mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-09 16:00:22 +00:00
Merge pull request #290 from Madhu-1/fix-att
Deploy csi-attacher as sidecar container in provisioner statefulset
This commit is contained in:
commit
4b0ffdaaa1
@ -4,7 +4,7 @@ appVersion: "1.0.0"
|
||||
description: "Container Storage Interface (CSI) driver,
|
||||
provisioner, and attacher for Ceph cephfs"
|
||||
name: ceph-csi-cephfs
|
||||
version: 0.5.1
|
||||
version: 0.5.2
|
||||
keywords:
|
||||
- ceph
|
||||
- cephfs
|
||||
|
@ -24,24 +24,6 @@ If release name contains chart name it will be used as a full name.
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "ceph-csi-cephfs.attacher.fullname" -}}
|
||||
{{- if .Values.attacher.fullnameOverride -}}
|
||||
{{- .Values.attacher.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- printf "%s-%s" .Release.Name .Values.attacher.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s-%s" .Release.Name $name .Values.attacher.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
@ -85,17 +67,6 @@ Create chart name and version as used by the chart label.
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account to use
|
||||
*/}}
|
||||
{{- define "ceph-csi-cephfs.serviceAccountName.attacher" -}}
|
||||
{{- if .Values.serviceAccounts.attacher.create -}}
|
||||
{{ default (include "ceph-csi-cephfs.attacher.fullname" .) .Values.serviceAccounts.attacher.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.serviceAccounts.attacher.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account to use
|
||||
*/}}
|
||||
|
@ -1,28 +0,0 @@
|
||||
{{- if .Values.rbac.create -}}
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "ceph-csi-cephfs.attacher.fullname" . }}
|
||||
labels:
|
||||
app: {{ include "ceph-csi-cephfs.name" . }}
|
||||
chart: {{ include "ceph-csi-cephfs.chart" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["events"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumes"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
- apiGroups: [""]
|
||||
resources: ["nodes"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["volumeattachments"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
- apiGroups: ["csi.storage.k8s.io"]
|
||||
resources: ["csinodeinfos"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
{{- end -}}
|
@ -1,20 +0,0 @@
|
||||
{{- if .Values.rbac.create -}}
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "ceph-csi-cephfs.attacher.fullname" . }}
|
||||
labels:
|
||||
app: {{ include "ceph-csi-cephfs.name" . }}
|
||||
chart: {{ include "ceph-csi-cephfs.chart" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "ceph-csi-cephfs.serviceAccountName.attacher" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: {{ include "ceph-csi-cephfs.attacher.fullname" . }}
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
{{- end -}}
|
@ -1,18 +0,0 @@
|
||||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: {{ include "ceph-csi-cephfs.attacher.fullname" . }}
|
||||
labels:
|
||||
app: {{ include "ceph-csi-cephfs.name" . }}
|
||||
chart: {{ include "ceph-csi-cephfs.chart" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
selector:
|
||||
app: {{ include "ceph-csi-cephfs.name" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
ports:
|
||||
- name: dummy
|
||||
port: 12345
|
@ -1,12 +0,0 @@
|
||||
{{- if .Values.serviceAccounts.attacher.create -}}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "ceph-csi-cephfs.serviceAccountName.attacher" . }}
|
||||
labels:
|
||||
app: {{ include "ceph-csi-cephfs.name" . }}
|
||||
chart: {{ include "ceph-csi-cephfs.chart" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
{{- end -}}
|
@ -1,60 +0,0 @@
|
||||
kind: StatefulSet
|
||||
apiVersion: apps/v1beta1
|
||||
metadata:
|
||||
name: {{ include "ceph-csi-cephfs.attacher.fullname" . }}
|
||||
labels:
|
||||
app: {{ include "ceph-csi-cephfs.name" . }}
|
||||
chart: {{ include "ceph-csi-cephfs.chart" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
serviceName: {{ include "ceph-csi-cephfs.attacher.fullname" . }}
|
||||
replicas: {{ .Values.attacher.replicas }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ include "ceph-csi-cephfs.name" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ include "ceph-csi-cephfs.name" . }}
|
||||
chart: {{ include "ceph-csi-cephfs.chart" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
serviceAccountName: {{ include "ceph-csi-cephfs.serviceAccountName.attacher" . }}
|
||||
containers:
|
||||
- name: csi-cephfsplugin-attacher
|
||||
image: "{{ .Values.attacher.image.repository }}:{{ .Values.attacher.image.tag }}"
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}"
|
||||
imagePullPolicy: {{ .Values.attacher.image.pullPolicy }}
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: {{ .Values.socketDir }}
|
||||
resources:
|
||||
{{ toYaml .Values.attacher.resources | indent 12 }}
|
||||
volumes:
|
||||
- name: socket-dir
|
||||
hostPath:
|
||||
path: {{ .Values.socketDir }}
|
||||
type: DirectoryOrCreate
|
||||
{{- if .Values.attacher.affinity -}}
|
||||
affinity:
|
||||
{{ toYaml .Values.attacher.affinity . | indent 8 }}
|
||||
{{- end -}}
|
||||
{{- if .Values.attacher.nodeSelector -}}
|
||||
nodeSelector:
|
||||
{{ toYaml .Values.attacher.nodeSelector | indent 8 }}
|
||||
{{- end -}}
|
||||
{{- if .Values.attacher.tolerations -}}
|
||||
tolerations:
|
||||
{{ toYaml .Values.attacher.tolerations | indent 8 }}
|
||||
{{- end -}}
|
10
deploy/cephfs/helm/templates/csidriver-crd.yaml
Normal file
10
deploy/cephfs/helm/templates/csidriver-crd.yaml
Normal file
@ -0,0 +1,10 @@
|
||||
---
|
||||
{{ if not .Values.attacher.enabled }}
|
||||
apiVersion: storage.k8s.io/v1beta1
|
||||
kind: CSIDriver
|
||||
metadata:
|
||||
name: {{ .Values.driverName }}
|
||||
spec:
|
||||
attachRequired: false
|
||||
podInfoOnMount: false
|
||||
{{ end }}
|
@ -28,10 +28,12 @@ rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["events"]
|
||||
verbs: ["list", "watch", "create", "update", "patch"]
|
||||
- apiGroups: [""]
|
||||
resources: ["configmaps"]
|
||||
verbs: ["get", "list", "create", "delete"]
|
||||
- apiGroups: ["csi.storage.k8s.io"]
|
||||
resources: ["csinodeinfos"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
{{ if .Values.attacher.enabled }}
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["volumeattachments"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
{{ end }}
|
||||
{{- end -}}
|
||||
|
@ -41,6 +41,20 @@ spec:
|
||||
mountPath: {{ .Values.socketDir }}
|
||||
resources:
|
||||
{{ toYaml .Values.provisioner.resources | indent 12 }}
|
||||
{{ if .Values.attacher.enabled }}
|
||||
- name: csi-attacher
|
||||
image: "{{ .Values.attacher.image.repository }}:{{ .Values.attacher.image.tag }}"
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}"
|
||||
imagePullPolicy: {{ .Values.attacher.image.pullPolicy }}
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: {{ .Values.socketDir }}
|
||||
{{ end }}
|
||||
- name: csi-cephfsplugin
|
||||
securityContext:
|
||||
privileged: true
|
||||
@ -79,7 +93,7 @@ spec:
|
||||
#FIXME this seems way too much. Why is it needed at all for this?
|
||||
- name: host-rootfs
|
||||
hostPath:
|
||||
path: /
|
||||
path: /
|
||||
{{- if .Values.provisioner.affinity -}}
|
||||
affinity:
|
||||
{{ toYaml .Values.provisioner.affinity . | indent 8 }}
|
||||
|
@ -20,7 +20,7 @@ volumeDevicesDir: /var/lib/kubelet/plugins/kubernetes.io/csi/volumeDevices
|
||||
driverName: cephfs.csi.ceph.com
|
||||
attacher:
|
||||
name: attacher
|
||||
|
||||
enabled: true
|
||||
replicaCount: 1
|
||||
|
||||
image:
|
||||
|
@ -1,38 +0,0 @@
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: cephfs-csi-attacher
|
||||
|
||||
---
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: cephfs-external-attacher-runner
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumes"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
- apiGroups: [""]
|
||||
resources: ["nodes"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["volumeattachments"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
- apiGroups: ["csi.storage.k8s.io"]
|
||||
resources: ["csinodeinfos"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
|
||||
---
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: cephfs-csi-attacher-role
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: cephfs-csi-attacher
|
||||
namespace: default
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: cephfs-external-attacher-runner
|
||||
apiGroup: rbac.authorization.k8s.io
|
@ -1,46 +0,0 @@
|
||||
---
|
||||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: csi-cephfsplugin-attacher
|
||||
labels:
|
||||
app: csi-cephfsplugin-attacher
|
||||
spec:
|
||||
selector:
|
||||
app: csi-cephfsplugin-attacher
|
||||
ports:
|
||||
- name: dummy
|
||||
port: 12345
|
||||
|
||||
---
|
||||
kind: StatefulSet
|
||||
apiVersion: apps/v1beta1
|
||||
metadata:
|
||||
name: csi-cephfsplugin-attacher
|
||||
spec:
|
||||
serviceName: "csi-cephfsplugin-attacher"
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: csi-cephfsplugin-attacher
|
||||
spec:
|
||||
serviceAccount: cephfs-csi-attacher
|
||||
containers:
|
||||
- name: csi-cephfsplugin-attacher
|
||||
image: quay.io/k8scsi/csi-attacher:v1.0.1
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /var/lib/kubelet/plugins/cephfs.csi.ceph.com/csi.sock
|
||||
imagePullPolicy: "IfNotPresent"
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /var/lib/kubelet/plugins/cephfs.csi.ceph.com
|
||||
volumes:
|
||||
- name: socket-dir
|
||||
hostPath:
|
||||
path: /var/lib/kubelet/plugins/cephfs.csi.ceph.com
|
||||
type: DirectoryOrCreate
|
@ -39,6 +39,18 @@ spec:
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /csi
|
||||
- name: csi-cephfsplugin-attacher
|
||||
image: quay.io/k8scsi/csi-attacher:v1.0.1
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /csi/csi-provisioner.sock
|
||||
imagePullPolicy: "IfNotPresent"
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /csi
|
||||
- name: csi-cephfsplugin
|
||||
securityContext:
|
||||
privileged: true
|
||||
|
@ -31,6 +31,9 @@ rules:
|
||||
- apiGroups: ["csi.storage.k8s.io"]
|
||||
resources: ["csinodeinfos"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["volumeattachments"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
|
||||
---
|
||||
kind: ClusterRoleBinding
|
||||
|
@ -4,7 +4,7 @@ appVersion: "1.0.0"
|
||||
description: "Container Storage Interface (CSI) driver,
|
||||
provisioner, snapshotter, and attacher for Ceph RBD"
|
||||
name: ceph-csi-rbd
|
||||
version: 0.5.1
|
||||
version: 0.5.2
|
||||
keywords:
|
||||
- ceph
|
||||
- rbd
|
||||
|
@ -24,24 +24,6 @@ If release name contains chart name it will be used as a full name.
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "ceph-csi-rbd.attacher.fullname" -}}
|
||||
{{- if .Values.attacher.fullnameOverride -}}
|
||||
{{- .Values.attacher.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- printf "%s-%s" .Release.Name .Values.attacher.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s-%s" .Release.Name $name .Values.attacher.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
@ -85,17 +67,6 @@ Create chart name and version as used by the chart label.
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account to use
|
||||
*/}}
|
||||
{{- define "ceph-csi-rbd.serviceAccountName.attacher" -}}
|
||||
{{- if .Values.serviceAccounts.attacher.create -}}
|
||||
{{ default (include "ceph-csi-rbd.attacher.fullname" .) .Values.serviceAccounts.attacher.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.serviceAccounts.attacher.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account to use
|
||||
*/}}
|
||||
|
@ -1,28 +0,0 @@
|
||||
{{- if .Values.rbac.create -}}
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "ceph-csi-rbd.attacher.fullname" . }}
|
||||
labels:
|
||||
app: {{ include "ceph-csi-rbd.name" . }}
|
||||
chart: {{ include "ceph-csi-rbd.chart" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["events"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumes"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
- apiGroups: [""]
|
||||
resources: ["nodes"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["volumeattachments"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
- apiGroups: ["csi.storage.k8s.io"]
|
||||
resources: ["csinodeinfos"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
{{- end -}}
|
@ -1,20 +0,0 @@
|
||||
{{- if .Values.rbac.create -}}
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ include "ceph-csi-rbd.attacher.fullname" . }}
|
||||
labels:
|
||||
app: {{ include "ceph-csi-rbd.name" . }}
|
||||
chart: {{ include "ceph-csi-rbd.chart" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "ceph-csi-rbd.serviceAccountName.attacher" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: {{ include "ceph-csi-rbd.attacher.fullname" . }}
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
{{- end -}}
|
@ -1,18 +0,0 @@
|
||||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: {{ include "ceph-csi-rbd.attacher.fullname" . }}
|
||||
labels:
|
||||
app: {{ include "ceph-csi-rbd.name" . }}
|
||||
chart: {{ include "ceph-csi-rbd.chart" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
selector:
|
||||
app: {{ include "ceph-csi-rbd.name" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
ports:
|
||||
- name: dummy
|
||||
port: 12345
|
@ -1,12 +0,0 @@
|
||||
{{- if .Values.serviceAccounts.attacher.create -}}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "ceph-csi-rbd.serviceAccountName.attacher" . }}
|
||||
labels:
|
||||
app: {{ include "ceph-csi-rbd.name" . }}
|
||||
chart: {{ include "ceph-csi-rbd.chart" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
{{- end -}}
|
@ -1,60 +0,0 @@
|
||||
kind: StatefulSet
|
||||
apiVersion: apps/v1beta1
|
||||
metadata:
|
||||
name: {{ include "ceph-csi-rbd.attacher.fullname" . }}
|
||||
labels:
|
||||
app: {{ include "ceph-csi-rbd.name" . }}
|
||||
chart: {{ include "ceph-csi-rbd.chart" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
serviceName: {{ include "ceph-csi-rbd.attacher.fullname" . }}
|
||||
replicas: {{ .Values.attacher.replicas }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ include "ceph-csi-rbd.name" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ include "ceph-csi-rbd.name" . }}
|
||||
chart: {{ include "ceph-csi-rbd.chart" . }}
|
||||
component: {{ .Values.attacher.name }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
serviceAccountName: {{ include "ceph-csi-rbd.serviceAccountName.attacher" . }}
|
||||
containers:
|
||||
- name: csi-rbdplugin-attacher
|
||||
image: "{{ .Values.attacher.image.repository }}:{{ .Values.attacher.image.tag }}"
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}"
|
||||
imagePullPolicy: {{ .Values.attacher.image.pullPolicy }}
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: {{ .Values.socketDir }}
|
||||
resources:
|
||||
{{ toYaml .Values.attacher.resources | indent 12 }}
|
||||
volumes:
|
||||
- name: socket-dir
|
||||
hostPath:
|
||||
path: {{ .Values.socketDir }}
|
||||
type: DirectoryOrCreate
|
||||
{{- if .Values.attacher.affinity -}}
|
||||
affinity:
|
||||
{{ toYaml .Values.attacher.affinity . | indent 8 }}
|
||||
{{- end -}}
|
||||
{{- if .Values.attacher.nodeSelector -}}
|
||||
nodeSelector:
|
||||
{{ toYaml .Values.attacher.nodeSelector | indent 8 }}
|
||||
{{- end -}}
|
||||
{{- if .Values.attacher.tolerations -}}
|
||||
tolerations:
|
||||
{{ toYaml .Values.attacher.tolerations | indent 8 }}
|
||||
{{- end -}}
|
10
deploy/rbd/helm/templates/csidriver-crd.yaml
Normal file
10
deploy/rbd/helm/templates/csidriver-crd.yaml
Normal file
@ -0,0 +1,10 @@
|
||||
---
|
||||
{{ if not .Values.attacher.enabled }}
|
||||
apiVersion: storage.k8s.io/v1beta1
|
||||
kind: CSIDriver
|
||||
metadata:
|
||||
name: {{ .Values.driverName }}
|
||||
spec:
|
||||
attachRequired: false
|
||||
podInfoOnMount: false
|
||||
{{ end }}
|
@ -34,9 +34,11 @@ rules:
|
||||
- apiGroups: ["snapshot.storage.k8s.io"]
|
||||
resources: ["volumesnapshots"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
- apiGroups: [""]
|
||||
resources: ["configmaps"]
|
||||
verbs: ["get", "list", "create", "delete"]
|
||||
{{ if .Values.attacher.enabled }}
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["volumeattachments"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
{{ end }}
|
||||
- apiGroups: ["snapshot.storage.k8s.io"]
|
||||
resources: ["volumesnapshotcontents"]
|
||||
verbs: ["create", "get", "list", "watch", "update", "delete"]
|
||||
|
@ -58,6 +58,20 @@ spec:
|
||||
mountPath: {{ .Values.socketDir }}
|
||||
resources:
|
||||
{{ toYaml .Values.snapshotter.resources | indent 12 }}
|
||||
{{ if .Values.attacher.enabled }}
|
||||
- name: csi-attacher
|
||||
image: "{{ .Values.attacher.image.repository }}:{{ .Values.attacher.image.tag }}"
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}"
|
||||
imagePullPolicy: {{ .Values.attacher.image.pullPolicy }}
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: {{ .Values.socketDir }}
|
||||
{{ end }}
|
||||
- name: csi-rbdplugin
|
||||
securityContext:
|
||||
privileged: true
|
||||
@ -97,7 +111,7 @@ spec:
|
||||
#FIXME this seems way too much. Why is it needed at all for this?
|
||||
- name: host-rootfs
|
||||
hostPath:
|
||||
path: /
|
||||
path: /
|
||||
{{- if .Values.provisioner.affinity -}}
|
||||
affinity:
|
||||
{{ toYaml .Values.provisioner.affinity . | indent 8 }}
|
||||
|
@ -21,7 +21,7 @@ driverName: rbd.csi.ceph.com
|
||||
|
||||
attacher:
|
||||
name: attacher
|
||||
|
||||
enabled: true
|
||||
replicaCount: 1
|
||||
|
||||
image:
|
||||
|
@ -1,38 +0,0 @@
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: rbd-csi-attacher
|
||||
|
||||
---
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: rbd-external-attacher-runner
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumes"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
- apiGroups: [""]
|
||||
resources: ["nodes"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["volumeattachments"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
- apiGroups: ["csi.storage.k8s.io"]
|
||||
resources: ["csinodeinfos"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
|
||||
---
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
metadata:
|
||||
name: rbd-csi-attacher-role
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: rbd-csi-attacher
|
||||
namespace: default
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: rbd-external-attacher-runner
|
||||
apiGroup: rbac.authorization.k8s.io
|
@ -43,6 +43,9 @@ rules:
|
||||
- apiGroups: ["csi.storage.k8s.io"]
|
||||
resources: ["csinodeinfos"]
|
||||
verbs: ["get", "list", "watch"]
|
||||
- apiGroups: ["storage.k8s.io"]
|
||||
resources: ["volumeattachments"]
|
||||
verbs: ["get", "list", "watch", "update"]
|
||||
|
||||
---
|
||||
kind: ClusterRoleBinding
|
||||
|
@ -1,46 +0,0 @@
|
||||
---
|
||||
kind: Service
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: csi-rbdplugin-attacher
|
||||
labels:
|
||||
app: csi-rbdplugin-attacher
|
||||
spec:
|
||||
selector:
|
||||
app: csi-rbdplugin-attacher
|
||||
ports:
|
||||
- name: dummy
|
||||
port: 12345
|
||||
|
||||
---
|
||||
kind: StatefulSet
|
||||
apiVersion: apps/v1beta1
|
||||
metadata:
|
||||
name: csi-rbdplugin-attacher
|
||||
spec:
|
||||
serviceName: "csi-rbdplugin-attacher"
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: csi-rbdplugin-attacher
|
||||
spec:
|
||||
serviceAccount: rbd-csi-attacher
|
||||
containers:
|
||||
- name: csi-rbdplugin-attacher
|
||||
image: quay.io/k8scsi/csi-attacher:v1.0.1
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: unix:///csi/csi-attacher.sock
|
||||
imagePullPolicy: "IfNotPresent"
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /csi
|
||||
volumes:
|
||||
- name: socket-dir
|
||||
hostPath:
|
||||
path: /var/lib/kubelet/plugins/rbd.csi.ceph.com
|
||||
type: DirectoryOrCreate
|
@ -54,6 +54,18 @@ spec:
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /csi
|
||||
- name: csi-attacher
|
||||
image: quay.io/k8scsi/csi-attacher:v1.0.1
|
||||
args:
|
||||
- "--v=5"
|
||||
- "--csi-address=$(ADDRESS)"
|
||||
env:
|
||||
- name: ADDRESS
|
||||
value: /csi/csi-provisioner.sock
|
||||
imagePullPolicy: "IfNotPresent"
|
||||
volumeMounts:
|
||||
- name: socket-dir
|
||||
mountPath: /csi
|
||||
- name: csi-rbdplugin
|
||||
securityContext:
|
||||
privileged: true
|
||||
|
@ -90,7 +90,6 @@ YAML manifests are located in `deploy/cephfs/kubernetes`.
|
||||
**Deploy RBACs for sidecar containers and node plugins:**
|
||||
|
||||
```bash
|
||||
kubectl create -f csi-attacher-rbac.yaml
|
||||
kubectl create -f csi-provisioner-rbac.yaml
|
||||
kubectl create -f csi-nodeplugin-rbac.yaml
|
||||
```
|
||||
@ -102,12 +101,11 @@ the same permissions.
|
||||
**Deploy CSI sidecar containers:**
|
||||
|
||||
```bash
|
||||
kubectl create -f csi-cephfsplugin-attacher.yaml
|
||||
kubectl create -f csi-cephfsplugin-provisioner.yaml
|
||||
```
|
||||
|
||||
Deploys stateful sets for external-attacher and external-provisioner
|
||||
sidecar containers for CSI CephFS.
|
||||
Deploys stateful set of provision which includes external-provisioner
|
||||
,external-attacher for CSI CephFS.
|
||||
|
||||
**Deploy CSI CephFS driver:**
|
||||
|
||||
@ -115,7 +113,7 @@ sidecar containers for CSI CephFS.
|
||||
kubectl create -f csi-cephfsplugin.yaml
|
||||
```
|
||||
|
||||
Deploys a daemon set with two containers: CSI driver-registrar and
|
||||
Deploys a daemon set with two containers: CSI node-driver-registrar and
|
||||
the CSI CephFS driver.
|
||||
|
||||
## Verifying the deployment in Kubernetes
|
||||
@ -125,14 +123,11 @@ After successfully completing the steps above, you should see output similar to
|
||||
```bash
|
||||
$ kubectl get all
|
||||
NAME READY STATUS RESTARTS AGE
|
||||
pod/csi-cephfsplugin-attacher-0 1/1 Running 0 26s
|
||||
pod/csi-cephfsplugin-provisioner-0 1/1 Running 0 25s
|
||||
pod/csi-cephfsplugin-provisioner-0 3/3 Running 0 25s
|
||||
pod/csi-cephfsplugin-rljcv 2/2 Running 0 24s
|
||||
|
||||
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
|
||||
service/csi-cephfsplugin-attacher ClusterIP 10.104.116.218 <none> 12345/TCP 27s
|
||||
service/csi-cephfsplugin-provisioner ClusterIP 10.101.78.75 <none> 12345/TCP 26s
|
||||
|
||||
...
|
||||
```
|
||||
|
||||
|
@ -93,7 +93,6 @@ YAML manifests are located in `deploy/rbd/kubernetes`.
|
||||
**Deploy RBACs for sidecar containers and node plugins:**
|
||||
|
||||
```bash
|
||||
kubectl create -f csi-attacher-rbac.yaml
|
||||
kubectl create -f csi-provisioner-rbac.yaml
|
||||
kubectl create -f csi-nodeplugin-rbac.yaml
|
||||
```
|
||||
@ -105,12 +104,11 @@ the same permissions.
|
||||
**Deploy CSI sidecar containers:**
|
||||
|
||||
```bash
|
||||
kubectl create -f csi-rbdplugin-attacher.yaml
|
||||
kubectl create -f csi-rbdplugin-provisioner.yaml
|
||||
```
|
||||
|
||||
Deploys stateful sets for external-attacher and external-provisioner
|
||||
sidecar containers for CSI RBD.
|
||||
Deploys stateful set of provision which includes external-provisioner
|
||||
,external-attacher,csi-snapshotter sidecar containers and CSI RBD plugin.
|
||||
|
||||
**Deploy RBD CSI driver:**
|
||||
|
||||
@ -118,7 +116,8 @@ sidecar containers for CSI RBD.
|
||||
kubectl create -f csi-rbdplugin.yaml
|
||||
```
|
||||
|
||||
Deploys a daemon set with two containers: CSI driver-registrar and the CSI RBD driver.
|
||||
Deploys a daemon set with two containers: CSI node-driver-registrar and the CSI
|
||||
RBD driver.
|
||||
|
||||
## Verifying the deployment in Kubernetes
|
||||
|
||||
@ -127,14 +126,11 @@ After successfully completing the steps above, you should see output similar to
|
||||
```bash
|
||||
$ kubectl get all
|
||||
NAME READY STATUS RESTARTS AGE
|
||||
pod/csi-rbdplugin-attacher-0 1/1 Running 0 23s
|
||||
pod/csi-rbdplugin-fptqr 2/2 Running 0 21s
|
||||
pod/csi-rbdplugin-provisioner-0 1/1 Running 0 22s
|
||||
pod/csi-rbdplugin-provisioner-0 4/4 Running 0 22s
|
||||
|
||||
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
|
||||
service/csi-rbdplugin-attacher ClusterIP 10.109.15.54 <none> 12345/TCP 26s
|
||||
service/csi-rbdplugin-provisioner ClusterIP 10.104.2.130 <none> 12345/TCP 23s
|
||||
|
||||
...
|
||||
```
|
||||
|
||||
|
@ -8,7 +8,7 @@ fi
|
||||
|
||||
cd "$deployment_base" || exit 1
|
||||
|
||||
objects=(csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac csi-cephfsplugin-attacher csi-cephfsplugin-provisioner csi-cephfsplugin)
|
||||
objects=(csi-provisioner-rbac csi-nodeplugin-rbac csi-cephfsplugin-provisioner csi-cephfsplugin)
|
||||
|
||||
for obj in "${objects[@]}"; do
|
||||
kubectl create -f "./$obj.yaml"
|
||||
|
@ -8,7 +8,7 @@ fi
|
||||
|
||||
cd "$deployment_base" || exit 1
|
||||
|
||||
objects=(csi-cephfsplugin-attacher csi-cephfsplugin-provisioner csi-cephfsplugin csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac)
|
||||
objects=(csi-cephfsplugin-provisioner csi-cephfsplugin csi-provisioner-rbac csi-nodeplugin-rbac)
|
||||
|
||||
for obj in "${objects[@]}"; do
|
||||
kubectl delete -f "./$obj.yaml"
|
||||
|
@ -8,7 +8,7 @@ fi
|
||||
|
||||
cd "$deployment_base" || exit 1
|
||||
|
||||
objects=(csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac csi-rbdplugin-attacher csi-rbdplugin-provisioner csi-rbdplugin)
|
||||
objects=(csi-provisioner-rbac csi-nodeplugin-rbac csi-rbdplugin-provisioner csi-rbdplugin)
|
||||
|
||||
for obj in "${objects[@]}"; do
|
||||
kubectl create -f "./$obj.yaml"
|
||||
|
@ -8,7 +8,7 @@ fi
|
||||
|
||||
cd "$deployment_base" || exit 1
|
||||
|
||||
objects=(csi-rbdplugin-attacher csi-rbdplugin-provisioner csi-rbdplugin csi-attacher-rbac csi-provisioner-rbac csi-nodeplugin-rbac)
|
||||
objects=(csi-rbdplugin-provisioner csi-rbdplugin csi-provisioner-rbac csi-nodeplugin-rbac)
|
||||
|
||||
for obj in "${objects[@]}"; do
|
||||
kubectl delete -f "./$obj.yaml"
|
||||
|
@ -364,16 +364,6 @@ func (cs *ControllerServer) ValidateVolumeCapabilities(ctx context.Context, req
|
||||
}, nil
|
||||
}
|
||||
|
||||
// ControllerUnpublishVolume returns success response
|
||||
func (cs *ControllerServer) ControllerUnpublishVolume(ctx context.Context, req *csi.ControllerUnpublishVolumeRequest) (*csi.ControllerUnpublishVolumeResponse, error) {
|
||||
return &csi.ControllerUnpublishVolumeResponse{}, nil
|
||||
}
|
||||
|
||||
// ControllerPublishVolume returns success response
|
||||
func (cs *ControllerServer) ControllerPublishVolume(ctx context.Context, req *csi.ControllerPublishVolumeRequest) (*csi.ControllerPublishVolumeResponse, error) {
|
||||
return &csi.ControllerPublishVolumeResponse{}, nil
|
||||
}
|
||||
|
||||
// CreateSnapshot creates the snapshot in backend and stores metadata
|
||||
// in store
|
||||
// nolint: gocyclo
|
||||
|
@ -106,7 +106,6 @@ func (r *Driver) Run(driverName, nodeID, endpoint, configRoot string, containeri
|
||||
}
|
||||
r.cd.AddControllerServiceCapabilities([]csi.ControllerServiceCapability_RPC_Type{
|
||||
csi.ControllerServiceCapability_RPC_CREATE_DELETE_VOLUME,
|
||||
csi.ControllerServiceCapability_RPC_PUBLISH_UNPUBLISH_VOLUME,
|
||||
csi.ControllerServiceCapability_RPC_LIST_VOLUMES,
|
||||
csi.ControllerServiceCapability_RPC_CREATE_DELETE_SNAPSHOT,
|
||||
csi.ControllerServiceCapability_RPC_LIST_SNAPSHOTS,
|
||||
|
Loading…
Reference in New Issue
Block a user