Add local volume provisioner chart
Some applications require perisitant volumes to be stored on the hosts where they running, usually its done via kubernetes PV. One of PV implementations is local-volume-provisioner [0] This patch adds helm chart to deploy LVP. Since LVP creates a volumes for each mountpoint, helm chart provides a script to create mountpoints in the directory, which later exposed to kubernetes as individual volumes. Change-Id: I3f61088ddcbd0a83a729eb940cbf9b2bf1e65894
This commit is contained in:
		
							
								
								
									
										24
									
								
								local-volume-provisioner/Chart.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										24
									
								
								local-volume-provisioner/Chart.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,24 @@ | ||||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| # you may not use this file except in compliance with the License. | ||||
| # You may obtain a copy of the License at | ||||
| # | ||||
| #     http://www.apache.org/licenses/LICENSE-2.0 | ||||
| # | ||||
| # Unless required by applicable law or agreed to in writing, software | ||||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| # See the License for the specific language governing permissions and | ||||
| # limitations under the License. | ||||
|  | ||||
| --- | ||||
| apiVersion: v1 | ||||
| appVersion: v1.0.0 | ||||
| description: OpenStack-Helm local-volume-provisioner | ||||
| name: local-volume-provisioner | ||||
| version: 0.1.0 | ||||
| home: https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner | ||||
| sources: | ||||
|   - https://opendev.org/openstack/openstack-helm | ||||
| maintainers: | ||||
|   - name: OpenStack-Helm Authors | ||||
| ... | ||||
							
								
								
									
										18
									
								
								local-volume-provisioner/requirements.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										18
									
								
								local-volume-provisioner/requirements.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,18 @@ | ||||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| # you may not use this file except in compliance with the License. | ||||
| # You may obtain a copy of the License at | ||||
| # | ||||
| #     http://www.apache.org/licenses/LICENSE-2.0 | ||||
| # | ||||
| # Unless required by applicable law or agreed to in writing, software | ||||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| # See the License for the specific language governing permissions and | ||||
| # limitations under the License. | ||||
|  | ||||
| --- | ||||
| dependencies: | ||||
|   - name: helm-toolkit | ||||
|     repository: file://../helm-toolkit | ||||
|     version: ">= 0.1.0" | ||||
| ... | ||||
							
								
								
									
										377
									
								
								local-volume-provisioner/templates/bin/_fakemount.py.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										377
									
								
								local-volume-provisioner/templates/bin/_fakemount.py.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,377 @@ | ||||
| #!/usr/bin/env python3 | ||||
| # | ||||
| # Copyright 2019 Mirantis, Inc. | ||||
| # | ||||
| #    Licensed under the Apache License, Version 2.0 (the "License"); you may | ||||
| #    not use this file except in compliance with the License. You may obtain | ||||
| #    a copy of the License at | ||||
| # | ||||
| #         http://www.apache.org/licenses/LICENSE-2.0 | ||||
| # | ||||
| #    Unless required by applicable law or agreed to in writing, software | ||||
| #    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | ||||
| #    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the | ||||
| #    License for the specific language governing permissions and limitations | ||||
| #    under the License. | ||||
| """Fakemount python module | ||||
| The module is aimed to crate fake mountpoints (--bind). | ||||
| Example: | ||||
|   python3  fakemount --config-file '/root/mymount.yml' | ||||
| Attributes: | ||||
|   config-file - file path to config file that contains fake mounts. | ||||
| """ | ||||
| __version__ = "1.0" | ||||
| import argparse | ||||
| import logging | ||||
| import os | ||||
| import re | ||||
| import subprocess | ||||
| import sys | ||||
| from collections import defaultdict | ||||
| import yaml | ||||
| logging.basicConfig(stream=sys.stdout, level=logging.INFO) | ||||
| LOG = logging.getLogger(__name__) | ||||
| MOUNT_BIN = "/bin/mount" | ||||
| ###Fork https://github.com/b10011/pyfstab/ ##################################### | ||||
| #  Latest commit 828540d | ||||
| class InvalidEntry(Exception): | ||||
|     """ | ||||
|     Raised when a string cannot be generated because of the Entry is invalid. | ||||
|     """ | ||||
| class InvalidFstabLine(Exception): | ||||
|     """ | ||||
|     Raised when a line is invalid in fstab. This doesn't just mean that the | ||||
|     Entry will be invalid but also that the system can not process the fstab | ||||
|     file fully either. | ||||
|     """ | ||||
| class Entry: | ||||
|     """ | ||||
|     Handles parsing and formatting fstab line entries. | ||||
|     :var device: | ||||
|         (str or None) - | ||||
|         Fstab device (1st parameter in the fstab entry) | ||||
|     :var dir: | ||||
|         (str or None) - | ||||
|         Fstab device (2nd parameter in the fstab entry) | ||||
|     :var type: | ||||
|         (str or None) - | ||||
|         Fstab device (3rd parameter in the fstab entry) | ||||
|     :var options: | ||||
|         (str or None) - | ||||
|         Fstab device (4th parameter in the fstab entry) | ||||
|     :var dump: | ||||
|         (int or None) - | ||||
|         Fstab device (5th parameter in the fstab entry) | ||||
|     :var fsck: | ||||
|         (int or None) - | ||||
|         Fstab device (6th parameter in the fstab entry) | ||||
|     :var valid: | ||||
|         (bool) - | ||||
|         Whether the Entry is valid or not. Can be checked with "if entry:". | ||||
|     """ | ||||
|     def __init__( | ||||
|             self, | ||||
|             _device=None, | ||||
|             _dir=None, | ||||
|             _type=None, | ||||
|             _options=None, | ||||
|             _dump=None, | ||||
|             _fsck=None, | ||||
|     ): | ||||
|         """ | ||||
|         :param _device: Fstab device (1st parameter in the fstab entry) | ||||
|         :type _device: str | ||||
|         :param _dir: Fstab device (2nd parameter in the fstab entry) | ||||
|         :type _dir: str | ||||
|         :param _type: Fstab device (3rd parameter in the fstab entry) | ||||
|         :type _type: str | ||||
|         :param _options: Fstab device (4th parameter in the fstab entry) | ||||
|         :type _options: str | ||||
|         :param _dump: Fstab device (5th parameter in the fstab entry) | ||||
|         :type _dump: int | ||||
|         :param _fsck: Fstab device (6th parameter in the fstab entry) | ||||
|         :type _fsck: int | ||||
|         """ | ||||
|         self.device = _device | ||||
|         self.dir = _dir | ||||
|         self.type = _type | ||||
|         self.options = _options | ||||
|         self.dump = _dump | ||||
|         self.fsck = _fsck | ||||
|         self.valid = True | ||||
|         self.valid &= self.device is not None | ||||
|         self.valid &= self.dir is not None | ||||
|         self.valid &= self.type is not None | ||||
|         self.valid &= self.options is not None | ||||
|         self.valid &= self.dump is not None | ||||
|         self.valid &= self.fsck is not None | ||||
|     def read_string(self, line): | ||||
|         """ | ||||
|         Parses an entry from a string | ||||
|         :param line: Fstab entry line. | ||||
|         :type line: str | ||||
|         :return: self | ||||
|         :rtype: Entry | ||||
|         :raises InvalidEntry: If the data in the string cannot be parsed. | ||||
|         """ | ||||
|         line = line.strip() | ||||
|         if line and not line[0] == "#": | ||||
|             parts = re.split(r"\s+", line) | ||||
|             if len(parts) == 6: | ||||
|                 [_device, _dir, _type, _options, _dump, _fsck] = parts | ||||
|                 _dump = int(_dump) | ||||
|                 _fsck = int(_fsck) | ||||
|                 self.device = _device | ||||
|                 self.dir = _dir | ||||
|                 self.type = _type | ||||
|                 self.options = _options | ||||
|                 self.dump = _dump | ||||
|                 self.fsck = _fsck | ||||
|                 self.valid = True | ||||
|                 return self | ||||
|             else: | ||||
|                 raise InvalidFstabLine() | ||||
|         self.device = None | ||||
|         self.dir = None | ||||
|         self.type = None | ||||
|         self.options = None | ||||
|         self.dump = None | ||||
|         self.fsck = None | ||||
|         self.valid = False | ||||
|         raise InvalidEntry("Entry cannot be parsed") | ||||
|     def write_string(self): | ||||
|         """ | ||||
|         Formats the Entry into fstab entry line. | ||||
|         :return: Fstab entry line. | ||||
|         :rtype: str | ||||
|         :raises InvalidEntry: | ||||
|             A string cannot be generated because the entry is invalid. | ||||
|         """ | ||||
|         if self: | ||||
|             return "{} {} {} {} {} {}".format( | ||||
|                 self.device, | ||||
|                 self.dir, | ||||
|                 self.type, | ||||
|                 self.options, | ||||
|                 self.dump, | ||||
|                 self.fsck, | ||||
|             ) | ||||
|         else: | ||||
|             raise InvalidEntry("Entry cannot be formatted") | ||||
|     def __bool__(self): | ||||
|         return self.valid | ||||
|     def __str__(self): | ||||
|         return self.write_string() | ||||
|     def __repr__(self): | ||||
|         try: | ||||
|             return "<Entry {}>".format(str(self)) | ||||
|         except InvalidEntry: | ||||
|             return "<Entry Invalid>" | ||||
| class Fstab: | ||||
|     """ | ||||
|     Handles reading, parsing, formatting and writing of fstab files. | ||||
|     :var entries: | ||||
|         (list[Entry]) - | ||||
|         List of entries. | ||||
|         When writing to a file, entries are listed from this list. | ||||
|     :var entries_by_device: | ||||
|         (dict[str, list[Entry]]) - | ||||
|         Fstab entries by device. | ||||
|     :var entry_by_dir: | ||||
|         (dict[str, Entry]) - | ||||
|         Fstab entry by directory. | ||||
|     :var entries_by_type: | ||||
|         (dict[str, list[Entry]]) - | ||||
|         Fstab entries by type. | ||||
|     """ | ||||
|     def __init__(self): | ||||
|         self.entries = [] | ||||
|         # A single device can have multiple mountpoints | ||||
|         self.entries_by_device = defaultdict(list) | ||||
|         # If multiple devices have same mountpoint, only the last entry in the | ||||
|         # fstab file is taken into consideration | ||||
|         self.entry_by_dir = dict() | ||||
|         # And the most obvious one, many entries can have mountpoints of same | ||||
|         # type | ||||
|         self.entries_by_type = defaultdict(list) | ||||
|     def read_string(self, data, only_valid=False): | ||||
|         """ | ||||
|         Parses entries from a data string | ||||
|         :param data: Contents of the fstab file | ||||
|         :type data: str | ||||
|         :param only_valid: | ||||
|             Skip the entries that do not actually mount. For example, if device | ||||
|             A is mounted to directory X and later device B is mounted to | ||||
|             directory X, the A mount to X is undone by the system. | ||||
|         :type only_valid: bool | ||||
|         :return: self | ||||
|         :rtype: Fstab | ||||
|         """ | ||||
|         for line in reversed(data.splitlines()): | ||||
|             try: | ||||
|                 entry = Entry().read_string(line) | ||||
|                 if entry and ( | ||||
|                         not only_valid or entry.dir not in self.entry_by_dir | ||||
|                 ): | ||||
|                     self.entries.insert(0, entry) | ||||
|                     self.entries_by_device[entry.device].insert(0, entry) | ||||
|                     self.entry_by_dir[entry.dir] = entry | ||||
|                     self.entries_by_type[entry.type].insert(0, entry) | ||||
|             except InvalidEntry: | ||||
|                 pass | ||||
|         return self | ||||
|     def write_string(self): | ||||
|         """ | ||||
|         Formats entries into a string. | ||||
|         :return: Formatted fstab file. | ||||
|         :rtype: str | ||||
|         :raises InvalidEntry: | ||||
|             A string cannot be generated because one of the entries is invalid. | ||||
|         """ | ||||
|         return "\n".join(str(entry) for entry in self.entries) | ||||
|     def read_file(self, handle, only_valid=False): | ||||
|         """ | ||||
|         Parses entries from a file | ||||
|         :param handle: File handle | ||||
|         :type handle: file | ||||
|         :param only_valid: | ||||
|             Skip the entries that do not actually mount. For example, if device | ||||
|             A is mounted to directory X and later device B is mounted to | ||||
|             directory X, the A mount to X is undone by the system. | ||||
|         :type only_valid: bool | ||||
|         :return: self | ||||
|         :rtype: Fstab | ||||
|         """ | ||||
|         self.read_string(handle.read(), only_valid) | ||||
|         return self | ||||
|     def write_file(self, handle): | ||||
|         """ | ||||
|         Parses entries in data string | ||||
|         :param path: File handle | ||||
|         :type path: file | ||||
|         :return: self | ||||
|         :rtype: Fstab | ||||
|         """ | ||||
|         handle.write(str(self)) | ||||
|         return self | ||||
|     def __bool__(self): | ||||
|         return len(self.entries) > 0 | ||||
|     def __str__(self): | ||||
|         return self.write_string() | ||||
|     def __repr__(self): | ||||
|         res = "<Fstab [{} entries]".format(len(self.entries)) | ||||
|         if self.entries: | ||||
|             res += "\n" | ||||
|             for entry in self.entries: | ||||
|                 res += "  {}\n".format(entry) | ||||
|         res += ">" | ||||
|         return res | ||||
| ###End Fork https://github.com/b10011/pyfstab/ ################################# | ||||
| def fstab_bindmount(src, mountpoint, fstab_path="/mnt/host/fstab", opts=None): | ||||
|     if opts is None: | ||||
|         opts = ["bind"] | ||||
|     mountpoint = os.path.normpath(mountpoint.strip()) | ||||
|     with open(fstab_path, "r") as f: | ||||
|         fstab = Fstab().read_file(f) | ||||
|     if mountpoint in fstab.entry_by_dir: | ||||
|         LOG.info(f'Mount point {mountpoint} already defined in {fstab_path}') | ||||
|         return | ||||
|     fstab.entries.append(Entry(src, mountpoint, "none", ",".join(opts), 0, 0)) | ||||
|     str_fstab = str(fstab) | ||||
|     LOG.info(f'Attempt to overwrite file:{fstab_path}, with data:\n' | ||||
|              f'{str_fstab}') | ||||
|     with open(fstab_path, "w") as f: | ||||
|         f.write(str_fstab) | ||||
| def get_volumes(mount_point, i): | ||||
|     vol_template = "vol%d%%d" % i | ||||
|     volumes = mount_point.get("mounts") | ||||
|     if volumes is not None: | ||||
|         return volumes | ||||
|     return [vol_template % vol_number for vol_number in | ||||
|             range(mount_point["volPerNode"])] | ||||
| def ensure_directories_exists(storage_class): | ||||
|     target_root = storage_class.get("mountDir", storage_class["hostDir"]) | ||||
|     for i, bind_mount in enumerate(storage_class["bindMounts"]): | ||||
|         for vol_name in get_volumes(bind_mount, i): | ||||
|             source = os.path.normpath(f"{bind_mount['srcRoot']}/{vol_name}") | ||||
|             target = os.path.normpath(f"{target_root}/{vol_name}") | ||||
|             os.makedirs(target, exist_ok=True) | ||||
|             os.makedirs(source, exist_ok=True) | ||||
| def is_mount(directory): | ||||
|     # Do not use os.path.ismount due to bug | ||||
|     # https://bugs.python.org/issue29707 | ||||
|     directory = os.path.normpath(directory.strip()) | ||||
|     with open("/proc/mounts") as f: | ||||
|         for line in f.readlines(): | ||||
|             if line.split(" ")[1] == directory: | ||||
|                 return True | ||||
| def mount_directories(storage_class): | ||||
|     failed_mounts = [] | ||||
|     target_root = storage_class.get("mountDir", storage_class["hostDir"]) | ||||
|     additional_opts = storage_class.get("additionalMountOptions", []) | ||||
|     opts = ["bind"] + additional_opts | ||||
|     for i, bind_mount in enumerate(storage_class["bindMounts"]): | ||||
|         for vol_name in get_volumes(bind_mount, i): | ||||
|             source = os.path.normpath(f"{bind_mount['srcRoot']}/{vol_name}") | ||||
|             target = os.path.normpath(f"{target_root}/{vol_name}") | ||||
|             LOG.info(f"Trying to mount {source} to {target}") | ||||
|             if is_mount(target): | ||||
|                 LOG.info( | ||||
|                     f"The directory {target} already mounted, skipping it...") | ||||
|             else: | ||||
|                 cmd = [MOUNT_BIN, "-o", ",".join(opts), source, target] | ||||
|                 LOG.info(f"Running {cmd}") | ||||
|                 obj = None | ||||
|                 try: | ||||
|                     obj = subprocess.run( | ||||
|                         cmd, | ||||
|                         stdout=subprocess.PIPE, | ||||
|                         stderr=subprocess.PIPE, | ||||
|                     ) | ||||
|                     obj.check_returncode() | ||||
|                 except Exception as e: | ||||
|                     LOG.exception( | ||||
|                         f"Failed to mount {source} {target}\n" | ||||
|                         f"stdout: {obj.stdout}\n" | ||||
|                         f"stderr: {obj.stderr}" | ||||
|                     ) | ||||
|                     failed_mounts.append((source, target)) | ||||
|                 else: | ||||
|                     LOG.info(f"Successfully mount {source} {target}") | ||||
|             fstab_bindmount(source, target, opts=opts) | ||||
|     if failed_mounts: | ||||
|         raise Exception(f"Failed to mount some directories: {failed_mounts}") | ||||
| def main(): | ||||
|     parser = argparse.ArgumentParser( | ||||
|         description="Create fake mountpotins with specified directories." | ||||
|     ) | ||||
|     group = parser.add_mutually_exclusive_group(required=True) | ||||
|     group.add_argument( | ||||
|         "--config-file", help="Path to file with image layout", | ||||
|     ) | ||||
|     parser.add_argument( | ||||
|         "--create-only", | ||||
|         help="Ensure target directories exists.", | ||||
|         dest="create_only", | ||||
|         action="store_true", | ||||
|     ) | ||||
|     parser.set_defaults(create_only=False) | ||||
|     args = parser.parse_args() | ||||
|     with open(args.config_file) as f: | ||||
|         data = yaml.safe_load(f) | ||||
|     if data is None: | ||||
|         LOG.exception("Invalid data supplied from the config file.") | ||||
|         raise Exception | ||||
|     classes_data = data.get("classes", []) | ||||
|     if isinstance(classes_data, list): | ||||
|         for storage_class in classes_data: | ||||
|             ensure_directories_exists(storage_class) | ||||
|         if not args.create_only: | ||||
|             for storage_class in classes_data: | ||||
|                 mount_directories(storage_class) | ||||
| if __name__ == "__main__": | ||||
|     try: | ||||
|         main() | ||||
|     except Exception as e: | ||||
|         LOG.exception("Can't create volume mounts.") | ||||
|         sys.exit(1) | ||||
							
								
								
									
										58
									
								
								local-volume-provisioner/templates/configmap-bin.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										58
									
								
								local-volume-provisioner/templates/configmap-bin.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,58 @@ | ||||
| {{/* | ||||
| Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| you may not use this file except in compliance with the License. | ||||
| You may obtain a copy of the License at | ||||
|  | ||||
|    http://www.apache.org/licenses/LICENSE-2.0 | ||||
|  | ||||
| Unless required by applicable law or agreed to in writing, software | ||||
| distributed under the License is distributed on an "AS IS" BASIS, | ||||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| See the License for the specific language governing permissions and | ||||
| limitations under the License. | ||||
| */}} | ||||
|  | ||||
| {{- define "lvp.configmap.bin" }} | ||||
| {{- $configMapName := index . 0 }} | ||||
| {{- $envAll := index . 1 }} | ||||
| {{- with $envAll }} | ||||
|  | ||||
| --- | ||||
| apiVersion: v1 | ||||
| kind: ConfigMap | ||||
| metadata: | ||||
|   name: {{ $configMapName }} | ||||
| data: | ||||
| {{- if .Values.images.local_registry.active }} | ||||
|   image-repo-sync.sh: | | ||||
| {{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} | ||||
| {{- end }} | ||||
|   fakemount.py: | | ||||
| {{ tuple "bin/_fakemount.py.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} | ||||
|   storageClassMap: | | ||||
|     {{- range $classConfig := $envAll.Values.conf.fake_mounts.classes }} | ||||
|     {{ $classConfig.name }}: | ||||
|       hostDir: {{ $classConfig.hostDir }} | ||||
|       mountDir: {{ $classConfig.mountDir | default $classConfig.hostDir }} | ||||
|       {{- if $classConfig.blockCleanerCommand }} | ||||
|       blockCleanerCommand: | ||||
|       {{- range $val := $classConfig.blockCleanerCommand }} | ||||
|         - {{ $val | quote }} | ||||
|       {{- end}} | ||||
|       {{- end }} | ||||
|       {{- if $classConfig.volumeMode }} | ||||
|       volumeMode: {{ $classConfig.volumeMode }} | ||||
|       {{- end }} | ||||
|       {{- if $classConfig.fsType }} | ||||
|       fsType: {{ $classConfig.fsType }} | ||||
|       {{- end }} | ||||
|       {{- if $classConfig.namePattern }} | ||||
|       namePattern: {{ $classConfig.namePattern | quote }} | ||||
|       {{- end }} | ||||
|     {{- end }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- if .Values.manifests.configmap_bin }} | ||||
| {{- list "local-volume-provisioner-bin" . | include "lvp.configmap.bin" }} | ||||
| {{- end }} | ||||
							
								
								
									
										33
									
								
								local-volume-provisioner/templates/configmap-etc.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										33
									
								
								local-volume-provisioner/templates/configmap-etc.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,33 @@ | ||||
| {{/* | ||||
| Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| you may not use this file except in compliance with the License. | ||||
| You may obtain a copy of the License at | ||||
|  | ||||
|    http://www.apache.org/licenses/LICENSE-2.0 | ||||
|  | ||||
| Unless required by applicable law or agreed to in writing, software | ||||
| distributed under the License is distributed on an "AS IS" BASIS, | ||||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| See the License for the specific language governing permissions and | ||||
| limitations under the License. | ||||
| */}} | ||||
|  | ||||
| {{- define "lvp.configmap.etc" }} | ||||
| {{- $configMapName := index . 0 }} | ||||
| {{- $envAll := index . 1 }} | ||||
| {{- with $envAll }} | ||||
|  | ||||
| --- | ||||
| apiVersion: v1 | ||||
| kind: Secret | ||||
| metadata: | ||||
|   name: {{ $configMapName }} | ||||
| type: Opaque | ||||
| data: | ||||
|   fake_mounts.conf: {{ $envAll.Values.conf.fake_mounts | toJson | b64enc }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- if .Values.manifests.configmap_etc }} | ||||
| {{- list "local-volume-provisioner-etc" . | include "lvp.configmap.etc" }} | ||||
| {{- end }} | ||||
							
								
								
									
										212
									
								
								local-volume-provisioner/templates/daemonset-lvp.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										212
									
								
								local-volume-provisioner/templates/daemonset-lvp.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,212 @@ | ||||
| {{/* | ||||
| Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| you may not use this file except in compliance with the License. | ||||
| You may obtain a copy of the License at | ||||
|  | ||||
|    http://www.apache.org/licenses/LICENSE-2.0 | ||||
|  | ||||
| Unless required by applicable law or agreed to in writing, software | ||||
| distributed under the License is distributed on an "AS IS" BASIS, | ||||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| See the License for the specific language governing permissions and | ||||
| limitations under the License. | ||||
| */}} | ||||
|  | ||||
| {{- define "lvp.daemonset" }} | ||||
| {{- $daemonset := index . 0 }} | ||||
| {{- $configMapName := index . 1 }} | ||||
| {{- $serviceAccountName := index . 2 }} | ||||
| {{- $envAll := index . 3 }} | ||||
|  | ||||
| {{- with $envAll }} | ||||
|  | ||||
| {{- $mounts_lvp := $envAll.Values.pod.mounts.local_volume_provisioner.lvp }} | ||||
| {{- $mounts_lvp_init := $envAll.Values.pod.mounts.local_volume_provisioner.init_container }} | ||||
| --- | ||||
| apiVersion: apps/v1 | ||||
| kind: DaemonSet | ||||
| metadata: | ||||
|   name: local-volume-provisioner | ||||
|   annotations: | ||||
|     {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }} | ||||
|   labels: | ||||
| {{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} | ||||
| spec: | ||||
|   selector: | ||||
|     matchLabels: | ||||
| {{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }} | ||||
| {{ tuple $envAll $daemonset | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }} | ||||
|   template: | ||||
|     metadata: | ||||
|       labels: | ||||
| {{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} | ||||
|       annotations: | ||||
| {{- dict "envAll" $envAll "podName" "local-volume-provisioner" "containerNames" (list "lvp") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} | ||||
| {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }} | ||||
|         configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }} | ||||
|         configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }} | ||||
|     spec: | ||||
| {{ dict "envAll" $envAll "application" "local-volume-provisioner" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} | ||||
|       serviceAccountName: {{ $serviceAccountName }} | ||||
|       nodeSelector: | ||||
|         {{ $envAll.Values.labels.local_volume_provisioner.node_selector_key }}: {{ $envAll.Values.labels.local_volume_provisioner.node_selector_value }} | ||||
|       initContainers: | ||||
|         - name: init-mounts | ||||
| {{ tuple $envAll "local_volume_provisioner_mounts" | include "helm-toolkit.snippets.image" | indent 10 }} | ||||
| {{ dict "envAll" $envAll "application" "local_volume_provisioner" "container" "init_mounts" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} | ||||
|           terminationMessagePath: /var/log/termination-log | ||||
|           env: | ||||
|           - name: POD_NAME | ||||
|             valueFrom: | ||||
|               fieldRef: | ||||
|                 apiVersion: v1 | ||||
|                 fieldPath: metadata.name | ||||
|           - name: NAMESPACE | ||||
|             valueFrom: | ||||
|               fieldRef: | ||||
|                 apiVersion: v1 | ||||
|                 fieldPath: metadata.namespace | ||||
|           - name: PATH | ||||
|             value: /var/lib/openstack/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/ | ||||
|           command: | ||||
|             - /tmp/fakemount.py | ||||
|             - --config-file | ||||
|             - /etc/provisioner/fake_mounts.conf | ||||
|           volumeMounts: | ||||
|             - name: fstab | ||||
|               mountPath: /mnt/host/fstab | ||||
|             - name: local-volume-provisioner-etc | ||||
|               mountPath: /etc/provisioner/fake_mounts.conf | ||||
|               subPath: fake_mounts.conf | ||||
|               readOnly: true | ||||
|             - name: local-volume-provisioner-bin | ||||
|               mountPath: /tmp/fakemount.py | ||||
|               subPath: fakemount.py | ||||
|               readOnly: true | ||||
|             {{- range $classConfig := $envAll.Values.conf.fake_mounts.classes }} | ||||
|               {{- range $bindMount := $classConfig.bindMounts }} | ||||
|             - mountPath: {{ $bindMount.srcRoot }} | ||||
|               mountPropagation: Bidirectional | ||||
|               name: {{ replace "/" ""  $bindMount.srcRoot }} | ||||
|               {{- end }} | ||||
|             - mountPath: {{ if $classConfig.mountDir }} {{- $classConfig.mountDir -}} {{ else }} {{- $classConfig.hostDir -}} {{ end }} | ||||
|               mountPropagation: Bidirectional | ||||
|               name: {{ $classConfig.name }} | ||||
|             {{- end }} | ||||
|             - mountPath: /run | ||||
|               name: run | ||||
|       containers: | ||||
|         - name: lvp | ||||
| {{ tuple $envAll "local_volume_provisioner" | include "helm-toolkit.snippets.image" | indent 10 }} | ||||
| {{ tuple $envAll $envAll.Values.pod.resources.local_volume_provisioner | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} | ||||
| {{ dict "envAll" $envAll "application" "local_volume_provisioner" "container" "lvp" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} | ||||
|           env: | ||||
|           - name: MY_NODE_NAME | ||||
|             valueFrom: | ||||
|               fieldRef: | ||||
|                 fieldPath: spec.nodeName | ||||
|           - name: NAMESPACE | ||||
|             valueFrom: | ||||
|               fieldRef: | ||||
|                 apiVersion: v1 | ||||
|                 fieldPath: metadata.namespace | ||||
|           command: | ||||
|             - /local-provisioner | ||||
|           volumeMounts: | ||||
|             - name: local-volume-provisioner-bin | ||||
|               mountPath: /etc/provisioner/config/storageClassMap | ||||
|               subPath: storageClassMap | ||||
|               readOnly: true | ||||
|             - name: dev | ||||
|               mountPath: /dev | ||||
|             {{- range $classConfig := $envAll.Values.conf.fake_mounts.classes }} | ||||
|             - name: {{ $classConfig.name }} | ||||
|               mountPath: {{ $classConfig.mountDir | default $classConfig.hostDir }} | ||||
|               mountPropagation: HostToContainer | ||||
|             {{- end }} | ||||
|       volumes: | ||||
|         - name: fstab | ||||
|           hostPath: | ||||
|             type: File | ||||
|             path: /etc/fstab | ||||
|         - name: local-volume-provisioner-bin | ||||
|           configMap: | ||||
|             name: local-volume-provisioner-bin | ||||
|             defaultMode: 0555 | ||||
|         - name: local-volume-provisioner-etc | ||||
|           secret: | ||||
|             secretName: {{ $configMapName }} | ||||
|             defaultMode: 0444 | ||||
|         - name: run | ||||
|           hostPath: | ||||
|             path: /run | ||||
|         - name: dev | ||||
|           hostPath: | ||||
|             path: /dev | ||||
|           {{- range $classConfig := $envAll.Values.conf.fake_mounts.classes }} | ||||
|             {{- range $bindMount := $classConfig.bindMounts }} | ||||
|         - name: {{ replace "/" ""  $bindMount.srcRoot }} | ||||
|           hostPath: | ||||
|             path: {{ $bindMount.srcRoot }} | ||||
|             type: "" | ||||
|             {{- end }} | ||||
|           {{- end }} | ||||
|         {{- range $classConfig := $envAll.Values.conf.fake_mounts.classes }} | ||||
|         - name: {{ $classConfig.name }} | ||||
|           hostPath: | ||||
|             path: {{ $classConfig.hostDir }} | ||||
|         {{- end }} | ||||
| {{ if $mounts_lvp.volumes }}{{ toYaml $mounts_lvp.volumes | indent 8 }}{{ end }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- if .Values.manifests.daemonset_local_volume_provisioner }} | ||||
|  | ||||
| {{- $envAll := . }} | ||||
| {{- $daemonset := "local_volume_provisioner" }} | ||||
| {{- $configMapName := "local_volume_provisioner-etc" }} | ||||
| {{- $serviceAccountName := "local-volume-provisioner" }} | ||||
|  | ||||
| {{ tuple $envAll "lvp" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} | ||||
| --- | ||||
| apiVersion: rbac.authorization.k8s.io/v1 | ||||
| kind: ClusterRole | ||||
| metadata: | ||||
|   name: {{ $serviceAccountName }}-nodes | ||||
| rules: | ||||
| - apiGroups: [""] | ||||
|   resources: ["nodes"] | ||||
|   verbs: ["get"] | ||||
|  | ||||
| --- | ||||
| apiVersion: rbac.authorization.k8s.io/v1 | ||||
| kind: ClusterRoleBinding | ||||
| metadata: | ||||
|   name: {{ $serviceAccountName }}-nodes | ||||
| subjects: | ||||
| - kind: ServiceAccount | ||||
|   name: {{ $serviceAccountName }} | ||||
|   namespace: {{ .Release.Namespace }} | ||||
| roleRef: | ||||
|   kind: ClusterRole | ||||
|   name: {{ $serviceAccountName }}-nodes | ||||
|   apiGroup: rbac.authorization.k8s.io | ||||
| --- | ||||
| apiVersion: rbac.authorization.k8s.io/v1 | ||||
| kind: ClusterRoleBinding | ||||
| metadata: | ||||
|   name: {{ $serviceAccountName }}-cluter-admin | ||||
| roleRef: | ||||
|   apiGroup: rbac.authorization.k8s.io | ||||
|   kind: ClusterRole | ||||
|   name: cluster-admin | ||||
| subjects: | ||||
| - kind: ServiceAccount | ||||
|   name: {{ $serviceAccountName }} | ||||
|   namespace: {{ .Release.Namespace }} | ||||
|  | ||||
| {{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName . | include "lvp.daemonset" | toString | fromYaml }} | ||||
| {{- $configmap_yaml := "lvp.configmap.etc" }} | ||||
| {{- list $daemonset $daemonset_yaml $configmap_yaml $configMapName . | include "helm-toolkit.utils.daemonset_overrides" }} | ||||
|  | ||||
| {{- end }} | ||||
							
								
								
									
										18
									
								
								local-volume-provisioner/templates/job-image-repo-sync.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										18
									
								
								local-volume-provisioner/templates/job-image-repo-sync.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,18 @@ | ||||
| {{/* | ||||
| Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| you may not use this file except in compliance with the License. | ||||
| You may obtain a copy of the License at | ||||
|  | ||||
|    http://www.apache.org/licenses/LICENSE-2.0 | ||||
|  | ||||
| Unless required by applicable law or agreed to in writing, software | ||||
| distributed under the License is distributed on an "AS IS" BASIS, | ||||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| See the License for the specific language governing permissions and | ||||
| limitations under the License. | ||||
| */}} | ||||
|  | ||||
| {{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} | ||||
| {{- $imageRepoSyncJob := dict "envAll" . "serviceName" "local-volume-provisioner" -}} | ||||
| {{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} | ||||
| {{- end }} | ||||
							
								
								
									
										17
									
								
								local-volume-provisioner/templates/secret-registry.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										17
									
								
								local-volume-provisioner/templates/secret-registry.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,17 @@ | ||||
| {{/* | ||||
| Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| you may not use this file except in compliance with the License. | ||||
| You may obtain a copy of the License at | ||||
|  | ||||
|    http://www.apache.org/licenses/LICENSE-2.0 | ||||
|  | ||||
| Unless required by applicable law or agreed to in writing, software | ||||
| distributed under the License is distributed on an "AS IS" BASIS, | ||||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| See the License for the specific language governing permissions and | ||||
| limitations under the License. | ||||
| */}} | ||||
|  | ||||
| {{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} | ||||
| {{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} | ||||
| {{- end }} | ||||
							
								
								
									
										27
									
								
								local-volume-provisioner/templates/storageclasses.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										27
									
								
								local-volume-provisioner/templates/storageclasses.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,27 @@ | ||||
| {{- if .Values.manifests.storageclass }} | ||||
| {{- $envAll := . }} | ||||
| {{- range $val := $envAll.Values.conf.fake_mounts.classes }} | ||||
| {{- if $val.storageClass }} | ||||
| --- | ||||
| apiVersion: storage.k8s.io/v1 | ||||
| kind: StorageClass | ||||
| metadata: | ||||
|   name: {{ $val.name }} | ||||
|   {{- if kindIs "map" $val.storageClass }} | ||||
|   {{- if $val.storageClass.isDefaultClass }} | ||||
|   annotations: | ||||
|     storageclass.kubernetes.io/is-default-class: "true" | ||||
|   {{- end }} | ||||
|   {{- end }} | ||||
|   labels: | ||||
| {{ tuple $envAll $envAll.Chart.Name "storageclass" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} | ||||
| provisioner: kubernetes.io/no-provisioner | ||||
| volumeBindingMode: WaitForFirstConsumer | ||||
| {{- if kindIs "map" $val.storageClass }} | ||||
| reclaimPolicy: {{ $val.storageClass.reclaimPolicy | default "Delete" }} | ||||
| {{- else }} | ||||
| reclaimPolicy: Delete | ||||
| {{- end }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
							
								
								
									
										153
									
								
								local-volume-provisioner/values.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										153
									
								
								local-volume-provisioner/values.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,153 @@ | ||||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| # you may not use this file except in compliance with the License. | ||||
| # You may obtain a copy of the License at | ||||
| # | ||||
| #     http://www.apache.org/licenses/LICENSE-2.0 | ||||
| # | ||||
| # Unless required by applicable law or agreed to in writing, software | ||||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
| # See the License for the specific language governing permissions and | ||||
| # limitations under the License. | ||||
|  | ||||
| # Default values for local-volume-provisioner. | ||||
| # This is a YAML-formatted file. | ||||
| # Declare name/value pairs to be passed into your templates. | ||||
| # name: value | ||||
|  | ||||
| --- | ||||
| release_group: null | ||||
|  | ||||
| labels: | ||||
|   local_volume_provisioner: | ||||
|     node_selector_key: openstack-compute-node | ||||
|     node_selector_value: enabled | ||||
|  | ||||
| images: | ||||
|   tags: | ||||
|     local_volume_provisioner: mirantis.azurecr.io/bm/external/local-volume-provisioner:v2.4.0 | ||||
|     dep_check: quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal | ||||
|     image_repo_sync: docker.io/library/docker:17.07.0 | ||||
|     local_volume_provisioner_mounts: mirantis.azurecr.io/openstack/openstack-controller:0.1.1 | ||||
|   pull_policy: "IfNotPresent" | ||||
|   local_registry: | ||||
|     active: false | ||||
|     exclude: | ||||
|       - dep_check | ||||
|       - image_repo_sync | ||||
|  | ||||
| dependencies: | ||||
|   static: {} | ||||
|   dynamic: {} | ||||
|  | ||||
| endpoints: | ||||
|   cluster_domain_suffix: cluster.local | ||||
|   local_image_registry: | ||||
|     name: docker-registry | ||||
|     namespace: docker-registry | ||||
|     hosts: | ||||
|       default: localhost | ||||
|       internal: docker-registry | ||||
|       node: localhost | ||||
|     host_fqdn_override: | ||||
|       default: null | ||||
|     port: | ||||
|       registry: | ||||
|         node: 5000 | ||||
|   oci_image_registry: | ||||
|     name: oci-image-registry | ||||
|     namespace: oci-image-registry | ||||
|     auth: | ||||
|       enabled: false | ||||
|       local_volume_provisioner: | ||||
|         username: local_volume_provisioner | ||||
|         password: password | ||||
|     hosts: | ||||
|       default: localhost | ||||
|     host_fqdn_override: | ||||
|       default: null | ||||
|     port: | ||||
|       registry: | ||||
|         default: null | ||||
|  | ||||
| conf: | ||||
|   fake_mounts: | ||||
|     classes: | ||||
|       - bindMounts: | ||||
|         - mounts: | ||||
|           - vol1 | ||||
|           - vol2 | ||||
|           - vol3 | ||||
|           - vol4 | ||||
|           - vol5 | ||||
|           - vol6 | ||||
|           - vol7 | ||||
|           - vol8 | ||||
|           - vol9 | ||||
|           - vol10 | ||||
|           - vol11 | ||||
|           - vol12 | ||||
|           - vol13 | ||||
|           - vol14 | ||||
|           - vol15 | ||||
|           srcRoot: /var/lib/local-volume-provisioner | ||||
|         hostDir: /mnt/local-volume-provisioner | ||||
|         mountDir: /mnt/local-volume-provisioner | ||||
|         name: lvp-fake-root | ||||
|         storageClass: true | ||||
|         volumeMode: Filesystem | ||||
| pod: | ||||
|   security_context: | ||||
|     local_volume_provisioner: | ||||
|       pod: | ||||
|         runAsUser: 0 | ||||
|       container: | ||||
|         lvp: | ||||
|           privileged: true | ||||
|           readOnlyRootFilesystem: true | ||||
|         init_mounts: | ||||
|           privileged: true | ||||
|           readOnlyRootFilesystem: true | ||||
|   dns_policy: "ClusterFirstWithHostNet" | ||||
|   mounts: | ||||
|     local_volume_provisioner: | ||||
|       init_container: null | ||||
|       lvp: null | ||||
|   lifecycle: | ||||
|     upgrades: | ||||
|       daemonsets: | ||||
|         pod_replacement_strategy: RollingUpdate | ||||
|         local_volume_provisioner: | ||||
|           enabled: true | ||||
|           min_ready_seconds: 0 | ||||
|           max_unavailable: 1 | ||||
|   resources: | ||||
|     enabled: false | ||||
|     local_volume_provisioner: | ||||
|       requests: | ||||
|         memory: "128Mi" | ||||
|         cpu: "100m" | ||||
|       limits: | ||||
|         memory: "1024Mi" | ||||
|         cpu: "2000m" | ||||
|     jobs: | ||||
|       image_repo_sync: | ||||
|         requests: | ||||
|           memory: "128Mi" | ||||
|           cpu: "100m" | ||||
|         limits: | ||||
|           memory: "1024Mi" | ||||
|           cpu: "2000m" | ||||
|  | ||||
| manifests: | ||||
|   configmap_bin: true | ||||
|   configmap_etc: true | ||||
|   daemonset_local_volume_provisioner: true | ||||
|   job_image_repo_sync: true | ||||
|   secret_registry: true | ||||
|   storageclass: true | ||||
|  | ||||
| secrets: | ||||
|   oci_image_registry: | ||||
|     local_volume_provisioner: local-volume-provisioner-oci-image-registry-key | ||||
| ... | ||||
							
								
								
									
										4
									
								
								releasenotes/notes/local-volume-provisioner.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								releasenotes/notes/local-volume-provisioner.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | ||||
| --- | ||||
| local-volume-provisioner: | ||||
|   - 0.1.0 Initial Chart | ||||
| ... | ||||
		Reference in New Issue
	
	Block a user
	 Vasyl Saienko
					Vasyl Saienko