deploy cssi-attacher as sidecar container in provisioner

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-11-09 16:00:22 +00:00 · 2019-03-27 13:58:42 +05:30 · 2019-03-27 13:58:42 +05:30 · 168468a934
commit 168468a934
parent 72d1520f6d
9 changed files with 26 additions and 97 deletions
--- a/deploy/cephfs/kubernetes/csi-attacher-rbac.yaml
+++ b/deploy/cephfs/kubernetes/csi-attacher-rbac.yaml
@ -1,38 +0,0 @@
---
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: cephfs-csi-attacher
-
---
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: cephfs-external-attacher-runner
-rules:
-  - apiGroups: [""]
-    resources: ["persistentvolumes"]
-    verbs: ["get", "list", "watch", "update"]
-  - apiGroups: [""]
-    resources: ["nodes"]
-    verbs: ["get", "list", "watch"]
-  - apiGroups: ["storage.k8s.io"]
-    resources: ["volumeattachments"]
-    verbs: ["get", "list", "watch", "update"]
-  - apiGroups: ["csi.storage.k8s.io"]
-    resources: ["csinodeinfos"]
-    verbs: ["get", "list", "watch"]
-
---
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: cephfs-csi-attacher-role
-subjects:
-  - kind: ServiceAccount
-    name: cephfs-csi-attacher
-    namespace: default
-roleRef:
-  kind: ClusterRole
-  name: cephfs-external-attacher-runner
-  apiGroup: rbac.authorization.k8s.io
--- a/deploy/cephfs/kubernetes/csi-cephfsplugin-attacher.yaml
+++ b/deploy/cephfs/kubernetes/csi-cephfsplugin-attacher.yaml
@ -1,46 +0,0 @@
---
-kind: Service
-apiVersion: v1
-metadata:
-  name: csi-cephfsplugin-attacher
-  labels:
-    app: csi-cephfsplugin-attacher
-spec:
-  selector:
-    app: csi-cephfsplugin-attacher
-  ports:
-    - name: dummy
-      port: 12345
-
---
-kind: StatefulSet
-apiVersion: apps/v1beta1
-metadata:
-  name: csi-cephfsplugin-attacher
-spec:
-  serviceName: "csi-cephfsplugin-attacher"
-  replicas: 1
-  template:
-    metadata:
-      labels:
-        app: csi-cephfsplugin-attacher
-    spec:
-      serviceAccount: cephfs-csi-attacher
-      containers:
-        - name: csi-cephfsplugin-attacher
-          image: quay.io/k8scsi/csi-attacher:v1.0.1
-          args:
-            - "--v=5"
-            - "--csi-address=$(ADDRESS)"
-          env:
-            - name: ADDRESS
-              value: /var/lib/kubelet/plugins/cephfs.csi.ceph.com/csi.sock
-          imagePullPolicy: "IfNotPresent"
-          volumeMounts:
-            - name: socket-dir
-              mountPath: /var/lib/kubelet/plugins/cephfs.csi.ceph.com
-      volumes:
-        - name: socket-dir
-          hostPath:
-            path: /var/lib/kubelet/plugins/cephfs.csi.ceph.com
-            type: DirectoryOrCreate
--- a/deploy/cephfs/kubernetes/csi-cephfsplugin-provisioner.yaml
+++ b/deploy/cephfs/kubernetes/csi-cephfsplugin-provisioner.yaml
@ -39,6 +39,18 @@ spec:
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
+        - name: csi-cephfsplugin-attacher
+          image: quay.io/k8scsi/csi-attacher:v1.0.1
+          args:
+            - "--v=5"
+            - "--csi-address=$(ADDRESS)"
+          env:
+            - name: ADDRESS
+              value: /csi/csi.sock
+          imagePullPolicy: "IfNotPresent"
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /csi
        - name: csi-cephfsplugin
          securityContext:
            privileged: true
--- a/deploy/cephfs/kubernetes/csi-provisioner-rbac.yaml
+++ b/deploy/cephfs/kubernetes/csi-provisioner-rbac.yaml
@ -31,6 +31,12 @@ rules:
  - apiGroups: ["csi.storage.k8s.io"]
    resources: ["csinodeinfos"]
    verbs: ["get", "list", "watch"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["volumeattachments"]
+    verbs: ["get", "list", "watch", "update"]
+  - apiGroups: [""]
+    resources: ["nodes"]
+    verbs: ["get", "list", "watch"]

 ---
 kind: ClusterRoleBinding
--- a/docs/deploy-cephfs.md
+++ b/docs/deploy-cephfs.md
@ -90,7 +90,6 @@ YAML manifests are located in `deploy/cephfs/kubernetes`.
 **Deploy RBACs for sidecar containers and node plugins:**

 ```bash
-kubectl create -f csi-attacher-rbac.yaml
 kubectl create -f csi-provisioner-rbac.yaml
 kubectl create -f csi-nodeplugin-rbac.yaml
 ```
@ -102,12 +101,11 @@ the same permissions.
 **Deploy CSI sidecar containers:**

 ```bash
-kubectl create -f csi-cephfsplugin-attacher.yaml
 kubectl create -f csi-cephfsplugin-provisioner.yaml
 ```

-Deploys stateful sets for external-attacher and external-provisioner
-sidecar containers for CSI CephFS.
+Deploys stateful set of provision which includes external-provisioner
+,external-attacher for CSI CephFS.

 **Deploy CSI CephFS driver:**

@ -115,7 +113,7 @@ sidecar containers for CSI CephFS.
 kubectl create -f csi-cephfsplugin.yaml
 ```

-Deploys a daemon set with two containers: CSI driver-registrar and
+Deploys a daemon set with two containers: CSI node-driver-registrar and
 the CSI CephFS driver.

 ## Verifying the deployment in Kubernetes
@ -125,14 +123,11 @@ After successfully completing the steps above, you should see output similar to
 ```bash
 $ kubectl get all
 NAME                                 READY     STATUS    RESTARTS   AGE
-pod/csi-cephfsplugin-attacher-0      1/1       Running   0          26s
-pod/csi-cephfsplugin-provisioner-0   1/1       Running   0          25s
+pod/csi-cephfsplugin-provisioner-0   3/3       Running   0          25s
 pod/csi-cephfsplugin-rljcv           2/2       Running   0          24s

 NAME                                   TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)     AGE
-service/csi-cephfsplugin-attacher      ClusterIP   10.104.116.218   <none>        12345/TCP   27s
 service/csi-cephfsplugin-provisioner   ClusterIP   10.101.78.75     <none>        12345/TCP   26s
-
 ...
 ```

--- a/examples/cephfs/plugin-deploy.sh
+++ b/examples/cephfs/plugin-deploy.sh
@ -8,7 +8,7 @@ fi

 cd "$deployment_base" || exit 1

-objects=(csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac csi-cephfsplugin-attacher csi-cephfsplugin-provisioner csi-cephfsplugin)
+objects=(csi-provisioner-rbac csi-nodeplugin-rbac csi-cephfsplugin-provisioner csi-cephfsplugin)

 for obj in "${objects[@]}"; do
 	kubectl create -f "./$obj.yaml"
--- a/examples/cephfs/plugin-teardown.sh
+++ b/examples/cephfs/plugin-teardown.sh
@ -8,7 +8,7 @@ fi

 cd "$deployment_base" || exit 1

-objects=(csi-cephfsplugin-attacher csi-cephfsplugin-provisioner csi-cephfsplugin csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac)
+objects=(csi-cephfsplugin-provisioner csi-cephfsplugin csi-provisioner-rbac csi-nodeplugin-rbac)

 for obj in "${objects[@]}"; do
 	kubectl delete -f "./$obj.yaml"
--- a/examples/rbd/plugin-deploy.sh
+++ b/examples/rbd/plugin-deploy.sh
@ -8,7 +8,7 @@ fi

 cd "$deployment_base" || exit 1

-objects=(csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac csi-rbdplugin-attacher csi-rbdplugin-provisioner csi-rbdplugin)
+objects=(csi-provisioner-rbac csi-nodeplugin-rbac csi-rbdplugin-provisioner csi-rbdplugin)

 for obj in "${objects[@]}"; do
 	kubectl create -f "./$obj.yaml"
--- a/examples/rbd/plugin-teardown.sh
+++ b/examples/rbd/plugin-teardown.sh
@ -8,7 +8,7 @@ fi

 cd "$deployment_base" || exit 1

-objects=(csi-rbdplugin-attacher csi-rbdplugin-provisioner csi-rbdplugin csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac)
+objects=(csi-rbdplugin-provisioner csi-rbdplugin csi-provisioner-rbac csi-nodeplugin-rbac)

 for obj in "${objects[@]}"; do
 	kubectl delete -f "./$obj.yaml"