From d3ba1cc05f7ef752ecb33b7d189560745aaa27cb Mon Sep 17 00:00:00 2001 From: Erki Aas Date: Sat, 27 Jul 2024 19:51:59 +0300 Subject: [PATCH] add openebs-localpath --- openebs/README.md | 11 +- openebs/openebs-operator-lite.yaml | 937 +++++++++++++++++++++++++++++ openebs/storage-class.yaml | 16 + 3 files changed, 963 insertions(+), 1 deletion(-) create mode 100644 openebs/openebs-operator-lite.yaml create mode 100644 openebs/storage-class.yaml diff --git a/openebs/README.md b/openebs/README.md index 12e3d22..308fcb9 100644 --- a/openebs/README.md +++ b/openebs/README.md @@ -1,6 +1,14 @@ +# XFS hostpath based local PV-s + +``` +wget https://openebs.github.io/charts/openebs-operator-lite.yaml +kubectl apply -f openebs-operator-lite.yaml -f storage-class.yaml + +``` + # Raw file based local PV-s -We currently only use `rawfile-localpv` portion of OpenEBS. +### TO BE DEPRECATED The manifests were rendered using Helm template from https://github.com/openebs/rawfile-localpv and subsequently modified @@ -9,3 +17,4 @@ and subsequently modified kubectl create namespace openebs kubectl apply -n openebs -f rawfile.yaml ``` + diff --git a/openebs/openebs-operator-lite.yaml b/openebs/openebs-operator-lite.yaml new file mode 100644 index 0000000..58c8a73 --- /dev/null +++ b/openebs/openebs-operator-lite.yaml @@ -0,0 +1,937 @@ +# This manifest deploys the OpenEBS control plane components, with associated CRs & RBAC rules +# NOTE: On GKE, deploy the openebs-operator.yaml in admin context + +# Create the OpenEBS namespace +apiVersion: v1 +kind: Namespace +metadata: + name: openebs +--- +# Create Maya Service Account +apiVersion: v1 +kind: ServiceAccount +metadata: + name: openebs-maya-operator + namespace: openebs +--- +# Define Role that allows operations on K8s pods/deployments +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-maya-operator +rules: +- apiGroups: ["*"] + resources: ["nodes", "nodes/proxy"] + verbs: ["*"] +- apiGroups: ["*"] + resources: ["namespaces", "services", "pods", "pods/exec", "deployments", "deployments/finalizers", "replicationcontrollers", "replicasets", "events", "endpoints", "configmaps", "secrets", "jobs", "cronjobs"] + verbs: ["*"] +- apiGroups: ["*"] + resources: ["statefulsets", "daemonsets"] + verbs: ["*"] +- apiGroups: ["*"] + resources: ["resourcequotas", "limitranges"] + verbs: ["list", "watch"] +- apiGroups: ["*"] + resources: ["ingresses", "horizontalpodautoscalers", "verticalpodautoscalers", "poddisruptionbudgets", "certificatesigningrequests"] + verbs: ["list", "watch"] +- apiGroups: ["*"] + resources: ["storageclasses", "persistentvolumeclaims", "persistentvolumes"] + verbs: ["*"] +- apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: [ "get", "list", "create", "update", "delete", "patch"] +- apiGroups: ["openebs.io"] + resources: [ "*"] + verbs: ["*"] +- apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "create", "update"] +- nonResourceURLs: ["/metrics"] + verbs: ["get"] +--- +# Bind the Service Account with the Role Privileges. +# TODO: Check if default account also needs to be there +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-maya-operator +subjects: +- kind: ServiceAccount + name: openebs-maya-operator + namespace: openebs +roleRef: + kind: ClusterRole + name: openebs-maya-operator + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: blockdevices.openebs.io +spec: + group: openebs.io + names: + kind: BlockDevice + listKind: BlockDeviceList + plural: blockdevices + shortNames: + - bd + singular: blockdevice + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.nodeAttributes.nodeName + name: NodeName + type: string + - jsonPath: .spec.path + name: Path + priority: 1 + type: string + - jsonPath: .spec.filesystem.fsType + name: FSType + priority: 1 + type: string + - jsonPath: .spec.capacity.storage + name: Size + type: string + - jsonPath: .status.claimState + name: ClaimState + type: string + - jsonPath: .status.state + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: BlockDevice is the Schema for the blockdevices API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DeviceSpec defines the properties and runtime status of a BlockDevice + properties: + aggregateDevice: + description: AggregateDevice was intended to store the hierarchical information in cases of LVM. However this is currently not implemented and may need to be re-looked into for better design. To be deprecated + type: string + capacity: + description: Capacity + properties: + logicalSectorSize: + description: LogicalSectorSize is blockdevice logical-sector size in bytes + format: int32 + type: integer + physicalSectorSize: + description: PhysicalSectorSize is blockdevice physical-Sector size in bytes + format: int32 + type: integer + storage: + description: Storage is the blockdevice capacity in bytes + format: int64 + type: integer + required: + - storage + type: object + claimRef: + description: ClaimRef is the reference to the BDC which has claimed this BD + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + details: + description: Details contain static attributes of BD like model,serial, and so forth + properties: + compliance: + description: Compliance is standards/specifications version implemented by device firmware such as SPC-1, SPC-2, etc + type: string + deviceType: + description: DeviceType represents the type of device like sparse, disk, partition, lvm, crypt + enum: + - disk + - partition + - sparse + - loop + - lvm + - crypt + - dm + - mpath + type: string + driveType: + description: DriveType is the type of backing drive, HDD/SSD + enum: + - HDD + - SSD + - Unknown + - "" + type: string + firmwareRevision: + description: FirmwareRevision is the disk firmware revision + type: string + hardwareSectorSize: + description: HardwareSectorSize is the hardware sector size in bytes + format: int32 + type: integer + logicalBlockSize: + description: LogicalBlockSize is the logical block size in bytes reported by /sys/class/block/sda/queue/logical_block_size + format: int32 + type: integer + model: + description: Model is model of disk + type: string + physicalBlockSize: + description: PhysicalBlockSize is the physical block size in bytes reported by /sys/class/block/sda/queue/physical_block_size + format: int32 + type: integer + serial: + description: Serial is serial number of disk + type: string + vendor: + description: Vendor is vendor of disk + type: string + type: object + devlinks: + description: DevLinks contains soft links of a block device like /dev/by-id/... /dev/by-uuid/... + items: + description: DeviceDevLink holds the mapping between type and links like by-id type or by-path type link + properties: + kind: + description: Kind is the type of link like by-id or by-path. + enum: + - by-id + - by-path + type: string + links: + description: Links are the soft links + items: + type: string + type: array + type: object + type: array + filesystem: + description: FileSystem contains mountpoint and filesystem type + properties: + fsType: + description: Type represents the FileSystem type of the block device + type: string + mountPoint: + description: MountPoint represents the mountpoint of the block device. + type: string + type: object + nodeAttributes: + description: NodeAttributes has the details of the node on which BD is attached + properties: + nodeName: + description: NodeName is the name of the Kubernetes node resource on which the device is attached + type: string + type: object + parentDevice: + description: "ParentDevice was intended to store the UUID of the parent Block Device as is the case for partitioned block devices. \n For example: /dev/sda is the parent for /dev/sda1 To be deprecated" + type: string + partitioned: + description: Partitioned represents if BlockDevice has partitions or not (Yes/No) Currently always default to No. To be deprecated + enum: + - "Yes" + - "No" + type: string + path: + description: Path contain devpath (e.g. /dev/sdb) + type: string + required: + - capacity + - devlinks + - nodeAttributes + - path + type: object + status: + description: DeviceStatus defines the observed state of BlockDevice + properties: + claimState: + description: ClaimState represents the claim state of the block device + enum: + - Claimed + - Unclaimed + - Released + type: string + state: + description: State is the current state of the blockdevice (Active/Inactive/Unknown) + enum: + - Active + - Inactive + - Unknown + type: string + required: + - claimState + - state + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: blockdeviceclaims.openebs.io +spec: + group: openebs.io + names: + kind: BlockDeviceClaim + listKind: BlockDeviceClaimList + plural: blockdeviceclaims + shortNames: + - bdc + singular: blockdeviceclaim + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.blockDeviceName + name: BlockDeviceName + type: string + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: BlockDeviceClaim is the Schema for the blockdeviceclaims API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DeviceClaimSpec defines the request details for a BlockDevice + properties: + blockDeviceName: + description: BlockDeviceName is the reference to the block-device backing this claim + type: string + blockDeviceNodeAttributes: + description: BlockDeviceNodeAttributes is the attributes on the node from which a BD should be selected for this claim. It can include nodename, failure domain etc. + properties: + hostName: + description: HostName represents the hostname of the Kubernetes node resource where the BD should be present + type: string + nodeName: + description: NodeName represents the name of the Kubernetes node resource where the BD should be present + type: string + type: object + deviceClaimDetails: + description: Details of the device to be claimed + properties: + allowPartition: + description: AllowPartition represents whether to claim a full block device or a device that is a partition + type: boolean + blockVolumeMode: + description: 'BlockVolumeMode represents whether to claim a device in Block mode or Filesystem mode. These are use cases of BlockVolumeMode: 1) Not specified: VolumeMode check will not be effective 2) VolumeModeBlock: BD should not have any filesystem or mountpoint 3) VolumeModeFileSystem: BD should have a filesystem and mountpoint. If DeviceFormat is specified then the format should match with the FSType in BD' + type: string + formatType: + description: Format of the device required, eg:ext4, xfs + type: string + type: object + deviceType: + description: DeviceType represents the type of drive like SSD, HDD etc., + nullable: true + type: string + hostName: + description: Node name from where blockdevice has to be claimed. To be deprecated. Use NodeAttributes.HostName instead + type: string + resources: + description: Resources will help with placing claims on Capacity, IOPS + properties: + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum resources required. eg: if storage resource of 10G is requested minimum capacity of 10G should be available TODO for validating' + type: object + required: + - requests + type: object + selector: + description: Selector is used to find block devices to be considered for claiming + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: object + status: + description: DeviceClaimStatus defines the observed state of BlockDeviceClaim + properties: + phase: + description: Phase represents the current phase of the claim + type: string + required: + - phase + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +# This is the node-disk-manager related config. +# It can be used to customize the disks probes and filters +apiVersion: v1 +kind: ConfigMap +metadata: + name: openebs-ndm-config + namespace: openebs + labels: + openebs.io/component-name: ndm-config +data: + # udev-probe is default or primary probe it should be enabled to run ndm + # filterconfigs contains configs of filters. To provide a group of include + # and exclude values add it as , separated string + node-disk-manager.config: | + probeconfigs: + - key: udev-probe + name: udev probe + state: true + - key: seachest-probe + name: seachest probe + state: false + - key: smart-probe + name: smart probe + state: true + filterconfigs: + - key: os-disk-exclude-filter + name: os disk exclude filter + state: true + exclude: "/,/etc/hosts,/boot" + - key: vendor-filter + name: vendor filter + state: true + include: "" + exclude: "CLOUDBYT,OpenEBS" + - key: path-filter + name: path filter + state: true + include: "" + exclude: "/dev/loop,/dev/fd0,/dev/sr0,/dev/ram,/dev/md,/dev/dm-,/dev/rbd,/dev/zd" + # metconfig can be used to decorate the block device with different types of labels + # that are available on the node or come in a device properties. + # node labels - the node where bd is discovered. A whitlisted label prefixes + # attribute labels - a property of the BD can be added as a ndm label as ndm.io/= + metaconfigs: + - key: node-labels + name: node labels + pattern: "" + - key: device-labels + name: device labels + type: "" +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: openebs-ndm + namespace: openebs + labels: + name: openebs-ndm + openebs.io/component-name: ndm + openebs.io/version: 3.5.0 +spec: + selector: + matchLabels: + name: openebs-ndm + openebs.io/component-name: ndm + updateStrategy: + type: RollingUpdate + template: + metadata: + labels: + name: openebs-ndm + openebs.io/component-name: ndm + openebs.io/version: 3.5.0 + spec: + # By default the node-disk-manager will be run on all kubernetes nodes + # If you would like to limit this to only some nodes, say the nodes + # that have storage attached, you could label those node and use + # nodeSelector. + # + # e.g. label the storage nodes with - "openebs.io/nodegroup"="storage-node" + # kubectl label node "openebs.io/nodegroup"="storage-node" + #nodeSelector: + # "openebs.io/nodegroup": "storage-node" + serviceAccountName: openebs-maya-operator + hostNetwork: true + # host PID is used to check status of iSCSI Service when the NDM + # API service is enabled + #hostPID: true + containers: + - name: node-disk-manager + image: openebs/node-disk-manager:2.1.0 + args: + - -v=4 + # The feature-gate is used to enable the new UUID algorithm. + - --feature-gates="GPTBasedUUID" + # Use partition table UUID instead of create single partition to get + # partition UUID. Require `GPTBasedUUID` to be enabled with. + # - --feature-gates="PartitionTableUUID" + # Detect changes to device size, filesystem and mount-points without restart. + # - --feature-gates="ChangeDetection" + # The feature gate is used to start the gRPC API service. The gRPC server + # starts at 9115 port by default. This feature is currently in Alpha state + # - --feature-gates="APIService" + # The feature gate is used to enable NDM, to create blockdevice resources + # for unused partitions on the OS disk + # - --feature-gates="UseOSDisk" + imagePullPolicy: IfNotPresent + securityContext: + privileged: true + volumeMounts: + - name: config + mountPath: /host/node-disk-manager.config + subPath: node-disk-manager.config + readOnly: true + # make udev database available inside container + - name: udev + mountPath: /run/udev + - name: procmount + mountPath: /host/proc + readOnly: true + - name: devmount + mountPath: /dev + - name: basepath + mountPath: /var/openebs/ndm + - name: sparsepath + mountPath: /var/openebs/sparse + env: + # namespace in which NDM is installed will be passed to NDM Daemonset + # as environment variable + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # pass hostname as env variable using downward API to the NDM container + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + # specify the directory where the sparse files need to be created. + # if not specified, then sparse files will not be created. + - name: SPARSE_FILE_DIR + value: "/var/openebs/sparse" + # Size(bytes) of the sparse file to be created. + - name: SPARSE_FILE_SIZE + value: "10737418240" + # Specify the number of sparse files to be created + - name: SPARSE_FILE_COUNT + value: "0" + livenessProbe: + exec: + command: + - pgrep + - "ndm" + initialDelaySeconds: 30 + periodSeconds: 60 + volumes: + - name: config + configMap: + name: openebs-ndm-config + - name: udev + hostPath: + path: /run/udev + type: Directory + # mount /proc (to access mount file of process 1 of host) inside container + # to read mount-point of disks and partitions + - name: procmount + hostPath: + path: /proc + type: Directory + - name: devmount + # the /dev directory is mounted so that we have access to the devices that + # are connected at runtime of the pod. + hostPath: + path: /dev + type: Directory + - name: basepath + hostPath: + path: /var/openebs/ndm + type: DirectoryOrCreate + - name: sparsepath + hostPath: + path: /var/openebs/sparse +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openebs-ndm-operator + namespace: openebs + labels: + name: openebs-ndm-operator + openebs.io/component-name: ndm-operator + openebs.io/version: 3.5.0 +spec: + selector: + matchLabels: + name: openebs-ndm-operator + openebs.io/component-name: ndm-operator + replicas: 1 + strategy: + type: Recreate + template: + metadata: + labels: + name: openebs-ndm-operator + openebs.io/component-name: ndm-operator + openebs.io/version: 3.5.0 + spec: + serviceAccountName: openebs-maya-operator + containers: + - name: node-disk-operator + image: openebs/node-disk-operator:2.1.0 + imagePullPolicy: IfNotPresent + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + # the service account of the ndm-operator pod + - name: SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + - name: OPERATOR_NAME + value: "node-disk-operator" + - name: CLEANUP_JOB_IMAGE + value: "openebs/linux-utils:3.5.0" + # OPENEBS_IO_IMAGE_PULL_SECRETS environment variable is used to pass the image pull secrets + # to the cleanup pod launched by NDM operator + #- name: OPENEBS_IO_IMAGE_PULL_SECRETS + # value: "" + livenessProbe: + httpGet: + path: /healthz + port: 8585 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8585 + initialDelaySeconds: 5 + periodSeconds: 10 +--- +# Create NDM cluster exporter deployment. +# This is an optional component and is not required for the basic +# functioning of NDM +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openebs-ndm-cluster-exporter + namespace: openebs + labels: + name: openebs-ndm-cluster-exporter + openebs.io/component-name: ndm-cluster-exporter + openebs.io/version: 3.5.0 +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + name: openebs-ndm-cluster-exporter + openebs.io/component-name: ndm-cluster-exporter + template: + metadata: + labels: + name: openebs-ndm-cluster-exporter + openebs.io/component-name: ndm-cluster-exporter + openebs.io/version: 3.5.0 + spec: + serviceAccountName: openebs-maya-operator + containers: + - name: ndm-cluster-exporter + image: openebs/node-disk-exporter:2.1.0 + command: + - /usr/local/bin/exporter + args: + - "start" + - "--mode=cluster" + - "--port=$(METRICS_LISTEN_PORT)" + - "--metrics=/metrics" + ports: + - containerPort: 9100 + protocol: TCP + name: metrics + imagePullPolicy: IfNotPresent + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: METRICS_LISTEN_PORT + value: :9100 +--- +# Create NDM cluster exporter service +# This is optional and required only when +# ndm-cluster-exporter deployment is used +apiVersion: v1 +kind: Service +metadata: + name: openebs-ndm-cluster-exporter-service + namespace: openebs + labels: + name: openebs-ndm-cluster-exporter-service + openebs.io/component-name: ndm-cluster-exporter + app: openebs-ndm-exporter +spec: + clusterIP: None + ports: + - name: metrics + port: 9100 + targetPort: 9100 + selector: + name: openebs-ndm-cluster-exporter +--- +# Create NDM node exporter daemonset. +# This is an optional component used for getting disk level +# metrics from each of the storage nodes +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: openebs-ndm-node-exporter + namespace: openebs + labels: + name: openebs-ndm-node-exporter + openebs.io/component-name: ndm-node-exporter + openebs.io/version: 3.5.0 +spec: + updateStrategy: + type: RollingUpdate + selector: + matchLabels: + name: openebs-ndm-node-exporter + openebs.io/component-name: ndm-node-exporter + template: + metadata: + labels: + name: openebs-ndm-node-exporter + openebs.io/component-name: ndm-node-exporter + openebs.io/version: 3.5.0 + spec: + serviceAccountName: openebs-maya-operator + containers: + - name: node-disk-exporter + image: openebs/node-disk-exporter:2.1.0 + command: + - /usr/local/bin/exporter + args: + - "start" + - "--mode=node" + - "--port=$(METRICS_LISTEN_PORT)" + - "--metrics=/metrics" + ports: + - containerPort: 9101 + protocol: TCP + name: metrics + imagePullPolicy: IfNotPresent + securityContext: + privileged: true + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: METRICS_LISTEN_PORT + value: :9101 +--- +# Create NDM node exporter service +# This is optional and required only when +# ndm-node-exporter daemonset is used +apiVersion: v1 +kind: Service +metadata: + name: openebs-ndm-node-exporter-service + namespace: openebs + labels: + name: openebs-ndm-node-exporter + openebs.io/component: openebs-ndm-node-exporter + app: openebs-ndm-exporter +spec: + clusterIP: None + ports: + - name: metrics + port: 9101 + targetPort: 9101 + selector: + name: openebs-ndm-node-exporter +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: openebs-localpv-provisioner + namespace: openebs + labels: + name: openebs-localpv-provisioner + openebs.io/component-name: openebs-localpv-provisioner + openebs.io/version: 3.5.0 +spec: + selector: + matchLabels: + name: openebs-localpv-provisioner + openebs.io/component-name: openebs-localpv-provisioner + replicas: 1 + strategy: + type: Recreate + template: + metadata: + labels: + name: openebs-localpv-provisioner + openebs.io/component-name: openebs-localpv-provisioner + openebs.io/version: 3.5.0 + spec: + serviceAccountName: openebs-maya-operator + containers: + - name: openebs-provisioner-hostpath + imagePullPolicy: IfNotPresent + image: openebs/provisioner-localpv:3.5.0 + args: + - "--bd-time-out=$(BDC_BD_BIND_RETRIES)" + env: + # OPENEBS_IO_K8S_MASTER enables openebs provisioner to connect to K8s + # based on this address. This is ignored if empty. + # This is supported for openebs provisioner version 0.5.2 onwards + #- name: OPENEBS_IO_K8S_MASTER + # value: "http://10.128.0.12:8080" + # OPENEBS_IO_KUBE_CONFIG enables openebs provisioner to connect to K8s + # based on this config. This is ignored if empty. + # This is supported for openebs provisioner version 0.5.2 onwards + #- name: OPENEBS_IO_KUBE_CONFIG + # value: "/home/ubuntu/.kube/config" + # This sets the number of times the provisioner should try + # with a polling interval of 5 seconds, to get the Blockdevice + # Name from a BlockDeviceClaim, before the BlockDeviceClaim + # is deleted. E.g. 12 * 5 seconds = 60 seconds timeout + - name: BDC_BD_BIND_RETRIES + value: "12" + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # OPENEBS_SERVICE_ACCOUNT provides the service account of this pod as + # environment variable + - name: OPENEBS_SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + - name: OPENEBS_IO_ENABLE_ANALYTICS + value: "true" + - name: OPENEBS_IO_INSTALLER_TYPE + value: "openebs-operator-lite" + - name: OPENEBS_IO_HELPER_IMAGE + value: "openebs/linux-utils:3.5.0" + - name: OPENEBS_IO_BASE_PATH + value: "/var/openebs/local" + # LEADER_ELECTION_ENABLED is used to enable/disable leader election. By default + # leader election is enabled. + #- name: LEADER_ELECTION_ENABLED + # value: "true" + # OPENEBS_IO_IMAGE_PULL_SECRETS environment variable is used to pass the image pull secrets + # to the helper pod launched by local-pv hostpath provisioner + #- name: OPENEBS_IO_IMAGE_PULL_SECRETS + # value: "" + # Process name used for matching is limited to the 15 characters + # present in the pgrep output. + # So fullname can't be used here with pgrep (>15 chars).A regular expression + # that matches the entire command name has to specified. + # Anchor `^` : matches any string that starts with `provisioner-loc` + # `.*`: matches any string that has `provisioner-loc` followed by zero or more char + livenessProbe: + exec: + command: + - sh + - -c + - test `pgrep -c "^provisioner-loc.*"` = 1 + initialDelaySeconds: 30 + periodSeconds: 60 +--- + diff --git a/openebs/storage-class.yaml b/openebs/storage-class.yaml new file mode 100644 index 0000000..a47c53b --- /dev/null +++ b/openebs/storage-class.yaml @@ -0,0 +1,16 @@ +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: openebs-hostpath-xfs + annotations: + openebs.io/cas-type: local + cas.openebs.io/config: | + - name: StorageType + value: "hostpath" + - name: BasePath + value: "/var/openebs/local/" + - name: XFSQuota + enabled: "true" +provisioner: openebs.io/local +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete