operator icon indicating copy to clipboard operation
operator copied to clipboard
verified publisher icon minio

able to add the sidecar and initcontainer memory resources through HelmChart

Open rajasekharbh opened this issue 1 year ago • 9 comments

with the operator helm charts(5.0.13 or 6.0.1) the sidecar and validate-arguments containers are getting resource empty and values.yaml doesn't have the resources set for the init and sidecar. if we don't set the values validation webhook is not allowing to create the pod.

warning FailedCreate 20s (x17 over 5m49s) statefulset-controller create Pod myminio-tenant-pool-0-0 in StatefulSet myminio-tenant-pool-0-0 failed error: admission webhook "validating-webhook.openpolicyagent.org" denied the request: the pod "myminio-tenant-pool-0-0", in namespace "minio-tenant", did not specify cpu limits resources, the pod "myminio-tenant-pool-0-0", in namespace "minio-tenant", did not specify cpu requests, the pod "myminio-tenant-pool-0-0", in namespace: "minio-tenant", did not specify memory limits resources, the pod "myminio-tenant-pool-0-0", in namespace: "monio-tenant", did not specify memory request resources. https://github.com/minio/operator/blob/v5.0.13/helm/operator/values.yaml

if we set the resourcequota at namespace level, we are getting below error.

Warning FailedCreate 100s (x17 over 7m8s) statefulset-controller create Pod myminio-tenant-pool-0-0 in StatefulSet myminio-pool-0 failed error: pod "myminio-tenant-pool-0-0" is forbidden: failed quots: minio-quota: must specify limits.cpu for : sidecar,validate-arguments; limits,memory for : sidecar,validat-arguments; requests,cpu for sidecar,validate-arguments; requestss,memory for: sidecar,validat-arguments

rajasekharbh avatar Aug 12 '24 15:08 rajasekharbh

This was also reported in https://github.com/minio/operator/issues/1287#issuecomment-2278951782.

ramondeklein avatar Aug 12 '24 17:08 ramondeklein

I guess you're using a custom pod admission controller?

ramondeklein avatar Aug 12 '24 17:08 ramondeklein

correct @ramondeklein

rajasekharbh avatar Aug 13 '24 18:08 rajasekharbh

Then it’s probably best for now to deploy the Tenant resource manually (without using Helm).

ramondeklein avatar Aug 14 '24 06:08 ramondeklein

This seems like a pretty trivial addition to https://github.com/minio/operator/blob/master/helm/tenant/templates/tenant.yaml. Are you guys open to a contribution?

AlanMasciangelo avatar Mar 05 '25 20:03 AlanMasciangelo

Although it's pretty trival, we are sceptical and try to address 95% of the use-cases using the Helm chart. If we need to support all edge-cases, then each property of the Helm chart will be configurable in the end and is almost impossible to maintain.

We'll discuss internally.

ramondeklein avatar Mar 09 '25 21:03 ramondeklein

This issue has been automatically marked as stale because it has not had recent activity. It will be closed after 21 days if no further activity occurs. Thank you for your contributions.

stale[bot] avatar Jul 19 '25 08:07 stale[bot]

I am also affected with this issue deploying Minio from operator/tenant helm chart 71.1 via fleet on Rancher using project quotas.

Operator not able to deploy Tenant with the next error message:

create Pod minio-pool-0-0 in StatefulSet minio-pool-0 failed error: pods "minio-pool-0-0" is forbidden: failed quota: default-abu58: must specify limits.memory for: sidecar,validate-arguments

Please make it available to set the Tenant sidecar resources from helm values as well.

kpoos avatar Nov 06 '25 16:11 kpoos

I guess you're using a custom pod admission controller?

Unfortunately in our case it is a standard rancher projekt quota, which does not let minio Tenant start because of missing resource limit settings...

kpoos avatar Nov 07 '25 09:11 kpoos