Merge "Improves ceph-provisioner storageclasses"
This commit is contained in:
commit
15a0cd7c2b
@ -54,7 +54,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }}
|
||||
namespace: {{ .Values.storageclass.rbd.admin_secret_namespace }}
|
||||
namespace: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
@ -68,7 +68,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }}
|
||||
namespace: {{ .Values.storageclass.rbd.admin_secret_namespace }}
|
||||
namespace: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
@ -106,11 +106,11 @@ spec:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: PVC_CEPH_CEPHFS_STORAGECLASS_USER_SECRET_NAME
|
||||
value: {{ .Values.storageclass.cephfs.user_secret_name }}
|
||||
value: {{ .Values.storageclass.cephfs.parameters.userSecretName }}
|
||||
- name: PVC_CEPH_CEPHFS_STORAGECLASS_ADMIN_SECRET_NAME
|
||||
value: {{ .Values.storageclass.cephfs.admin_secret_name }}
|
||||
value: {{ .Values.storageclass.cephfs.parameters.adminSecretName }}
|
||||
- name: PVC_CEPH_CEPHFS_STORAGECLASS_DEPLOYED_NAMESPACE
|
||||
value: {{ .Values.storageclass.cephfs.admin_secret_namespace }}
|
||||
value: {{ .Values.storageclass.cephfs.parameters.adminSecretNamespace }}
|
||||
command:
|
||||
- /tmp/provisioner-cephfs-client-key-manager.sh
|
||||
volumeMounts:
|
||||
|
@ -77,7 +77,7 @@ spec:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: PVC_CEPH_RBD_STORAGECLASS_USER_SECRET_NAME
|
||||
value: {{ .Values.storageclass.rbd.user_secret_name }}
|
||||
value: {{ .Values.storageclass.rbd.parameters.userSecretName }}
|
||||
command:
|
||||
- /tmp/provisioner-rbd-namespace-client-key-cleaner.sh
|
||||
volumeMounts:
|
||||
|
@ -54,7 +54,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }}
|
||||
namespace: {{ .Values.storageclass.rbd.admin_secret_namespace }}
|
||||
namespace: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
@ -68,7 +68,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }}
|
||||
namespace: {{ .Values.storageclass.rbd.admin_secret_namespace }}
|
||||
namespace: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
@ -104,11 +104,11 @@ spec:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: PVC_CEPH_RBD_STORAGECLASS_USER_SECRET_NAME
|
||||
value: {{ .Values.storageclass.rbd.user_secret_name }}
|
||||
value: {{ .Values.storageclass.rbd.parameters.userSecretName }}
|
||||
- name: PVC_CEPH_RBD_STORAGECLASS_ADMIN_SECRET_NAME
|
||||
value: {{ .Values.storageclass.rbd.admin_secret_name }}
|
||||
value: {{ .Values.storageclass.rbd.parameters.adminSecretName }}
|
||||
- name: PVC_CEPH_RBD_STORAGECLASS_DEPLOYED_NAMESPACE
|
||||
value: {{ .Values.storageclass.rbd.admin_secret_namespace }}
|
||||
value: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
|
||||
command:
|
||||
- /tmp/provisioner-rbd-namespace-client-key-manager.sh
|
||||
volumeMounts:
|
||||
|
@ -1,30 +0,0 @@
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.storageclass_cephfs ( and .Values.deployment.ceph .Values.storageclass.cephfs.provision_storage_class ) }}
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
kind: StorageClass
|
||||
apiVersion: storage.k8s.io/v1
|
||||
metadata:
|
||||
name: {{ .Values.storageclass.cephfs.name }}
|
||||
provisioner: {{ .Values.storageclass.cephfs.provisioner }}
|
||||
parameters:
|
||||
monitors: {{ tuple "ceph_mon" "internal" "mon" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
|
||||
adminId: {{ .Values.storageclass.cephfs.admin_id | quote }}
|
||||
adminSecretName: {{ .Values.storageclass.cephfs.user_secret_name | quote }}
|
||||
adminSecretNamespace: {{ .Release.Namespace | quote }}
|
||||
{{- end }}
|
@ -1,35 +0,0 @@
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.storageclass_rbd (and .Values.deployment.ceph .Values.storageclass.rbd.provision_storage_class) }}
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: storage.k8s.io/v1
|
||||
kind: StorageClass
|
||||
metadata:
|
||||
name: {{ .Values.storageclass.rbd.name }}
|
||||
provisioner: {{ .Values.storageclass.rbd.provisioner }}
|
||||
parameters:
|
||||
monitors: {{ tuple "ceph_mon" "internal" "mon" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
|
||||
adminId: {{ .Values.storageclass.rbd.admin_id }}
|
||||
adminSecretName: {{ .Values.storageclass.rbd.admin_secret_name }}
|
||||
adminSecretNamespace: {{ .Values.storageclass.rbd.admin_secret_namespace }}
|
||||
pool: {{ .Values.storageclass.rbd.pool }}
|
||||
userId: {{ .Values.storageclass.rbd.user_id }}
|
||||
userSecretName: {{ .Values.storageclass.rbd.user_secret_name }}
|
||||
imageFormat: {{ .Values.storageclass.rbd.image_format | quote }}
|
||||
imageFeatures: {{ .Values.storageclass.rbd.image_features }}
|
||||
{{- end }}
|
21
ceph-provisioners/templates/storageclass.yaml
Normal file
21
ceph-provisioners/templates/storageclass.yaml
Normal file
@ -0,0 +1,21 @@
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.storageclass (.Values.deployment.ceph) }}
|
||||
{{- range $storageclass, $val := .Values.storageclass }}
|
||||
{{ dict "storageclass_data" $val "envAll" $ | include "helm-toolkit.manifests.ceph-storageclass" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -171,29 +171,35 @@ bootstrap:
|
||||
# if you change provision_storage_class to false
|
||||
# it is presumed you manage your own storage
|
||||
# class definition externally
|
||||
#(kranthikirang):We iterate over each storageclass parameters
|
||||
#and derive the manifest.
|
||||
storageclass:
|
||||
rbd:
|
||||
provision_storage_class: true
|
||||
provisioner: ceph.com/rbd
|
||||
name: general
|
||||
monitors: null
|
||||
pool: rbd
|
||||
admin_id: admin
|
||||
ceph_configmap_name: ceph-etc
|
||||
admin_secret_name: pvc-ceph-conf-combined-storageclass
|
||||
admin_secret_namespace: ceph
|
||||
user_id: admin
|
||||
user_secret_name: pvc-ceph-client-key
|
||||
image_format: "2"
|
||||
image_features: layering
|
||||
metadata:
|
||||
default_storage_class: true
|
||||
name: general
|
||||
parameters:
|
||||
pool: rbd
|
||||
adminId: admin
|
||||
adminSecretName: pvc-ceph-conf-combined-storageclass
|
||||
adminSecretNamespace: ceph
|
||||
userId: admin
|
||||
userSecretName: pvc-ceph-client-key
|
||||
imageFormat: "2"
|
||||
imageFeatures: layering
|
||||
cephfs:
|
||||
provision_storage_class: true
|
||||
provisioner: ceph.com/cephfs
|
||||
name: cephfs
|
||||
admin_id: admin
|
||||
user_secret_name: pvc-ceph-cephfs-client-key
|
||||
admin_secret_name: pvc-ceph-conf-combined-storageclass
|
||||
admin_secret_namespace: ceph
|
||||
metadata:
|
||||
name: cephfs
|
||||
parameters:
|
||||
adminId: admin
|
||||
userSecretName: pvc-ceph-cephfs-client-key
|
||||
adminSecretName: pvc-ceph-conf-combined-storageclass
|
||||
adminSecretNamespace: ceph
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
@ -231,5 +237,4 @@ manifests:
|
||||
job_image_repo_sync: true
|
||||
job_namespace_client_key_cleaner: true
|
||||
job_namespace_client_key: true
|
||||
storageclass_cephfs: true
|
||||
storageclass_rbd: true
|
||||
storageclass: true
|
||||
|
109
helm-toolkit/templates/manifests/_ceph-storageclass.tpl
Normal file
109
helm-toolkit/templates/manifests/_ceph-storageclass.tpl
Normal file
@ -0,0 +1,109 @@
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{/*
|
||||
abstract: |
|
||||
Creates a manifest for kubernete ceph storageclass
|
||||
examples:
|
||||
- values: |
|
||||
manifests:
|
||||
storageclass: true
|
||||
storageclass:
|
||||
rbd:
|
||||
provision_storage_class: true
|
||||
provisioner: "ceph.com/rbd"
|
||||
metadata:
|
||||
default_storage_class: true
|
||||
name: general
|
||||
parameters:
|
||||
#We will grab the monitors value based on helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup
|
||||
pool: rbd
|
||||
admin_id: admin
|
||||
ceph_configmap_name: "ceph-etc"
|
||||
admin_secret_name: "pvc-ceph-conf-combined-storageclass"
|
||||
admin_secret_namespace: ceph
|
||||
user_id: admin
|
||||
user_secret_name: "pvc-ceph-client-key"
|
||||
image_format: "2"
|
||||
image_features: layering
|
||||
cephfs:
|
||||
provision_storage_class: true
|
||||
provisioner: "ceph.com/cephfs"
|
||||
metadata:
|
||||
name: cephfs
|
||||
parameters:
|
||||
admin_id: admin
|
||||
user_secret_name: "pvc-ceph-cephfs-client-key"
|
||||
admin_secret_name: "pvc-ceph-conf-combined-storageclass"
|
||||
admin_secret_namespace: ceph
|
||||
usage: |
|
||||
{{- range $storageclass, $val := .Values.storageclass }}
|
||||
{{ dict "storageclass_data" $val "envAll" $ | include "helm-toolkit.manifests.ceph-storageclass" }}
|
||||
{{- end }}
|
||||
return: |
|
||||
---
|
||||
apiVersion: storage.k8s.io/v1
|
||||
kind: StorageClass
|
||||
metadata:
|
||||
annotations:
|
||||
storageclass.kubernetes.io/is-default-class: "true"
|
||||
name: general
|
||||
provisioner: ceph.com/rbd
|
||||
parameters:
|
||||
monitors: ceph-mon.<ceph-namespace>.svc.<k8s-domain-name>:6789
|
||||
adminId: admin
|
||||
adminSecretName: pvc-ceph-conf-combined-storageclass
|
||||
adminSecretNamespace: ceph
|
||||
pool: rbd
|
||||
userId: admin
|
||||
userSecretName: pvc-ceph-client-key
|
||||
image_format: "2"
|
||||
image_features: layering
|
||||
---
|
||||
apiVersion: storage.k8s.io/v1
|
||||
kind: StorageClass
|
||||
metadata:
|
||||
name: cephfs
|
||||
provisioner: ceph.com/rbd
|
||||
parameters:
|
||||
monitors: ceph-mon.<ceph-namespace>.svc.<k8s-domain-name>:6789
|
||||
adminId: admin
|
||||
adminSecretName: pvc-ceph-conf-combined-storageclass
|
||||
adminSecretNamespace: ceph
|
||||
*/}}
|
||||
|
||||
{{- define "helm-toolkit.manifests.ceph-storageclass" -}}
|
||||
{{- $envAll := index . "envAll" -}}
|
||||
{{- $storageclassData := index . "storageclass_data" -}}
|
||||
---
|
||||
{{- if $storageclassData.provision_storage_class }}
|
||||
apiVersion: storage.k8s.io/v1
|
||||
kind: StorageClass
|
||||
metadata:
|
||||
{{- if $storageclassData.metadata.default_storage_class }}
|
||||
annotations:
|
||||
storageclass.kubernetes.io/is-default-class: "true"
|
||||
{{- end }}
|
||||
name: {{ $storageclassData.metadata.name }}
|
||||
provisioner: {{ $storageclassData.provisioner }}
|
||||
parameters:
|
||||
monitors: {{ tuple "ceph_mon" "internal" "mon" $envAll | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
|
||||
{{- range $attr, $value := $storageclassData.parameters }}
|
||||
{{ $attr }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
|
||||
{{- end }}
|
||||
{{- end }}
|
Loading…
Reference in New Issue
Block a user