create the MinIO tenant with console and encryption enabled:
+We have an example Tenant with KES encryption available
+at [examples/tenant-kes-encryption](../examples/tenant-kes-encryption).
 
-```
-kubectl create ns tenant1-ns
-kubectl create secret generic tenant1-secret --from-literal=accesskey=YOUR-ACCESS-KEY --from-literal=secretkey=YOUR-SECRET-KEY --namespace tenant1-ns
-kubectl create -f https://raw.githubusercontent.com/minio/operator/master/examples/console-secret.yaml --namespace tenant1-ns
-kubectl create -f https://raw.githubusercontent.com/minio/operator/master/examples/kes-secret.yaml --namespace tenant1-ns
-kubectl minio tenant create --name tenant1 --secret tenant1-secret --servers 4 --volumes 16 --capacity 16Ti --namespace tenant1-ns --console-secret console-secret --kes-secret kes-config
+You can install the example like:
+
+```shell
+kubectl apply -k github.com/minio/operator/examples/kustomization/tenant-kes-encryption
 ```
 
 ## KES Configuration
 
-KES Configuration is a part of Tenant yaml file. Check the sample file [available here](https://raw.githubusercontent.com/minio/operator/master/examples/kustomization/tenant-kes-encryption/tenant.yaml). The config offers below options
+KES Configuration is a part of Tenant yaml file. Check the sample
+file [available here](https://raw.githubusercontent.com/minio/operator/master/examples/kustomization/tenant-kes-encryption/tenant.yaml).
+The config offers below options
 
 ### KES Fields