mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-11-22 14:20:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update Helm charts to support topology

Browse Source 
- Added requires chart variables
- Updated templates with required additions based on the
variables
- Re-added older nodeplugin cluster role/rolebinding as needed

Signed-off-by: ShyamsundarR <srangana@redhat.com>
This commit is contained in:
ShyamsundarR 2020-03-18 13:38:40 -04:00 committed by mergify[bot]
parent 5c4abf8347
commit d7ea523540
14 changed files with 173 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
charts/ceph-csi-cephfs/templates/nodeplugin-clusterrole.yaml Normal file
View File

@ -0,0 +1,19 @@
{{- if .Values.rbac.create -}}
{{- if .Values.topology.enabled }}
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ include "ceph-csi-cephfs.nodeplugin.fullname" . }}
labels:
app: {{ include "ceph-csi-cephfs.name" . }}
chart: {{ include "ceph-csi-cephfs.chart" . }}
component: {{ .Values.nodeplugin.name }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
aggregationRule:
clusterRoleSelectors:
- matchLabels:
rbac.cephfs.csi.ceph.com/aggregate-to-{{ include "ceph-csi-cephfs.nodeplugin.fullname" . }}: "true"
rules: []
{{- end }}
{{- end -}}

22
charts/ceph-csi-cephfs/templates/nodeplugin-clusterrolebinding.yaml Normal file
View File

@ -0,0 +1,22 @@
{{- if .Values.rbac.create -}}
{{- if .Values.topology.enabled }}
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ include "ceph-csi-cephfs.nodeplugin.fullname" . }}
labels:
app: {{ include "ceph-csi-cephfs.name" . }}
chart: {{ include "ceph-csi-cephfs.chart" . }}
component: {{ .Values.nodeplugin.name }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
subjects:
- kind: ServiceAccount
name: {{ include "ceph-csi-cephfs.serviceAccountName.nodeplugin" . }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: {{ include "ceph-csi-cephfs.nodeplugin.fullname" . }}
apiGroup: rbac.authorization.k8s.io
{{- end }}
{{- end -}}

3
charts/ceph-csi-cephfs/templates/nodeplugin-daemonset.yaml
View File

@ -83,6 +83,9 @@ spec:
- "--v=5" - "--v=5"
- "--drivername=$(DRIVER_NAME)" - "--drivername=$(DRIVER_NAME)"
- "--metadatastorage=k8s_configmap" - "--metadatastorage=k8s_configmap"
{{- if .Values.topology.enabled }}
- "--domainlabels={{ .Values.topology.domainLabels | join "," }}"
{{- end }}
env: env:
- name: POD_IP - name: POD_IP
valueFrom: valueFrom:

19
charts/ceph-csi-cephfs/templates/nodeplugin-rules-clusterrole.yaml Normal file
View File

@ -0,0 +1,19 @@
{{- if .Values.rbac.create -}}
{{- if .Values.topology.enabled }}
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ include "ceph-csi-cephfs.nodeplugin.fullname" . }}-rules
labels:
app: {{ include "ceph-csi-cephfs.name" . }}
chart: {{ include "ceph-csi-cephfs.chart" . }}
component: {{ .Values.nodeplugin.name }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
rbac.cephfs.csi.ceph.com/aggregate-to-{{ include "ceph-csi-cephfs.nodeplugin.fullname" . }}: "true"
rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get"]
{{- end }}
{{- end -}}

3
charts/ceph-csi-cephfs/templates/provisioner-deployment.yaml
View File

@ -37,6 +37,9 @@ spec:
- "--enable-leader-election=true" - "--enable-leader-election=true"
- "--leader-election-type=leases" - "--leader-election-type=leases"
- "--retry-interval-start=500ms" - "--retry-interval-start=500ms"
{{- if .Values.topology.enabled }}
- "--feature-gates=Topology=true"
{{- end }}
env: env:
- name: ADDRESS - name: ADDRESS
value: "unix:///csi/{{ .Values.provisionerSocketFile }}" value: "unix:///csi/{{ .Values.provisionerSocketFile }}"

8
charts/ceph-csi-cephfs/templates/provisioner-rules-clusterrole.yaml
View File

@ -38,4 +38,12 @@ rules:
verbs: ["update", "patch"] verbs: ["update", "patch"]
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- if .Values.topology.enabled }}
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", watch"]
- apiGroups: ["storage.k8s.io"]
resources: ["csinodes"]
verbs: ["get", "list", "watch"]
{{- end }}
{{- end -}} {{- end -}}

12
charts/ceph-csi-cephfs/values.yaml
View File

@ -165,6 +165,18 @@ provisioner:
podSecurityPolicy: podSecurityPolicy:
enabled: false enabled: false
topology:
# Specifies whether topology based provisioning support should
# be exposed by CSI
enabled: false
# domainLabels define which node labels to use as domains
# for CSI nodeplugins to advertise their domains
# NOTE: the value here serves as an example and needs to be
# updated with node labels that define domains of interest
domainLabels:
- failure-domain/region
- failure-domain/zone
######################################################### #########################################################
# Variables for 'internal' use please use with caution! # # Variables for 'internal' use please use with caution! #
######################################################### #########################################################

19
charts/ceph-csi-rbd/templates/nodeplugin-clusterrole.yaml Normal file
View File

@ -0,0 +1,19 @@
{{- if .Values.rbac.create -}}
{{- if .Values.topology.enabled }}
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ include "ceph-csi-rbd.nodeplugin.fullname" . }}
labels:
app: {{ include "ceph-csi-rbd.name" . }}
chart: {{ include "ceph-csi-rbd.chart" . }}
component: {{ .Values.nodeplugin.name }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
aggregationRule:
clusterRoleSelectors:
- matchLabels:
rbac.rbd.csi.ceph.com/aggregate-to-{{ include "ceph-csi-rbd.nodeplugin.fullname" . }}: "true"
rules: []
{{- end }}
{{- end -}}

22
charts/ceph-csi-rbd/templates/nodeplugin-clusterrolebinding.yaml Normal file
View File

@ -0,0 +1,22 @@
{{- if .Values.rbac.create -}}
{{- if .Values.topology.enabled }}
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ include "ceph-csi-rbd.nodeplugin.fullname" . }}
labels:
app: {{ include "ceph-csi-rbd.name" . }}
chart: {{ include "ceph-csi-rbd.chart" . }}
component: {{ .Values.nodeplugin.name }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
subjects:
- kind: ServiceAccount
name: {{ include "ceph-csi-rbd.serviceAccountName.nodeplugin" . }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: {{ include "ceph-csi-rbd.nodeplugin.fullname" . }}
apiGroup: rbac.authorization.k8s.io
{{- end }}
{{- end -}}

3
charts/ceph-csi-rbd/templates/nodeplugin-daemonset.yaml
View File

@ -80,6 +80,9 @@ spec:
- "--endpoint=$(CSI_ENDPOINT)" - "--endpoint=$(CSI_ENDPOINT)"
- "--v=5" - "--v=5"
- "--drivername=$(DRIVER_NAME)" - "--drivername=$(DRIVER_NAME)"
{{- if .Values.topology.enabled }}
- "--domainlabels={{ .Values.topology.domainLabels | join "," }}"
{{- end }}
env: env:
- name: POD_IP - name: POD_IP
valueFrom: valueFrom:

19
charts/ceph-csi-rbd/templates/nodeplugin-rules-clusterrole.yaml Normal file
View File

@ -0,0 +1,19 @@
{{- if .Values.rbac.create -}}
{{- if .Values.topology.enabled }}
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ include "ceph-csi-rbd.nodeplugin.fullname" . }}-rules
labels:
app: {{ include "ceph-csi-rbd.name" . }}
chart: {{ include "ceph-csi-rbd.chart" . }}
component: {{ .Values.nodeplugin.name }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
rbac.rbd.csi.ceph.com/aggregate-to-{{ include "ceph-csi-rbd.nodeplugin.fullname" . }}: "true"
rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get"]
{{- end }}
{{- end -}}

3
charts/ceph-csi-rbd/templates/provisioner-deployment.yaml
View File

@ -37,6 +37,9 @@ spec:
- "--enable-leader-election=true" - "--enable-leader-election=true"
- "--leader-election-type=leases" - "--leader-election-type=leases"
- "--retry-interval-start=500ms" - "--retry-interval-start=500ms"
{{- if .Values.topology.enabled }}
- "--feature-gates=Topology=true"
{{- end }}
env: env:
- name: ADDRESS - name: ADDRESS
value: "unix:///csi/{{ .Values.provisionerSocketFile }}" value: "unix:///csi/{{ .Values.provisionerSocketFile }}"

10
charts/ceph-csi-rbd/templates/provisioner-rules-clusterrole.yaml
View File

@ -53,5 +53,13 @@ rules:
- apiGroups: [""] - apiGroups: [""]
resources: ["persistentvolumeclaims/status"] resources: ["persistentvolumeclaims/status"]
verbs: ["update", "patch"] verbs: ["update", "patch"]
{{- end -}} {{- end }}
{{- if .Values.topology.enabled }}
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", watch"]
- apiGroups: ["storage.k8s.io"]
resources: ["csinodes"]
verbs: ["get", "list", "watch"]
{{- end }}
{{- end -}} {{- end -}}

12
charts/ceph-csi-rbd/values.yaml
View File

@ -182,6 +182,18 @@ provisioner:
podSecurityPolicy: podSecurityPolicy:
enabled: false enabled: false
topology:
# Specifies whether topology based provisioning support should
# be exposed by CSI
enabled: false
# domainLabels define which node labels to use as domains
# for CSI nodeplugins to advertise their domains
# NOTE: the value here serves as an example and needs to be
# updated with node labels that define domains of interest
domainLabels:
- failure-domain/region
- failure-domain/zone
######################################################### #########################################################
# Variables for 'internal' use please use with caution! # # Variables for 'internal' use please use with caution! #
######################################################### #########################################################