Object Storage Helm Values
نظره عامه
This page is the authoritative reference for every Helm value under the
objectStorage.* namespace in the helm_aio chart. Operators wiring
the bundled helm_aio release through values files, GitOps, or --جبر
flags should refer to this page for the canonical schema and defaults.
For task-oriented guides built on top of these values, refer to:
- Object Storage Overview
- Choose a Provider
- Migrate Between Providers
- Add a New Object Storage Provider
Top-level keys
| Key | نوع | افتراضي | Purpose |
|---|---|---|---|
objectStorage.activeProvider | خيط | auto | Explicit override for the alias target. Set to a provider name (rustfs, مينيو , ...) to pin the alias regardless of the resolution rules. Defaults to auto. |
objectStorage.previousProvider | خيط | مينيو | Names the data-bearing side when two providers are enabled and activeProvider=auto. Read as the legacy default for installs that predated the registry. |
objectStorage.cutoverAcknowledged | bool | خطأ | When صحيح , the alias flips from previousProvider to the other enabled provider. The legacy rustfs.migrationAcknowledged is honored as a synonym. |
objectStorage.service.enabled | bool | صحيح | When خطأ ال ilum-objectstorage Service alias is not rendered, even if a provider is enabled. Useful for BYO external S3 deployments. |
objectStorage.endpoint | خيط | http://ilum-objectstorage:9000 | S3 API endpoint that bundled consumers target. Defaults to the in-cluster alias hostname. Override to point at an external provider. |
objectStorage.region | خيط | الولايات المتحدة الشرقية 1 | S3 region passed to AWS SDK and Hadoop S3A clients. |
objectStorage.pathStyle | bool | صحيح | Path-style addressing toggle. صحيح matches bundled providers; set to خطأ for AWS S3 virtual-hosted-style addressing. |
objectStorage.defaultBuckets | list[string] | [ilum-files, ilum-data, ilum-tables, ilum-mlflow, ilum-kestra, ilum-ducklake, ilum-langfuse] | Default bucket list created by the bundled init وظائف and referenced by the migration مهمة . |
Provider registry
ال objectStorage.providers map declares each provider known to the
chart. Adding a new entry registers the provider; no chart-template
change is required. See Add a New Provider.
| Key | نوع | افتراضي | Purpose |
|---|---|---|---|
objectStorage.providers.<name>.enabled | bool | (unset for bundled; required for new providers) | Operator-set enable flag. Bundled providers (rustfs, مينيو ) defer to their chart-level flags (.Values.rustfs.enabled, .Values.minio.enabled). New providers without a chart-level flag set this directly. |
objectStorage.providers.<name>.consolePath | خيط | provider-specific | iframe path the إيلوم UI renders for this provider's console. Bundled defaults: /rustfs/console/ for RustFS, / خارجي / مينيو / for MinIO. |
objectStorage.providers.<name>.consoleMode | خيط ( same-originأو nginx-rewrite) | provider-specific | Routing mode the إيلوم UI's nginx proxy applies for this provider. same-origin for consoles with a configurable base path (RustFS); nginx-rewrite for consoles pinned to an absolute URL (MinIO). |
Bundled provider defaults
objectStorage:
providers:
rustfs:
consolePath: /rustfs/console/
consoleMode: same- origin
مينيو :
consolePath: / خارجي / مينيو /
consoleMode: nginx- rewrite
Credentials
The shared Secret ilum-objectstorage-credentials carries the S3 root
credentials consumed by every bundled component. See
Rotate Object Storage Credentials
for the rotation procedure.
| Key | نوع | افتراضي | Purpose |
|---|---|---|---|
objectStorage.credentials.create | bool | صحيح | Whether helm_aio should create the Secret on helm install. Disable when the operator manages the Secret externally. |
objectStorage.credentials.name | خيط | ilum-objectstorage-credentials | Name of the Secret. Bundled consumers read from this name; do not change without overriding every consumer chart. |
objectStorage.credentials.accessKey | خيط | المشرف | Initial access key. The Secret's lookup clause preserves the live value on ترقية Helm , so this default applies only to net-new installs. |
objectStorage.credentials.secretKey | خيط | admin12345 | Initial secret key. Same lookup preservation as accessKey. Must be at least 8 characters for the bundled mc-based init Pod to authenticate. |
objectStorage.credentials.existingSecret | خيط | (unset) | Reference an externally-managed Secret instead of having helm_aio create one. |
objectStorage.credentials.preserveExisting | bool | صحيح | When صحيح , the chart's lookup clause reads the live Secret on ترقية Helm and preserves its values. Set to خطأ for deterministic helm template output in GitOps pipelines. |
Secret key aliases
ال ilum-objectstorage-credentials Secret exposes the credential
pair under six aliased keys so each consumer can reference it under its
native naming convention:
| Key | Used by |
|---|---|
access-key | bundled consumers using the generic name |
secret-key | bundled consumers using the generic name |
root-user | the bundled ميني آيو chart |
root-password | the bundled ميني آيو chart |
RUSTFS_ACCESS_KEY | the bundled RustFS chart |
RUSTFS_SECRET_KEY | the bundled RustFS chart |
Legacy back-compat shims
The following keys remain accepted in 6.7.2 and later for back-compat with values overlays written against earlier releases. They are deprecated in favour of the new names listed in the table above and will be removed in a future major release.
| Legacy key | New equivalent | Notes |
|---|---|---|
rustfs.migrationAcknowledged | objectStorage.cutoverAcknowledged | Either flag triggers the cutover; both accepted simultaneously. |
rustfs.enabled | objectStorage.providers.rustfs.enabled | The chart-level flag remains the single source of truth for the RustFS sub-chart's render condition. The registry entry honors it. |
minio.enabled | objectStorage.providers.minio.enabled | Same back-compat shape as rustfs.enabled. |
MINIO_READ (backend permission) | OBJECT_STORAGE_READ | The backend continues to accept the legacy permission name and the الأدوارToMinio / المجموعاتToMinio / minioMinAccessRole Hydra mappings. A one-time deprecation warning is logged on startup when the legacy form is supplied. |
Reference
- Chart source:
helm/helm_aio/values.yamlفي المربع إيلوم monorepo - Helpers reference:
helm/helm_aio/templates/_helpers.tpl(definesilum-aio.activeObjectStorageProvider,ilum-aio.objectStorageConsolePath,ilum-aio.objectStorageConsoleMode) - Upgrade notes:
helm/UPGRADE_NOTES.mdفي المربع إيلوم monorepo - Task-oriented guides: Object Storage section in User Guides