Convert local-static-provisioner into Umbrella Helm chart

This commit is contained in:
Stefan Reimer 2020-07-09 16:17:23 +01:00
parent 3c8739216b
commit 011fb4b1fb
23 changed files with 699 additions and 165 deletions

View File

@ -1,5 +0,0 @@
nameSpace: kube-system
resources:
- local-sc-xfs.yaml
- local-volume-provisioner.yaml

View File

@ -1,136 +0,0 @@
---
# Source: provisioner/templates/provisioner.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: local-provisioner-config
namespace: kube-system
labels:
heritage: "Helm"
release: "RELEASE-NAME"
chart: provisioner-2.3.3
data:
storageClassMap: |
local-sc-xfs:
hostDir: /mnt/disks
mountDir: /mnt/disks
---
# Source: provisioner/templates/provisioner-service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: local-storage-admin
namespace: kube-system
labels:
heritage: "Helm"
release: "RELEASE-NAME"
chart: provisioner-2.3.3
---
# Source: provisioner/templates/provisioner-cluster-role-binding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: local-storage-provisioner-node-clusterrole
labels:
heritage: "Helm"
release: "RELEASE-NAME"
chart: provisioner-2.3.3
rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get"]
---
# Source: provisioner/templates/provisioner-cluster-role-binding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: local-storage-provisioner-pv-binding
labels:
heritage: "Helm"
release: "RELEASE-NAME"
chart: provisioner-2.3.3
subjects:
- kind: ServiceAccount
name: local-storage-admin
namespace: kube-system
roleRef:
kind: ClusterRole
name: system:persistent-volume-provisioner
apiGroup: rbac.authorization.k8s.io
---
# Source: provisioner/templates/provisioner-cluster-role-binding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: local-storage-provisioner-node-binding
labels:
heritage: "Helm"
release: "RELEASE-NAME"
chart: provisioner-2.3.3
subjects:
- kind: ServiceAccount
name: local-storage-admin
namespace: kube-system
roleRef:
kind: ClusterRole
name: local-storage-provisioner-node-clusterrole
apiGroup: rbac.authorization.k8s.io
---
# Source: provisioner/templates/provisioner.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: local-volume-provisioner
namespace: kube-system
labels:
app: local-volume-provisioner
heritage: "Helm"
release: "RELEASE-NAME"
chart: provisioner-2.3.3
spec:
selector:
matchLabels:
app: local-volume-provisioner
template:
metadata:
labels:
app: local-volume-provisioner
spec:
serviceAccountName: local-storage-admin
nodeSelector:
node.kubernetes.io/localVolume: present
containers:
- image: "quay.io/external_storage/local-volume-provisioner:v2.3.3"
name: provisioner
securityContext:
privileged: true
env:
- name: MY_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: MY_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: JOB_CONTAINER_IMAGE
value: "quay.io/external_storage/local-volume-provisioner:v2.3.3"
volumeMounts:
- mountPath: /etc/provisioner/config
name: provisioner-config
readOnly: true
- mountPath: /dev
name: provisioner-dev
- mountPath: /mnt/disks
name: local-sc-xfs
mountPropagation: "HostToContainer"
volumes:
- name: provisioner-config
configMap:
name: local-provisioner-config
- name: provisioner-dev
hostPath:
path: /dev
- name: local-sc-xfs
hostPath:
path: /mnt/disks

View File

@ -1,5 +0,0 @@
#!/bin/bash
# get chart and render yaml
git clone --depth=1 https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner.git
helm template ./sig-storage-local-static-provisioner/helm/provisioner -f values.yaml --namespace kube-system > local-volume-provisioner.yaml

View File

@ -1,11 +0,0 @@
common:
namespace: kube-system
classes:
- name: local-sc-xfs
hostDir: /mnt/disks
daemonset:
nodeSelector:
node.kubernetes.io/localVolume: present
prometheus:
operator:
enabled: false

View File

@ -2,7 +2,7 @@ kubezero-calico
=============== ===============
KubeZero Umbrella Chart for Calico KubeZero Umbrella Chart for Calico
Current chart version is `0.1.3` Current chart version is `0.1.4`
Source code can be found [here](https://kubezero.com) Source code can be found [here](https://kubezero.com)

View File

@ -0,0 +1,18 @@
apiVersion: v2
name: kubezero-local-volume-provisioner
description: KubeZero Umbrella Chart for local-static-provisioner
type: application
version: 0.0.1
appVersion: 2.3.4
home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords:
- kubezero
- local-static-provisioner
maintainers:
- name: Quarky9
dependencies:
- name: kubezero-lib
version: ">= 0.1.1"
repository: https://zero-down-time.github.io/kubezero/
kubeVersion: ">= 1.16.0"

View File

@ -0,0 +1,24 @@
kubezero-local-volume-provisioner
=================================
KubeZero Umbrella Chart for local-static-provisioner
Provides persistent volumes backed by local volumes, eg. additional SSDs or spindles.
Current chart version is `0.0.1`
Source code can be found [here](https://kubezero.com)
## Chart Requirements
| Repository | Name | Version |
|------------|------|---------|
| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.1 |
## KubeZero default configuration
- add nodeSelector to only install on nodes actually having ephemeral local storage
- provide matching storage class to expose mounted disks under `/mnt/disks`
## Resources
- https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner

View File

@ -1,12 +1,19 @@
# local-volume-provisioner {{ template "chart.header" . }}
Provides persistent volumes backed by local volumes, eg. additional SSDs or spindles. {{ template "chart.description" . }}
As the upstream Helm chart is not part of a repository we extract the chart and store it locally as base for kustomize. Provides persistent volumes backed by local volumes, eg. additional SSDs or spindles.
See `update.sh`.
{{ template "chart.versionLine" . }}
{{ template "chart.sourceLinkLine" . }}
{{ template "chart.requirementsSection" . }}
## KubeZero default configuration
## Kustomizations
- add nodeSelector to only install on nodes actually having ephemeral local storage - add nodeSelector to only install on nodes actually having ephemeral local storage
- provide matching storage class to expose mounted disks under `/mnt/disks` - provide matching storage class to expose mounted disks under `/mnt/disks`
## Resources ## Resources
- https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner.git
- https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner

View File

@ -0,0 +1,8 @@
apiVersion: v1
appVersion: 2.3.4
description: local provisioner chart
keywords:
- storage
- local
name: local-static-provisioner
version: 3.0.0

View File

@ -0,0 +1 @@
provisioner installed

View File

@ -0,0 +1,42 @@
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "provisioner.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Expand the name of the chart.
*/}}
{{- define "provisioner.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "provisioner.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create the name of the service account to use
*/}}
{{- define "provisioner.serviceAccountName" -}}
{{- if .Values.common.serviceAccount.create -}}
{{ default (include "provisioner.fullname" .) .Values.common.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.common.serviceAccount.name }}
{{- end -}}
{{- end -}}

View File

@ -0,0 +1,52 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "provisioner.fullname" . }}-config
namespace: {{ .Release.Namespace }}
labels:
helm.sh/chart: {{ template "provisioner.chart" . }}
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
data:
{{- if .Values.daemonset.nodeLabels }}
nodeLabelsForPV: |
{{- range $label := .Values.daemonset.nodeLabels }}
- {{$label}}
{{- end }}
{{- end }}
{{- if .Values.common.useAlphaAPI }}
useAlphaAPI: "true"
{{- end }}
{{- if .Values.common.setPVOwnerRef }}
setPVOwnerRef: "true"
{{- end }}
{{- if .Values.common.useJobForCleaning }}
useJobForCleaning: "yes"
{{- end}}
{{- if .Values.common.useNodeNameOnly }}
useNodeNameOnly: "true"
{{- end }}
{{- if .Values.common.minResyncPeriod }}
minResyncPeriod: {{ .Values.common.minResyncPeriod | quote }}
{{- end}}
storageClassMap: |
{{- range $classConfig := .Values.classes }}
{{ $classConfig.name }}:
hostDir: {{ $classConfig.hostDir }}
mountDir: {{ if $classConfig.mountDir }} {{- $classConfig.mountDir -}} {{ else }} {{- $classConfig.hostDir -}} {{ end }}
{{- if $classConfig.blockCleanerCommand }}
blockCleanerCommand:
{{- range $val := $classConfig.blockCleanerCommand }}
- "{{ $val -}}"{{- end}}
{{- end }}
{{- if $classConfig.volumeMode }}
volumeMode: {{ $classConfig.volumeMode }}
{{- end }}
{{- if $classConfig.fsType }}
fsType: {{ $classConfig.fsType }}
{{- end }}
{{- if $classConfig.namePattern }}
namePattern: "{{ $classConfig.namePattern }}"
{{- end }}
{{- end }}

View File

@ -0,0 +1,93 @@
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ include "provisioner.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
helm.sh/chart: {{ template "provisioner.chart" . }}
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
spec:
selector:
matchLabels:
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
template:
metadata:
labels:
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
spec:
serviceAccountName: {{ template "provisioner.serviceAccountName" . }}
{{- if .Values.daemonset.priorityClassName }}
priorityClassName: {{.Values.daemonset.priorityClassName}}
{{- end }}
{{- if .Values.daemonset.nodeSelector }}
nodeSelector:
{{ .Values.daemonset.nodeSelector | toYaml | trim | indent 8 }}
{{- end }}
{{- if .Values.daemonset.tolerations }}
tolerations:
{{ .Values.daemonset.tolerations | toYaml | trim | indent 8 }}
{{- end }}
{{- if .Values.daemonset.affinity }}
affinity:
{{ .Values.daemonset.affinity | toYaml | trim | indent 8 }}
{{- end }}
containers:
- image: "{{ .Values.daemonset.image }}"
{{- if .Values.daemonset.imagePullPolicy }}
imagePullPolicy: {{ .Values.daemonset.imagePullPolicy | quote }}
{{- end }}
name: provisioner
securityContext:
privileged: true
{{- if .Values.daemonset.resources }}
resources:
{{ .Values.daemonset.resources | toYaml | trim | indent 12 }}
{{- end }}
env:
- name: MY_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: MY_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: JOB_CONTAINER_IMAGE
value: "{{ .Values.daemonset.image }}"
{{- if .Values.daemonset.kubeConfigEnv }}
- name: KUBECONFIG
value: {{.Values.daemonset.kubeConfigEnv}}
{{- end }}
{{- if .Values.serviceMonitor.enabled }}
ports:
- containerPort: 8080
name: metrics
{{- end }}
volumeMounts:
- mountPath: /etc/provisioner/config
name: provisioner-config
readOnly: true
- mountPath: /dev
name: provisioner-dev
{{- range $classConfig := .Values.classes }}
- mountPath: {{ if $classConfig.mountDir }} {{- $classConfig.mountDir -}} {{ else }} {{- $classConfig.hostDir -}} {{ end }}
name: {{ $classConfig.name }}
mountPropagation: "HostToContainer"
{{- end }}
volumes:
- name: provisioner-config
configMap:
name: {{ template "provisioner.fullname" . }}-config
- name: provisioner-dev
hostPath:
path: /dev
{{- range $classConfig := .Values.classes }}
- name: {{ $classConfig.name }}
hostPath:
path: {{ $classConfig.hostDir }}
{{- end }}

View File

@ -0,0 +1,36 @@
{{- if .Values.common.rbac.pspEnabled -}}
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: {{ template "provisioner.fullname" . }}
labels:
helm.sh/chart: {{ template "provisioner.chart" . }}
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
spec:
allowPrivilegeEscalation: true
allowedHostPaths:
- pathPrefix: /dev
{{- range $classConfig := .Values.classes }}
- pathPrefix: {{ $classConfig.hostDir }}
{{- end }}
fsGroup:
rule: RunAsAny
privileged: true
requiredDropCapabilities:
- ALL
runAsUser:
ranges:
- max: 65535
min: 1
rule: MustRunAs
seLinux:
rule: RunAsAny
supplementalGroups:
rule: RunAsAny
volumes:
- configMap
- secret
- hostPath
{{- end }}

View File

@ -0,0 +1,131 @@
{{- if .Values.common.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "provisioner.fullname" . }}-pv-binding
labels:
helm.sh/chart: {{ template "provisioner.chart" . }}
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
subjects:
- kind: ServiceAccount
name: {{ template "provisioner.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: system:persistent-volume-provisioner
apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ template "provisioner.fullname" . }}-node-clusterrole
labels:
helm.sh/chart: {{ template "provisioner.chart" . }}
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "provisioner.fullname" . }}-node-binding
labels:
helm.sh/chart: {{ template "provisioner.chart" . }}
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
subjects:
- kind: ServiceAccount
name: {{ template "provisioner.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: {{ template "provisioner.fullname" . }}-node-clusterrole
apiGroup: rbac.authorization.k8s.io
{{- if .Values.common.useJobForCleaning }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ template "provisioner.fullname" . }}-jobs-role
namespace: {{ .Release.Namespace }}
labels:
helm.sh/chart: {{ template "provisioner.chart" . }}
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
rules:
- apiGroups:
- 'batch'
resources:
- jobs
verbs:
- '*'
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ template "provisioner.fullname" . }}-jobs-rolebinding
namespace: {{ .Release.Namespace }}
labels:
helm.sh/chart: {{ template "provisioner.chart" . }}
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
subjects:
- kind: ServiceAccount
name: {{ template "provisioner.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: Role
name: {{ template "provisioner.fullname" . }}-jobs-role
apiGroup: rbac.authorization.k8s.io
{{- end }}
{{- if .Values.common.rbac.pspEnabled }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ template "provisioner.fullname" . }}-psp-role
namespace: {{ .Release.Namespace }}
labels:
helm.sh/chart: {{ template "provisioner.chart" . }}
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
rules:
- apiGroups:
- policy
resources:
- podsecuritypolicies
resourceNames:
- {{ template "provisioner.fullname" . }}
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ template "provisioner.fullname" . }}-psp-rolebinding
namespace: {{ .Release.Namespace }}
labels:
helm.sh/chart: {{ template "provisioner.chart" . }}
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
subjects:
- kind: ServiceAccount
name: {{ template "provisioner.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: Role
name: {{ template "provisioner.fullname" . }}-psp-role
apiGroup: rbac.authorization.k8s.io
{{- end }}
{{- end }}

View File

@ -0,0 +1,12 @@
{{- if .Values.common.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "provisioner.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
labels:
helm.sh/chart: {{ template "provisioner.chart" . }}
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

View File

@ -0,0 +1,53 @@
{{- if .Values.serviceMonitor.enabled }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "provisioner.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
helm.sh/chart: {{ template "provisioner.chart" . }}
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
spec:
type: ClusterIP
ports:
- port: 8080
targetPort: 8080
name: metrics
selector:
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: {{ include "provisioner.fullname" . }}
namespace: {{ .Values.serviceMonitor.namespace | default .Release.Namespace }}
labels:
helm.sh/chart: {{ template "provisioner.chart" . }}
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- range $k, $v := .Values.serviceMonitor.additionalLabels }}
{{ $k }}: {{ $v | quote }}
{{- end }}
spec:
jobLabel: app.kubernetes.io/name
endpoints:
- port: metrics
interval: {{ .Values.serviceMonitor.interval }}
scheme: http
{{- if .Values.serviceMonitor.relabelings }}
relabelings:
{{ toYaml .Values.serviceMonitor.relabelings | indent 4 }}
{{- end }}
namespaceSelector:
matchNames:
- {{ .Release.Namespace }}
selector:
matchLabels:
app.kubernetes.io/name: {{ template "provisioner.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

View File

@ -0,0 +1,28 @@
{{- $release := .Release }}
{{- $chart := .Chart }}
{{- range $val := .Values.classes }}
{{- if $val.storageClass }}
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: {{ $val.name }}
{{- if kindIs "map" $val.storageClass }}
{{- if $val.storageClass.isDefaultClass }}
annotations:
storageclass.kubernetes.io/is-default-class: "true"
{{- end }}
{{- end }}
labels:
app.kubernetes.io/managed-by: {{ $release.Service | quote }}
app.kubernetes.io/instance: {{ $release.Name | quote }}
helm.sh/chart: {{ replace "+" "_" $chart.Version | printf "%s-%s" $chart.Name }}
provisioner: kubernetes.io/no-provisioner
volumeBindingMode: WaitForFirstConsumer
{{- if kindIs "map" $val.storageClass }}
reclaimPolicy: {{ $val.storageClass.reclaimPolicy | default "Delete" }}
{{- else }}
reclaimPolicy: Delete
{{- end }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,162 @@
#
# Common options.
#
common:
#
# Defines whether to generate rbac roles
#
rbac:
# rbac.create: `true` if rbac resources should be created
create: true
# rbac.pspEnabled: `true` if PodSecurityPolicy resources should be created
pspEnabled: false
#
# Defines whether to generate a serviceAccount
#
serviceAccount:
# serviceAccount.create: Whether to create a service account or not
create: true
# serviceAccount.name: The name of the service account to create or use
name: ""
#
# Beta PV.NodeAffinity field is used by default. If running against pre-1.10
# k8s version, the `useAlphaAPI` flag must be enabled in the configMap.
#
useAlphaAPI: false
#
# Indicates if PVs should be dependents of the owner Node.
#
setPVOwnerRef: false
#
# Provisioner clean volumes in process by default. If set to true, provisioner
# will use Jobs to clean.
#
useJobForCleaning: false
#
# Provisioner name contains Node.UID by default. If set to true, the provisioner
# name will only use Node.Name.
#
useNodeNameOnly: false
#
# Resync period in reflectors will be random between minResyncPeriod and
# 2*minResyncPeriod. Default: 5m0s.
#
#minResyncPeriod: 5m0s
#
# Configure storage classes.
#
classes:
- name: fast-disks # Defines name of storage classe.
# Path on the host where local volumes of this storage class are mounted
# under.
hostDir: /mnt/fast-disks
# Optionally specify mount path of local volumes. By default, we use same
# path as hostDir in container.
# mountDir: /mnt/fast-disks
# The volume mode of created PersistentVolume object. Default to Filesystem
# if not specified.
volumeMode: Filesystem
# Filesystem type to mount.
# It applies only when the source path is a block device,
# and desire volume mode is Filesystem.
# Must be a filesystem type supported by the host operating system.
fsType: ext4
# File name pattern to discover. By default, discover all file names.
namePattern: "*"
blockCleanerCommand:
# Do a quick reset of the block device during its cleanup.
# - "/scripts/quick_reset.sh"
# or use dd to zero out block dev in two iterations by uncommenting these lines
# - "/scripts/dd_zero.sh"
# - "2"
# or run shred utility for 2 iteration.s
- "/scripts/shred.sh"
- "2"
# or blkdiscard utility by uncommenting the line below.
# - "/scripts/blkdiscard.sh"
# Uncomment to create storage class object with default configuration.
# storageClass: true
# Uncomment to create storage class object and configure it.
# storageClass:
# reclaimPolicy: Delete # Available reclaim policies: Delete/Retain, defaults: Delete.
# isDefaultClass: true # set as default class
#
# Configure DaemonSet for provisioner.
#
daemonset:
#
# Defines Provisioner's image name including container registry.
#
image: quay.io/external_storage/local-volume-provisioner:v2.3.4
#
# Defines Image download policy, see kubernetes documentation for available values.
#
#imagePullPolicy: Always
#
# Defines a name of the Pod Priority Class to use with the Provisioner DaemonSet
#
# Note that if you want to make it critical, specify "system-cluster-critical"
# or "system-node-critical" and deploy in kube-system namespace.
# Ref: https://k8s.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical
#
#priorityClassName: system-node-critical
# If configured, nodeSelector will add a nodeSelector field to the DaemonSet PodSpec.
#
# NodeSelector constraint for local-volume-provisioner scheduling to nodes.
# Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
nodeSelector: {}
#
# If configured KubeConfigEnv will (optionally) specify the location of kubeconfig file on the node.
# kubeConfigEnv: KUBECONFIG
#
# List of node labels to be copied to the PVs created by the provisioner in a format:
#
# nodeLabels:
# - failure-domain.beta.kubernetes.io/zone
# - failure-domain.beta.kubernetes.io/region
#
# If configured, tolerations will add a toleration field to the DaemonSet PodSpec.
#
# Node tolerations for local-volume-provisioner scheduling to nodes with taints.
# Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: []
#
# If configured, affinity will add a affinity filed to the DeamonSet PodSpec.
# Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
affinity: {}
#
# If configured, resources will set the requests/limits field to the Daemonset PodSpec.
# Ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
resources: {}
# limits:
# memory: "512Mi"
# cpu: "1000m"
# requests:
# memory: "32Mi"
# cpu: "10m"
#
# Configure Prometheus monitoring
#
serviceMonitor:
enabled: false
## Interval at which Prometheus scrapes the provisioner
interval: 10s
# Namespace Prometheus is installed in defaults to release namespace
namespace:
## Defaults to whats used if you follow CoreOS [Prometheus Install Instructions](https://github.com/coreos/prometheus-operator/tree/master/helm#tldr)
## [Prometheus Selector Label](https://github.com/coreos/prometheus-operator/blob/master/helm/prometheus/templates/prometheus.yaml#L65)
## [Kube Prometheus Selector Label](https://github.com/coreos/prometheus-operator/blob/master/helm/kube-prometheus/values.yaml#L298)
additionalLabels: {}
relabelings: []
# - sourceLabels: [__meta_kubernetes_pod_node_name]
# separator: ;
# regex: ^(.*)$
# targetLabel: nodename
# replacement: $1
# action: replace
#
# Overrice the default chartname or releasename
#
nameOverride: ""
fullnameOverride: ""

View File

@ -0,0 +1,10 @@
#!/bin/bash
# get subchart until they have upstream repo
rm -rf charts/local-volume-provisioner && mkdir -p charts/local-volume-provisioner
git clone --depth=1 https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner.git
cp -r ./sig-storage-local-static-provisioner/helm/provisioner/* charts/local-volume-provisioner
rm -rf sig-storage-local-static-provisioner

View File

@ -0,0 +1,12 @@
local-static-provisioner:
common:
namespace: kube-system
classes:
- name: local-sc-xfs
hostDir: /mnt/disks
daemonset:
nodeSelector:
node.kubernetes.io/localVolume: present
prometheus:
operator:
enabled: false

View File

@ -2,7 +2,7 @@ kubezero
======== ========
KubeZero ArgoCD Application - Root App of Apps chart of KubeZero KubeZero ArgoCD Application - Root App of Apps chart of KubeZero
Current chart version is `0.3.1` Current chart version is `0.3.5`
Source code can be found [here](https://kubezero.com) Source code can be found [here](https://kubezero.com)
@ -18,6 +18,8 @@ Source code can be found [here](https://kubezero.com)
|-----|------|---------|-------------| |-----|------|---------|-------------|
| aws-ebs-csi-driver.enabled | bool | `false` | | | aws-ebs-csi-driver.enabled | bool | `false` | |
| calico.enabled | bool | `true` | | | calico.enabled | bool | `true` | |
| calico.type | string | `"kustomize"` | |
| calico.values.migration | bool | `false` | |
| cert-manager.enabled | bool | `true` | | | cert-manager.enabled | bool | `true` | |
| global.defaultDestination.server | string | `"https://kubernetes.default.svc"` | | | global.defaultDestination.server | string | `"https://kubernetes.default.svc"` | |
| global.defaultSource.pathPrefix | string | `""` | | | global.defaultSource.pathPrefix | string | `""` | |