feat: remove local-path and local-volume provisioners, update kubezero and docs
This commit is contained in:
parent
c671429481
commit
9cce24a7ff
@ -1,18 +0,0 @@
|
|||||||
apiVersion: v2
|
|
||||||
name: kubezero-local-path-provisioner
|
|
||||||
description: KubeZero Umbrella Chart for local-path-provisioner
|
|
||||||
type: application
|
|
||||||
version: 0.1.0
|
|
||||||
appVersion: 0.0.18
|
|
||||||
home: https://kubezero.com
|
|
||||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
|
||||||
keywords:
|
|
||||||
- kubezero
|
|
||||||
- local-path-provisioner
|
|
||||||
maintainers:
|
|
||||||
- name: Quarky9
|
|
||||||
dependencies:
|
|
||||||
- name: kubezero-lib
|
|
||||||
version: ">= 0.1.3"
|
|
||||||
repository: https://zero-down-time.github.io/kubezero/
|
|
||||||
kubeVersion: ">= 1.16.0"
|
|
@ -1,44 +0,0 @@
|
|||||||
# kubezero-local-path-provisioner
|
|
||||||
|
|
||||||
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.18](https://img.shields.io/badge/AppVersion-0.0.18-informational?style=flat-square)
|
|
||||||
|
|
||||||
KubeZero Umbrella Chart for local-path-provisioner
|
|
||||||
|
|
||||||
Provides persistent volumes backed by local volumes, eg. additional SSDs or spindles.
|
|
||||||
|
|
||||||
**Homepage:** <https://kubezero.com>
|
|
||||||
|
|
||||||
## Maintainers
|
|
||||||
|
|
||||||
| Name | Email | Url |
|
|
||||||
| ---- | ------ | --- |
|
|
||||||
| Quarky9 | | |
|
|
||||||
|
|
||||||
## Requirements
|
|
||||||
|
|
||||||
Kubernetes: `>= 1.16.0`
|
|
||||||
|
|
||||||
| Repository | Name | Version |
|
|
||||||
|------------|------|---------|
|
|
||||||
| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 |
|
|
||||||
|
|
||||||
## Values
|
|
||||||
|
|
||||||
| Key | Type | Default | Description |
|
|
||||||
|-----|------|---------|-------------|
|
|
||||||
| local-path-provisioner.nodePathMap[0].node | string | `"DEFAULT_PATH_FOR_NON_LISTED_NODES"` | |
|
|
||||||
| local-path-provisioner.nodePathMap[0].paths[0] | string | `"/opt/local-path-provisioner"` | |
|
|
||||||
| local-path-provisioner.nodeSelector."node-role.kubernetes.io/master" | string | `""` | |
|
|
||||||
| local-path-provisioner.storageClass.create | bool | `true` | |
|
|
||||||
| local-path-provisioner.storageClass.defaultClass | bool | `false` | |
|
|
||||||
| local-path-provisioner.tolerations[0].effect | string | `"NoSchedule"` | |
|
|
||||||
| local-path-provisioner.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
|
|
||||||
|
|
||||||
## KubeZero default configuration
|
|
||||||
|
|
||||||
- add nodeSelector to only install on nodes actually having ephemeral local storage
|
|
||||||
- provide matching storage class to expose mounted disks under `/mnt/disks`
|
|
||||||
|
|
||||||
## Resources
|
|
||||||
|
|
||||||
- https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner
|
|
@ -1,27 +0,0 @@
|
|||||||
{{ template "chart.header" . }}
|
|
||||||
{{ template "chart.deprecationWarning" . }}
|
|
||||||
|
|
||||||
{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }}
|
|
||||||
|
|
||||||
{{ template "chart.description" . }}
|
|
||||||
|
|
||||||
Provides persistent volumes backed by local volumes, eg. additional SSDs or spindles.
|
|
||||||
|
|
||||||
{{ template "chart.homepageLine" . }}
|
|
||||||
|
|
||||||
{{ template "chart.maintainersSection" . }}
|
|
||||||
|
|
||||||
{{ template "chart.sourcesSection" . }}
|
|
||||||
|
|
||||||
{{ template "chart.requirementsSection" . }}
|
|
||||||
|
|
||||||
{{ template "chart.valuesSection" . }}
|
|
||||||
|
|
||||||
## KubeZero default configuration
|
|
||||||
|
|
||||||
- add nodeSelector to only install on nodes actually having ephemeral local storage
|
|
||||||
- provide matching storage class to expose mounted disks under `/mnt/disks`
|
|
||||||
|
|
||||||
## Resources
|
|
||||||
|
|
||||||
- https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner
|
|
@ -1,12 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
description: Use HostPath for persistent local storage with Kubernetes
|
|
||||||
name: local-path-provisioner
|
|
||||||
version: 0.0.18
|
|
||||||
appVersion: "v0.0.18"
|
|
||||||
keywords:
|
|
||||||
- storage
|
|
||||||
- hostpath
|
|
||||||
kubeVersion: ">=1.12.0-r0"
|
|
||||||
home: https://github.com/rancher/local-path-provisioner
|
|
||||||
sources:
|
|
||||||
- https://github.com/rancher/local-path-provisioner.git
|
|
@ -1,116 +0,0 @@
|
|||||||
# Local Path Provisioner
|
|
||||||
|
|
||||||
[Local Path Provisioner](https://github.com/rancher/local-path-provisioner) provides a way for the Kubernetes users to
|
|
||||||
utilize the local storage in each node. Based on the user configuration, the Local Path Provisioner will create
|
|
||||||
`hostPath` based persistent volume on the node automatically. It utilizes the features introduced by Kubernetes [Local
|
|
||||||
Persistent Volume feature](https://kubernetes.io/blog/2018/04/13/local-persistent-volumes-beta/), but make it a simpler
|
|
||||||
solution than the built-in `local` volume feature in Kubernetes.
|
|
||||||
|
|
||||||
## TL;DR;
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ git clone https://github.com/rancher/local-path-provisioner.git
|
|
||||||
$ cd local-path-provisioner
|
|
||||||
$ helm install --name local-path-storage --namespace local-path-storage ./deploy/chart/
|
|
||||||
```
|
|
||||||
|
|
||||||
## Introduction
|
|
||||||
|
|
||||||
This chart bootstraps a [Local Path Provisioner](https://github.com/rancher/local-path-provisioner) deployment on a
|
|
||||||
[Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
|
|
||||||
|
|
||||||
## Prerequisites
|
|
||||||
|
|
||||||
- Kubernetes 1.12+ with Beta APIs enabled
|
|
||||||
|
|
||||||
## Installing the Chart
|
|
||||||
|
|
||||||
To install the chart with the release name `local-path-storage`:
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ git clone https://github.com/rancher/local-path-provisioner.git
|
|
||||||
$ cd local-path-provisioner
|
|
||||||
$ helm install ./deploy/chart/ --name local-path-storage --namespace local-path-storage
|
|
||||||
```
|
|
||||||
|
|
||||||
The command deploys Local Path Provisioner on the Kubernetes cluster in the default configuration. The
|
|
||||||
[configuration](#configuration) section lists the parameters that can be configured during installation.
|
|
||||||
|
|
||||||
> **Tip**: List all releases using `helm list`
|
|
||||||
|
|
||||||
## Uninstalling the Chart
|
|
||||||
|
|
||||||
To uninstall/delete the `local-path-storage` deployment:
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ helm delete --purge local-path-storage
|
|
||||||
```
|
|
||||||
|
|
||||||
The command removes all the Kubernetes components associated with the chart and deletes the release.
|
|
||||||
|
|
||||||
## Configuration
|
|
||||||
|
|
||||||
The following table lists the configurable parameters of the Local Path Provisioner for Kubernetes chart and their
|
|
||||||
default values.
|
|
||||||
|
|
||||||
| Parameter | Description | Default |
|
|
||||||
| ----------------------------------- | ------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------- |
|
|
||||||
| `image.repository` | Local Path Provisioner image name | `rancher/local-path-provisioner` |
|
|
||||||
| `image.tag` | Local Path Provisioner image tag | `v0.0.18` |
|
|
||||||
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
|
|
||||||
| `storageClass.create` | If true, create a `StorageClass` | `true` |
|
|
||||||
| `storageClass.provisionerName` | The provisioner name for the storage class | `nil` |
|
|
||||||
| `storageClass.defaultClass` | If true, set the created `StorageClass` as the cluster's default `StorageClass` | `false` |
|
|
||||||
| `storageClass.name` | The name to assign the created StorageClass | local-path |
|
|
||||||
| `storageClass.reclaimPolicy` | ReclaimPolicy field of the class | Delete |
|
|
||||||
| `nodePathMap` | Configuration of where to store the data on each node | `[{node: DEFAULT_PATH_FOR_NON_LISTED_NODES, paths: [/opt/local-path-provisioner]}]` |
|
|
||||||
| `resources` | Local Path Provisioner resource requests & limits | `{}` |
|
|
||||||
| `rbac.create` | If true, create & use RBAC resources | `true` |
|
|
||||||
| `serviceAccount.create` | If true, create the Local Path Provisioner service account | `true` |
|
|
||||||
| `serviceAccount.name` | Name of the Local Path Provisioner service account to use or create | `nil` |
|
|
||||||
| `nodeSelector` | Node labels for Local Path Provisioner pod assignment | `{}` |
|
|
||||||
| `tolerations` | Node taints to tolerate | `[]` |
|
|
||||||
| `affinity` | Pod affinity | `{}` |
|
|
||||||
| `configmap.setup` | Configuration of script to execute setup operations on each node | #!/bin/sh<br>while getopts "m:s:p:" opt<br>do<br> case $opt in <br>  p)<br>  absolutePath=$OPTARG<br>  ;;<br>  s)<br>  sizeInBytes=$OPTARG<br>  ;;<br>  m)<br>  volMode=$OPTARG<br>  ;;<br> esac<br>done<br>mkdir -m 0777 -p ${absolutePath} |
|
|
||||||
| `configmap.teardown` | Configuration of script to execute teardown operations on each node | #!/bin/sh<br>while getopts "m:s:p:" opt<br>do<br> case $opt in <br>  p)<br>  absolutePath=$OPTARG<br>  ;;<br>  s)<br>  sizeInBytes=$OPTARG<br>  ;;<br>  m)<br>  volMode=$OPTARG<br>  ;;<br> esac<br>done<br>rm -rf ${absolutePath} |
|
|
||||||
| `configmap.name` | configmap name | `local-path-config` |
|
|
||||||
| `configmap.helperPod` | helper pod yaml file | apiVersion: v1<br>kind: Pod<br>metadata:<br> name: helper-pod<br>spec:<br> containers:<br> - name: helper-pod<br>  image: busybox |
|
|
||||||
|
|
||||||
|
|
||||||
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ helm install ./deploy/chart/ --name local-path-storage --namespace local-path-storage --set storageClass.provisionerName=rancher.io/local-path
|
|
||||||
```
|
|
||||||
|
|
||||||
Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the
|
|
||||||
chart. For example,
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ helm install --name local-path-storage --namespace local-path-storage ./deploy/chart/ -f values.yaml
|
|
||||||
```
|
|
||||||
|
|
||||||
> **Tip**: You can use the default [values.yaml](values.yaml)
|
|
||||||
|
|
||||||
## RBAC
|
|
||||||
|
|
||||||
By default the chart will install the recommended RBAC roles and rolebindings.
|
|
||||||
|
|
||||||
You need to have the flag `--authorization-mode=RBAC` on the api server. See the following document for how to enable
|
|
||||||
[RBAC](https://kubernetes.io/docs/admin/authorization/rbac/).
|
|
||||||
|
|
||||||
To determine if your cluster supports RBAC, run the following command:
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ kubectl api-versions | grep rbac
|
|
||||||
```
|
|
||||||
|
|
||||||
If the output contains "beta", you may install the chart with RBAC enabled (see below).
|
|
||||||
|
|
||||||
### Enable RBAC role/rolebinding creation
|
|
||||||
|
|
||||||
To enable the creation of RBAC resources (On clusters with RBAC). Do the following:
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ helm install ./deploy/chart/ --name local-path-storage --namespace local-path-storage --set rbac.create=true
|
|
||||||
```
|
|
@ -1,13 +0,0 @@
|
|||||||
You can create a hostpath-backed persistent volume with a persistent volume claim like this:
|
|
||||||
|
|
||||||
apiVersion: v1
|
|
||||||
kind: PersistentVolumeClaim
|
|
||||||
metadata:
|
|
||||||
name: local-path-pvc
|
|
||||||
spec:
|
|
||||||
accessModes:
|
|
||||||
- ReadWriteOnce
|
|
||||||
storageClassName: {{ .Values.storageClass.name }}
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: 2Gi
|
|
@ -1,71 +0,0 @@
|
|||||||
{{/* vim: set filetype=mustache: */}}
|
|
||||||
{{/*
|
|
||||||
Expand the name of the chart.
|
|
||||||
*/}}
|
|
||||||
{{- define "local-path-provisioner.name" -}}
|
|
||||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Create a default fully qualified app name.
|
|
||||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
|
||||||
If release name contains chart name it will be used as a full name.
|
|
||||||
*/}}
|
|
||||||
{{- define "local-path-provisioner.fullname" -}}
|
|
||||||
{{- if .Values.fullnameOverride -}}
|
|
||||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- else -}}
|
|
||||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
|
||||||
{{- if contains $name .Release.Name -}}
|
|
||||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- else -}}
|
|
||||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Create chart name and version as used by the chart label.
|
|
||||||
*/}}
|
|
||||||
{{- define "local-path-provisioner.chart" -}}
|
|
||||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Common labels
|
|
||||||
*/}}
|
|
||||||
{{- define "local-path-provisioner.labels" -}}
|
|
||||||
app.kubernetes.io/name: {{ include "local-path-provisioner.name" . }}
|
|
||||||
helm.sh/chart: {{ include "local-path-provisioner.chart" . }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
{{- if .Chart.AppVersion }}
|
|
||||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
|
||||||
{{- end }}
|
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Create the name of the service account to use.
|
|
||||||
*/}}
|
|
||||||
{{- define "local-path-provisioner.serviceAccountName" -}}
|
|
||||||
{{- if .Values.serviceAccount.create -}}
|
|
||||||
{{ default (include "local-path-provisioner.fullname" .) .Values.serviceAccount.name }}
|
|
||||||
{{- else -}}
|
|
||||||
{{ default "default" .Values.serviceAccount.name }}
|
|
||||||
{{- end -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Create the name of the provisioner to use.
|
|
||||||
*/}}
|
|
||||||
{{- define "local-path-provisioner.provisionerName" -}}
|
|
||||||
{{- if .Values.storageClass.provisionerName -}}
|
|
||||||
{{- printf .Values.storageClass.provisionerName -}}
|
|
||||||
{{- else -}}
|
|
||||||
cluster.local/{{ template "local-path-provisioner.fullname" . -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{- define "local-path-provisioner.secret" }}
|
|
||||||
{{- printf "{\"auths\": {\"%s\": {\"auth\": \"%s\"}}}" .Values.privateRegistry.registryUrl (printf "%s:%s" .Values.privateRegistry.registryUser .Values.privateRegistry.registryPasswd | b64enc) | b64enc }}
|
|
||||||
{{- end }}
|
|
@ -1,21 +0,0 @@
|
|||||||
{{- if .Values.rbac.create -}}
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: ClusterRole
|
|
||||||
metadata:
|
|
||||||
name: {{ include "local-path-provisioner.fullname" . }}
|
|
||||||
labels:
|
|
||||||
{{ include "local-path-provisioner.labels" . | indent 4 }}
|
|
||||||
rules:
|
|
||||||
- apiGroups: [""]
|
|
||||||
resources: ["nodes", "persistentvolumeclaims", "configmaps"]
|
|
||||||
verbs: ["get", "list", "watch"]
|
|
||||||
- apiGroups: [""]
|
|
||||||
resources: ["endpoints", "persistentvolumes", "pods"]
|
|
||||||
verbs: ["*"]
|
|
||||||
- apiGroups: [""]
|
|
||||||
resources: ["events"]
|
|
||||||
verbs: ["create", "patch"]
|
|
||||||
- apiGroups: ["storage.k8s.io"]
|
|
||||||
resources: ["storageclasses"]
|
|
||||||
verbs: ["get", "list", "watch"]
|
|
||||||
{{- end -}}
|
|
@ -1,16 +0,0 @@
|
|||||||
{{- if .Values.rbac.create -}}
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: ClusterRoleBinding
|
|
||||||
metadata:
|
|
||||||
name: {{ include "local-path-provisioner.fullname" . }}
|
|
||||||
labels:
|
|
||||||
{{ include "local-path-provisioner.labels" . | indent 4 }}
|
|
||||||
roleRef:
|
|
||||||
apiGroup: rbac.authorization.k8s.io
|
|
||||||
kind: ClusterRole
|
|
||||||
name: {{ template "local-path-provisioner.fullname" . }}
|
|
||||||
subjects:
|
|
||||||
- kind: ServiceAccount
|
|
||||||
name: {{ template "local-path-provisioner.serviceAccountName" . }}
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
{{- end -}}
|
|
@ -1,18 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: {{ .Values.configmap.name }}
|
|
||||||
labels:
|
|
||||||
{{ include "local-path-provisioner.labels" . | indent 4 }}
|
|
||||||
data:
|
|
||||||
config.json: |-
|
|
||||||
{
|
|
||||||
"nodePathMap": {{ .Values.nodePathMap | toPrettyJson | nindent 8 }}
|
|
||||||
}
|
|
||||||
setup: |-
|
|
||||||
{{ .Values.configmap.setup | nindent 4 }}
|
|
||||||
teardown: |-
|
|
||||||
{{ .Values.configmap.teardown | nindent 4 }}
|
|
||||||
helperPod.yaml: |-
|
|
||||||
{{ .Values.configmap.helperPod | nindent 4 }}
|
|
||||||
|
|
@ -1,73 +0,0 @@
|
|||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
name: {{ include "local-path-provisioner.fullname" . }}
|
|
||||||
labels:
|
|
||||||
{{ include "local-path-provisioner.labels" . | indent 4 }}
|
|
||||||
spec:
|
|
||||||
replicas: {{ .Values.replicaCount }}
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app.kubernetes.io/name: {{ include "local-path-provisioner.name" . }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: {{ include "local-path-provisioner.name" . }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
{{- with .Values.imagePullSecrets }}
|
|
||||||
imagePullSecrets:
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
serviceAccountName: {{ template "local-path-provisioner.serviceAccountName" . }}
|
|
||||||
containers:
|
|
||||||
- name: {{ .Chart.Name }}
|
|
||||||
{{- if .Values.privateRegistry.registryUrl }}
|
|
||||||
image: "{{ .Values.privateRegistry.registryUrl }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
|
||||||
{{- else }}
|
|
||||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
|
||||||
{{- end }}
|
|
||||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
||||||
command:
|
|
||||||
- local-path-provisioner
|
|
||||||
- --debug
|
|
||||||
- start
|
|
||||||
- --config
|
|
||||||
- /etc/config/config.json
|
|
||||||
- --service-account-name
|
|
||||||
- {{ template "local-path-provisioner.serviceAccountName" . }}
|
|
||||||
- --provisioner-name
|
|
||||||
- {{ template "local-path-provisioner.provisionerName" . }}
|
|
||||||
- --helper-image
|
|
||||||
{{- if .Values.privateRegistry.registryUrl }}
|
|
||||||
- "{{ .Values.privateRegistry.registryUrl }}/{{ .Values.helperImage.repository }}:{{ .Values.helperImage.tag }}"
|
|
||||||
{{- else }}
|
|
||||||
- "{{ .Values.helperImage.repository }}:{{ .Values.helperImage.tag }}"
|
|
||||||
{{- end }}
|
|
||||||
- --configmap-name
|
|
||||||
- {{ .Values.configmap.name }}
|
|
||||||
volumeMounts:
|
|
||||||
- name: config-volume
|
|
||||||
mountPath: /etc/config/
|
|
||||||
env:
|
|
||||||
- name: POD_NAMESPACE
|
|
||||||
value: {{ .Release.Namespace }}
|
|
||||||
resources:
|
|
||||||
{{- toYaml .Values.resources | nindent 12 }}
|
|
||||||
volumes:
|
|
||||||
- name: config-volume
|
|
||||||
configMap:
|
|
||||||
name: {{ .Values.configmap.name }}
|
|
||||||
{{- with .Values.nodeSelector }}
|
|
||||||
nodeSelector:
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- with .Values.affinity }}
|
|
||||||
affinity:
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- with .Values.tolerations }}
|
|
||||||
tolerations:
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
@ -1,9 +0,0 @@
|
|||||||
{{- if .Values.defaultSettings.registrySecret }}
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
name: {{ .Values.defaultSettings.registrySecret }}
|
|
||||||
type: kubernetes.io/dockerconfigjson
|
|
||||||
data:
|
|
||||||
.dockerconfigjson: {{ template "local-path-provisioner.secret" . }}
|
|
||||||
{{- end }}
|
|
@ -1,15 +0,0 @@
|
|||||||
{{- if .Values.serviceAccount.create -}}
|
|
||||||
apiVersion: v1
|
|
||||||
kind: ServiceAccount
|
|
||||||
metadata:
|
|
||||||
name: {{ template "local-path-provisioner.serviceAccountName" . }}
|
|
||||||
labels:
|
|
||||||
{{ include "local-path-provisioner.labels" . | indent 4 }}
|
|
||||||
{{- with .Values.imagePullSecrets }}
|
|
||||||
imagePullSecrets:
|
|
||||||
{{- toYaml . | nindent 2 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.defaultSettings.registrySecret }}
|
|
||||||
- name: {{ .Values.defaultSettings.registrySecret }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
@ -1,15 +0,0 @@
|
|||||||
{{ if .Values.storageClass.create -}}
|
|
||||||
apiVersion: storage.k8s.io/v1
|
|
||||||
kind: StorageClass
|
|
||||||
metadata:
|
|
||||||
name: {{ .Values.storageClass.name }}
|
|
||||||
labels:
|
|
||||||
{{ include "local-path-provisioner.labels" . | indent 4 }}
|
|
||||||
{{- if .Values.storageClass.defaultClass }}
|
|
||||||
annotations:
|
|
||||||
storageclass.kubernetes.io/is-default-class: "true"
|
|
||||||
{{- end }}
|
|
||||||
provisioner: {{ template "local-path-provisioner.provisionerName" . }}
|
|
||||||
volumeBindingMode: WaitForFirstConsumer
|
|
||||||
reclaimPolicy: {{ .Values.storageClass.reclaimPolicy }}
|
|
||||||
{{- end }}
|
|
@ -1,144 +0,0 @@
|
|||||||
# Default values for local-path-provisioner.
|
|
||||||
|
|
||||||
replicaCount: 1
|
|
||||||
|
|
||||||
image:
|
|
||||||
repository: rancher/local-path-provisioner
|
|
||||||
tag: v0.0.18
|
|
||||||
pullPolicy: IfNotPresent
|
|
||||||
|
|
||||||
helperImage:
|
|
||||||
repository: busybox
|
|
||||||
tag: latest
|
|
||||||
|
|
||||||
defaultSettings:
|
|
||||||
registrySecret: ~
|
|
||||||
|
|
||||||
privateRegistry:
|
|
||||||
registryUrl: ~
|
|
||||||
registryUser: ~
|
|
||||||
registryPasswd: ~
|
|
||||||
|
|
||||||
imagePullSecrets: []
|
|
||||||
nameOverride: ""
|
|
||||||
fullnameOverride: ""
|
|
||||||
|
|
||||||
## For creating the StorageClass automatically:
|
|
||||||
storageClass:
|
|
||||||
create: true
|
|
||||||
|
|
||||||
## Set a provisioner name. If unset, a name will be generated.
|
|
||||||
# provisionerName: rancher.io/local-path
|
|
||||||
|
|
||||||
## Set StorageClass as the default StorageClass
|
|
||||||
## Ignored if storageClass.create is false
|
|
||||||
defaultClass: false
|
|
||||||
|
|
||||||
## Set a StorageClass name
|
|
||||||
## Ignored if storageClass.create is false
|
|
||||||
name: local-path
|
|
||||||
|
|
||||||
## ReclaimPolicy field of the class, which can be either Delete or Retain
|
|
||||||
reclaimPolicy: Delete
|
|
||||||
|
|
||||||
# nodePathMap is the place user can customize where to store the data on each node.
|
|
||||||
# 1. If one node is not listed on the nodePathMap, and Kubernetes wants to create volume on it, the paths specified in
|
|
||||||
# DEFAULT_PATH_FOR_NON_LISTED_NODES will be used for provisioning.
|
|
||||||
# 2. If one node is listed on the nodePathMap, the specified paths will be used for provisioning.
|
|
||||||
# 1. If one node is listed but with paths set to [], the provisioner will refuse to provision on this node.
|
|
||||||
# 2. If more than one path was specified, the path would be chosen randomly when provisioning.
|
|
||||||
#
|
|
||||||
# The configuration must obey following rules:
|
|
||||||
# 1. A path must start with /, a.k.a an absolute path.
|
|
||||||
# 2. Root directory (/) is prohibited.
|
|
||||||
# 3. No duplicate paths allowed for one node.
|
|
||||||
# 4. No duplicate node allowed.
|
|
||||||
nodePathMap:
|
|
||||||
- node: DEFAULT_PATH_FOR_NON_LISTED_NODES
|
|
||||||
paths:
|
|
||||||
- /opt/local-path-provisioner
|
|
||||||
|
|
||||||
resources: {}
|
|
||||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
||||||
# choice for the user. This also increases chances charts run on environments with little
|
|
||||||
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
||||||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
||||||
# limits:
|
|
||||||
# cpu: 100m
|
|
||||||
# memory: 128Mi
|
|
||||||
# requests:
|
|
||||||
# cpu: 100m
|
|
||||||
# memory: 128Mi
|
|
||||||
|
|
||||||
rbac:
|
|
||||||
# Specifies whether RBAC resources should be created
|
|
||||||
create: true
|
|
||||||
|
|
||||||
serviceAccount:
|
|
||||||
# Specifies whether a ServiceAccount should be created
|
|
||||||
create: true
|
|
||||||
# The name of the ServiceAccount to use.
|
|
||||||
# If not set and create is true, a name is generated using the fullname template
|
|
||||||
name:
|
|
||||||
|
|
||||||
nodeSelector: {}
|
|
||||||
|
|
||||||
tolerations: []
|
|
||||||
|
|
||||||
affinity: {}
|
|
||||||
|
|
||||||
configmap:
|
|
||||||
# specify the config map name
|
|
||||||
name: local-path-config
|
|
||||||
# specify the custom script for setup and teardown
|
|
||||||
setup: |-
|
|
||||||
#!/bin/sh
|
|
||||||
while getopts "m:s:p:" opt
|
|
||||||
do
|
|
||||||
case $opt in
|
|
||||||
p)
|
|
||||||
absolutePath=$OPTARG
|
|
||||||
;;
|
|
||||||
s)
|
|
||||||
sizeInBytes=$OPTARG
|
|
||||||
;;
|
|
||||||
m)
|
|
||||||
volMode=$OPTARG
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
mkdir -m 0777 -p ${absolutePath}
|
|
||||||
teardown: |-
|
|
||||||
#!/bin/sh
|
|
||||||
while getopts "m:s:p:" opt
|
|
||||||
do
|
|
||||||
case $opt in
|
|
||||||
p)
|
|
||||||
absolutePath=$OPTARG
|
|
||||||
;;
|
|
||||||
s)
|
|
||||||
sizeInBytes=$OPTARG
|
|
||||||
;;
|
|
||||||
m)
|
|
||||||
volMode=$OPTARG
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
rm -rf ${absolutePath}
|
|
||||||
# specify the custom helper pod yaml
|
|
||||||
helperPod: |-
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Pod
|
|
||||||
metadata:
|
|
||||||
name: helper-pod
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- name: helper-pod
|
|
||||||
image: busybox
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -1,8 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# get subchart until they have upstream repo
|
|
||||||
rm -rf charts/local-path-provisioner && mkdir -p charts/local-path-provisioner
|
|
||||||
|
|
||||||
git clone --depth=1 https://github.com/rancher/local-path-provisioner.git
|
|
||||||
cp -r local-path-provisioner/deploy/chart/* charts/local-path-provisioner
|
|
||||||
rm -rf local-path-provisioner
|
|
@ -1,16 +0,0 @@
|
|||||||
local-path-provisioner:
|
|
||||||
storageClass:
|
|
||||||
create: true
|
|
||||||
defaultClass: false
|
|
||||||
|
|
||||||
nodePathMap:
|
|
||||||
- node: DEFAULT_PATH_FOR_NON_LISTED_NODES
|
|
||||||
paths:
|
|
||||||
- /opt/local-path-provisioner
|
|
||||||
|
|
||||||
nodeSelector:
|
|
||||||
node-role.kubernetes.io/master: ""
|
|
||||||
|
|
||||||
tolerations:
|
|
||||||
- key: node-role.kubernetes.io/master
|
|
||||||
effect: NoSchedule
|
|
@ -1,18 +0,0 @@
|
|||||||
apiVersion: v2
|
|
||||||
name: kubezero-local-volume-provisioner
|
|
||||||
description: KubeZero Umbrella Chart for local-static-provisioner
|
|
||||||
type: application
|
|
||||||
version: 0.1.1
|
|
||||||
appVersion: 2.3.4
|
|
||||||
home: https://kubezero.com
|
|
||||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
|
||||||
keywords:
|
|
||||||
- kubezero
|
|
||||||
- local-static-provisioner
|
|
||||||
maintainers:
|
|
||||||
- name: Quarky9
|
|
||||||
dependencies:
|
|
||||||
- name: kubezero-lib
|
|
||||||
version: ">= 0.1.3"
|
|
||||||
repository: https://zero-down-time.github.io/kubezero/
|
|
||||||
kubeVersion: ">= 1.16.0"
|
|
@ -1,43 +0,0 @@
|
|||||||
# kubezero-local-volume-provisioner
|
|
||||||
|
|
||||||
![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.3.4](https://img.shields.io/badge/AppVersion-2.3.4-informational?style=flat-square)
|
|
||||||
|
|
||||||
KubeZero Umbrella Chart for local-static-provisioner
|
|
||||||
|
|
||||||
Provides persistent volumes backed by local volumes, eg. additional SSDs or spindles.
|
|
||||||
|
|
||||||
**Homepage:** <https://kubezero.com>
|
|
||||||
|
|
||||||
## Maintainers
|
|
||||||
|
|
||||||
| Name | Email | Url |
|
|
||||||
| ---- | ------ | --- |
|
|
||||||
| Quarky9 | | |
|
|
||||||
|
|
||||||
## Requirements
|
|
||||||
|
|
||||||
Kubernetes: `>= 1.16.0`
|
|
||||||
|
|
||||||
| Repository | Name | Version |
|
|
||||||
|------------|------|---------|
|
|
||||||
| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 |
|
|
||||||
|
|
||||||
## Values
|
|
||||||
|
|
||||||
| Key | Type | Default | Description |
|
|
||||||
|-----|------|---------|-------------|
|
|
||||||
| local-static-provisioner.classes[0].hostDir | string | `"/mnt/disks"` | |
|
|
||||||
| local-static-provisioner.classes[0].name | string | `"local-sc-xfs"` | |
|
|
||||||
| local-static-provisioner.common.namespace | string | `"kube-system"` | |
|
|
||||||
| local-static-provisioner.daemonset.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].key | string | `"node.kubernetes.io/localVolumes"` | |
|
|
||||||
| local-static-provisioner.daemonset.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].operator | string | `"Exists"` | |
|
|
||||||
| local-static-provisioner.prometheus.operator.enabled | bool | `false` | |
|
|
||||||
|
|
||||||
## KubeZero default configuration
|
|
||||||
|
|
||||||
- add nodeSelector to only install on nodes actually having ephemeral local storage
|
|
||||||
- provide matching storage class to expose mounted disks under `/mnt/disks`
|
|
||||||
|
|
||||||
## Resources
|
|
||||||
|
|
||||||
- https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner
|
|
@ -1,27 +0,0 @@
|
|||||||
{{ template "chart.header" . }}
|
|
||||||
{{ template "chart.deprecationWarning" . }}
|
|
||||||
|
|
||||||
{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }}
|
|
||||||
|
|
||||||
{{ template "chart.description" . }}
|
|
||||||
|
|
||||||
Provides persistent volumes backed by local volumes, eg. additional SSDs or spindles.
|
|
||||||
|
|
||||||
{{ template "chart.homepageLine" . }}
|
|
||||||
|
|
||||||
{{ template "chart.maintainersSection" . }}
|
|
||||||
|
|
||||||
{{ template "chart.sourcesSection" . }}
|
|
||||||
|
|
||||||
{{ template "chart.requirementsSection" . }}
|
|
||||||
|
|
||||||
{{ template "chart.valuesSection" . }}
|
|
||||||
|
|
||||||
## KubeZero default configuration
|
|
||||||
|
|
||||||
- add nodeSelector to only install on nodes actually having ephemeral local storage
|
|
||||||
- provide matching storage class to expose mounted disks under `/mnt/disks`
|
|
||||||
|
|
||||||
## Resources
|
|
||||||
|
|
||||||
- https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner
|
|
@ -1,8 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
appVersion: 2.3.4
|
|
||||||
description: local provisioner chart
|
|
||||||
keywords:
|
|
||||||
- storage
|
|
||||||
- local
|
|
||||||
name: local-static-provisioner
|
|
||||||
version: 3.0.0
|
|
@ -1 +0,0 @@
|
|||||||
provisioner installed
|
|
@ -1,42 +0,0 @@
|
|||||||
{{/*
|
|
||||||
Create chart name and version as used by the chart label.
|
|
||||||
*/}}
|
|
||||||
{{- define "provisioner.chart" -}}
|
|
||||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Expand the name of the chart.
|
|
||||||
*/}}
|
|
||||||
{{- define "provisioner.name" -}}
|
|
||||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Create a default fully qualified app name.
|
|
||||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
|
||||||
If release name contains chart name it will be used as a full name.
|
|
||||||
*/}}
|
|
||||||
{{- define "provisioner.fullname" -}}
|
|
||||||
{{- if .Values.fullnameOverride -}}
|
|
||||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- else -}}
|
|
||||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
|
||||||
{{- if contains $name .Release.Name -}}
|
|
||||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- else -}}
|
|
||||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Create the name of the service account to use
|
|
||||||
*/}}
|
|
||||||
{{- define "provisioner.serviceAccountName" -}}
|
|
||||||
{{- if .Values.common.serviceAccount.create -}}
|
|
||||||
{{ default (include "provisioner.fullname" .) .Values.common.serviceAccount.name }}
|
|
||||||
{{- else -}}
|
|
||||||
{{ default "default" .Values.common.serviceAccount.name }}
|
|
||||||
{{- end -}}
|
|
||||||
{{- end -}}
|
|
@ -1,52 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: {{ template "provisioner.fullname" . }}-config
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
data:
|
|
||||||
{{- if .Values.daemonset.nodeLabels }}
|
|
||||||
nodeLabelsForPV: |
|
|
||||||
{{- range $label := .Values.daemonset.nodeLabels }}
|
|
||||||
- {{$label}}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.common.useAlphaAPI }}
|
|
||||||
useAlphaAPI: "true"
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.common.setPVOwnerRef }}
|
|
||||||
setPVOwnerRef: "true"
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.common.useJobForCleaning }}
|
|
||||||
useJobForCleaning: "yes"
|
|
||||||
{{- end}}
|
|
||||||
{{- if .Values.common.useNodeNameOnly }}
|
|
||||||
useNodeNameOnly: "true"
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.common.minResyncPeriod }}
|
|
||||||
minResyncPeriod: {{ .Values.common.minResyncPeriod | quote }}
|
|
||||||
{{- end}}
|
|
||||||
storageClassMap: |
|
|
||||||
{{- range $classConfig := .Values.classes }}
|
|
||||||
{{ $classConfig.name }}:
|
|
||||||
hostDir: {{ $classConfig.hostDir }}
|
|
||||||
mountDir: {{ if $classConfig.mountDir }} {{- $classConfig.mountDir -}} {{ else }} {{- $classConfig.hostDir -}} {{ end }}
|
|
||||||
{{- if $classConfig.blockCleanerCommand }}
|
|
||||||
blockCleanerCommand:
|
|
||||||
{{- range $val := $classConfig.blockCleanerCommand }}
|
|
||||||
- "{{ $val -}}"{{- end}}
|
|
||||||
{{- end }}
|
|
||||||
{{- if $classConfig.volumeMode }}
|
|
||||||
volumeMode: {{ $classConfig.volumeMode }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if $classConfig.fsType }}
|
|
||||||
fsType: {{ $classConfig.fsType }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if $classConfig.namePattern }}
|
|
||||||
namePattern: "{{ $classConfig.namePattern }}"
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
@ -1,93 +0,0 @@
|
|||||||
---
|
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: DaemonSet
|
|
||||||
metadata:
|
|
||||||
name: {{ include "provisioner.fullname" . }}
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
serviceAccountName: {{ template "provisioner.serviceAccountName" . }}
|
|
||||||
{{- if .Values.daemonset.priorityClassName }}
|
|
||||||
priorityClassName: {{.Values.daemonset.priorityClassName}}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.daemonset.nodeSelector }}
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.daemonset.nodeSelector | toYaml | trim | indent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.daemonset.tolerations }}
|
|
||||||
tolerations:
|
|
||||||
{{ .Values.daemonset.tolerations | toYaml | trim | indent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.daemonset.affinity }}
|
|
||||||
affinity:
|
|
||||||
{{ .Values.daemonset.affinity | toYaml | trim | indent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
containers:
|
|
||||||
- image: "{{ .Values.daemonset.image }}"
|
|
||||||
{{- if .Values.daemonset.imagePullPolicy }}
|
|
||||||
imagePullPolicy: {{ .Values.daemonset.imagePullPolicy | quote }}
|
|
||||||
{{- end }}
|
|
||||||
name: provisioner
|
|
||||||
securityContext:
|
|
||||||
privileged: true
|
|
||||||
{{- if .Values.daemonset.resources }}
|
|
||||||
resources:
|
|
||||||
{{ .Values.daemonset.resources | toYaml | trim | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
env:
|
|
||||||
- name: MY_NODE_NAME
|
|
||||||
valueFrom:
|
|
||||||
fieldRef:
|
|
||||||
fieldPath: spec.nodeName
|
|
||||||
- name: MY_NAMESPACE
|
|
||||||
valueFrom:
|
|
||||||
fieldRef:
|
|
||||||
fieldPath: metadata.namespace
|
|
||||||
- name: JOB_CONTAINER_IMAGE
|
|
||||||
value: "{{ .Values.daemonset.image }}"
|
|
||||||
{{- if .Values.daemonset.kubeConfigEnv }}
|
|
||||||
- name: KUBECONFIG
|
|
||||||
value: {{.Values.daemonset.kubeConfigEnv}}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.serviceMonitor.enabled }}
|
|
||||||
ports:
|
|
||||||
- containerPort: 8080
|
|
||||||
name: metrics
|
|
||||||
{{- end }}
|
|
||||||
volumeMounts:
|
|
||||||
- mountPath: /etc/provisioner/config
|
|
||||||
name: provisioner-config
|
|
||||||
readOnly: true
|
|
||||||
- mountPath: /dev
|
|
||||||
name: provisioner-dev
|
|
||||||
{{- range $classConfig := .Values.classes }}
|
|
||||||
- mountPath: {{ if $classConfig.mountDir }} {{- $classConfig.mountDir -}} {{ else }} {{- $classConfig.hostDir -}} {{ end }}
|
|
||||||
name: {{ $classConfig.name }}
|
|
||||||
mountPropagation: "HostToContainer"
|
|
||||||
{{- end }}
|
|
||||||
volumes:
|
|
||||||
- name: provisioner-config
|
|
||||||
configMap:
|
|
||||||
name: {{ template "provisioner.fullname" . }}-config
|
|
||||||
- name: provisioner-dev
|
|
||||||
hostPath:
|
|
||||||
path: /dev
|
|
||||||
{{- range $classConfig := .Values.classes }}
|
|
||||||
- name: {{ $classConfig.name }}
|
|
||||||
hostPath:
|
|
||||||
path: {{ $classConfig.hostDir }}
|
|
||||||
{{- end }}
|
|
@ -1,36 +0,0 @@
|
|||||||
{{- if .Values.common.rbac.pspEnabled -}}
|
|
||||||
apiVersion: policy/v1beta1
|
|
||||||
kind: PodSecurityPolicy
|
|
||||||
metadata:
|
|
||||||
name: {{ template "provisioner.fullname" . }}
|
|
||||||
labels:
|
|
||||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
allowPrivilegeEscalation: true
|
|
||||||
allowedHostPaths:
|
|
||||||
- pathPrefix: /dev
|
|
||||||
{{- range $classConfig := .Values.classes }}
|
|
||||||
- pathPrefix: {{ $classConfig.hostDir }}
|
|
||||||
{{- end }}
|
|
||||||
fsGroup:
|
|
||||||
rule: RunAsAny
|
|
||||||
privileged: true
|
|
||||||
requiredDropCapabilities:
|
|
||||||
- ALL
|
|
||||||
runAsUser:
|
|
||||||
ranges:
|
|
||||||
- max: 65535
|
|
||||||
min: 1
|
|
||||||
rule: MustRunAs
|
|
||||||
seLinux:
|
|
||||||
rule: RunAsAny
|
|
||||||
supplementalGroups:
|
|
||||||
rule: RunAsAny
|
|
||||||
volumes:
|
|
||||||
- configMap
|
|
||||||
- secret
|
|
||||||
- hostPath
|
|
||||||
{{- end }}
|
|
@ -1,131 +0,0 @@
|
|||||||
{{- if .Values.common.rbac.create }}
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: ClusterRoleBinding
|
|
||||||
metadata:
|
|
||||||
name: {{ template "provisioner.fullname" . }}-pv-binding
|
|
||||||
labels:
|
|
||||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
subjects:
|
|
||||||
- kind: ServiceAccount
|
|
||||||
name: {{ template "provisioner.serviceAccountName" . }}
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
roleRef:
|
|
||||||
kind: ClusterRole
|
|
||||||
name: system:persistent-volume-provisioner
|
|
||||||
apiGroup: rbac.authorization.k8s.io
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: ClusterRole
|
|
||||||
metadata:
|
|
||||||
name: {{ template "provisioner.fullname" . }}-node-clusterrole
|
|
||||||
labels:
|
|
||||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
rules:
|
|
||||||
- apiGroups: [""]
|
|
||||||
resources: ["nodes"]
|
|
||||||
verbs: ["get"]
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: ClusterRoleBinding
|
|
||||||
metadata:
|
|
||||||
name: {{ template "provisioner.fullname" . }}-node-binding
|
|
||||||
labels:
|
|
||||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
subjects:
|
|
||||||
- kind: ServiceAccount
|
|
||||||
name: {{ template "provisioner.serviceAccountName" . }}
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
roleRef:
|
|
||||||
kind: ClusterRole
|
|
||||||
name: {{ template "provisioner.fullname" . }}-node-clusterrole
|
|
||||||
apiGroup: rbac.authorization.k8s.io
|
|
||||||
{{- if .Values.common.useJobForCleaning }}
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: Role
|
|
||||||
metadata:
|
|
||||||
name: {{ template "provisioner.fullname" . }}-jobs-role
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
rules:
|
|
||||||
- apiGroups:
|
|
||||||
- 'batch'
|
|
||||||
resources:
|
|
||||||
- jobs
|
|
||||||
verbs:
|
|
||||||
- '*'
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: RoleBinding
|
|
||||||
metadata:
|
|
||||||
name: {{ template "provisioner.fullname" . }}-jobs-rolebinding
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
subjects:
|
|
||||||
- kind: ServiceAccount
|
|
||||||
name: {{ template "provisioner.serviceAccountName" . }}
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
roleRef:
|
|
||||||
kind: Role
|
|
||||||
name: {{ template "provisioner.fullname" . }}-jobs-role
|
|
||||||
apiGroup: rbac.authorization.k8s.io
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.common.rbac.pspEnabled }}
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: Role
|
|
||||||
metadata:
|
|
||||||
name: {{ template "provisioner.fullname" . }}-psp-role
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
rules:
|
|
||||||
- apiGroups:
|
|
||||||
- policy
|
|
||||||
resources:
|
|
||||||
- podsecuritypolicies
|
|
||||||
resourceNames:
|
|
||||||
- {{ template "provisioner.fullname" . }}
|
|
||||||
verbs:
|
|
||||||
- use
|
|
||||||
---
|
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
|
||||||
kind: RoleBinding
|
|
||||||
metadata:
|
|
||||||
name: {{ template "provisioner.fullname" . }}-psp-rolebinding
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
subjects:
|
|
||||||
- kind: ServiceAccount
|
|
||||||
name: {{ template "provisioner.serviceAccountName" . }}
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
roleRef:
|
|
||||||
kind: Role
|
|
||||||
name: {{ template "provisioner.fullname" . }}-psp-role
|
|
||||||
apiGroup: rbac.authorization.k8s.io
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
@ -1,12 +0,0 @@
|
|||||||
{{- if .Values.common.serviceAccount.create }}
|
|
||||||
apiVersion: v1
|
|
||||||
kind: ServiceAccount
|
|
||||||
metadata:
|
|
||||||
name: {{ template "provisioner.serviceAccountName" . }}
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
@ -1,53 +0,0 @@
|
|||||||
{{- if .Values.serviceMonitor.enabled }}
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: {{ include "provisioner.fullname" . }}
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
spec:
|
|
||||||
type: ClusterIP
|
|
||||||
ports:
|
|
||||||
- port: 8080
|
|
||||||
targetPort: 8080
|
|
||||||
name: metrics
|
|
||||||
selector:
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
---
|
|
||||||
apiVersion: monitoring.coreos.com/v1
|
|
||||||
kind: ServiceMonitor
|
|
||||||
metadata:
|
|
||||||
name: {{ include "provisioner.fullname" . }}
|
|
||||||
namespace: {{ .Values.serviceMonitor.namespace | default .Release.Namespace }}
|
|
||||||
labels:
|
|
||||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
{{- range $k, $v := .Values.serviceMonitor.additionalLabels }}
|
|
||||||
{{ $k }}: {{ $v | quote }}
|
|
||||||
{{- end }}
|
|
||||||
spec:
|
|
||||||
jobLabel: app.kubernetes.io/name
|
|
||||||
endpoints:
|
|
||||||
- port: metrics
|
|
||||||
interval: {{ .Values.serviceMonitor.interval }}
|
|
||||||
scheme: http
|
|
||||||
{{- if .Values.serviceMonitor.relabelings }}
|
|
||||||
relabelings:
|
|
||||||
{{ toYaml .Values.serviceMonitor.relabelings | indent 4 }}
|
|
||||||
{{- end }}
|
|
||||||
namespaceSelector:
|
|
||||||
matchNames:
|
|
||||||
- {{ .Release.Namespace }}
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
||||||
{{- end }}
|
|
@ -1,28 +0,0 @@
|
|||||||
{{- $release := .Release }}
|
|
||||||
{{- $chart := .Chart }}
|
|
||||||
{{- range $val := .Values.classes }}
|
|
||||||
{{- if $val.storageClass }}
|
|
||||||
---
|
|
||||||
apiVersion: storage.k8s.io/v1
|
|
||||||
kind: StorageClass
|
|
||||||
metadata:
|
|
||||||
name: {{ $val.name }}
|
|
||||||
{{- if kindIs "map" $val.storageClass }}
|
|
||||||
{{- if $val.storageClass.isDefaultClass }}
|
|
||||||
annotations:
|
|
||||||
storageclass.kubernetes.io/is-default-class: "true"
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/managed-by: {{ $release.Service | quote }}
|
|
||||||
app.kubernetes.io/instance: {{ $release.Name | quote }}
|
|
||||||
helm.sh/chart: {{ replace "+" "_" $chart.Version | printf "%s-%s" $chart.Name }}
|
|
||||||
provisioner: kubernetes.io/no-provisioner
|
|
||||||
volumeBindingMode: WaitForFirstConsumer
|
|
||||||
{{- if kindIs "map" $val.storageClass }}
|
|
||||||
reclaimPolicy: {{ $val.storageClass.reclaimPolicy | default "Delete" }}
|
|
||||||
{{- else }}
|
|
||||||
reclaimPolicy: Delete
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
@ -1,162 +0,0 @@
|
|||||||
#
|
|
||||||
# Common options.
|
|
||||||
#
|
|
||||||
common:
|
|
||||||
#
|
|
||||||
# Defines whether to generate rbac roles
|
|
||||||
#
|
|
||||||
rbac:
|
|
||||||
# rbac.create: `true` if rbac resources should be created
|
|
||||||
create: true
|
|
||||||
# rbac.pspEnabled: `true` if PodSecurityPolicy resources should be created
|
|
||||||
pspEnabled: false
|
|
||||||
#
|
|
||||||
# Defines whether to generate a serviceAccount
|
|
||||||
#
|
|
||||||
serviceAccount:
|
|
||||||
# serviceAccount.create: Whether to create a service account or not
|
|
||||||
create: true
|
|
||||||
# serviceAccount.name: The name of the service account to create or use
|
|
||||||
name: ""
|
|
||||||
#
|
|
||||||
# Beta PV.NodeAffinity field is used by default. If running against pre-1.10
|
|
||||||
# k8s version, the `useAlphaAPI` flag must be enabled in the configMap.
|
|
||||||
#
|
|
||||||
useAlphaAPI: false
|
|
||||||
#
|
|
||||||
# Indicates if PVs should be dependents of the owner Node.
|
|
||||||
#
|
|
||||||
setPVOwnerRef: false
|
|
||||||
#
|
|
||||||
# Provisioner clean volumes in process by default. If set to true, provisioner
|
|
||||||
# will use Jobs to clean.
|
|
||||||
#
|
|
||||||
useJobForCleaning: false
|
|
||||||
#
|
|
||||||
# Provisioner name contains Node.UID by default. If set to true, the provisioner
|
|
||||||
# name will only use Node.Name.
|
|
||||||
#
|
|
||||||
useNodeNameOnly: false
|
|
||||||
#
|
|
||||||
# Resync period in reflectors will be random between minResyncPeriod and
|
|
||||||
# 2*minResyncPeriod. Default: 5m0s.
|
|
||||||
#
|
|
||||||
#minResyncPeriod: 5m0s
|
|
||||||
#
|
|
||||||
# Configure storage classes.
|
|
||||||
#
|
|
||||||
classes:
|
|
||||||
- name: fast-disks # Defines name of storage classe.
|
|
||||||
# Path on the host where local volumes of this storage class are mounted
|
|
||||||
# under.
|
|
||||||
hostDir: /mnt/fast-disks
|
|
||||||
# Optionally specify mount path of local volumes. By default, we use same
|
|
||||||
# path as hostDir in container.
|
|
||||||
# mountDir: /mnt/fast-disks
|
|
||||||
# The volume mode of created PersistentVolume object. Default to Filesystem
|
|
||||||
# if not specified.
|
|
||||||
volumeMode: Filesystem
|
|
||||||
# Filesystem type to mount.
|
|
||||||
# It applies only when the source path is a block device,
|
|
||||||
# and desire volume mode is Filesystem.
|
|
||||||
# Must be a filesystem type supported by the host operating system.
|
|
||||||
fsType: ext4
|
|
||||||
# File name pattern to discover. By default, discover all file names.
|
|
||||||
namePattern: "*"
|
|
||||||
blockCleanerCommand:
|
|
||||||
# Do a quick reset of the block device during its cleanup.
|
|
||||||
# - "/scripts/quick_reset.sh"
|
|
||||||
# or use dd to zero out block dev in two iterations by uncommenting these lines
|
|
||||||
# - "/scripts/dd_zero.sh"
|
|
||||||
# - "2"
|
|
||||||
# or run shred utility for 2 iteration.s
|
|
||||||
- "/scripts/shred.sh"
|
|
||||||
- "2"
|
|
||||||
# or blkdiscard utility by uncommenting the line below.
|
|
||||||
# - "/scripts/blkdiscard.sh"
|
|
||||||
# Uncomment to create storage class object with default configuration.
|
|
||||||
# storageClass: true
|
|
||||||
# Uncomment to create storage class object and configure it.
|
|
||||||
# storageClass:
|
|
||||||
# reclaimPolicy: Delete # Available reclaim policies: Delete/Retain, defaults: Delete.
|
|
||||||
# isDefaultClass: true # set as default class
|
|
||||||
#
|
|
||||||
# Configure DaemonSet for provisioner.
|
|
||||||
#
|
|
||||||
daemonset:
|
|
||||||
#
|
|
||||||
# Defines Provisioner's image name including container registry.
|
|
||||||
#
|
|
||||||
image: quay.io/external_storage/local-volume-provisioner:v2.3.4
|
|
||||||
#
|
|
||||||
# Defines Image download policy, see kubernetes documentation for available values.
|
|
||||||
#
|
|
||||||
#imagePullPolicy: Always
|
|
||||||
#
|
|
||||||
# Defines a name of the Pod Priority Class to use with the Provisioner DaemonSet
|
|
||||||
#
|
|
||||||
# Note that if you want to make it critical, specify "system-cluster-critical"
|
|
||||||
# or "system-node-critical" and deploy in kube-system namespace.
|
|
||||||
# Ref: https://k8s.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical
|
|
||||||
#
|
|
||||||
#priorityClassName: system-node-critical
|
|
||||||
# If configured, nodeSelector will add a nodeSelector field to the DaemonSet PodSpec.
|
|
||||||
#
|
|
||||||
# NodeSelector constraint for local-volume-provisioner scheduling to nodes.
|
|
||||||
# Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
|
|
||||||
nodeSelector: {}
|
|
||||||
#
|
|
||||||
# If configured KubeConfigEnv will (optionally) specify the location of kubeconfig file on the node.
|
|
||||||
# kubeConfigEnv: KUBECONFIG
|
|
||||||
#
|
|
||||||
# List of node labels to be copied to the PVs created by the provisioner in a format:
|
|
||||||
#
|
|
||||||
# nodeLabels:
|
|
||||||
# - failure-domain.beta.kubernetes.io/zone
|
|
||||||
# - failure-domain.beta.kubernetes.io/region
|
|
||||||
#
|
|
||||||
# If configured, tolerations will add a toleration field to the DaemonSet PodSpec.
|
|
||||||
#
|
|
||||||
# Node tolerations for local-volume-provisioner scheduling to nodes with taints.
|
|
||||||
# Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
||||||
tolerations: []
|
|
||||||
#
|
|
||||||
# If configured, affinity will add a affinity filed to the DeamonSet PodSpec.
|
|
||||||
# Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
|
|
||||||
affinity: {}
|
|
||||||
#
|
|
||||||
# If configured, resources will set the requests/limits field to the Daemonset PodSpec.
|
|
||||||
# Ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
||||||
resources: {}
|
|
||||||
# limits:
|
|
||||||
# memory: "512Mi"
|
|
||||||
# cpu: "1000m"
|
|
||||||
# requests:
|
|
||||||
# memory: "32Mi"
|
|
||||||
# cpu: "10m"
|
|
||||||
#
|
|
||||||
# Configure Prometheus monitoring
|
|
||||||
#
|
|
||||||
serviceMonitor:
|
|
||||||
enabled: false
|
|
||||||
## Interval at which Prometheus scrapes the provisioner
|
|
||||||
interval: 10s
|
|
||||||
# Namespace Prometheus is installed in defaults to release namespace
|
|
||||||
namespace:
|
|
||||||
## Defaults to whats used if you follow CoreOS [Prometheus Install Instructions](https://github.com/coreos/prometheus-operator/tree/master/helm#tldr)
|
|
||||||
## [Prometheus Selector Label](https://github.com/coreos/prometheus-operator/blob/master/helm/prometheus/templates/prometheus.yaml#L65)
|
|
||||||
## [Kube Prometheus Selector Label](https://github.com/coreos/prometheus-operator/blob/master/helm/kube-prometheus/values.yaml#L298)
|
|
||||||
additionalLabels: {}
|
|
||||||
relabelings: []
|
|
||||||
# - sourceLabels: [__meta_kubernetes_pod_node_name]
|
|
||||||
# separator: ;
|
|
||||||
# regex: ^(.*)$
|
|
||||||
# targetLabel: nodename
|
|
||||||
# replacement: $1
|
|
||||||
# action: replace
|
|
||||||
|
|
||||||
#
|
|
||||||
# Overrice the default chartname or releasename
|
|
||||||
#
|
|
||||||
nameOverride: ""
|
|
||||||
fullnameOverride: ""
|
|
@ -1,8 +0,0 @@
|
|||||||
apiVersion: storage.k8s.io/v1
|
|
||||||
kind: StorageClass
|
|
||||||
metadata:
|
|
||||||
name: local-sc-xfs
|
|
||||||
provisioner: kubernetes.io/no-provisioner
|
|
||||||
volumeBindingMode: WaitForFirstConsumer
|
|
||||||
# Supported policies: Delete, Retain
|
|
||||||
reclaimPolicy: Delete
|
|
@ -1,10 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# get subchart until they have upstream repo
|
|
||||||
|
|
||||||
rm -rf charts/local-volume-provisioner && mkdir -p charts/local-volume-provisioner
|
|
||||||
|
|
||||||
git clone --depth=1 https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner.git
|
|
||||||
cp -r ./sig-storage-local-static-provisioner/helm/provisioner/* charts/local-volume-provisioner
|
|
||||||
|
|
||||||
rm -rf sig-storage-local-static-provisioner
|
|
@ -1,17 +0,0 @@
|
|||||||
local-static-provisioner:
|
|
||||||
common:
|
|
||||||
namespace: kube-system
|
|
||||||
classes:
|
|
||||||
- name: local-sc-xfs
|
|
||||||
hostDir: /mnt/disks
|
|
||||||
daemonset:
|
|
||||||
affinity:
|
|
||||||
nodeAffinity:
|
|
||||||
requiredDuringSchedulingIgnoredDuringExecution:
|
|
||||||
nodeSelectorTerms:
|
|
||||||
- matchExpressions:
|
|
||||||
- key: node.kubernetes.io/localVolumes
|
|
||||||
operator: Exists
|
|
||||||
prometheus:
|
|
||||||
operator:
|
|
||||||
enabled: false
|
|
@ -38,6 +38,7 @@ dashboards:
|
|||||||
url: file://kube-mixin/namespace-by-workload.json
|
url: file://kube-mixin/namespace-by-workload.json
|
||||||
- name: persistentvolumesusage
|
- name: persistentvolumesusage
|
||||||
url: file://kube-mixin/persistentvolumesusage.json
|
url: file://kube-mixin/persistentvolumesusage.json
|
||||||
|
tags: ['kubernetes', 'csi']
|
||||||
- name: pod-total
|
- name: pod-total
|
||||||
url: file://kube-mixin/pod-total.json
|
url: file://kube-mixin/pod-total.json
|
||||||
- name: proxy
|
- name: proxy
|
||||||
|
@ -50,8 +50,6 @@ Kubernetes: `>= 1.18.0`
|
|||||||
| istio.enabled | bool | `false` | |
|
| istio.enabled | bool | `false` | |
|
||||||
| istio.namespace | string | `"istio-system"` | |
|
| istio.namespace | string | `"istio-system"` | |
|
||||||
| kiam.enabled | bool | `false` | |
|
| kiam.enabled | bool | `false` | |
|
||||||
| local-path-provisioner.enabled | bool | `false` | |
|
|
||||||
| local-volume-provisioner.enabled | bool | `false` | |
|
|
||||||
| logging.crds | bool | `true` | |
|
| logging.crds | bool | `true` | |
|
||||||
| logging.enabled | bool | `false` | |
|
| logging.enabled | bool | `false` | |
|
||||||
| logging.namespace | string | `"logging"` | |
|
| logging.namespace | string | `"logging"` | |
|
||||||
@ -60,6 +58,8 @@ Kubernetes: `>= 1.18.0`
|
|||||||
| metrics.istio.grafana | object | `{}` | |
|
| metrics.istio.grafana | object | `{}` | |
|
||||||
| metrics.istio.prometheus | object | `{}` | |
|
| metrics.istio.prometheus | object | `{}` | |
|
||||||
| metrics.namespace | string | `"monitoring"` | |
|
| metrics.namespace | string | `"monitoring"` | |
|
||||||
|
| storage.crds | bool | `true` | |
|
||||||
|
| storage.enabled | bool | `false` | |
|
||||||
| timecapsule.enabled | bool | `false` | |
|
| timecapsule.enabled | bool | `false` | |
|
||||||
|
|
||||||
----------------------------------------------
|
----------------------------------------------
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{{- if not .Values.argo }}
|
{{- if not .Values.argo }}
|
||||||
|
|
||||||
{{- $artifacts := list "calico" "cert-manager" "kiam" "aws-node-termination-handler" "aws-ebs-csi-driver" "aws-efs-csi-driver" "local-volume-provisioner" "local-path-provisioner" "istio" "istio-ingress" "metrics" "logging" "argocd" "timecapsule" "storage" }}
|
{{- $artifacts := list "calico" "cert-manager" "kiam" "aws-ebs-csi-driver" "aws-efs-csi-driver" "istio" "istio-ingress" "metrics" "logging" "argocd" "timecapsule" "storage" }}
|
||||||
|
|
||||||
{{- if .Values.global }}
|
{{- if .Values.global }}
|
||||||
global:
|
global:
|
||||||
|
@ -1,16 +0,0 @@
|
|||||||
{{- define "local-path-provisioner-values" }}
|
|
||||||
local-path-provisioner:
|
|
||||||
{{- with index .Values "local-path-provisioner" "storageClass" }}
|
|
||||||
storageClass:
|
|
||||||
{{- toYaml . | nindent 4 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- with index .Values "local-path-provisioner" "nodePathMap" }}
|
|
||||||
nodePathMap:
|
|
||||||
{{- toYaml . | nindent 4 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- define "local-path-provisioner-argo" }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{ include "kubezero-app.app" . }}
|
|
@ -1,7 +0,0 @@
|
|||||||
{{- define "local-volume-provisioner-values" }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- define "local-volume-provisioner-argo" }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{ include "kubezero-app.app" . }}
|
|
@ -30,12 +30,6 @@ storage:
|
|||||||
enabled: false
|
enabled: false
|
||||||
crds: true
|
crds: true
|
||||||
|
|
||||||
local-volume-provisioner:
|
|
||||||
enabled: false
|
|
||||||
|
|
||||||
local-path-provisioner:
|
|
||||||
enabled: false
|
|
||||||
|
|
||||||
aws-ebs-csi-driver:
|
aws-ebs-csi-driver:
|
||||||
enabled: false
|
enabled: false
|
||||||
crds: true
|
crds: true
|
||||||
|
@ -5,8 +5,14 @@
|
|||||||
This allows pods to assume IAM roles without the need of additional services like kiam.
|
This allows pods to assume IAM roles without the need of additional services like kiam.
|
||||||
- Cert-manager integration now supports [cross-account issuer](https://cert-manager.io/docs/configuration/acme/dns01/route53/#cross-account-access) for AWS route53
|
- Cert-manager integration now supports [cross-account issuer](https://cert-manager.io/docs/configuration/acme/dns01/route53/#cross-account-access) for AWS route53
|
||||||
- Optional Proxy Protocol support for Ingress Loadbalancers, which allows preserving the real client IP and at the same time solves the hairpin routing issues of the AWS NLBs, see [Istio blog](https://istio.io/v1.9/blog/2020/show-source-ip/)
|
- Optional Proxy Protocol support for Ingress Loadbalancers, which allows preserving the real client IP and at the same time solves the hairpin routing issues of the AWS NLBs, see [Istio blog](https://istio.io/v1.9/blog/2020/show-source-ip/)
|
||||||
|
- Optional taints for each workergroup allowing to reserve certain nodes for dedicated workloads. The minimum required KubeZero pods will still be scheduled eg. CSI drivers, logging and metric agents.
|
||||||
|
|
||||||
## New modules
|
## New modules
|
||||||
|
### Storage
|
||||||
|
New module to provide various storage related components from here on. The first provider is a minimal subset of OpenEBS.
|
||||||
|
|
||||||
|
The *LVM Local PV provisioner* allows the use of any available LVM storage on worker nodes as local PVs.
|
||||||
|
|
||||||
### MQ / NATS
|
### MQ / NATS
|
||||||
Deploy [NATS](https://docs.nats.io/jetstream/jetstream) services incl. jetstream engine, Grafana dashboards etc.
|
Deploy [NATS](https://docs.nats.io/jetstream/jetstream) services incl. jetstream engine, Grafana dashboards etc.
|
||||||
|
|
||||||
@ -14,6 +20,10 @@ Deploy [NATS](https://docs.nats.io/jetstream/jetstream) services incl. jetstream
|
|||||||
Provides backup solutions for KubeZero clusters, like
|
Provides backup solutions for KubeZero clusters, like
|
||||||
Scheduled snapshots for EBS backed PVCs incl. custom retention and restore.
|
Scheduled snapshots for EBS backed PVCs incl. custom retention and restore.
|
||||||
|
|
||||||
|
## Removed modules
|
||||||
|
- local-path-provisioner -> functionality replaced by OpenEBS LVM
|
||||||
|
- local-volume-provisioner -> functionality replaced by OpenEBS LVM
|
||||||
|
|
||||||
## Changelog
|
## Changelog
|
||||||
|
|
||||||
### General
|
### General
|
||||||
|
@ -8,8 +8,6 @@ FORCE=${2:-''}
|
|||||||
SRCROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
SRCROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
||||||
GIT_PUSH=${GIT_PUSH:-true}
|
GIT_PUSH=${GIT_PUSH:-true}
|
||||||
|
|
||||||
[[ "$(git branch --show-current)" == "stable" || -n "$FORCE" ]] || { echo "Helm packages should only be built from stable branch !"; exit 1; }
|
|
||||||
|
|
||||||
TMPDIR=$(mktemp -d kubezero-repo.XXX)
|
TMPDIR=$(mktemp -d kubezero-repo.XXX)
|
||||||
mkdir -p $TMPDIR/stage && trap 'rm -rf $TMPDIR' ERR EXIT
|
mkdir -p $TMPDIR/stage && trap 'rm -rf $TMPDIR' ERR EXIT
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user