From 5983d5730a4e145f8b8c4ec19c0593051fd36641 Mon Sep 17 00:00:00 2001 From: Rakshith R Date: Mon, 16 May 2022 12:50:43 +0530 Subject: [PATCH] deploy: add support for nfs snapshot This commit add external-snapshotter container and required rbac to support nfs snaphots. Example volumesnaphotclass, volumesnapshot, pvc-restore and pod-restore yamls are also added. Signed-off-by: Rakshith R --- .../kubernetes/csi-nfsplugin-provisioner.yaml | 14 +++++++++++ .../nfs/kubernetes/csi-provisioner-rbac.yaml | 12 ++++++++++ examples/nfs/pod-restore.yaml | 17 ++++++++++++++ examples/nfs/pvc-restore.yaml | 16 +++++++++++++ examples/nfs/snapshot.yaml | 9 ++++++++ examples/nfs/snapshotclass.yaml | 23 +++++++++++++++++++ 6 files changed, 91 insertions(+) create mode 100644 examples/nfs/pod-restore.yaml create mode 100644 examples/nfs/pvc-restore.yaml create mode 100644 examples/nfs/snapshot.yaml create mode 100644 examples/nfs/snapshotclass.yaml diff --git a/deploy/nfs/kubernetes/csi-nfsplugin-provisioner.yaml b/deploy/nfs/kubernetes/csi-nfsplugin-provisioner.yaml index e63c2019b..a7aa8205d 100644 --- a/deploy/nfs/kubernetes/csi-nfsplugin-provisioner.yaml +++ b/deploy/nfs/kubernetes/csi-nfsplugin-provisioner.yaml @@ -70,6 +70,20 @@ spec: volumeMounts: - name: socket-dir mountPath: /csi + - name: csi-snapshotter + image: registry.k8s.io/sig-storage/csi-snapshotter:v5.0.1 + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--timeout=150s" + - "--leader-election=true" + env: + - name: ADDRESS + value: unix:///csi/csi-provisioner.sock + imagePullPolicy: "IfNotPresent" + volumeMounts: + - name: socket-dir + mountPath: /csi - name: csi-nfsplugin # for stable functionality replace canary with latest release version image: quay.io/cephcsi/cephcsi:canary diff --git a/deploy/nfs/kubernetes/csi-provisioner-rbac.yaml b/deploy/nfs/kubernetes/csi-provisioner-rbac.yaml index b17132499..0fd3fa697 100644 --- a/deploy/nfs/kubernetes/csi-provisioner-rbac.yaml +++ b/deploy/nfs/kubernetes/csi-provisioner-rbac.yaml @@ -39,6 +39,18 @@ rules: - apiGroups: ["storage.k8s.io"] resources: ["csinodes"] verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/examples/nfs/pod-restore.yaml b/examples/nfs/pod-restore.yaml new file mode 100644 index 000000000..013b08157 --- /dev/null +++ b/examples/nfs/pod-restore.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +kind: Pod +metadata: + name: csi-nfs-restore-demo-pod +spec: + containers: + - name: web-server + image: docker.io/library/nginx:latest + volumeMounts: + - name: mypvc + mountPath: /var/lib/www + volumes: + - name: mypvc + persistentVolumeClaim: + claimName: nfs-pvc-restore + readOnly: false diff --git a/examples/nfs/pvc-restore.yaml b/examples/nfs/pvc-restore.yaml new file mode 100644 index 000000000..cee1371ba --- /dev/null +++ b/examples/nfs/pvc-restore.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: nfs-pvc-restore +spec: + storageClassName: csi-nfs-sc + dataSource: + name: nfs-pvc-snapshot + kind: VolumeSnapshot + apiGroup: snapshot.storage.k8s.io + accessModes: + - ReadWriteMany + resources: + requests: + storage: 1Gi diff --git a/examples/nfs/snapshot.yaml b/examples/nfs/snapshot.yaml new file mode 100644 index 000000000..8854cd789 --- /dev/null +++ b/examples/nfs/snapshot.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: snapshot.storage.k8s.io/v1 +kind: VolumeSnapshot +metadata: + name: nfs-pvc-snapshot +spec: + volumeSnapshotClassName: csi-nfsplugin-snapclass + source: + persistentVolumeClaimName: csi-nfs-pvc diff --git a/examples/nfs/snapshotclass.yaml b/examples/nfs/snapshotclass.yaml new file mode 100644 index 000000000..cc1fa2852 --- /dev/null +++ b/examples/nfs/snapshotclass.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: snapshot.storage.k8s.io/v1 +kind: VolumeSnapshotClass +metadata: + name: csi-nfsplugin-snapclass +driver: nfs.csi.ceph.com +parameters: + # String representing a Ceph cluster to provision storage from. + # Should be unique across all Ceph clusters in use for provisioning, + # cannot be greater than 36 bytes in length, and should remain immutable for + # the lifetime of the StorageClass in use. + # Ensure to create an entry in the configmap named ceph-csi-config, based on + # csi-config-map-sample.yaml, to accompany the string chosen to + # represent the Ceph cluster in clusterID below + clusterID: + + # Prefix to use for naming CephFS snapshots. + # If omitted, defaults to "csi-snap-". + # snapshotNamePrefix: "foo-bar-" + + csi.storage.k8s.io/snapshotter-secret-name: csi-cephfs-secret + csi.storage.k8s.io/snapshotter-secret-namespace: default +deletionPolicy: Delete