starlingx/ansible-playbooks
Code Issues Proposed changes
Files
feb5f2a5414878ddc026557c901e4c6ed32766cd
ansible-playbooks/playbookconfig/src/playbooks/roles/k8s-storage-backends/netapp/templates/trident-deployment.yaml.j2
Erickson Silva de Oliveira feb5f2a541 Add label component=platform to pods 
Add the label "app.starlingx.io/component=platform" to pods
to ensure kubernetes run it on the platform cores.

Additionally, the review [1] introduced a problem when
changing the chdir path in the trident install task.
This resulted in the installer being unable to locate
the custom templates.

[1]: https://review.opendev.org/c/starlingx/ansible-playbooks/+/887424/13/playbookconfig/src/playbooks/roles/k8s-storage-backends/netapp/tasks/main.yml#86

Test Plan:
PASS: Install trident
PASS: Check if pods have the label
'app.starlingx.io/component' with the value 'platform'

Story: 2010612
Task: 50258

Change-Id: I051c328edddf5b997c192e96f9be4ed34743b554
Signed-off-by: Erickson Silva de Oliveira <Erickson.SilvadeOliveira@windriver.com>
2024-06-04 09:07:41 -03:00

226 lines
6.7 KiB
Django/Jinja
Raw Blame History

---
apiVersion: apps/v1
kind: Deployment
metadata:
name: trident-controller
labels:
app: controller.csi.trident.netapp.io
kubectl.kubernetes.io/default-container: trident-main
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: controller.csi.trident.netapp.io
template:
metadata:
labels:
app: controller.csi.trident.netapp.io
# STX_change: add label component
app.starlingx.io/component: platform
spec:
serviceAccount: trident-controller
containers:
- name: trident-main
# STX_change: pull image from local registry
image: {{ local_registry }}/docker.io/netapp/trident:24.02.0
imagePullPolicy: IfNotPresent
securityContext:
runAsNonRoot: false
capabilities:
drop:
- all
ports:
# STX_change: change ports
- containerPort: {{ trident_https_rest_api_port }}
- containerPort: {{ trident_metrics_port }}
command:
- /trident_orchestrator
args:
- "--crd_persistence"
- "--k8s_pod"
- "--https_rest"
# STX_change: change https port
- "--https_port={{ trident_https_rest_api_port }}"
- "--csi_node_name=$(KUBE_NODE_NAME)"
- "--csi_endpoint=$(CSI_ENDPOINT)"
- "--csi_role=controller"
- "--log_format=text"
- "--log_level=info"
- "--log_workflows="
- "--log_layers="
- "--disable_audit_log=true"
- "--address=127.0.0.1"
# STX_change: change port
- "--port={{ trident_rest_api_port }}"
- "--http_request_timeout=1m30s"
- "--enable_force_detach=false"
- "--metrics"
# STX_change: change metrics port
- "--metrics_port={{ trident_metrics_port }}"
#- -debug
livenessProbe:
exec:
command:
- tridentctl
- -s
# STX_change: change port
- "127.0.0.1:{{ trident_rest_api_port }}"
- version
failureThreshold: 2
initialDelaySeconds: 120
periodSeconds: 120
timeoutSeconds: 90
env:
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: CSI_ENDPOINT
value: unix://plugin/csi.sock
- name: TRIDENT_SERVER
# STX_change: change port
value: "127.0.0.1:{{ trident_rest_api_port }}"
volumeMounts:
- name: socket-dir
mountPath: /plugin
- name: certs
mountPath: /certs
readOnly: true
- name: trident-autosupport
# STX_change: pull image from local registry
image: {{ local_registry }}/docker.io/netapp/trident-autosupport:24.02
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- all
command:
- /usr/local/bin/trident-autosupport
args:
- "--k8s-pod"
- "--log-format=text"
- "--trident-silence-collector=false"
#- -debug
resources:
limits:
memory: 1Gi
volumeMounts:
- name: asup-dir
mountPath: /asup
- name: csi-provisioner
# STX_change: pull image from local registry
image: {{ local_registry }}/registry.k8s.io/sig-storage/csi-provisioner:v4.0.0
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- all
args:
- "--v=2"
- "--timeout=600s"
- "--csi-address=$(ADDRESS)"
- "--retry-interval-start=8s"
- "--retry-interval-max=30s"
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
volumeMounts:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/
- name: csi-attacher
# STX_change: pull image from local registry
image: {{ local_registry }}/registry.k8s.io/sig-storage/csi-attacher:v4.5.0
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- all
args:
- "--v=2"
- "--timeout=60s"
- "--retry-interval-start=10s"
- "--csi-address=$(ADDRESS)"
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
volumeMounts:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/
- name: csi-resizer
# STX_change: pull image from local registry
image: {{ local_registry }}/registry.k8s.io/sig-storage/csi-resizer:v1.9.3
imagePullPolicy: IfNotPresent
args:
- "--v=2"
- "--timeout=300s"
- "--csi-address=$(ADDRESS)"
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
volumeMounts:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/
- name: csi-snapshotter
# STX_change: pull image from local registry
image: {{ local_registry }}/registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- all
args:
- "--v=2"
- "--timeout=300s"
- "--csi-address=$(ADDRESS)"
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
volumeMounts:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/
# STX_change: launch only on master nodes
nodeSelector:
node-role.kubernetes.io/control-plane: ""
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- arm64
- amd64
- key: kubernetes.io/os
operator: In
values:
- linux
# STX_change: add tolerations
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
- key: "node-role.kubernetes.io/control-plane"
operator: "Exists"
effect: "NoSchedule"
volumes:
- name: socket-dir
emptyDir:
- name: certs
projected:
sources:
- secret:
name: trident-csi
- secret:
name: trident-encryption-keys
- name: asup-dir
emptyDir:
medium: ""
sizeLimit: 1Gi
View Git Blame Copy Permalink