From 0d0b224f69e997e0dd5028c8e212605df27969f1 Mon Sep 17 00:00:00 2001 From: Peter Nordquist Date: Mon, 10 Dec 2018 11:25:34 -0800 Subject: [PATCH 1/2] Added Helm chart for RBD plugin Signed-off-by: Peter Nordquist --- deploy/rbd/helm/.helmignore | 21 +++ deploy/rbd/helm/Chart.yaml | 12 ++ deploy/rbd/helm/templates/NOTES.txt | 1 + deploy/rbd/helm/templates/_helpers.tpl | 119 +++++++++++++++ .../helm/templates/attacher-clusterrole.yaml | 25 ++++ .../attacher-clusterrolebinding.yaml | 20 +++ .../rbd/helm/templates/attacher-service.yaml | 18 +++ .../templates/attacher-serviceaccount.yaml | 12 ++ .../helm/templates/attacher-statefulset.yaml | 55 +++++++ .../templates/nodeplugin-clusterrole.yaml | 25 ++++ .../nodeplugin-clusterrolebinding.yaml | 20 +++ .../helm/templates/nodeplugin-daemonset.yaml | 136 ++++++++++++++++++ .../templates/nodeplugin-serviceaccount.yaml | 12 ++ .../templates/provisioner-clusterrole.yaml | 28 ++++ .../provisioner-clusterrolebinding.yaml | 20 +++ .../helm/templates/provisioner-service.yaml | 18 +++ .../templates/provisioner-serviceaccount.yaml | 12 ++ .../templates/provisioner-statefulset.yaml | 56 ++++++++ deploy/rbd/helm/values.yaml | 77 ++++++++++ 19 files changed, 687 insertions(+) create mode 100644 deploy/rbd/helm/.helmignore create mode 100644 deploy/rbd/helm/Chart.yaml create mode 100644 deploy/rbd/helm/templates/NOTES.txt create mode 100644 deploy/rbd/helm/templates/_helpers.tpl create mode 100644 deploy/rbd/helm/templates/attacher-clusterrole.yaml create mode 100644 deploy/rbd/helm/templates/attacher-clusterrolebinding.yaml create mode 100644 deploy/rbd/helm/templates/attacher-service.yaml create mode 100644 deploy/rbd/helm/templates/attacher-serviceaccount.yaml create mode 100644 deploy/rbd/helm/templates/attacher-statefulset.yaml create mode 100644 deploy/rbd/helm/templates/nodeplugin-clusterrole.yaml create mode 100644 deploy/rbd/helm/templates/nodeplugin-clusterrolebinding.yaml create mode 100644 deploy/rbd/helm/templates/nodeplugin-daemonset.yaml create mode 100644 deploy/rbd/helm/templates/nodeplugin-serviceaccount.yaml create mode 100644 deploy/rbd/helm/templates/provisioner-clusterrole.yaml create mode 100644 deploy/rbd/helm/templates/provisioner-clusterrolebinding.yaml create mode 100644 deploy/rbd/helm/templates/provisioner-service.yaml create mode 100644 deploy/rbd/helm/templates/provisioner-serviceaccount.yaml create mode 100644 deploy/rbd/helm/templates/provisioner-statefulset.yaml create mode 100644 deploy/rbd/helm/values.yaml diff --git a/deploy/rbd/helm/.helmignore b/deploy/rbd/helm/.helmignore new file mode 100644 index 000000000..f0c131944 --- /dev/null +++ b/deploy/rbd/helm/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/deploy/rbd/helm/Chart.yaml b/deploy/rbd/helm/Chart.yaml new file mode 100644 index 000000000..b7a623984 --- /dev/null +++ b/deploy/rbd/helm/Chart.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +appVersion: "0.3.0" +description: Container Storage Interface (CSI) driver, provisioner, and attacher for Ceph RBD +name: ceph-csi-rbd +version: 0.2.0 +keywords: +- ceph +- rbd +- ceph-csi +home: https://github.com/ceph/ceph-csi +sources: +- https://github.com/ceph/ceph-csi/tree/master/deploy/rbd/kubernetes diff --git a/deploy/rbd/helm/templates/NOTES.txt b/deploy/rbd/helm/templates/NOTES.txt new file mode 100644 index 000000000..8bfee56b0 --- /dev/null +++ b/deploy/rbd/helm/templates/NOTES.txt @@ -0,0 +1 @@ +The Ceph RBD Container Storage Interface has been deployed. diff --git a/deploy/rbd/helm/templates/_helpers.tpl b/deploy/rbd/helm/templates/_helpers.tpl new file mode 100644 index 000000000..3a9750303 --- /dev/null +++ b/deploy/rbd/helm/templates/_helpers.tpl @@ -0,0 +1,119 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "ceph-csi-rbd.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ceph-csi-rbd.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ceph-csi-rbd.attacher.fullname" -}} +{{- if .Values.attacher.fullnameOverride -}} +{{- .Values.attacher.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- printf "%s-%s" .Release.Name .Values.attacher.name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.attacher.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ceph-csi-rbd.nodeplugin.fullname" -}} +{{- if .Values.nodeplugin.fullnameOverride -}} +{{- .Values.nodeplugin.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- printf "%s-%s" .Release.Name .Values.nodeplugin.name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.nodeplugin.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ceph-csi-rbd.provisioner.fullname" -}} +{{- if .Values.provisioner.fullnameOverride -}} +{{- .Values.provisioner.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- printf "%s-%s" .Release.Name .Values.provisioner.name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.provisioner.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ceph-csi-rbd.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ceph-csi-rbd.serviceAccountName.attacher" -}} +{{- if .Values.serviceAccounts.attacher.create -}} + {{ default (include "ceph-csi-rbd.attacher.fullname" .) .Values.serviceAccounts.attacher.name }} +{{- else -}} + {{ default "default" .Values.serviceAccounts.attacher.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ceph-csi-rbd.serviceAccountName.nodeplugin" -}} +{{- if .Values.serviceAccounts.nodeplugin.create -}} + {{ default (include "ceph-csi-rbd.nodeplugin.fullname" .) .Values.serviceAccounts.nodeplugin.name }} +{{- else -}} + {{ default "default" .Values.serviceAccounts.nodeplugin.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ceph-csi-rbd.serviceAccountName.provisioner" -}} +{{- if .Values.serviceAccounts.provisioner.create -}} + {{ default (include "ceph-csi-rbd.provisioner.fullname" .) .Values.serviceAccounts.provisioner.name }} +{{- else -}} + {{ default "default" .Values.serviceAccounts.provisioner.name }} +{{- end -}} +{{- end -}} diff --git a/deploy/rbd/helm/templates/attacher-clusterrole.yaml b/deploy/rbd/helm/templates/attacher-clusterrole.yaml new file mode 100644 index 000000000..3ebc0438d --- /dev/null +++ b/deploy/rbd/helm/templates/attacher-clusterrole.yaml @@ -0,0 +1,25 @@ +{{- if .Values.rbac.create -}} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "ceph-csi-rbd.attacher.fullname" . }} + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.attacher.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] +{{- end -}} diff --git a/deploy/rbd/helm/templates/attacher-clusterrolebinding.yaml b/deploy/rbd/helm/templates/attacher-clusterrolebinding.yaml new file mode 100644 index 000000000..e573d554f --- /dev/null +++ b/deploy/rbd/helm/templates/attacher-clusterrolebinding.yaml @@ -0,0 +1,20 @@ +{{- if .Values.rbac.create -}} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "ceph-csi-rbd.attacher.fullname" . }} + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.attacher.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +subjects: + - kind: ServiceAccount + name: {{ include "ceph-csi-rbd.serviceAccountName.attacher" . }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ include "ceph-csi-rbd.attacher.fullname" . }} + apiGroup: rbac.authorization.k8s.io +{{- end -}} diff --git a/deploy/rbd/helm/templates/attacher-service.yaml b/deploy/rbd/helm/templates/attacher-service.yaml new file mode 100644 index 000000000..87160b17d --- /dev/null +++ b/deploy/rbd/helm/templates/attacher-service.yaml @@ -0,0 +1,18 @@ +kind: Service +apiVersion: v1 +metadata: + name: {{ include "ceph-csi-rbd.attacher.fullname" . }} + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.attacher.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + selector: + app: {{ include "ceph-csi-rbd.name" . }} + component: {{ .Values.attacher.name }} + release: {{ .Release.Name }} + ports: + - name: dummy + port: 12345 diff --git a/deploy/rbd/helm/templates/attacher-serviceaccount.yaml b/deploy/rbd/helm/templates/attacher-serviceaccount.yaml new file mode 100644 index 000000000..7817df928 --- /dev/null +++ b/deploy/rbd/helm/templates/attacher-serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccounts.attacher.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ceph-csi-rbd.serviceAccountName.attacher" . }} + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.attacher.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- end -}} diff --git a/deploy/rbd/helm/templates/attacher-statefulset.yaml b/deploy/rbd/helm/templates/attacher-statefulset.yaml new file mode 100644 index 000000000..1ba9847d5 --- /dev/null +++ b/deploy/rbd/helm/templates/attacher-statefulset.yaml @@ -0,0 +1,55 @@ +kind: StatefulSet +apiVersion: apps/v1beta1 +metadata: + name: {{ include "ceph-csi-rbd.attacher.fullname" . }} + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.attacher.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + serviceName: {{ include "ceph-csi-rbd.attacher.fullname" . }} + replicas: {{ .Values.attacher.replicas }} + template: + metadata: + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.attacher.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + spec: + serviceAccountName: {{ include "ceph-csi-rbd.serviceAccountName.attacher" . }} + containers: + - name: csi-rbdplugin-attacher + image: "{{ .Values.attacher.image.repository }}:{{ .Values.attacher.image.tag }}" + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + env: + - name: ADDRESS + value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}" + imagePullPolicy: {{ .Values.attacher.image.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: {{ .Values.socketDir }} + resources: +{{ toYaml .Values.attacher.resources | indent 12 }} + volumes: + - name: socket-dir + hostPath: + path: {{ .Values.socketDir }} + type: DirectoryOrCreate + {{- if .Values.attacher.affinity -}} + affinity: +{{ toYaml .Values.attacher.affinity . | indent 8 }} + {{- end -}} + {{- if .Values.attacher.nodeSelector -}} + nodeSelector: +{{ toYaml .Values.attacher.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.attacher.tolerations -}} + tolerations: +{{ toYaml .Values.attacher.tolerations | indent 8 }} + {{- end -}} diff --git a/deploy/rbd/helm/templates/nodeplugin-clusterrole.yaml b/deploy/rbd/helm/templates/nodeplugin-clusterrole.yaml new file mode 100644 index 000000000..525a702ec --- /dev/null +++ b/deploy/rbd/helm/templates/nodeplugin-clusterrole.yaml @@ -0,0 +1,25 @@ +{{- if .Values.rbac.create -}} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "ceph-csi-rbd.nodeplugin.fullname" . }} + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.nodeplugin.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +rules: + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "update"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] +{{- end -}} diff --git a/deploy/rbd/helm/templates/nodeplugin-clusterrolebinding.yaml b/deploy/rbd/helm/templates/nodeplugin-clusterrolebinding.yaml new file mode 100644 index 000000000..86abf2054 --- /dev/null +++ b/deploy/rbd/helm/templates/nodeplugin-clusterrolebinding.yaml @@ -0,0 +1,20 @@ +{{- if .Values.rbac.create -}} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "ceph-csi-rbd.nodeplugin.fullname" . }} + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.nodeplugin.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +subjects: + - kind: ServiceAccount + name: {{ include "ceph-csi-rbd.serviceAccountName.nodeplugin" . }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ include "ceph-csi-rbd.nodeplugin.fullname" . }} + apiGroup: rbac.authorization.k8s.io +{{- end -}} diff --git a/deploy/rbd/helm/templates/nodeplugin-daemonset.yaml b/deploy/rbd/helm/templates/nodeplugin-daemonset.yaml new file mode 100644 index 000000000..6cbc279da --- /dev/null +++ b/deploy/rbd/helm/templates/nodeplugin-daemonset.yaml @@ -0,0 +1,136 @@ +kind: DaemonSet +apiVersion: apps/v1beta2 +metadata: + name: {{ include "ceph-csi-rbd.nodeplugin.fullname" . }} + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.nodeplugin.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + selector: + matchLabels: + app: {{ include "ceph-csi-rbd.name" . }} + component: {{ .Values.nodeplugin.name }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.nodeplugin.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + spec: + serviceAccountName: {{ include "ceph-csi-rbd.serviceAccountName.nodeplugin" . }} + hostNetwork: true + hostPID: true + # to use e.g. Rook orchestrated cluster, and mons' FQDN is + # resolved through k8s service, set dns policy to cluster first + dnsPolicy: ClusterFirstWithHostNet + containers: + - name: driver-registrar + image: "{{ .Values.nodeplugin.registrar.image.repository }}:{{ .Values.nodeplugin.registrar.image.tag }}" + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" + env: + - name: ADDRESS + value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}" + - name: DRIVER_REG_SOCK_PATH + value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}" + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + imagePullPolicy: {{ .Values.nodeplugin.registrar.image.imagePullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: {{ .Values.socketDir }} + - name: registration-dir + mountPath: /registration + resources: +{{ toYaml .Values.nodeplugin.registrar.resources | indent 12 }} + - name: csi-rbdplugin + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + image: "{{ .Values.nodeplugin.plugin.image.repository }}:{{ .Values.nodeplugin.plugin.image.tag }}" + args : + - "--nodeid=$(NODE_ID)" + - "--endpoint=$(CSI_ENDPOINT)" + - "--v=5" + - "--drivername=csi-rbdplugin" + - "--containerized=true" + env: + - name: HOST_ROOTFS + value: "/rootfs" + - name: NODE_ID + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: CSI_ENDPOINT + value: "unix:/{{ .Values.socketDir }}/{{ .Values.socketFile }}" + imagePullPolicy: {{ .Values.nodeplugin.plugin.image.imagePullPolicy }} + volumeMounts: + - name: plugin-dir + mountPath: {{ .Values.socketDir }} + - name: pods-mount-dir + mountPath: /var/lib/kubelet/pods + mountPropagation: "Bidirectional" + - mountPath: /dev + name: host-dev + - mountPath: /rootfs + name: host-rootfs + - mountPath: /sys + name: host-sys + - mountPath: /lib/modules + name: lib-modules + readOnly: true + resources: +{{ toYaml .Values.nodeplugin.plugin.resources | indent 12 }} + volumes: + - name: plugin-dir + hostPath: + path: {{ .Values.socketDir }} + type: DirectoryOrCreate + - name: registration-dir + hostPath: + path: /var/lib/kubelet/plugins/ + type: Directory + - name: pods-mount-dir + hostPath: + path: /var/lib/kubelet/pods + type: Directory + - name: socket-dir + hostPath: + path: {{ .Values.socketDir }} + type: DirectoryOrCreate + - name: host-dev + hostPath: + path: /dev + - name: host-rootfs + hostPath: + path: / + - name: host-sys + hostPath: + path: /sys + - name: lib-modules + hostPath: + path: /lib/modules + {{- if .Values.nodeplugin.affinity -}} + affinity: +{{ toYaml .Values.nodeplugin.affinity . | indent 8 }} + {{- end -}} + {{- if .Values.nodeplugin.nodeSelector -}} + nodeSelector: +{{ toYaml .Values.nodeplugin.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.nodeplugin.tolerations -}} + tolerations: +{{ toYaml .Values.nodeplugin.tolerations | indent 8 }} + {{- end -}} diff --git a/deploy/rbd/helm/templates/nodeplugin-serviceaccount.yaml b/deploy/rbd/helm/templates/nodeplugin-serviceaccount.yaml new file mode 100644 index 000000000..9dd41e4f6 --- /dev/null +++ b/deploy/rbd/helm/templates/nodeplugin-serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccounts.nodeplugin.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ceph-csi-rbd.serviceAccountName.nodeplugin" . }} + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.nodeplugin.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- end -}} diff --git a/deploy/rbd/helm/templates/provisioner-clusterrole.yaml b/deploy/rbd/helm/templates/provisioner-clusterrole.yaml new file mode 100644 index 000000000..8e754967b --- /dev/null +++ b/deploy/rbd/helm/templates/provisioner-clusterrole.yaml @@ -0,0 +1,28 @@ +{{- if .Values.rbac.create -}} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "ceph-csi-rbd.provisioner.fullname" . }} + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.provisioner.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] +{{- end -}} diff --git a/deploy/rbd/helm/templates/provisioner-clusterrolebinding.yaml b/deploy/rbd/helm/templates/provisioner-clusterrolebinding.yaml new file mode 100644 index 000000000..5a086103a --- /dev/null +++ b/deploy/rbd/helm/templates/provisioner-clusterrolebinding.yaml @@ -0,0 +1,20 @@ +{{- if .Values.rbac.create -}} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "ceph-csi-rbd.provisioner.fullname" . }} + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.provisioner.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +subjects: + - kind: ServiceAccount + name: {{ include "ceph-csi-rbd.serviceAccountName.provisioner" . }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ include "ceph-csi-rbd.provisioner.fullname" . }} + apiGroup: rbac.authorization.k8s.io +{{- end -}} diff --git a/deploy/rbd/helm/templates/provisioner-service.yaml b/deploy/rbd/helm/templates/provisioner-service.yaml new file mode 100644 index 000000000..9bbcfcf1f --- /dev/null +++ b/deploy/rbd/helm/templates/provisioner-service.yaml @@ -0,0 +1,18 @@ +kind: Service +apiVersion: v1 +metadata: + name: {{ include "ceph-csi-rbd.provisioner.fullname" . }} + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.provisioner.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + selector: + app: {{ include "ceph-csi-rbd.name" . }} + component: {{ .Values.provisioner.name }} + release: {{ .Release.Name }} + ports: + - name: dummy + port: 12345 diff --git a/deploy/rbd/helm/templates/provisioner-serviceaccount.yaml b/deploy/rbd/helm/templates/provisioner-serviceaccount.yaml new file mode 100644 index 000000000..4c0f76297 --- /dev/null +++ b/deploy/rbd/helm/templates/provisioner-serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccounts.provisioner.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ceph-csi-rbd.serviceAccountName.provisioner" . }} + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.provisioner.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- end -}} diff --git a/deploy/rbd/helm/templates/provisioner-statefulset.yaml b/deploy/rbd/helm/templates/provisioner-statefulset.yaml new file mode 100644 index 000000000..f5809b760 --- /dev/null +++ b/deploy/rbd/helm/templates/provisioner-statefulset.yaml @@ -0,0 +1,56 @@ +kind: StatefulSet +apiVersion: apps/v1beta1 +metadata: + name: {{ include "ceph-csi-rbd.provisioner.fullname" . }} + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.provisioner.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + serviceName: {{ include "ceph-csi-rbd.provisioner.fullname" . }} + replicas: {{ .Values.provisioner.replicas }} + template: + metadata: + labels: + app: {{ include "ceph-csi-rbd.name" . }} + chart: {{ include "ceph-csi-rbd.chart" . }} + component: {{ .Values.provisioner.name }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + spec: + serviceAccountName: {{ include "ceph-csi-rbd.serviceAccountName.provisioner" . }} + containers: + - name: csi-provisioner + image: "{{ .Values.provisioner.image.repository }}:{{ .Values.provisioner.image.tag }}" + args: + - "--provisioner=csi-rbdplugin" + - "--csi-address=$(ADDRESS)" + - "--v=5" + env: + - name: ADDRESS + value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}" + imagePullPolicy: {{ .Values.provisioner.image.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: {{ .Values.socketDir }} + resources: +{{ toYaml .Values.provisioner.resources | indent 12 }} + volumes: + - name: socket-dir + hostPath: + path: {{ .Values.socketDir }} + type: DirectoryOrCreate + {{- if .Values.provisioner.affinity -}} + affinity: +{{ toYaml .Values.provisioner.affinity . | indent 8 }} + {{- end -}} + {{- if .Values.provisioner.nodeSelector -}} + nodeSelector: +{{ toYaml .Values.provisioner.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.provisioner.tolerations -}} + tolerations: +{{ toYaml .Values.provisioner.tolerations | indent 8 }} + {{- end -}} diff --git a/deploy/rbd/helm/values.yaml b/deploy/rbd/helm/values.yaml new file mode 100644 index 000000000..03e4a7b68 --- /dev/null +++ b/deploy/rbd/helm/values.yaml @@ -0,0 +1,77 @@ +rbac: + create: true + +serviceAccounts: + attacher: + create: true + name: + nodeplugin: + create: true + name: + provisioner: + create: true + name: + +socketDir: /var/lib/kubelet/plugins/csi-rbdplugin +socketFile: csi.sock + +attacher: + name: attacher + + replicaCount: 1 + + image: + repository: quay.io/k8scsi/csi-attacher + tag: v0.3.0 + pullPolicy: IfNotPresent + + resources: {} + + nodeSelector: {} + + tolerations: [] + + affinity: {} + +nodeplugin: + name: nodeplugin + + registrar: + image: + repository: quay.io/k8scsi/driver-registrar + tag: v0.3.0 + pullPolicy: IfNotPresent + + resources: {} + + plugin: + image: + repository: quay.io/cephcsi/rbdplugin + tag: v0.3.0 + pullPolicy: IfNotPresent + + resources: {} + + nodeSelector: {} + + tolerations: [] + + affinity: {} + +provisioner: + name: provisioner + + replicaCount: 1 + + image: + repository: quay.io/k8scsi/csi-provisioner + tag: v0.3.0 + pullPolicy: IfNotPresent + + resources: {} + + nodeSelector: {} + + tolerations: [] + + affinity: {} From ccf5f49ae6fa7d461c105d0a61a97e327794903d Mon Sep 17 00:00:00 2001 From: Peter Nordquist Date: Tue, 11 Dec 2018 11:03:45 -0800 Subject: [PATCH 2/2] Changed version to 0.1 --- deploy/rbd/helm/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/rbd/helm/Chart.yaml b/deploy/rbd/helm/Chart.yaml index b7a623984..7aa0bc6c0 100644 --- a/deploy/rbd/helm/Chart.yaml +++ b/deploy/rbd/helm/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: "0.3.0" description: Container Storage Interface (CSI) driver, provisioner, and attacher for Ceph RBD name: ceph-csi-rbd -version: 0.2.0 +version: 0.1.0 keywords: - ceph - rbd