diff --git a/assets/openebs/openebs-3.0.0.tgz b/assets/openebs/openebs-3.0.0.tgz new file mode 100644 index 000000000..1593a4610 Binary files /dev/null and b/assets/openebs/openebs-3.0.0.tgz differ diff --git a/charts/openebs/openebs/3.0.0/Chart.lock b/charts/openebs/openebs/3.0.0/Chart.lock new file mode 100644 index 000000000..1af0b60ff --- /dev/null +++ b/charts/openebs/openebs/3.0.0/Chart.lock @@ -0,0 +1,24 @@ +dependencies: +- name: openebs-ndm + repository: https://openebs.github.io/node-disk-manager + version: 1.7.1 +- name: localpv-provisioner + repository: https://openebs.github.io/dynamic-localpv-provisioner + version: 3.0.1 +- name: cstor + repository: https://openebs.github.io/cstor-operators + version: 3.0.1 +- name: jiva + repository: https://openebs.github.io/jiva-operator + version: 3.0.1 +- name: zfs-localpv + repository: https://openebs.github.io/zfs-localpv + version: 1.9.8 +- name: lvm-localpv + repository: https://openebs.github.io/lvm-localpv + version: 0.8.5 +- name: nfs-provisioner + repository: https://openebs.github.io/dynamic-nfs-provisioner + version: 0.7.1 +digest: sha256:d669e29f12cff9c686ff5c27c3e211981378cb95861ffef27a14d0d97d408bf8 +generated: "2021-09-24T08:58:55.997382538Z" diff --git a/charts/openebs/openebs/3.0.0/Chart.yaml b/charts/openebs/openebs/3.0.0/Chart.yaml new file mode 100644 index 000000000..ee624024c --- /dev/null +++ b/charts/openebs/openebs/3.0.0/Chart.yaml @@ -0,0 +1,51 @@ +annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: OpenEBS + catalog.cattle.io/release-name: openebs +apiVersion: v2 +appVersion: 3.0.0 +dependencies: +- condition: cstor.enabled + name: cstor + repository: file://./charts/cstor +- condition: jiva.enabled + name: jiva + repository: file://./charts/jiva +- condition: localpv-provisioner.enabled + name: localpv-provisioner + repository: file://./charts/localpv-provisioner +- condition: lvm-localpv.enabled + name: lvm-localpv + repository: file://./charts/lvm-localpv +- condition: nfs-provisioner.enabled + name: nfs-provisioner + repository: file://./charts/nfs-provisioner +- condition: openebs-ndm.enabled + name: openebs-ndm + repository: file://./charts/openebs-ndm +- condition: zfs-localpv.enabled + name: zfs-localpv + repository: file://./charts/zfs-localpv +description: Containerized Attached Storage for Kubernetes +home: http://www.openebs.io/ +icon: https://raw.githubusercontent.com/cncf/artwork/HEAD/projects/openebs/icon/color/openebs-icon-color.png +keywords: +- cloud-native-storage +- block-storage +- local-storage +- iSCSI +- NVMe +- storage +- kubernetes +kubeVersion: '>=1.13.0-0' +maintainers: +- email: kiran.mova@mayadata.io + name: kmova +- email: prateek.pandey@mayadata.io + name: prateekpandey14 +- email: shovan.maity@mayadata.io + name: shovanmaity +name: openebs +sources: +- https://github.com/openebs/openebs +version: 3.0.0 diff --git a/charts/openebs/openebs/3.0.0/OWNERS b/charts/openebs/openebs/3.0.0/OWNERS new file mode 100644 index 000000000..874423e12 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/OWNERS @@ -0,0 +1,6 @@ +approvers: +- kmova +- prateekpandey14 +reviewers: +- kmova +- prateekpandey14 diff --git a/charts/openebs/openebs/3.0.0/README.md b/charts/openebs/openebs/3.0.0/README.md new file mode 100644 index 000000000..d3aff74f5 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/README.md @@ -0,0 +1,168 @@ +# OpenEBS Helm Chart + +[OpenEBS](https://openebs.io) helps Developers and Platform SREs easily deploy Kubernetes Stateful Workloads that require fast and highly reliable container attached storage. OpenEBS can be deployed on any Kubernetes cluster - either in cloud, on-premise (virtual or bare metal) or developer laptop (minikube). + +OpenEBS Data Engines and Control Plane are implemented as micro-services, deployed as containers and orchestrated by Kubernetes itself. An added advantage of being a completely Kubernetes native solution is that administrators and developers can interact and manage OpenEBS using all the wonderful tooling that is available for Kubernetes like kubectl, Helm, Prometheus, Grafana, etc. + +OpenEBS turns any storage available on the Kubernetes worker nodes into local or distributed Kubernetes Persistent Volumes. +* Local Volumes are accessible only from a single node in the cluster. Pods using Local Volume have to be scheduled on the node where volume is provisioned. Local Volumes are typically preferred for distributed workloads like Cassandra, MongoDB, Elastic, etc that are distributed in nature and have high availability built into them. Depending on the type of storage attached to your Kubernetes worker nodes, you can select from different flavors of Dynamic Local PV - Hostpath, Device, LVM, ZFS or Rawfile. +* Replicated Volumes as the name suggests, are those that have their data synchronously replicated to multiple nodes. Volumes can sustain node failures. The replication also can be setup across availability zones helping applications move across availability zones. Depending on the type of storage attached to your Kubernetes worker nodes and application performance requirements, you can select from Jiva, cStor or Mayastor. + +## Documentation and user guides + +You can run OpenEBS on any Kubernetes 1.18+ cluster in a matter of minutes. See the [Quickstart Guide to OpenEBS](https://openebs.io/) for detailed instructions. + +## Getting started + +### How to customize OpenEBS Helm chart? + +OpenEBS helm chart is an umbrella chart that pulls together engine specific charts. The engine charts are included as dependencies. +arts/openebs/Chart.yaml). +OpenEBS helm chart will includes common components that are used by multiple engines like: +- Node Disk Manager related components +- Dynamic Local Provisioner related components +- Security Policies like RBAC, PSP, Kyverno + +```bash +openebs +├── (default) openebs-ndm +├── (default) localpv-provisioner +├── jiva +├── cstor +├── zfs-localpv +└── lvm-localpv +└── nfs-provisioner +``` + +To install the engine charts, the helm install must be provided with a engine enabled flag like `cstor.enabled=true` or `zfs-localpv.enabled=true` or by passing a custom values.yaml with required engines enabled. + +### Prerequisites + +- Kubernetes 1.18+ with RBAC enabled +- When using cstor and jiva engines, iSCSI utils must be installed on all the nodes where stateful pods are going to run. +- Depending on the engine and type of platform, you may have to customize the values or run additional pre-requisistes. Refer to [documentation](https://openebs.io). + +### Setup Helm Repository + +Before installing OpenEBS Helm charts, you need to add the [OpenEBS Helm repository](https://openebs.github.io/charts) to your Helm client. + +```bash +helm repo add openebs https://openebs.github.io/charts +helm repo update +``` + +### Installing OpenEBS + +```bash +helm install --name `my-release` --namespace openebs openebs/openebs --create-namespace +``` + +Examples: +- Assuming the release will be called openebs, the command would be: + ```bash + helm install --name openebs --namespace openebs openebs/openebs --create-namespace + ``` + +- To install OpenEBS with cStor CSI driver, run + ```bash + helm install openebs openebs/openebs --namespace openebs --create-namespace --set cstor.enabled=true + ``` + +- To install/enable a new engine on the installed helm release `openebs`, you can run the helm upgrade command as follows: + ```bash + helm upgrade openebs openebs/openebs --namespace openebs --reuse-values --set jiva.enabled=true + ``` + +- To disable legacy out of tree jiva and cstor provisioners, run the following command. + ```bash + helm upgrade openebs openebs/openebs --namespace openebs --reuse-values --set legacy.enabled=false + ``` + +### To uninstall/delete instance with release name + +```bash +helm ls --all +helm delete `my-release` +``` + +> **Tip**: Prior to deleting the helm chart, make sure all the storage volumes and pools are deleted. + +## Configuration + +The following table lists the common configurable parameters of the OpenEBS chart and their default values. For a full list of configurable parameters check out the [values.yaml](https://github.com/openebs/charts/blob/HEAD/charts/openebs/values.yaml). + +| Parameter | Description | Default | +| ----------------------------------------| --------------------------------------------- | ----------------------------------------- | +| `apiserver.enabled` | Enable API Server | `true` | +| `apiserver.image` | Image for API Server | `openebs/m-apiserver` | +| `apiserver.imageTag` | Image Tag for API Server | `2.12.2` | +| `cleanup.image.registry` | Cleanup pre hook image registry | `nil` | +| `cleanup.image.repository` | Cleanup pre hook image repository | `"bitnami/kubectl"` | +| `cleanup.image.tag` | Cleanup pre hook image tag | `if not provided determined by the k8s version` | +| `crd.enableInstall` | Enable installation of CRDs by OpenEBS | `true` | +| `cstor.pool.image` | Image for cStor Pool | `openebs/cstor-pool` | +| `cstor.pool.imageTag` | Image Tag for cStor Pool | `2.12.2` | +| `cstor.poolMgmt.image` | Image for cStor Pool Management | `openebs/cstor-pool-mgmt` | +| `cstor.poolMgmt.imageTag` | Image Tag for cStor Pool Management | `2.12.2` | +| `cstor.target.image` | Image for cStor Target | `openebs/cstor-istgt` | +| `cstor.target.imageTag` | Image Tag for cStor Target | `2.12.2` | +| `cstor.volumeMgmt.image` | Image for cStor Volume Management | `openebs/cstor-volume-mgmt` | +| `cstor.volumeMgmt.imageTag` | Image Tag for cStor Volume Management | `2.12.2` | +| `defaultStorageConfig.enabled` | Enable default storage class installation | `true` | +| `healthCheck.initialDelaySeconds` | Delay before liveness probe is initiated | `30` | +| `healthCheck.periodSeconds` | How often to perform the liveness probe | `60` | +| `helper.image` | Image for helper | `openebs/linux-utils` | +| `helper.imageTag` | Image Tag for helper | `3.0.0` | +| `image.pullPolicy` | Container pull policy | `IfNotPresent` | +| `image.repository` | Specify which docker registry to use | `""` | +| `jiva.defaultStoragePath` | hostpath used by default Jiva StorageClass | `/var/openebs` | +| `jiva.image` | Image for Jiva | `openebs/jiva` | +| `jiva.imageTag` | Image Tag for Jiva | `2.12.2` | +| `jiva.replicas` | Number of Jiva Replicas | `3` | +| `localprovisioner.basePath` | BasePath for hostPath volumes on Nodes | `/var/openebs/local` | +| `localprovisioner.enabled` | Enable localProvisioner | `true` | +| `localprovisioner.image` | Image for localProvisioner | `openebs/provisioner-localpv` | +| `localprovisioner.imageTag` | Image Tag for localProvisioner | `3.0.0` | +| `ndm.enabled` | Enable Node Disk Manager | `true` | +| `ndm.filters.enableOsDiskExcludeFilter` | Enable filters of OS disk exclude | `true` | +| `ndm.filters.enablePathFilter` | Enable filters of paths | `true` | +| `ndm.filters.enableVendorFilter` | Enable filters of vendors | `true` | +| `ndm.filters.excludePaths` | Exclude devices with specified path patterns | `/dev/loop,/dev/fd0,/dev/sr0,/dev/ram,/dev/dm-,/dev/md,/dev/rbd,/dev/zd`| +| `ndm.filters.excludeVendors` | Exclude devices with specified vendor | `CLOUDBYT,OpenEBS` | +| `ndm.filters.includePaths` | Include devices with specified path patterns | `""` | +| `ndm.filters.osDiskExcludePaths` | Paths/Mounts to be excluded by OS Disk Filter | `/,/etc/hosts,/boot` | +| `ndm.image` | Image for Node Disk Manager | `openebs/node-disk-manager` | +| `ndm.imageTag` | Image Tag for Node Disk Manager | `1.7.0` | +| `ndmOperator.enabled` | Enable NDM Operator | `true` | +| `ndmOperator.image` | Image for NDM Operator | `openebs/node-disk-operator` | +| `ndmOperator.imageTag` | Image Tag for NDM Operator | `1.7.0` | +| `ndm.probes.enableSeachest` | Enable Seachest probe for NDM | `false` | +| `policies.monitoring.image` | Image for Prometheus Exporter | `openebs/m-exporter` | +| `policies.monitoring.imageTag` | Image Tag for Prometheus Exporter | `2.12.2` | +| `provisioner.enabled` | Enable Provisioner | `true` | +| `provisioner.image` | Image for Provisioner | `openebs/openebs-k8s-provisioner` | +| `provisioner.imageTag` | Image Tag for Provisioner | `2.12.2` | +| `rbac.create` | Enable RBAC Resources | `true` | +| `rbac.kyvernoEnabled` | Create Kyverno policy resources | `false` | +| `rbac.pspEnabled` | Create pod security policy resources | `false` | +| `snapshotOperator.controller.image` | Image for Snapshot Controller | `openebs/snapshot-controller` | +| `snapshotOperator.controller.imageTag` | Image Tag for Snapshot Controller | `2.12.2` | +| `snapshotOperator.enabled` | Enable Snapshot Provisioner | `true` | +| `snapshotOperator.provisioner.image` | Image for Snapshot Provisioner | `openebs/snapshot-provisioner` | +| `snapshotOperator.provisioner.imageTag` | Image Tag for Snapshot Provisioner | `2.12.2` | +| `varDirectoryPath.baseDir` | To store debug info of OpenEBS containers | `/var/openebs` | +| `webhook.enabled` | Enable admission server | `true` | +| `webhook.hostNetwork` | Use hostNetwork in admission server | `false` | +| `webhook.image` | Image for admission server | `openebs/admission-server` | +| `webhook.imageTag` | Image Tag for admission server | `2.12.2` | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```bash +helm install --name `my-release` -f values.yaml --namespace openebs openebs/openebs --create-namespace +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) + diff --git a/charts/openebs/openebs/3.0.0/app-readme.md b/charts/openebs/openebs/3.0.0/app-readme.md new file mode 100644 index 000000000..e6a3d5f48 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/app-readme.md @@ -0,0 +1,10 @@ +# OpenEBS + +OpenEBS is an open source storage platform that provides persistent container attached, cloud-native block storage for DevOps and for Kubernetes environments. + +OpenEBS allows you to treat your persistent workload containers, such as DBs on containers, just like other containers. OpenEBS itself is deployed as just another container on your host and enables storage services that can be designated on a per pod, application, cluster or container level, including: +- Data persistence across nodes, dramatically reducing time spent rebuilding Cassandra rings for example. +- Synchronization of data across availability zones and cloud providers. +- Use of commodity hardware plus a container engine to deliver so called container attached block storage. +- Integration with Kubernetes, so developer and application intent flows into OpenEBS configurations automatically. +- Management of tiering to and from S3 and other targets. diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/.helmignore b/charts/openebs/openebs/3.0.0/charts/cstor/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/Chart.lock b/charts/openebs/openebs/3.0.0/charts/cstor/Chart.lock new file mode 100644 index 000000000..e544a335d --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: openebs-ndm + repository: https://openebs.github.io/node-disk-manager + version: 1.6.0 +digest: sha256:bb37660c475faea9651f07b43f655da8f19d251b3227da70ec4990fae6d380f0 +generated: "2021-07-16T06:27:46.122817861Z" diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/Chart.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/Chart.yaml new file mode 100644 index 000000000..1c7a8cc27 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +appVersion: 2.11.0 +dependencies: +- condition: openebsNDM.enabled + name: openebs-ndm + repository: https://openebs.github.io/node-disk-manager + version: 1.6.0 +description: CStor-Operator helm chart for Kubernetes +home: http://www.openebs.io/ +icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/openebs/icon/color/openebs-icon-color.png +keywords: +- cloud-native-storage +- block-storage +- iSCSI +- storage +- cstor +- cstor-operators +maintainers: +- email: kiran.mova@mayadata.io + name: kiranmova +- email: prateek.pandey@mayadata.io + name: prateekpandey14 +- email: sonasingh46@gmail.com + name: sonasingh46 +name: cstor +sources: +- https://github.com/openebs/cstor-operators +type: application +version: 2.11.0 diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/README.md b/charts/openebs/openebs/3.0.0/charts/cstor/README.md new file mode 100644 index 000000000..06f7b18e4 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/README.md @@ -0,0 +1,241 @@ +# OpenEBS CStor + +[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) +![Release Charts](https://github.com/openebs/cstor-operators/workflows/Release%20Charts/badge.svg?branch=master) +![Chart Lint and Test](https://github.com/openebs/cstor-operators/workflows/Chart%20Lint%20and%20Test/badge.svg) + +OpenEBS CStor helm chart for Kubernetes. This chart bootstraps OpenEBS cstor operators and csi driver deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| kiranmova | kiran.mova@mayadata.io | | +| prateekpandey14 | prateek.pandey@mayadata.io | | +| sonasingh46 | sonasingh46@gmail.com | | + +## Get Repo Info + +```console +helm repo add openebs-cstor https://openebs.github.io/cstor-operators +helm repo update +``` + +_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + +## Install Chart + +Please visit the [link](https://openebs.github.io/cstor-operators) for install instructions via helm3. + +```console +# Helm +$ helm install [RELEASE_NAME] openebs-cstor/cstor --namespace [NAMESPACE] +``` +
+ Click here if you're using MicroK8s. + + ```console + microk8s helm3 install [RELEASE_NAME] openebs-cstor/cstor --namespace [NAMESPACE] --set-string csiNode.kubeletDir="/var/snap/microk8s/common/var/lib/kubelet/" + ``` +
+ +_See [configuration](#configuration) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + + +## Dependencies + +By default this chart installs additional, dependent charts: + +| Repository | Name | Version | +|------------|------|---------| +| https://openebs.github.io/node-disk-manager | openebs-ndm | 1.6.0 | + +To disable the dependency during installation, set `openebsNDM.enabled` to `false`. + +_See [helm dependency](https://helm.sh/docs/helm/helm_dependency/) for command documentation._ + +## Uninstall Chart + +```console +# Helm +$ helm uninstall [RELEASE_NAME] --namespace [NAMESPACE] +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +## Upgrading Chart + +```console +# Helm +$ helm upgrade [RELEASE_NAME] [CHART] --install --namespace [NAMESPACE] +``` + +## Configuration + +The following table lists the configurable parameters of the OpenEBS CStor chart and their default values. + +You can modify different parameters by specifying the desired value in the `helm install` command by using the `--set` and/or the `--set-string` flag(s). You can modify the parameters of the [Node Disk Manager chart](https://openebs.github.io/node-disk-manager) by adding `openebs-ndm` before the desired parameter in the `helm install` command. + +In the following sample command we modify `csiNode.nodeSelector` from the cstor chart and `ndm.nodeSelector` from the openebs-ndm chart to only schedule pods on nodes labelled with `openebs.io/data-plane=true`. We also enable the 'Use OS-disk' feature gate using the `featureGates.UseOSDisk.enabled` parameter from the openebs-ndm chart. + + +```console +helm install openebs-cstor openebs-cstor/cstor --namespace openebs --create-namespace \ + --set-string csiNode.nodeSelector."openebs\.io/data-plane"=true \ + --set-string openebs-ndm.ndm.nodeSelector."openebs\.io/data-plane"=true \ + --set openebs-ndm.featureGates.UseOSDisk.enabled=true +``` +
+ Click here if you're using MicroK8s. + + If you are using MicroK8s, it is necessary to add the following flag: + + ```console + --set-string csiNode.kubeletDir="/var/snap/microk8s/common/var/lib/kubelet/" + ``` +
+ +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| admissionServer.annotations | object | `{}` | Admission webhook annotations | +| admissionServer.componentName | string | `"cstor-admission-webhook"` | Admission webhook Component Name | +| admissionServer.failurePolicy | string | `"Fail"` | Admission Webhook failure policy | +| admissionServer.image.pullPolicy | string | `"IfNotPresent"` | Admission webhook image pull policy | +| admissionServer.image.registry | string | `nil` | Admission webhook image registry | +| admissionServer.image.repository | string | `"openebs/cstor-webhook"` | Admission webhook image repo | +| admissionServer.image.tag | string | `"2.11.0"` | Admission webhook image tag | +| admissionServer.nodeSelector | object | `{}` | Admission webhook pod node selector | +| admissionServer.podAnnotations | object | `{}` | Admission webhook pod annotations | +| admissionServer.resources | object | `{}` | Admission webhook pod resources | +| admissionServer.securityContext | object | `{}` | Admission webhook security context | +| admissionServer.tolerations | list | `[]` | Admission webhook tolerations | +| cleanup.image.registry | string | `nil` | cleanup pre hook image registry | +| cleanup.image.repository | string | `"bitnami/kubectl"` | cleanup pre hook image repository | +| csiController.annotations | object | `{}` | CSI controller annotations | +| csiController.attacher.image.pullPolicy | string | `"IfNotPresent"` | CSI attacher image pull policy | +| csiController.attacher.image.registry | string | `"k8s.gcr.io/"` | CSI attacher image registry | +| csiController.attacher.image.repository | string | `"sig-storage/csi-attacher"` | CSI attacher image repo | +| csiController.attacher.image.tag | string | `"v3.1.0"` | CSI attacher image tag | +| csiController.attacher.name | string | `"csi-attacher"` | CSI attacher container name| +| csiController.componentName | string | `"openebs-cstor-csi-controller"` | CSI controller component name | +| csiController.nodeSelector | object | `{}` | CSI controller pod node selector | +| csiController.podAnnotations | object | `{}` | CSI controller pod annotations | +| csiController.provisioner.image.pullPolicy | string | `"IfNotPresent"` | CSI provisioner image pull policy | +| csiController.provisioner.image.registry | string | `"k8s.gcr.io/"` | CSI provisioner image pull registry | +| csiController.provisioner.image.repository | string | `"sig-storage/csi-provisioner"` | CSI provisioner image pull repository | +| csiController.provisioner.image.tag | string | `"v2.1.0"` | CSI provisioner image tag | +| csiController.provisioner.name | string | `"csi-provisioner"` | CSI provisioner container name | +| csiController.resizer.image.pullPolicy | string | `"IfNotPresent"` | CSI resizer image pull policy | +| csiController.resizer.image.registry | string | `"k8s.gcr.io/"` | CSI resizer image registry | +| csiController.resizer.image.repository | string | `"sig-storage/csi-resizer"` | CSI resizer image repository| +| csiController.resizer.image.tag | string | `"v1.1.0"` | CSI resizer image tag | +| csiController.resizer.name | string | `"csi-resizer"` | CSI resizer container name | +| csiController.resources | object | `{}` | CSI controller container resources | +| csiController.securityContext | object | `{}` | CSI controller security context | +| csiController.snapshotController.image.pullPolicy | string | `"IfNotPresent"` | CSI snapshot controller image pull policy | +| csiController.snapshotController.image.registry | string | `"k8s.gcr.io/"` | CSI snapshot controller image registry | +| csiController.snapshotController.image.repository | string | `"sig-storage/snapshot-controller"` | CSI snapshot controller image repository | +| csiController.snapshotController.image.tag | string | `"v3.0.3"` | CSI snapshot controller image tag | +| csiController.snapshotController.name | string | `"snapshot-controller"` | CSI snapshot controller container name | +| csiController.snapshotter.image.pullPolicy | string | `"IfNotPresent"` | CSI snapshotter image pull policy | +| csiController.snapshotter.image.registry | string | `"k8s.gcr.io/"` | CSI snapshotter image pull registry | +| csiController.snapshotter.image.repository | string | `"sig-storage/csi-snapshotter"` | CSI snapshotter image repository | +| csiController.snapshotter.image.tag | string | `"v3.0.3"` | CSI snapshotter image tag | +| csiController.snapshotter.name | string | `"csi-snapshotter"` | CSI snapshotter container name | +| csiController.tolerations | list | `[]` | CSI controller pod tolerations | +| csiNode.annotations | object | `{}` | CSI Node annotations | +| csiNode.componentName | string | `"openebs-cstor-csi-node"` | CSI Node component name | +| csiNode.driverRegistrar.image.pullPolicy | string | `"IfNotPresent"` | CSI Node driver registrar image pull policy| +| csiNode.driverRegistrar.image.registry | string | `"k8s.gcr.io/"` | CSI Node driver registrar image registry | +| csiNode.driverRegistrar.image.repository | string | `"sig-storage/csi-node-driver-registrar"` | CSI Node driver registrar image repository | +| csiNode.driverRegistrar.image.tag | string | `"v2.1.0"` | CSI Node driver registrar image tag| +| csiNode.driverRegistrar.name | string | `"csi-node-driver-registrar"` | CSI Node driver registrar container name | +| csiNode.kubeletDir | string | `"/var/lib/kubelet/"` | Kubelet root dir | +| csiNode.labels | object | `{}` | CSI Node pod labels | +| csiNode.nodeSelector | object | `{}` | CSI Node pod nodeSelector | +| csiNode.podAnnotations | object | `{}` | CSI Node pod annotations | +| csiNode.resources | object | `{}` | CSI Node pod resources | +| csiNode.securityContext | object | `{}` | CSI Node pod security context | +| csiNode.tolerations | list | `[]` | CSI Node pod tolerations | +| csiNode.updateStrategy.type | string | `"RollingUpdate"` | CSI Node daemonset update strategy | +| cspcOperator.annotations | object | `{}` | CSPC operator annotations | +| cspcOperator.componentName | string | `"cspc-operator"` | CSPC operator component name | +| cspcOperator.cstorPool.image.registry | string | `nil` | CStor pool image registry | +| cspcOperator.cstorPool.image.repository | string | `"openebs/cstor-pool"` | CStor pool image repository| +| cspcOperator.cstorPool.image.tag | string | `"2.11.0"` | CStor pool image tag | +| cspcOperator.cstorPoolExporter.image.registry | string | `nil` | CStor pool exporter image registry | +| cspcOperator.cstorPoolExporter.image.repository | string | `"openebs/m-exporter"` | CStor pool exporter image repository | +| cspcOperator.cstorPoolExporter.image.tag | string | `"2.11.0"` | CStor pool exporter image tag | +| cspcOperator.image.pullPolicy | string | `"IfNotPresent"` | CSPC operator image pull policy | +| cspcOperator.image.registry | string | `nil` | CSPC operator image registry | +| cspcOperator.image.repository | string | `"openebs/cspc-operator"` | CSPC operator image repository | +| cspcOperator.image.tag | string | `"2.11.0"` | CSPC operator image tag | +| cspcOperator.nodeSelector | object | `{}` | CSPC operator pod nodeSelector| +| cspcOperator.podAnnotations | object | `{}` | CSPC operator pod annotations | +| cspcOperator.poolManager.image.registry | string | `nil` | CStor Pool Manager image registry | +| cspcOperator.poolManager.image.repository | string | `"openebs/cstor-pool-manager"` | CStor Pool Manager image repository | +| cspcOperator.poolManager.image.tag | string | `"2.11.0"` | CStor Pool Manager image tag | +| cspcOperator.resources | object | `{}` | CSPC operator pod resources | +| cspcOperator.resyncInterval | string | `"30"` | CSPC operator resync interval | +| cspcOperator.securityContext | object | `{}` | CSPC operator security context | +| cspcOperator.tolerations | list | `[]` | CSPC operator pod tolerations | +| cstorCSIPlugin.image.pullPolicy | string | `"IfNotPresent"` | CStor CSI driver image pull policy | +| cstorCSIPlugin.image.registry | string | `nil` | CStor CSI driver image registry | +| cstorCSIPlugin.image.repository | string | `"openebs/cstor-csi-driver"` | CStor CSI driver image repository | +| cstorCSIPlugin.image.tag | string | `"2.11.0"` | CStor CSI driver image tag | +| cstorCSIPlugin.name | string | `"cstor-csi-plugin"` | CStor CSI driver container name | +| cstorCSIPlugin.remount | string | `"true"` | Enable/disable auto-remount when volume recovers from read-only state | +| cvcOperator.annotations | object | `{}` | CVC operator annotations | +| cvcOperator.componentName | string | `"cvc-operator"` | CVC operator component name | +| cvcOperator.image.pullPolicy | string | `"IfNotPresent"` | CVC operator image pull policy | +| cvcOperator.image.registry | string | `nil` | CVC operator image registry | +| cvcOperator.image.repository | string | `"openebs/cvc-operator"` | CVC operator image repository | +| cvcOperator.image.tag | string | `"2.11.0"` | CVC operator image tag | +| cvcOperator.nodeSelector | object | `{}` | CVC operator pod nodeSelector | +| cvcOperator.podAnnotations | object | `{}` | CVC operator pod annotations | +| cvcOperator.resources | object | `{}` |CVC operator pod resources | +| cvcOperator.resyncInterval | string | `"30"` | CVC operator resync interval | +| cvcOperator.securityContext | object | `{}` | CVC operator security context | +| cvcOperator.target.image.registry | string | `nil` | Volume Target image registry | +| cvcOperator.target.image.repository | string | `"openebs/cstor-istgt"` | Volume Target image repository | +| cvcOperator.target.image.tag | string | `"2.11.0"` | Volume Target image tag | +| cvcOperator.tolerations | list | `[]` | CVC operator pod tolerations | +| cvcOperator.volumeExporter.image.registry | string | `nil` | Volume exporter image registry | +| cvcOperator.volumeExporter.image.repository | string | `"openebs/m-exporter"` | Volume exporter image repository | +| cvcOperator.volumeExporter.image.tag | string | `"2.11.0"` | Volume exporter image tag | +| cvcOperator.volumeMgmt.image.registry | string | `nil` | Volume mgmt image registry | +| cvcOperator.volumeMgmt.image.repository | string | `"openebs/cstor-volume-manager"` | Volume mgmt image repository | +| cvcOperator.volumeMgmt.image.tag | string | `"2.11.0"` | Volume mgmt image tag| +| imagePullSecrets | string | `nil` | Image registry pull secrets | +| openebsNDM.enabled | bool | `true` | Enable OpenEBS NDM dependency | +| openebs-ndm.featureGates.APIService.enabled | bool | `true` | Enable 'API Service' feature gate for NDM | +| openebs-ndm.featureGates.GPTBasedUUID.enabled | bool | `true` | Enable 'GPT-based UUID' feature gate for NDM | +| openebs-ndm.featureGates.UseOSDisk.enabled | bool | `false` | Enable 'Use OS-disk' feature gate for NDM | +| openebs-ndm.helperPod.image.registry | string | `nil` | Registry for helper image | +| openebs-ndm.helperPod.image.repository | string | `openebs/linux-utils` | Image repository for helper pod | +| openebs-ndm.ndm.filters.enableOsDiskExcludeFilter | bool | `true` | Enable filters of OS disk exclude | +| openebs-ndm.ndm.filters.enableVendorFilter | bool | `true` | Enable filters of vendors | +| openebs-ndm.ndm.filters.excludeVendors | string | `"CLOUDBYT,OpenEBS"` | Exclude devices with specified vendor | +| openebs-ndm.ndm.filters.enablePathFilter | bool | `true` | Enable filters of paths | +| openebs-ndm.ndm.filters.includePaths | string | `""` | Include devices with specified path patterns | +| openebs-ndm.ndm.filters.excludePaths | string | `"loop,fd0,sr0,/dev/ram,/dev/dm-,/dev/md,/dev/rbd,/dev/zd"` | Exclude devices with specified path patterns | +| openebs-ndm.ndm.image.registry | string | `nil` | Registry for Node Disk Manager image | +| openebs-ndm.ndm.image.repository | string | `openebs/node-disk-manager` | Image repository for Node Disk Manager | +| openebs-ndm.ndm.nodeSelector | object | `{}` | Nodeselector for daemonset pods | +| openebs-ndm.ndmOperator.image.registry | string | `nil` | Registry for NDM operator image | +| openebs-ndm.ndmOperator.image.repository | string | `openebs/node-disk-operator` | Image repository for NDM operator | +| rbac.create | bool | `true` | Enable RBAC | +| rbac.pspEnabled | bool | `false` | Enable PodSecurityPolicy | +| release.version | string | `"2.11.0"` | Openebs CStor release version | +| serviceAccount.annotations | object | `{}` | Service Account annotations | +| serviceAccount.csiController.create | bool | `true` | Enable CSI Controller ServiceAccount | +| serviceAccount.csiController.name | string | `"openebs-cstor-csi-controller-sa"` | CSI Controller ServiceAccount name | +| serviceAccount.csiNode.create | bool | `true` | Enable CSI Node ServiceAccount | +| serviceAccount.csiNode.name | string | `"openebs-cstor-csi-node-sa"` | CSI Node ServiceAccount name | + diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/Chart.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/Chart.yaml new file mode 100644 index 000000000..890c4887b --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/Chart.yaml @@ -0,0 +1,23 @@ +apiVersion: v2 +appVersion: 1.6.0 +description: Helm chart for OpenEBS Node Disk Manager - a Kubernetes native storage + device management solution. For instructions on how to install, refer to https://openebs.github.io/node-disk-manager/. +home: http://www.openebs.io/ +icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/openebs/icon/color/openebs-icon-color.png +keywords: +- cloud-native-storage +- block-storage +- ndm +- disk-inventory +- storage +maintainers: +- email: akhil.mohan@mayadata.io + name: akhilerm +- email: michaelfornaro@gmail.com + name: xUnholy +- email: prateek.pandey@mayadata.io + name: prateekpandey14 +name: openebs-ndm +sources: +- https://github.com/openebs/node-disk-manager +version: 1.6.0 diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/README.md b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/README.md new file mode 100644 index 000000000..497b6b450 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/README.md @@ -0,0 +1,79 @@ +## Introduction + +This chart bootstraps OpenEBS NDM deployment on a [Kubernetes](http://kubernetes.io) cluster using the +[Helm](https://helm.sh) package manager. + +## Installation + +You can run OpenEBS NDM on any Kubernetes 1.13+ cluster in a matter of seconds. + +Please visit the [link](https://openebs.github.io/node-disk-manager/) for install instructions via helm3. + +## Configuration + +The following table lists the configurable parameters of the OpenEBS NDM chart and their default values. + +| Parameter | Description | Default | +| ----------------------------------------| --------------------------------------------- | ----------------------------------------- | +| `imagePullSecrets` | Provides image pull secrect | `""` | +| `ndm.enabled` | Enable Node Disk Manager | `true` | +| `ndm.image.registry` | Registry for Node Disk Manager image | `""` | +| `ndm.image.repository` | Image repository for Node Disk Manager | `openebs/node-disk-manager` | +| `ndm.image.pullPolicy` | Image pull policy for Node Disk Manager | `IfNotPresent` | +| `ndm.image.tag` | Image tag for Node Disk Manager | `1.5.0` | +| `ndm.sparse.path` | Directory where Sparse files are created | `/var/openebs/sparse` | +| `ndm.sparse.size` | Size of the sparse file in bytes | `10737418240` | +| `ndm.sparse.count` | Number of sparse files to be created | `0` | +| `ndm.updateStrategy.type` | Update strategy for NDM daemonset | `RollingUpdate` | +| `ndm.annotations` | Annotations for NDM daemonset metadata | `""` | +| `ndm.podAnnotations` | Annotations for NDM daemonset's pods metadata | `""` | +| `ndm.resources` | Resource and request and limit for containers | `""` | +| `ndm.podLabels` | Appends labels to the pods | `""` | +| `ndm.nodeSelector` | Nodeselector for daemonset pods | `""` | +| `ndm.tolerations` | NDM daemonset's pod toleration values | `""` | +| `ndm.securityContext` | Seurity context for container | `""` | +| `ndm.filters.enableOsDiskExcludeFilter` | Enable filters of OS disk exclude | `true` | +| `ndm.filters.osDiskExcludePaths` | Paths/Mountpoints to be excluded by OS Disk Filter| `/,/etc/hosts,/boot` | +| `ndm.filters.enableVendorFilter` | Enable filters of vendors | `true` | +| `ndm.filters.excludeVendors` | Exclude devices with specified vendor | `CLOUDBYT,OpenEBS` | +| `ndm.filters.enablePathFilter` | Enable filters of paths | `true` | +| `ndm.filters.includePaths` | Include devices with specified path patterns | `""` | +| `ndm.filters.excludePaths` | Exclude devices with specified path patterns | `loop,fd0,sr0,/dev/ram,/dev/dm-,/dev/md,/dev/rbd,/dev/zd`| +| `ndm.probes.enableSeachest` | Enable Seachest probe for NDM | `false` | +| `ndm.probes.enableUdevProbe` | Enable Udev probe for NDM | `true` | +| `ndm.probes.enableSmartProbe` | Enable Smart probe for NDM | `true` | +| `ndmOperator.enabled` | Enable NDM Operator | `true` | +| `ndmOperator.replica` | Pod replica count for NDM operator | `1` | +| `ndmOperator.upgradeStrategy` | Update strategy NDM operator | `"Recreate"` | +| `ndmOperator.image.registry` | Registry for NDM operator image | `""` | +| `ndmOperator.image.repository` | Image repository for NDM operator | `openebs/node-disk-operator` | +| `ndmOperator.image.pullPolicy` | Image pull policy for NDM operator | `IfNotPresent` | +| `ndmOperator.image.tag` | Image tag for NDM operator | `1.5.0` | +| `ndmOperator.annotations` | Annotations for NDM operator metadata | `""` | +| `ndmOperator.podAnnotations` | Annotations for NDM operator's pods metadata | `""` | +| `ndmOperator.resources` | Resource and request and limit for containers | `""` | +| `ndmOperator.podLabels` | Appends labels to the pods | `""` | +| `ndmOperator.nodeSelector` | Nodeselector for operator pods | `""` | +| `ndmOperator.tolerations` | NDM operator's pod toleration values | `""` | +| `ndmOperator.securityContext` | Seurity context for container | `""` | +| `featureGates.APIService.enabled` | Enable the gRPC API service of NDM | `false` | +| `featureGates.UseOSDisk.enabled` | Enable feature-gate to use free space on OS disk | `false` | +| `featureGates.MountChangeDetection.enabled` | Enable feature-gate to detect mountpoint/filesystem changes | `false` | +| `helperPod.image.registry` | Registry for helper image | `""` | +| `helperPod.image.repository` | Image for helper pod | `openebs/linux-utils` | +| `helperPod.image.pullPolicy` | Pull policy for helper pod | `IfNotPresent` | +| `helperPod.image.tag` | Image tag for helper image | `2.10.0` | +| `varDirectoryPath.baseDir` | Directory to store debug info and so forth | `/var/openebs` | +| `serviceAccount.create` | Create a service account or not | `true` | +| `serviceAccount.name` | Name for the service account | `true` | + + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```bash +helm install -f values.yaml ndm/openebs-ndm +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/crds/blockdevice.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/crds/blockdevice.yaml new file mode 100644 index 000000000..95f40703c --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/crds/blockdevice.yaml @@ -0,0 +1,241 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: blockdevices.openebs.io +spec: + group: openebs.io + names: + kind: BlockDevice + listKind: BlockDeviceList + plural: blockdevices + shortNames: + - bd + singular: blockdevice + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.nodeAttributes.nodeName + name: NodeName + type: string + - jsonPath: .spec.path + name: Path + priority: 1 + type: string + - jsonPath: .spec.filesystem.fsType + name: FSType + priority: 1 + type: string + - jsonPath: .spec.capacity.storage + name: Size + type: string + - jsonPath: .status.claimState + name: ClaimState + type: string + - jsonPath: .status.state + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: BlockDevice is the Schema for the blockdevices API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DeviceSpec defines the properties and runtime status of a BlockDevice + properties: + aggregateDevice: + description: AggregateDevice was intended to store the hierarchical information in cases of LVM. However this is currently not implemented and may need to be re-looked into for better design. To be deprecated + type: string + capacity: + description: Capacity + properties: + logicalSectorSize: + description: LogicalSectorSize is blockdevice logical-sector size in bytes + format: int32 + type: integer + physicalSectorSize: + description: PhysicalSectorSize is blockdevice physical-Sector size in bytes + format: int32 + type: integer + storage: + description: Storage is the blockdevice capacity in bytes + format: int64 + type: integer + required: + - storage + type: object + claimRef: + description: ClaimRef is the reference to the BDC which has claimed this BD + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + details: + description: Details contain static attributes of BD like model,serial, and so forth + properties: + compliance: + description: Compliance is standards/specifications version implemented by device firmware such as SPC-1, SPC-2, etc + type: string + deviceType: + description: DeviceType represents the type of device like sparse, disk, partition, lvm, crypt + enum: + - disk + - partition + - sparse + - loop + - lvm + - crypt + - dm + - mpath + type: string + driveType: + description: DriveType is the type of backing drive, HDD/SSD + enum: + - HDD + - SSD + - Unknown + - "" + type: string + firmwareRevision: + description: FirmwareRevision is the disk firmware revision + type: string + hardwareSectorSize: + description: HardwareSectorSize is the hardware sector size in bytes + format: int32 + type: integer + logicalBlockSize: + description: LogicalBlockSize is the logical block size in bytes reported by /sys/class/block/sda/queue/logical_block_size + format: int32 + type: integer + model: + description: Model is model of disk + type: string + physicalBlockSize: + description: PhysicalBlockSize is the physical block size in bytes reported by /sys/class/block/sda/queue/physical_block_size + format: int32 + type: integer + serial: + description: Serial is serial number of disk + type: string + vendor: + description: Vendor is vendor of disk + type: string + type: object + devlinks: + description: DevLinks contains soft links of a block device like /dev/by-id/... /dev/by-uuid/... + items: + description: DeviceDevLink holds the mapping between type and links like by-id type or by-path type link + properties: + kind: + description: Kind is the type of link like by-id or by-path. + enum: + - by-id + - by-path + type: string + links: + description: Links are the soft links + items: + type: string + type: array + type: object + type: array + filesystem: + description: FileSystem contains mountpoint and filesystem type + properties: + fsType: + description: Type represents the FileSystem type of the block device + type: string + mountPoint: + description: MountPoint represents the mountpoint of the block device. + type: string + type: object + nodeAttributes: + description: NodeAttributes has the details of the node on which BD is attached + properties: + nodeName: + description: NodeName is the name of the Kubernetes node resource on which the device is attached + type: string + type: object + parentDevice: + description: "ParentDevice was intended to store the UUID of the parent Block Device as is the case for partitioned block devices. \n For example: /dev/sda is the parent for /dev/sda1 To be deprecated" + type: string + partitioned: + description: Partitioned represents if BlockDevice has partitions or not (Yes/No) Currently always default to No. To be deprecated + enum: + - "Yes" + - "No" + type: string + path: + description: Path contain devpath (e.g. /dev/sdb) + type: string + required: + - capacity + - devlinks + - nodeAttributes + - path + type: object + status: + description: DeviceStatus defines the observed state of BlockDevice + properties: + claimState: + description: ClaimState represents the claim state of the block device + enum: + - Claimed + - Unclaimed + - Released + type: string + state: + description: State is the current state of the blockdevice (Active/Inactive/Unknown) + enum: + - Active + - Inactive + - Unknown + type: string + required: + - claimState + - state + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/crds/blockdeviceclaim.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/crds/blockdeviceclaim.yaml new file mode 100644 index 000000000..81b9a355e --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/crds/blockdeviceclaim.yaml @@ -0,0 +1,144 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: blockdeviceclaims.openebs.io +spec: + group: openebs.io + names: + kind: BlockDeviceClaim + listKind: BlockDeviceClaimList + plural: blockdeviceclaims + shortNames: + - bdc + singular: blockdeviceclaim + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.blockDeviceName + name: BlockDeviceName + type: string + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: BlockDeviceClaim is the Schema for the blockdeviceclaims API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DeviceClaimSpec defines the request details for a BlockDevice + properties: + blockDeviceName: + description: BlockDeviceName is the reference to the block-device backing this claim + type: string + blockDeviceNodeAttributes: + description: BlockDeviceNodeAttributes is the attributes on the node from which a BD should be selected for this claim. It can include nodename, failure domain etc. + properties: + hostName: + description: HostName represents the hostname of the Kubernetes node resource where the BD should be present + type: string + nodeName: + description: NodeName represents the name of the Kubernetes node resource where the BD should be present + type: string + type: object + deviceClaimDetails: + description: Details of the device to be claimed + properties: + allowPartition: + description: AllowPartition represents whether to claim a full block device or a device that is a partition + type: boolean + blockVolumeMode: + description: 'BlockVolumeMode represents whether to claim a device in Block mode or Filesystem mode. These are use cases of BlockVolumeMode: 1) Not specified: VolumeMode check will not be effective 2) VolumeModeBlock: BD should not have any filesystem or mountpoint 3) VolumeModeFileSystem: BD should have a filesystem and mountpoint. If DeviceFormat is specified then the format should match with the FSType in BD' + type: string + formatType: + description: Format of the device required, eg:ext4, xfs + type: string + type: object + deviceType: + description: DeviceType represents the type of drive like SSD, HDD etc., + nullable: true + type: string + hostName: + description: Node name from where blockdevice has to be claimed. To be deprecated. Use NodeAttributes.HostName instead + type: string + resources: + description: Resources will help with placing claims on Capacity, IOPS + properties: + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum resources required. eg: if storage resource of 10G is requested minimum capacity of 10G should be available TODO for validating' + type: object + required: + - requests + type: object + selector: + description: Selector is used to find block devices to be considered for claiming + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: object + status: + description: DeviceClaimStatus defines the observed state of BlockDeviceClaim + properties: + phase: + description: Phase represents the current phase of the claim + type: string + required: + - phase + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/NOTES.txt b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/NOTES.txt new file mode 100644 index 000000000..3c84551b5 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/NOTES.txt @@ -0,0 +1,8 @@ +The OpenEBS Node Disk Manager has been installed. Check its status by running: +$ kubectl get pods -n {{ .Release.Namespace }} + +Use `kubectl get bd -n {{ .Release.Namespace }} ` to see the list of +blockdevices attached to the Kubernetes cluster nodes. + +For more information, visit our Slack at https://openebs.io/community or view +the documentation online at http://docs.openebs.io/. diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/_helpers.tpl b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/_helpers.tpl new file mode 100644 index 000000000..e6d5b99dc --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/_helpers.tpl @@ -0,0 +1,132 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +This name is used for ndm daemonset +*/}} +{{- define "openebs-ndm.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "openebs-ndm.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified ndm daemonset app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "openebs-ndm.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains .Release.Name $name }} +{{- $name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{- define "openebs-ndm.operator.name" -}} +{{- $ndmName := default .Chart.Name .Values.ndmOperator.nameOverride | trunc 63 | trimSuffix "-" }} +{{- $componentName := .Values.ndmOperator.name | trunc 63 | trimSuffix "-" }} +{{- printf "%s-%s" $ndmName $componentName | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified ndm operator app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "openebs-ndm.operator.fullname" -}} +{{- if .Values.ndmOperator.fullnameOverride }} +{{- .Values.ndmOperator.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $ndmOperatorName := include "openebs-ndm.operator.name" .}} + +{{- $name := default $ndmOperatorName .Values.ndmOperator.nameOverride }} +{{- if contains .Release.Name $name }} +{{- $name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "openebs-ndm.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "openebs-ndm.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Define meta labels for ndm components +*/}} +{{- define "openebs-ndm.common.metaLabels" -}} +chart: {{ template "openebs-ndm.chart" . }} +heritage: {{ .Release.Service }} +openebs.io/version: {{ .Values.release.version | quote }} +{{- end -}} + + +{{/* +Create match labels for ndm daemonset component +*/}} +{{- define "openebs-ndm.matchLabels" -}} +app: {{ template "openebs-ndm.name" . }} +release: {{ .Release.Name }} +component: {{ .Values.ndm.componentName | quote }} +{{- end -}} + +{{/* +Create component labels for ndm daemonset component +*/}} +{{- define "openebs-ndm.componentLabels" -}} +openebs.io/component-name: {{ .Values.ndm.componentName | quote }} +{{- end -}} + + +{{/* +Create labels for ndm daemonset component +*/}} +{{- define "openebs-ndm.labels" -}} +{{ include "openebs-ndm.common.metaLabels" . }} +{{ include "openebs-ndm.matchLabels" . }} +{{ include "openebs-ndm.componentLabels" . }} +{{- end -}} + +{{/* +Create match labels for ndm operator deployment +*/}} +{{- define "openebs-ndm.operator.matchLabels" -}} +app: {{ template "openebs-ndm.operator.name" . }} +release: {{ .Release.Name }} +component: {{ default (include "openebs-ndm.operator.name" .) .Values.ndmOperator.componentName }} +{{- end -}} + +{{/* +Create component labels for ndm operator component +*/}} +{{- define "openebs-ndm.operator.componentLabels" -}} +openebs.io/component-name: {{ default (include "openebs-ndm.operator.name" .) .Values.ndmOperator.componentName }} +{{- end -}} + + +{{/* +Create labels for ndm operator component +*/}} +{{- define "openebs-ndm.operator.labels" -}} +{{ include "openebs-ndm.common.metaLabels" . }} +{{ include "openebs-ndm.operator.matchLabels" . }} +{{ include "openebs-ndm.operator.componentLabels" . }} +{{- end -}} diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/configmap.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/configmap.yaml new file mode 100644 index 000000000..337b0e593 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/configmap.yaml @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "openebs-ndm.fullname" . }}-config +data: + # node-disk-manager-config contains config of available probes and filters. + # Probes and Filters will initialize with default values if config for that + # filter or probe are not present in configmap + + # udev-probe is default or primary probe it should be enabled to run ndm + # filterconfigs contains configs of filters. To provide a group of include + # and exclude values add it as , separated string + node-disk-manager.config: | + probeconfigs: + - key: udev-probe + name: udev probe + state: {{ .Values.ndm.probes.enableUdevProbe }} + - key: seachest-probe + name: seachest probe + state: {{ .Values.ndm.probes.enableSeachest }} + - key: smart-probe + name: smart probe + state: {{ .Values.ndm.probes.enableSmartProbe }} + filterconfigs: + - key: os-disk-exclude-filter + name: os disk exclude filter + state: {{ .Values.ndm.filters.enableOsDiskExcludeFilter }} + exclude: "{{ .Values.ndm.filters.osDiskExcludePaths }}" + - key: vendor-filter + name: vendor filter + state: {{ .Values.ndm.filters.enableVendorFilter }} + include: "" + exclude: "{{ .Values.ndm.filters.excludeVendors }}" + - key: path-filter + name: path filter + state: {{ .Values.ndm.filters.enablePathFilter }} + include: "{{ .Values.ndm.filters.includePaths }}" + exclude: "{{ .Values.ndm.filters.excludePaths }}" diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/daemonset.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/daemonset.yaml new file mode 100644 index 000000000..af66edfe5 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/daemonset.yaml @@ -0,0 +1,176 @@ +{{- if .Values.ndm.enabled }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ template "openebs-ndm.fullname" . }} + {{- with .Values.ndm.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "openebs-ndm.labels" . | nindent 4 }} +spec: + updateStrategy: +{{ toYaml .Values.ndm.updateStrategy | indent 4 }} + selector: + matchLabels: + {{- include "openebs-ndm.matchLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.ndm.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "openebs-ndm.labels" . | nindent 8 }} + {{- with .Values.ndm.podLabels}} + {{ toYaml . | nindent 8 }} + {{- end}} + spec: + serviceAccountName: {{ template "openebs-ndm.serviceAccountName" . }} +{{- if .Values.featureGates.enabled }} +{{- if .Values.featureGates.APIService.enabled }} + hostPID: true +{{- end}} +{{- end}} + containers: + - name: {{ template "openebs-ndm.name" . }} + image: "{{ .Values.ndm.image.registry }}{{ .Values.ndm.image.repository }}:{{ .Values.ndm.image.tag }}" + args: + - -v=4 +{{- if .Values.featureGates.enabled }} +{{- if .Values.featureGates.GPTBasedUUID.enabled }} + - --feature-gates={{ .Values.featureGates.GPTBasedUUID.featureGateFlag }} +{{- end}} +{{- if .Values.featureGates.APIService.enabled }} + - --feature-gates={{ .Values.featureGates.APIService.featureGateFlag }} + - --api-service-address={{ .Values.featureGates.APIService.address }} +{{- end}} +{{- if .Values.featureGates.UseOSDisk.enabled }} + - --feature-gates={{ .Values.featureGates.UseOSDisk.featureGateFlag }} +{{- end}} +{{- if .Values.featureGates.MountChangeDetection.enabled }} + - --feature-gates={{ .Values.featureGates.MountChangeDetection.featureGateFlag }} +{{- end}} +{{- end}} + imagePullPolicy: {{ .Values.ndm.image.pullPolicy }} + resources: +{{ toYaml .Values.ndm.resources | indent 12 }} + securityContext: + privileged: true + env: + # namespace in which NDM is installed will be passed to NDM Daemonset + # as environment variable + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # pass hostname as env variable using downward API to the NDM container + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + # specify the directory where the sparse files need to be created. + # if not specified, then sparse files will not be created. + - name: SPARSE_FILE_DIR + value: "{{ .Values.ndm.sparse.path }}" +{{- end }} +{{- if .Values.ndm.sparse.size }} + # Size(bytes) of the sparse file to be created. + - name: SPARSE_FILE_SIZE + value: "{{ .Values.ndm.sparse.size }}" +{{- end }} +{{- if .Values.ndm.sparse.count }} + # Specify the number of sparse files to be created + - name: SPARSE_FILE_COUNT + value: "{{ .Values.ndm.sparse.count }}" +{{- end }} +{{- end }} + # Process name used for matching is limited to the 15 characters + # present in the pgrep output. + # So fullname can be used here with pgrep (cmd is < 15 chars). + livenessProbe: + exec: + command: + - pgrep + - "ndm" + initialDelaySeconds: {{ .Values.ndm.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndm.healthCheck.periodSeconds }} + volumeMounts: + - name: config + mountPath: /host/node-disk-manager.config + subPath: node-disk-manager.config + readOnly: true + - name: udev + mountPath: /run/udev + - name: procmount + mountPath: /host/proc + readOnly: true + - name: devmount + mountPath: /dev + - name: basepath + mountPath: /var/openebs/ndm +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + - name: sparsepath + mountPath: {{ .Values.ndm.sparse.path }} +{{- end }} +{{- end }} + volumes: + - name: config + configMap: + name: {{ include "openebs-ndm.fullname" . }}-config + - name: udev + hostPath: + path: /run/udev + type: Directory + # mount /proc (to access mount file of process 1 of host) inside container + # to read mount-point of disks and partitions + - name: procmount + hostPath: + path: /proc + type: Directory + - name: devmount + # the /dev directory is mounted so that we have access to the devices that + # are connected at runtime of the pod. + hostPath: + path: /dev + type: Directory + - name: basepath + hostPath: + path: "{{ .Values.varDirectoryPath.baseDir }}/ndm" + type: DirectoryOrCreate +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + - name: sparsepath + hostPath: + path: {{ .Values.ndm.sparse.path }} +{{- end }} +{{- end }} + # By default the node-disk-manager will be run on all kubernetes nodes + # If you would like to limit this to only some nodes, say the nodes + # that have storage attached, you could label those node and use + # nodeSelector. + # + # e.g. label the storage nodes with - "openebs.io/nodegroup"="storage-node" + # kubectl label node "openebs.io/nodegroup"="storage-node" + #nodeSelector: + # "openebs.io/nodegroup": "storage-node" +{{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 6 }} +{{- end }} +{{- if .Values.ndm.nodeSelector }} + nodeSelector: +{{ toYaml .Values.ndm.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.ndm.tolerations }} + tolerations: +{{ toYaml .Values.ndm.tolerations | indent 8 }} +{{- end }} +{{- if .Values.ndm.securityContext }} + securityContext: +{{ toYaml .Values.ndm.securityContext | indent 8 }} +{{- end }} + hostNetwork: true +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/deployment.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/deployment.yaml new file mode 100644 index 000000000..4a54dc777 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/deployment.yaml @@ -0,0 +1,87 @@ +{{- if .Values.ndmOperator.enabled }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "openebs-ndm.operator.fullname" . }} + {{- with .Values.ndmOperator.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "openebs-ndm.operator.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.ndmOperator.replicas }} + strategy: + type: "Recreate" + rollingUpdate: null + selector: + matchLabels: + {{- include "openebs-ndm.operator.matchLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.ndmOperator.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "openebs-ndm.operator.labels" . | nindent 8 }} + {{- with .Values.ndmOperator.podLabels}} + {{ toYaml . | nindent 8 }} + {{- end}} + spec: + serviceAccountName: {{ template "openebs-ndm.serviceAccountName" . }} + containers: + - name: {{ template "openebs-ndm.operator.fullname" . }} + image: "{{ .Values.ndmOperator.image.registry }}{{ .Values.ndmOperator.image.repository }}:{{ .Values.ndmOperator.image.tag }}" + imagePullPolicy: {{ .Values.ndmOperator.image.pullPolicy }} + resources: +{{ toYaml .Values.ndmOperator.resources | indent 12 }} + livenessProbe: + httpGet: + path: /healthz + port: 8585 + initialDelaySeconds: {{ .Values.ndmOperator.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndmOperator.healthCheck.periodSeconds }} + readinessProbe: + httpGet: + path: /readyz + port: 8585 + initialDelaySeconds: {{ .Values.ndmOperator.readinessCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndmOperator.readinessCheck.periodSeconds }} + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + - name: OPERATOR_NAME + value: "node-disk-operator" + - name: CLEANUP_JOB_IMAGE + value: "{{ .Values.helperPod.image.registry }}{{ .Values.helperPod.image.repository }}:{{ .Values.helperPod.image.tag }}" +{{- if .Values.imagePullSecrets }} + - name: OPENEBS_IO_IMAGE_PULL_SECRETS + value: "{{- range $index, $secret := .Values.imagePullSecrets}}{{if $index}},{{end}}{{ $secret.name }}{{- end}}" +{{- end }} +{{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 6 }} +{{- end }} +{{- if .Values.ndmOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.ndmOperator.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.ndmOperator.securityContext }} + securityContext: +{{ toYaml .Values.ndmOperator.securityContext | indent 8 }} +{{- end }} +{{- if .Values.ndmOperator.tolerations }} + tolerations: +{{ toYaml .Values.ndmOperator.tolerations | indent 8 }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/rbac.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/rbac.yaml new file mode 100644 index 000000000..8e81c4922 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/templates/rbac.yaml @@ -0,0 +1,44 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "openebs-ndm.serviceAccountName" . }} +{{- end }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "openebs-ndm.fullname" . }} +rules: + - apiGroups: ["*"] + resources: ["nodes", "pods", "events", "configmaps", "jobs"] + verbs: + - '*' + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: + - '*' + - apiGroups: + - openebs.io + resources: + - blockdevices + - blockdeviceclaims + verbs: + - '*' +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "openebs-ndm.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "openebs-ndm.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + - kind: User + name: system:serviceaccount:default:default + apiGroup: rbac.authorization.k8s.io +roleRef: + kind: ClusterRole + name: {{ include "openebs-ndm.fullname" . }} + apiGroup: rbac.authorization.k8s.io +--- diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/values.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/values.yaml new file mode 100644 index 000000000..14928d497 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/charts/openebs-ndm/values.yaml @@ -0,0 +1,121 @@ +# Default values for ndm. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +release: + version: "1.6.0" + +imagePullSecrets: +# - name: "image-pull-secret" + +ndm: + componentName: ndm + enabled: true + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/node-disk-manager + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 1.6.0 + sparse: + path: "/var/openebs/sparse" + size: "10737418240" + count: "0" + updateStrategy: + type: RollingUpdate + annotations: {} + podAnnotations: {} + resources: {} + # limits: + # cpu: 10m + # memory: 32Mi + # requests: + # cpu: 10m + # memory: 32Mi + ## Labels to be added to ndm daemonset pods + podLabels: + name: openebs-ndm + nodeSelector: {} + tolerations: [] + securityContext: {} + filters: + enableOsDiskExcludeFilter: true + osDiskExcludePaths: "/,/etc/hosts,/boot" + enableVendorFilter: true + excludeVendors: "CLOUDBYT,OpenEBS" + enablePathFilter: true + includePaths: "" + excludePaths: "loop,fd0,sr0,/dev/ram,/dev/dm-,/dev/md,/dev/rbd,/dev/zd" + probes: + enableSeachest: false + enableUdevProbe: true + enableSmartProbe: true + healthCheck: + initialDelaySeconds: 30 + periodSeconds: 60 + +ndmOperator: + name: operator + enabled: true + image: + registry: + repository: openebs/node-disk-operator + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 1.6.0 + podLabels: + name: openebs-ndm-operator + annotations: {} + podAnnotations: {} + nodeSelector: {} + resources: {} + securityContext: {} + tolerations: [] + healthCheck: + initialDelaySeconds: 15 + periodSeconds: 20 + readinessCheck: + initialDelaySeconds: 5 + periodSeconds: 10 + replicas: 1 + upgradeStrategy: Recreate + +helperPod: + image: + registry: "" + repository: openebs/linux-utils + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 2.11.0 + +crd: + enableInstall: false + +featureGates: + enabled: true + GPTBasedUUID: + enabled: true + featureGateFlag: "GPTBasedUUID" + APIService: + enabled: false + featureGateFlag: "APIService" + address: "0.0.0.0:9115" + UseOSDisk: + enabled: false + featureGateFlag: "UseOSDisk" + MountChangeDetection: + enabled: false + featureGateFlag: "MountChangeDetection" + +# Directory used by the OpenEBS to store debug information and so forth +# that are generated in the course of running OpenEBS containers. +varDirectoryPath: + baseDir: "/var/openebs" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: openebs-ndm diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorbackup.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorbackup.yaml new file mode 100644 index 000000000..64e738422 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorbackup.yaml @@ -0,0 +1,93 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: cstorbackups.cstor.openebs.io +spec: + group: cstor.openebs.io + names: + kind: CStorBackup + listKind: CStorBackupList + plural: cstorbackups + shortNames: + - cbackup + singular: cstorbackup + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Name of the volume for which this backup is destined + jsonPath: .spec.volumeName + name: Volume + type: string + - description: Name of the backup or scheduled backup + jsonPath: .spec.backupName + name: Backup/Schedule + type: string + - description: Identifies the phase of the backup + jsonPath: .status + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: CStorBackup describes a cstor backup resource created as a custom + resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CStorBackupSpec is the spec for a CStorBackup resource + properties: + backupDest: + description: BackupDest is the remote address for backup transfer + type: string + backupName: + description: BackupName is the name of the backup or scheduled backup + type: string + localSnap: + description: LocalSnap is the flag to enable local snapshot only + type: boolean + prevSnapName: + description: PrevSnapName is the last completed-backup's snapshot + name + type: string + snapName: + description: SnapName is the name of the current backup snapshot + type: string + volumeName: + description: VolumeName is the name of the volume for which this backup + is destined + type: string + required: + - backupName + - snapName + - volumeName + type: object + status: + description: CStorBackupStatus is a string type that represents the status + of the backup + type: string + required: + - spec + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorcompletedbackup.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorcompletedbackup.yaml new file mode 100644 index 000000000..dd48bfb29 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorcompletedbackup.yaml @@ -0,0 +1,80 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: cstorcompletedbackups.cstor.openebs.io +spec: + group: cstor.openebs.io + names: + kind: CStorCompletedBackup + listKind: CStorCompletedBackupList + plural: cstorcompletedbackups + shortNames: + - ccompletedbackup + singular: cstorcompletedbackup + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Volume name on which backup is performed + jsonPath: .spec.volumeName + name: Volume + type: string + - description: Name of the backup or scheduled backup + jsonPath: .spec.backupName + name: Backup/Schedule + type: string + - description: Last successfully backup snapshot + jsonPath: .spec.lastSnapName + name: LastSnap + type: string + name: v1 + schema: + openAPIV3Schema: + description: CStorCompletedBackup describes a cstor completed-backup resource + created as custom resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CStorCompletedBackupSpec is the spec for a CStorBackup resource + properties: + backupName: + description: BackupName is the name of backup or scheduled backup + type: string + lastSnapName: + description: LastSnapName is the name of last completed-backup's snapshot + name + type: string + secondLastSnapName: + description: SecondLastSnapName is the name of second last 'successfully' + completed-backup's snapshot + type: string + volumeName: + description: VolumeName is the name of volume for which this backup + is destined + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorpoolcluster.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorpoolcluster.yaml new file mode 100644 index 000000000..abce8a968 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorpoolcluster.yaml @@ -0,0 +1,491 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: cstorpoolclusters.cstor.openebs.io +spec: + group: cstor.openebs.io + names: + kind: CStorPoolCluster + listKind: CStorPoolClusterList + plural: cstorpoolclusters + shortNames: + - cspc + singular: cstorpoolcluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The number of healthy cStorPoolInstances + jsonPath: .status.healthyInstances + name: HealthyInstances + type: integer + - description: The number of provisioned cStorPoolInstances + jsonPath: .status.provisionedInstances + name: ProvisionedInstances + type: integer + - description: The number of desired cStorPoolInstances + jsonPath: .status.desiredInstances + name: DesiredInstances + type: integer + - description: Age of CStorPoolCluster + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: CStorPoolCluster describes a CStorPoolCluster custom resource. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CStorPoolClusterSpec is the spec for a CStorPoolClusterSpec + resource + properties: + auxResources: + description: AuxResources are the compute resources required by the + cstor-pool pod side car containers. + nullable: true + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + pools: + description: Pools is the spec for pools for various nodes where it + should be created. + items: + description: PoolSpec is the spec for pool on node where it should + be created. + properties: + dataRaidGroups: + description: DataRaidGroups is the raid group configuration + for the given pool. + items: + description: RaidGroup contains the details of a raid group + for the pool + properties: + blockDevices: + items: + description: CStorPoolInstanceBlockDevice contains the + details of block devices that constitutes a raid group. + properties: + blockDeviceName: + description: BlockDeviceName is the name of the + block device. + type: string + capacity: + description: Capacity is the capacity of the block + device. It is system generated + format: int64 + type: integer + devLink: + description: DevLink is the dev link for block devices + type: string + required: + - blockDeviceName + type: object + type: array + required: + - blockDevices + type: object + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector is the labels that will be used to + select a node for pool provisioning. Required field + type: object + poolConfig: + description: PoolConfig is the default pool config that applies + to the pool on node. + properties: + auxResources: + description: AuxResources are the compute resources required + by the cstor-pool pod side car containers. + nullable: true + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + compression: + description: 'Compression to enable compression Optional + -- defaults to off Possible values : lz, off' + type: string + dataRaidGroupType: + description: DataRaidGroupType is the raid type. + type: string + priorityClassName: + description: PriorityClassName if specified applies to this + pool pod If left empty, DefaultPriorityClassName is applied. + (See CStorPoolClusterSpec.DefaultPriorityClassName) If + both are empty, not priority class is applied. + nullable: true + type: string + resources: + description: Resources are the compute resources required + by the cstor-pool container. + nullable: true + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + roThresholdLimit: + description: 'ROThresholdLimit is threshold(percentage base) + limit for pool read only mode. If ROThresholdLimit(%) + amount of pool storage is reached then pool will set to + readonly. NOTE: 1. If ROThresholdLimit is set to 100 then + entire pool storage will be used by default it will + be set to 85%. 2. ROThresholdLimit value will be 0 <= + ROThresholdLimit <= 100.' + nullable: true + type: integer + thickProvision: + description: ThickProvision to enable thick provisioning + Optional -- defaults to false + type: boolean + tolerations: + description: Tolerations, if specified, the pool pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple + using the matching operator . + properties: + effect: + description: Effect indicates the taint effect to + match. Empty means match all taint effects. When + specified, allowed values are NoSchedule, PreferNoSchedule + and NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If + the key is empty, operator must be Exists; this + combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints + of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect + NoExecute, otherwise this field is ignored) tolerates + the taint. By default, it is not set, which means + tolerate the taint forever (do not evict). Zero + and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value + should be empty, otherwise just a regular string. + type: string + type: object + nullable: true + type: array + writeCacheGroupType: + description: WriteCacheGroupType is the write cache raid + type. + type: string + required: + - dataRaidGroupType + type: object + writeCacheRaidGroups: + description: WriteCacheRaidGroups is the write cache raid group. + items: + description: RaidGroup contains the details of a raid group + for the pool + properties: + blockDevices: + items: + description: CStorPoolInstanceBlockDevice contains the + details of block devices that constitutes a raid group. + properties: + blockDeviceName: + description: BlockDeviceName is the name of the + block device. + type: string + capacity: + description: Capacity is the capacity of the block + device. It is system generated + format: int64 + type: integer + devLink: + description: DevLink is the dev link for block devices + type: string + required: + - blockDeviceName + type: object + type: array + required: + - blockDevices + type: object + nullable: true + type: array + required: + - dataRaidGroups + - nodeSelector + type: object + type: array + priorityClassName: + description: DefaultPriorityClassName if specified applies to all + the pool pods in the pool spec if the priorityClass at the pool + level is not specified. + type: string + resources: + description: DefaultResources are the compute resources required by + the cstor-pool container. If the resources at PoolConfig is not + specified, this is written to CSPI PoolConfig. + nullable: true + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + tolerations: + description: Tolerations, if specified, are the pool pod's tolerations + If tolerations at PoolConfig is empty, this is written to CSPI PoolConfig. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + nullable: true + type: array + type: object + status: + description: CStorPoolClusterStatus represents the latest available observations + of a CSPC's current state. + properties: + conditions: + description: Current state of CSPC. + items: + description: CStorPoolClusterCondition describes the state of a + CSPC at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of CSPC condition. + type: string + required: + - status + - type + type: object + nullable: true + type: array + desiredInstances: + description: DesiredInstances is the number of CSPI(s) that should + be provisioned. + format: int32 + nullable: true + type: integer + healthyInstances: + description: HealthyInstances is the number of CSPI(s) that are healthy. + format: int32 + nullable: true + type: integer + provisionedInstances: + description: ProvisionedInstances is the the number of CSPI present + at the current state. + format: int32 + nullable: true + type: integer + type: object + versionDetails: + description: VersionDetails provides the details for upgrade + properties: + autoUpgrade: + description: If AutoUpgrade is set to true then the resource is upgraded + automatically without any manual steps + type: boolean + desired: + description: Desired is the version that we want to upgrade or the + control plane version + type: string + status: + description: Status gives the status of reconciliation triggered when + the desired and current version are not same + properties: + current: + description: Current is the version of resource + type: string + dependentsUpgraded: + description: DependentsUpgraded gives the details whether all + children of a resource are upgraded to desired version or not + type: boolean + lastUpdateTime: + description: LastUpdateTime is the time the status was last updated + format: date-time + nullable: true + type: string + message: + description: Message is a human readable message if some error + occurs + type: string + reason: + description: Reason is the actual reason for the error state + type: string + state: + description: State is the state of reconciliation + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorpoolinstance.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorpoolinstance.yaml new file mode 100644 index 000000000..7766c6a01 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorpoolinstance.yaml @@ -0,0 +1,455 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: cstorpoolinstances.cstor.openebs.io +spec: + group: cstor.openebs.io + names: + kind: CStorPoolInstance + listKind: CStorPoolInstanceList + plural: cstorpoolinstances + shortNames: + - cspi + singular: cstorpoolinstance + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Host name where cstorpool instances scheduled + jsonPath: .spec.hostName + name: HostName + type: string + - description: The amount of storage space within the pool that has been physically + allocated + jsonPath: .status.capacity.used + name: Allocated + priority: 1 + type: string + - description: The amount of usable free space available in the pool + jsonPath: .status.capacity.free + name: Free + type: string + - description: Total amount of usable space in pool + jsonPath: .status.capacity.total + name: Capacity + type: string + - description: Identifies the pool read only mode + jsonPath: .status.readOnly + name: ReadOnly + type: boolean + - description: Represents no.of replicas present in the pool + jsonPath: .status.provisionedReplicas + name: ProvisionedReplicas + type: integer + - description: Represents no.of healthy replicas present in the pool + jsonPath: .status.healthyReplicas + name: HealthyReplicas + type: integer + - description: Represents the type of the storage pool + jsonPath: .spec.poolConfig.dataRaidGroupType + name: Type + priority: 1 + type: string + - description: Identifies the current health of the pool + jsonPath: .status.phase + name: Status + type: string + - description: Age of CStorPoolInstance + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: CStorPoolInstance describes a cstor pool instance resource. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec is the specification of the cstorpoolinstance resource. + properties: + dataRaidGroups: + description: DataRaidGroups is the raid group configuration for the + given pool. + items: + description: RaidGroup contains the details of a raid group for + the pool + properties: + blockDevices: + items: + description: CStorPoolInstanceBlockDevice contains the details + of block devices that constitutes a raid group. + properties: + blockDeviceName: + description: BlockDeviceName is the name of the block + device. + type: string + capacity: + description: Capacity is the capacity of the block device. + It is system generated + format: int64 + type: integer + devLink: + description: DevLink is the dev link for block devices + type: string + required: + - blockDeviceName + type: object + type: array + required: + - blockDevices + type: object + type: array + hostName: + description: HostName is the name of kubernetes node where the pool + should be created. + type: string + nodeSelector: + additionalProperties: + type: string + description: NodeSelector is the labels that will be used to select + a node for pool provisioning. Required field + type: object + poolConfig: + description: PoolConfig is the default pool config that applies to + the pool on node. + properties: + auxResources: + description: AuxResources are the compute resources required by + the cstor-pool pod side car containers. + nullable: true + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + compression: + description: 'Compression to enable compression Optional -- defaults + to off Possible values : lz, off' + type: string + dataRaidGroupType: + description: DataRaidGroupType is the raid type. + type: string + priorityClassName: + description: PriorityClassName if specified applies to this pool + pod If left empty, DefaultPriorityClassName is applied. (See + CStorPoolClusterSpec.DefaultPriorityClassName) If both are empty, + not priority class is applied. + nullable: true + type: string + resources: + description: Resources are the compute resources required by the + cstor-pool container. + nullable: true + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + roThresholdLimit: + description: 'ROThresholdLimit is threshold(percentage base) limit + for pool read only mode. If ROThresholdLimit(%) amount of pool + storage is reached then pool will set to readonly. NOTE: 1. + If ROThresholdLimit is set to 100 then entire pool storage + will be used by default it will be set to 85%. 2. ROThresholdLimit + value will be 0 <= ROThresholdLimit <= 100.' + nullable: true + type: integer + thickProvision: + description: ThickProvision to enable thick provisioning Optional + -- defaults to false + type: boolean + tolerations: + description: Tolerations, if specified, the pool pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + nullable: true + type: array + writeCacheGroupType: + description: WriteCacheGroupType is the write cache raid type. + type: string + required: + - dataRaidGroupType + type: object + writeCacheRaidGroups: + description: WriteCacheRaidGroups is the write cache raid group. + items: + description: RaidGroup contains the details of a raid group for + the pool + properties: + blockDevices: + items: + description: CStorPoolInstanceBlockDevice contains the details + of block devices that constitutes a raid group. + properties: + blockDeviceName: + description: BlockDeviceName is the name of the block + device. + type: string + capacity: + description: Capacity is the capacity of the block device. + It is system generated + format: int64 + type: integer + devLink: + description: DevLink is the dev link for block devices + type: string + required: + - blockDeviceName + type: object + type: array + required: + - blockDevices + type: object + nullable: true + type: array + required: + - dataRaidGroups + - nodeSelector + type: object + status: + description: Status is the possible statuses of the cstorpoolinstance + resource. + properties: + capacity: + description: Capacity describes the capacity details of a cstor pool + properties: + free: + anyOf: + - type: integer + - type: string + description: Amount of usable space in the pool after excluding + metadata and raid parity + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + total: + anyOf: + - type: integer + - type: string + description: Sum of usable capacity in all the data raidgroups + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + used: + anyOf: + - type: integer + - type: string + description: Amount of physical data (and its metadata) written + to pool after applying compression, etc.., + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + zfs: + description: ZFSCapacityAttributes contains advanced information + about pool capacity details + properties: + logicalUsed: + anyOf: + - type: integer + - type: string + description: LogicalUsed is the amount of space that is "logically" + consumed by this pool and all its descendents. The logical + space ignores the effect of the compression and copies properties, + giving a quantity closer to the amount of data that applications + see. However, it does include space consumed by metadata. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + required: + - logicalUsed + type: object + required: + - free + - total + - used + - zfs + type: object + conditions: + description: Current state of CSPI with details. + items: + description: CSPIConditionType describes the state of a CSPI at + a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of CSPC condition. + type: string + required: + - status + - type + type: object + type: array + healthyReplicas: + description: HealthyReplicas describes the total count of healthy + Volume Replicas in the cstor pool + format: int32 + type: integer + phase: + description: ' The phase of a CStorPool is a simple, high-level summary + of the pool state on the node.' + type: string + provisionedReplicas: + description: ProvisionedReplicas describes the total count of Volume + Replicas present in the cstor pool + format: int32 + type: integer + readOnly: + description: ReadOnly if pool is readOnly or not + type: boolean + required: + - healthyReplicas + - provisionedReplicas + - readOnly + type: object + versionDetails: + description: VersionDetails is the openebs version. + properties: + autoUpgrade: + description: If AutoUpgrade is set to true then the resource is upgraded + automatically without any manual steps + type: boolean + desired: + description: Desired is the version that we want to upgrade or the + control plane version + type: string + status: + description: Status gives the status of reconciliation triggered when + the desired and current version are not same + properties: + current: + description: Current is the version of resource + type: string + dependentsUpgraded: + description: DependentsUpgraded gives the details whether all + children of a resource are upgraded to desired version or not + type: boolean + lastUpdateTime: + description: LastUpdateTime is the time the status was last updated + format: date-time + nullable: true + type: string + message: + description: Message is a human readable message if some error + occurs + type: string + reason: + description: Reason is the actual reason for the error state + type: string + state: + description: State is the state of reconciliation + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorrestore.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorrestore.yaml new file mode 100644 index 000000000..d013407fc --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorrestore.yaml @@ -0,0 +1,106 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: cstorrestores.cstor.openebs.io +spec: + group: cstor.openebs.io + names: + kind: CStorRestore + listKind: CStorRestoreList + plural: cstorrestores + shortNames: + - crestore + singular: cstorrestore + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Name of the snapshot which is restored + jsonPath: .spec.restoreName + name: Backup + type: string + - description: Volume on which restore is performed + jsonPath: .spec.volumeName + name: Volume + type: string + - description: Identifies the state of the restore + jsonPath: .status + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: CStorRestore describes a cstor restore resource created as a + custom resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CStorRestoreSpec is the spec for a CStorRestore resource + properties: + localRestore: + description: Local defines whether restore is from local/remote + type: boolean + maxretrycount: + description: MaxRestoreRetryCount is the maximum number of attempt, + will be performed to restore + type: integer + restoreName: + description: RestoreName holds restore name + type: string + restoreSrc: + description: RestoreSrc can be ip:port in case of restore from remote + or volumeName in case of local restore + type: string + retrycount: + description: RetryCount represents the number of restore attempts + performed for the restore + type: integer + size: + anyOf: + - type: integer + - type: string + description: Size represents the size of a snapshot to restore + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + storageClass: + description: StorageClass represents name of StorageClass of restore + volume + type: string + volumeName: + description: VolumeName is used to restore the data to corresponding + volume + type: string + required: + - restoreName + - restoreSrc + - volumeName + type: object + status: + description: CStorRestoreStatus is a string type that represents the status + of the restore + type: string + required: + - spec + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolume.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolume.yaml new file mode 100644 index 000000000..ac9dd22d2 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolume.yaml @@ -0,0 +1,271 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: cstorvolumes.cstor.openebs.io +spec: + group: cstor.openebs.io + names: + kind: CStorVolume + listKind: CStorVolumeList + plural: cstorvolumes + shortNames: + - cv + singular: cstorvolume + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Current volume capacity + jsonPath: .status.capacity + name: Capacity + type: string + - description: Identifies the current health of the volume + jsonPath: .status.phase + name: Status + type: string + - description: Age of CStorVolume + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: CStorVolume describes a cstor volume resource created as custom + resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CStorVolumeSpec is the spec for a CStorVolume resource + properties: + capacity: + anyOf: + - type: integer + - type: string + description: Capacity represents the desired size of the underlying + volume. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + consistencyFactor: + description: ConsistencyFactor is minimum number of volume replicas + i.e. `RF/2 + 1` has to be connected to the target for write operations. + Basically more then 50% of replica has to be connected to target. + type: integer + desiredReplicationFactor: + description: DesiredReplicationFactor represents maximum number of + replicas that are allowed to connect to the target. Required for + scale operations + type: integer + iqn: + description: Target iSCSI Qualified Name.combination of nodeBase + type: string + replicaDetails: + description: ReplicaDetails refers to the trusty replica information + properties: + knownReplicas: + additionalProperties: + type: string + description: KnownReplicas represents the replicas that target + can trust to read data + type: object + type: object + replicationFactor: + description: ReplicationFactor represents number of volume replica + created during volume provisioning connect to the target + type: integer + targetIP: + description: TargetIP IP of the iSCSI target service + type: string + targetPort: + description: iSCSI Target Port typically TCP ports 3260 + type: string + targetPortal: + description: iSCSI Target Portal. The Portal is combination of IP:port + (typically TCP ports 3260) + type: string + type: object + status: + description: CStorVolumeStatus is for handling status of cvr. + properties: + capacity: + anyOf: + - type: integer + - type: string + description: Represents the actual capacity of the underlying volume. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + conditions: + description: Current Condition of cstorvolume. If underlying persistent + volume is being resized then the Condition will be set to 'ResizePending'. + items: + description: CStorVolumeCondition contains details about state of + cstorvolume + properties: + lastProbeTime: + description: Last time we probed the condition. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, this should be a short, machine understandable + string that gives the reason for condition's last transition. + If it reports "ResizePending" that means the underlying cstorvolume + is being resized. + type: string + status: + description: ConditionStatus states in which state condition + is present + type: string + type: + description: CStorVolumeConditionType is a valid value of CStorVolumeCondition.Type + type: string + required: + - status + - type + type: object + type: array + lastTransitionTime: + description: LastTransitionTime refers to the time when the phase + changes + format: date-time + nullable: true + type: string + lastUpdateTime: + description: LastUpdateTime refers to the time when last status updated + due to any operations + format: date-time + nullable: true + type: string + message: + description: A human-readable message indicating details about why + the volume is in this state. + type: string + phase: + description: CStorVolumePhase is to hold result of action. + type: string + replicaDetails: + description: ReplicaDetails refers to the trusty replica information + properties: + knownReplicas: + additionalProperties: + type: string + description: KnownReplicas represents the replicas that target + can trust to read data + type: object + type: object + replicaStatuses: + items: + description: ReplicaStatus stores the status of replicas + properties: + checkpointedIOSeq: + description: Represents IO number of replica persisted on the + disk + type: string + inflightRead: + description: Ongoing reads I/O from target to replica + type: string + inflightSync: + description: Ongoing sync I/O from target to replica + type: string + inflightWrite: + description: ongoing writes I/O from target to replica + type: string + mode: + description: Mode represents replica status i.e. Healthy, Degraded + type: string + quorum: + description: 'Quorum indicates whether data wrtitten to the + replica is lost or exists. "0" means: data has been lost( + might be ephimeral case) and will recostruct data from other + Healthy replicas in a write-only mode 1 means: written data + is exists on replica' + type: string + replicaId: + description: ID is replica unique identifier + type: string + upTime: + description: time since the replica connected to target + type: integer + required: + - checkpointedIOSeq + - inflightRead + - inflightSync + - inflightWrite + - mode + - quorum + - replicaId + - upTime + type: object + type: array + type: object + versionDetails: + description: VersionDetails provides the details for upgrade + properties: + autoUpgrade: + description: If AutoUpgrade is set to true then the resource is upgraded + automatically without any manual steps + type: boolean + desired: + description: Desired is the version that we want to upgrade or the + control plane version + type: string + status: + description: Status gives the status of reconciliation triggered when + the desired and current version are not same + properties: + current: + description: Current is the version of resource + type: string + dependentsUpgraded: + description: DependentsUpgraded gives the details whether all + children of a resource are upgraded to desired version or not + type: boolean + lastUpdateTime: + description: LastUpdateTime is the time the status was last updated + format: date-time + nullable: true + type: string + message: + description: Message is a human readable message if some error + occurs + type: string + reason: + description: Reason is the actual reason for the error state + type: string + state: + description: State is the state of reconciliation + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolumeattachment.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolumeattachment.yaml new file mode 100644 index 000000000..bfa61a58a --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolumeattachment.yaml @@ -0,0 +1,130 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: cstorvolumeattachments.cstor.openebs.io +spec: + group: cstor.openebs.io + names: + kind: CStorVolumeAttachment + listKind: CStorVolumeAttachmentList + plural: cstorvolumeattachments + shortNames: + - cva + singular: cstorvolumeattachment + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: CStorVolumeAttachment represents a CSI based volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CStorVolumeAttachmentSpec is the spec for a CStorVolume resource + properties: + iscsi: + description: ISCSIInfo specific to ISCSI protocol, this is filled + only if the volume type is iSCSI + properties: + iqn: + description: Iqn of this volume + type: string + iscsiInterface: + description: IscsiInterface of this volume + type: string + lun: + description: 'Lun specify the lun number 0, 1.. on iSCSI Volume. + (default: 0)' + type: string + targetPortal: + description: TargetPortal holds the target portal of this volume + type: string + type: object + volume: + description: Volume specific info + properties: + accessModes: + description: AccessMode of a volume will hold the access mode + of the volume + items: + type: string + type: array + accessType: + description: AccessType of a volume will indicate if the volume + will be used as a block device or mounted on a path + type: string + capacity: + description: Capacity of the volume + type: string + devicePath: + description: Device Path specifies the device path which is returned + when the iSCSI login is successful + type: string + fsType: + description: FSType of a volume will specify the format type - + ext4(default), xfs of PV + type: string + mountOptions: + description: MountOptions specifies the options with which mount + needs to be attempted + items: + type: string + type: array + name: + description: Name of the CSI volume + type: string + ownerNodeID: + description: OwnerNodeID is the Node ID which is also the owner + of this Volume + type: string + readOnly: + description: ReadOnly specifies if the volume needs to be mounted + in ReadOnly mode + type: boolean + stagingTargetPath: + description: StagingPath of the volume will hold the path on which + the volume is mounted on that node + type: string + targetPath: + description: TargetPath of the volume will hold the path on which + the volume is bind mounted on that node + type: string + required: + - name + - ownerNodeID + type: object + required: + - iscsi + - volume + type: object + status: + description: CStorVolumeAttachmentStatus status represents the current + mount status of the volume + type: string + required: + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolumeconfig.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolumeconfig.yaml new file mode 100644 index 000000000..d4dfcc33b --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolumeconfig.yaml @@ -0,0 +1,639 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: cstorvolumeconfigs.cstor.openebs.io +spec: + group: cstor.openebs.io + names: + kind: CStorVolumeConfig + listKind: CStorVolumeConfigList + plural: cstorvolumeconfigs + shortNames: + - cvc + singular: cstorvolumeconfig + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Identifies the volume capacity + jsonPath: .status.capacity.storage + name: Capacity + type: string + - description: Identifies the volume provisioning status + jsonPath: .status.phase + name: Status + type: string + - description: Age of CStorVolumeReplica + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: CStorVolumeConfig describes a cstor volume config resource created + as custom resource. CStorVolumeConfig is a request for creating cstor volume + related resources like deployment, svc etc. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + publish: + description: Publish contains info related to attachment of a volume to + a node. i.e. NodeId etc. + properties: + nodeId: + description: NodeID contains publish info related to attachment of + a volume to a node. + type: string + type: object + spec: + description: Spec defines a specification of a cstor volume config required + to provisione cstor volume resources + properties: + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Capacity represents the actual resources of the underlying + cstor volume. + type: object + cstorVolumeRef: + description: CStorVolumeRef has the information about where CstorVolumeClaim + is created from. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + cstorVolumeSource: + description: CStorVolumeSource contains the source volumeName@snapShotname + combaination. This will be filled only if it is a clone creation. + type: string + policy: + description: Policy contains volume specific required policies target + and replicas + properties: + provision: + description: replicaAffinity is set to true then volume replica + resources need to be distributed across the pool instances + properties: + blockSize: + description: BlockSize is the logical block size in multiple + of 512 bytes BlockSize specifies the block size of the volume. + The blocksize cannot be changed once the volume has been + written, so it should be set at volume creation time. The + default blocksize for volumes is 4 Kbytes. Any power of + 2 from 512 bytes to 128 Kbytes is valid. + format: int32 + type: integer + replicaAffinity: + description: replicaAffinity is set to true then volume replica + resources need to be distributed across the cstor pool instances + based on the given topology + type: boolean + required: + - replicaAffinity + type: object + replica: + description: ReplicaSpec represents configuration related to replicas + resources + properties: + compression: + description: The zle compression algorithm compresses runs + of zeros. + type: string + zvolWorkers: + description: IOWorkers represents number of threads that executes + client IOs + type: string + type: object + replicaPoolInfo: + description: 'ReplicaPoolInfo holds the pool information of volume + replicas. Ex: If volume is provisioned on which CStor pool volume + replicas exist' + items: + description: ReplicaPoolInfo represents the pool information + of volume replica + properties: + poolName: + description: PoolName represents the pool name where volume + replica exists + type: string + required: + - poolName + type: object + type: array + target: + description: TargetSpec represents configuration related to cstor + target and its resources + properties: + affinity: + description: PodAffinity if specified, are the target pod's + affinities + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + auxResources: + description: AuxResources are the compute resources required + by the cstor-target pod side car containers. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + luWorkers: + description: IOWorkers sets the number of threads that are + working on above queue + format: int64 + type: integer + monitor: + description: Monitor enables or disables the target exporter + sidecar + type: boolean + nodeSelector: + additionalProperties: + type: string + description: NodeSelector is the labels that will be used + to select a node for target pod scheduleing Required field + type: object + priorityClassName: + description: PriorityClassName if specified applies to this + target pod If left empty, no priority class is applied. + type: string + queueDepth: + description: QueueDepth sets the queue size at iSCSI target + which limits the ongoing IO count from client + type: string + replicationFactor: + description: ReplicationFactor represents maximum number of + replicas that are allowed to connect to the target + format: int64 + type: integer + resources: + description: Resources are the compute resources required + by the cstor-target container. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + tolerations: + description: Tolerations, if specified, are the target pod's + tolerations + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value should + be empty, otherwise just a regular string. + type: string + type: object + type: array + type: object + type: object + provision: + description: Provision represents the initial volume configuration + for the underlying cstor volume based on the persistent volume request + by user. Provision properties are immutable + properties: + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Capacity represents initial capacity of volume replica + required during volume clone operations to maintain some metadata + info related to child resources like snapshot, cloned volumes. + type: object + replicaCount: + description: ReplicaCount represents initial cstor volume replica + count, its will not be updated later on based on scale up/down + operations, only readonly operations and validations. + type: integer + required: + - capacity + - replicaCount + type: object + required: + - capacity + - policy + - provision + type: object + status: + description: Status represents the current information/status for the + cstor volume config, populated by the controller. + properties: + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Capacity the actual resources of the underlying volume. + type: object + condition: + items: + description: CStorVolumeConfigCondition contains details about state + of cstor volume + properties: + lastProbeTime: + description: Last time we probed the condition. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Reason is a brief CamelCase string that describes + any failure + type: string + type: + description: Current Condition of cstor volume config. If underlying + persistent volume is being resized then the Condition will + be set to 'ResizeStarted' etc + type: string + required: + - message + - reason + - type + type: object + type: array + phase: + description: Phase represents the current phase of CStorVolumeConfig. + type: string + poolInfo: + description: PoolInfo represents current pool names where volume replicas + exists + items: + type: string + type: array + type: object + versionDetails: + description: VersionDetails provides the details for upgrade + properties: + autoUpgrade: + description: If AutoUpgrade is set to true then the resource is upgraded + automatically without any manual steps + type: boolean + desired: + description: Desired is the version that we want to upgrade or the + control plane version + type: string + status: + description: Status gives the status of reconciliation triggered when + the desired and current version are not same + properties: + current: + description: Current is the version of resource + type: string + dependentsUpgraded: + description: DependentsUpgraded gives the details whether all + children of a resource are upgraded to desired version or not + type: boolean + lastUpdateTime: + description: LastUpdateTime is the time the status was last updated + format: date-time + nullable: true + type: string + message: + description: Message is a human readable message if some error + occurs + type: string + reason: + description: Reason is the actual reason for the error state + type: string + state: + description: State is the state of reconciliation + type: string + type: object + type: object + required: + - spec + - status + - versionDetails + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolumepolicy.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolumepolicy.yaml new file mode 100644 index 000000000..cd0b942c5 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolumepolicy.yaml @@ -0,0 +1,425 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: cstorvolumepolicies.cstor.openebs.io +spec: + group: cstor.openebs.io + names: + kind: CStorVolumePolicy + listKind: CStorVolumePolicyList + plural: cstorvolumepolicies + shortNames: + - cvp + singular: cstorvolumepolicy + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: CStorVolumePolicy describes a configuration required for cstor + volume resources + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines a configuration info of a cstor volume required + to provisione cstor volume resources + properties: + provision: + description: replicaAffinity is set to true then volume replica resources + need to be distributed across the pool instances + properties: + blockSize: + description: BlockSize is the logical block size in multiple of + 512 bytes BlockSize specifies the block size of the volume. + The blocksize cannot be changed once the volume has been written, + so it should be set at volume creation time. The default blocksize + for volumes is 4 Kbytes. Any power of 2 from 512 bytes to 128 + Kbytes is valid. + format: int32 + type: integer + replicaAffinity: + description: replicaAffinity is set to true then volume replica + resources need to be distributed across the cstor pool instances + based on the given topology + type: boolean + required: + - replicaAffinity + type: object + replica: + description: ReplicaSpec represents configuration related to replicas + resources + properties: + compression: + description: The zle compression algorithm compresses runs of + zeros. + type: string + zvolWorkers: + description: IOWorkers represents number of threads that executes + client IOs + type: string + type: object + replicaPoolInfo: + description: 'ReplicaPoolInfo holds the pool information of volume + replicas. Ex: If volume is provisioned on which CStor pool volume + replicas exist' + items: + description: ReplicaPoolInfo represents the pool information of + volume replica + properties: + poolName: + description: PoolName represents the pool name where volume + replica exists + type: string + required: + - poolName + type: object + type: array + target: + description: TargetSpec represents configuration related to cstor + target and its resources + properties: + affinity: + description: PodAffinity if specified, are the target pod's affinities + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + auxResources: + description: AuxResources are the compute resources required by + the cstor-target pod side car containers. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + luWorkers: + description: IOWorkers sets the number of threads that are working + on above queue + format: int64 + type: integer + monitor: + description: Monitor enables or disables the target exporter sidecar + type: boolean + nodeSelector: + additionalProperties: + type: string + description: NodeSelector is the labels that will be used to select + a node for target pod scheduleing Required field + type: object + priorityClassName: + description: PriorityClassName if specified applies to this target + pod If left empty, no priority class is applied. + type: string + queueDepth: + description: QueueDepth sets the queue size at iSCSI target which + limits the ongoing IO count from client + type: string + replicationFactor: + description: ReplicationFactor represents maximum number of replicas + that are allowed to connect to the target + format: int64 + type: integer + resources: + description: Resources are the compute resources required by the + cstor-target container. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + tolerations: + description: Tolerations, if specified, are the target pod's tolerations + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + type: object + type: object + status: + description: CStorVolumePolicyStatus is for handling status of CstorVolumePolicy + properties: + phase: + type: string + type: object + required: + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolumereplica.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolumereplica.yaml new file mode 100644 index 000000000..ff60226d2 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/cstorvolumereplica.yaml @@ -0,0 +1,216 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: cstorvolumereplicas.cstor.openebs.io +spec: + group: cstor.openebs.io + names: + kind: CStorVolumeReplica + listKind: CStorVolumeReplicaList + plural: cstorvolumereplicas + shortNames: + - cvr + singular: cstorvolumereplica + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The amount of disk space consumed by a dataset and all its descendents + jsonPath: .status.capacity.total + name: Allocated + type: string + - description: The amount of space that is logically consumed by this dataset + jsonPath: .status.capacity.used + name: Used + type: string + - description: Identifies the current state of the replicas + jsonPath: .status.phase + name: Status + type: string + - description: Age of CStorVolumeReplica + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: CStorVolumeReplica describes a cstor volume resource created + as custom resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CStorVolumeReplicaSpec is the spec for a CStorVolumeReplica + resource + properties: + blockSize: + description: BlockSize is the logical block size in multiple of 512 + bytes BlockSize specifies the block size of the volume. The blocksize + cannot be changed once the volume has been written, so it should + be set at volume creation time. The default blocksize for volumes + is 4 Kbytes. Any power of 2 from 512 bytes to 128 Kbytes is valid. + format: int32 + type: integer + capacity: + description: Represents the actual capacity of the underlying volume + type: string + compression: + description: 'Controls the compression algorithm used for this volumes + examples: on|off|gzip|gzip-N|lz4|lzjb|zle' + type: string + replicaid: + description: ReplicaID is unique number to identify the replica + type: string + targetIP: + description: TargetIP represents iscsi target IP through which replica + cummunicates IO workloads and other volume operations like snapshot + and resize requests + type: string + zvolWorkers: + description: ZvolWorkers represents number of threads that executes + client IOs + type: string + type: object + status: + description: CStorVolumeReplicaStatus is for handling status of cvr. + properties: + capacity: + description: CStorVolumeCapacityDetails represents capacity info of + replica + properties: + total: + description: The amount of space consumed by this volume replica + and all its descendents + type: string + used: + description: The amount of space that is "logically" accessible + by this dataset. The logical space ignores the effect of the + compression and copies properties, giving a quantity closer + to the amount of data that applications see. However, it does + include space consumed by metadata + type: string + required: + - total + - used + type: object + lastTransitionTime: + description: LastTransitionTime refers to the time when the phase + changes + format: date-time + nullable: true + type: string + lastUpdateTime: + description: The last updated time + format: date-time + nullable: true + type: string + message: + description: A human readable message indicating details about the + transition. + type: string + pendingSnapshots: + additionalProperties: + description: CStorSnapshotInfo represents the snapshot information + related to particular snapshot + properties: + logicalReferenced: + description: LogicalReferenced describes the amount of space + that is "logically" accessible by this snapshot. This logical + space ignores the effect of the compression and copies properties, + giving a quantity closer to the amount of data that application + see. It also includes space consumed by metadata. + format: int64 + type: integer + required: + - logicalReferenced + type: object + description: PendingSnapshots contains list of pending snapshots that + are not yet available on this replica + type: object + phase: + description: CStorVolumeReplicaPhase is to holds different phases + of replica + type: string + snapshots: + additionalProperties: + description: CStorSnapshotInfo represents the snapshot information + related to particular snapshot + properties: + logicalReferenced: + description: LogicalReferenced describes the amount of space + that is "logically" accessible by this snapshot. This logical + space ignores the effect of the compression and copies properties, + giving a quantity closer to the amount of data that application + see. It also includes space consumed by metadata. + format: int64 + type: integer + required: + - logicalReferenced + type: object + description: Snapshots contains list of snapshots, and their properties, + created on CVR + type: object + type: object + versionDetails: + description: VersionDetails provides the details for upgrade + properties: + autoUpgrade: + description: If AutoUpgrade is set to true then the resource is upgraded + automatically without any manual steps + type: boolean + desired: + description: Desired is the version that we want to upgrade or the + control plane version + type: string + status: + description: Status gives the status of reconciliation triggered when + the desired and current version are not same + properties: + current: + description: Current is the version of resource + type: string + dependentsUpgraded: + description: DependentsUpgraded gives the details whether all + children of a resource are upgraded to desired version or not + type: boolean + lastUpdateTime: + description: LastUpdateTime is the time the status was last updated + format: date-time + nullable: true + type: string + message: + description: Message is a human readable message if some error + occurs + type: string + reason: + description: Reason is the actual reason for the error state + type: string + state: + description: State is the state of reconciliation + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/migrationtask.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/migrationtask.yaml new file mode 100644 index 000000000..4dd2e5432 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/migrationtask.yaml @@ -0,0 +1,128 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: migrationtasks.openebs.io +spec: + group: openebs.io + names: + kind: MigrationTask + listKind: MigrationTaskList + plural: migrationtasks + shortNames: + - mtask + singular: migrationtask + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: MigrationTask represents an migration task + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec i.e. specifications of the MigrationTask + properties: + cstorPool: + description: MigrateCStorPool contains the details of the cstor pool + to be migrated + properties: + rename: + description: If a CSPC with the same name as SPC already exists + then we can rename SPC during migration using Rename + type: string + spcName: + description: SPCName contains the name of the storage pool claim + to be migrated + type: string + type: object + cstorVolume: + description: MigrateCStorVolume contains the details of the cstor + volume to be migrated + properties: + pvName: + description: PVName contains the name of the pv associated with + the cstor volume to be migrated + type: string + type: object + type: object + status: + description: Status of MigrationTask + properties: + completedTime: + description: CompletedTime of Migrate + format: date-time + nullable: true + type: string + migrationDetailedStatuses: + description: MigrationDetailedStatuses contains the list of statuses + of each step + items: + description: MigrationDetailedStatuses represents the latest available + observations of a MigrationTask current state. + properties: + lastUpdatedAt: + description: LastUpdatedTime of a MigrateStep + format: date-time + nullable: true + type: string + message: + description: A human-readable message indicating details about + why the migrationStep is in this state + type: string + phase: + description: Phase indicates if the MigrateStep is waiting, + errored or completed. + type: string + reason: + description: Reason is a brief CamelCase string that describes + any failure and is meant for machine parsing and tidy display + in the CLI + type: string + startTime: + description: StartTime of a MigrateStep + format: date-time + nullable: true + type: string + step: + type: string + type: object + type: array + phase: + description: Phase indicates if a migrationTask is started, success + or errored + type: string + retries: + description: Retries is the number of times the job attempted to migration + the resource + type: integer + startTime: + description: StartTime of Migrate + format: date-time + nullable: true + type: string + type: object + required: + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/upgradetask.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/upgradetask.yaml new file mode 100644 index 000000000..ab35065be --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/upgradetask.yaml @@ -0,0 +1,257 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: upgradetasks.openebs.io +spec: + group: openebs.io + names: + kind: UpgradeTask + listKind: UpgradeTaskList + plural: upgradetasks + singular: upgradetask + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: UpgradeTask represents an upgrade task + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec i.e. specifications of the UpgradeTask + properties: + cstorPool: + description: CStorPool contains the details of the cstor pool to be + upgraded + properties: + options: + description: Options can be used to change the default behaviour + of upgrade + properties: + ignoreStepsOnError: + description: IgnoreStepsOnError allows to ignore steps which + failed + items: + type: string + type: array + type: object + poolName: + description: PoolName contains the name of the cstor pool to be + upgraded + type: string + type: object + cstorPoolCluster: + description: CStorPoolCluster contains the details of the storage + pool claim to be upgraded + properties: + cspcName: + description: CSPCName contains the name of the storage pool claim + to be upgraded + type: string + options: + description: Options can be used to change the default behaviour + of upgrade + properties: + ignoreStepsOnError: + description: IgnoreStepsOnError allows to ignore steps which + failed + items: + type: string + type: array + type: object + type: object + cstorPoolInstance: + description: CStorPoolInstance contains the details of the cstor pool + to be upgraded + properties: + cspiName: + description: CSPCName contains the name of the storage pool claim + to be upgraded + type: string + options: + description: Options can be used to change the default behaviour + of upgrade + properties: + ignoreStepsOnError: + description: IgnoreStepsOnError allows to ignore steps which + failed + items: + type: string + type: array + type: object + type: object + cstorVolume: + description: CStorVolume contains the details of the cstor volume + to be upgraded + properties: + options: + description: Options can be used to change the default behaviour + of upgrade + properties: + ignoreStepsOnError: + description: IgnoreStepsOnError allows to ignore steps which + failed + items: + type: string + type: array + type: object + pvName: + description: PVName contains the name of the pv associated with + the cstor volume + type: string + type: object + fromVersion: + description: FromVersion is the current version of the resource. + type: string + imagePrefix: + description: ImagePrefix contains the url prefix of the image url. + This field is optional. If not present upgrade takes the previously + present ImagePrefix. + type: string + imageTag: + description: ImageTag contains the customized tag for ToVersion if + any. This field is optional. If not present upgrade takes the ToVersion + as the ImageTag + type: string + jivaVolume: + description: JivaVolume contains the details of the jiva volume to + be upgraded + properties: + options: + description: Options can be used to change the default behaviour + of upgrade + properties: + ignoreStepsOnError: + description: IgnoreStepsOnError allows to ignore steps which + failed + items: + type: string + type: array + type: object + pvName: + description: PVName contains the name of the pv associated with + the jiva volume + type: string + type: object + options: + description: Options contains the optional flags that can be passed + during upgrade. + properties: + timeout: + description: Timeout is maximum seconds to wait at any given step + in the upgrade + type: integer + type: object + storagePoolClaim: + description: StoragePoolClaim contains the details of the storage + pool claim to be upgraded + properties: + options: + description: Options can be used to change the default behaviour + of upgrade + properties: + ignoreStepsOnError: + description: IgnoreStepsOnError allows to ignore steps which + failed + items: + type: string + type: array + type: object + spcName: + description: SPCName contains the name of the storage pool claim + to be upgraded + type: string + type: object + toVersion: + description: ToVersion is the upgraded version of the resource. It + should be same as the version of control plane components version. + type: string + required: + - fromVersion + - toVersion + type: object + status: + description: Status of UpgradeTask + properties: + completedTime: + description: CompletedTime of Upgrade + format: date-time + nullable: true + type: string + phase: + description: Phase indicates if a upgradeTask is started, success + or errored + type: string + retries: + description: Retries is the number of times the job attempted to upgrade + the resource + type: integer + startTime: + description: StartTime of Upgrade + format: date-time + nullable: true + type: string + upgradeDetailedStatuses: + description: UpgradeDetailedStatuses contains the list of statuses + of each step + items: + description: UpgradeDetailedStatuses represents the latest available + observations of a UpgradeTask current state. + properties: + lastUpdatedAt: + description: LastUpdatedTime of a UpgradeStep + format: date-time + nullable: true + type: string + message: + description: A human-readable message indicating details about + why the upgradeStep is in this state + type: string + phase: + description: Phase indicates if the UpgradeStep is waiting, + errored or completed. + type: string + reason: + description: Reason is a brief CamelCase string that describes + any failure and is meant for machine parsing and tidy display + in the CLI + type: string + startTime: + description: StartTime of a UpgradeStep + format: date-time + nullable: true + type: string + step: + description: UpgradeStep is the current step being performed + for a particular resource upgrade + type: string + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/volumesnapshot.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/volumesnapshot.yaml new file mode 100644 index 000000000..b229db9cd --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/volumesnapshot.yaml @@ -0,0 +1,226 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshots.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshot + listKind: VolumeSnapshotList + plural: volumesnapshots + singular: volumesnapshot + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: If a new snapshot needs to be created, this contains the name of the source PVC from which this snapshot was (or will be) created. + jsonPath: .spec.source.persistentVolumeClaimName + name: SourcePVC + type: string + - description: If a snapshot already exists, this contains the name of the existing VolumeSnapshotContent object representing the existing snapshot. + jsonPath: .spec.source.volumeSnapshotContentName + name: SourceSnapshotContent + type: string + - description: Represents the minimum size of volume required to rehydrate from this snapshot. + jsonPath: .status.restoreSize + name: RestoreSize + type: string + - description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. + jsonPath: .spec.volumeSnapshotClassName + name: SnapshotClass + type: string + - description: Name of the VolumeSnapshotContent object to which the VolumeSnapshot object intends to bind to. Please note that verification of binding actually requires checking both VolumeSnapshot and VolumeSnapshotContent to ensure both are pointing at each other. Binding MUST be verified prior to usage of this object. + jsonPath: .status.boundVolumeSnapshotContentName + name: SnapshotContent + type: string + - description: Timestamp when the point-in-time snapshot was taken by the underlying storage system. + jsonPath: .status.creationTime + name: CreationTime + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshot is a user's request for either creating a point-in-time snapshot of a persistent volume, or binding to a pre-existing snapshot. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: 'spec defines the desired characteristics of a snapshot requested by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots Required.' + properties: + source: + description: source specifies where a snapshot will be created from. This field is immutable after creation. Required. + properties: + persistentVolumeClaimName: + description: persistentVolumeClaimName specifies the name of the PersistentVolumeClaim object representing the volume from which a snapshot should be created. This PVC is assumed to be in the same namespace as the VolumeSnapshot object. This field should be set if the snapshot does not exists, and needs to be created. This field is immutable. + type: string + volumeSnapshotContentName: + description: volumeSnapshotContentName specifies the name of a pre-existing VolumeSnapshotContent object representing an existing volume snapshot. This field should be set if the snapshot already exists and only needs a representation in Kubernetes. This field is immutable. + type: string + type: object + oneOf: + - required: ["persistentVolumeClaimName"] + - required: ["volumeSnapshotContentName"] + volumeSnapshotClassName: + description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass requested by the VolumeSnapshot. VolumeSnapshotClassName may be left nil to indicate that the default SnapshotClass should be used. A given cluster may have multiple default Volume SnapshotClasses: one default per CSI Driver. If a VolumeSnapshot does not specify a SnapshotClass, VolumeSnapshotSource will be checked to figure out what the associated CSI Driver is, and the default VolumeSnapshotClass associated with that CSI Driver will be used. If more than one VolumeSnapshotClass exist for a given CSI Driver and more than one have been marked as default, CreateSnapshot will fail and generate an event. Empty string is not allowed for this field.' + type: string + required: + - source + type: object + status: + description: status represents the current information of a snapshot. Consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object. + properties: + boundVolumeSnapshotContentName: + description: 'boundVolumeSnapshotContentName is the name of the VolumeSnapshotContent object to which this VolumeSnapshot object intends to bind to. If not specified, it indicates that the VolumeSnapshot object has not been successfully bound to a VolumeSnapshotContent object yet. NOTE: To avoid possible security issues, consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object.' + type: string + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it may indicate that the creation time of the snapshot is unknown. + format: date-time + type: string + error: + description: error is the last observed error during snapshot creation, if any. This field could be helpful to upper level controllers(i.e., application controller) to decide whether they should continue on waiting for the snapshot to be created based on the type of error reported. The snapshot controller will keep retrying when an error occurs during the snapshot creation. Upon success, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if the snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + type: string + description: restoreSize represents the minimum size of volume required to create a volume from this snapshot. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: If a new snapshot needs to be created, this contains the name of the source PVC from which this snapshot was (or will be) created. + jsonPath: .spec.source.persistentVolumeClaimName + name: SourcePVC + type: string + - description: If a snapshot already exists, this contains the name of the existing VolumeSnapshotContent object representing the existing snapshot. + jsonPath: .spec.source.volumeSnapshotContentName + name: SourceSnapshotContent + type: string + - description: Represents the minimum size of volume required to rehydrate from this snapshot. + jsonPath: .status.restoreSize + name: RestoreSize + type: string + - description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. + jsonPath: .spec.volumeSnapshotClassName + name: SnapshotClass + type: string + - description: Name of the VolumeSnapshotContent object to which the VolumeSnapshot object intends to bind to. Please note that verification of binding actually requires checking both VolumeSnapshot and VolumeSnapshotContent to ensure both are pointing at each other. Binding MUST be verified prior to usage of this object. + jsonPath: .status.boundVolumeSnapshotContentName + name: SnapshotContent + type: string + - description: Timestamp when the point-in-time snapshot was taken by the underlying storage system. + jsonPath: .status.creationTime + name: CreationTime + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VolumeSnapshot is a user's request for either creating a point-in-time snapshot of a persistent volume, or binding to a pre-existing snapshot. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: 'spec defines the desired characteristics of a snapshot requested by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots Required.' + properties: + source: + description: source specifies where a snapshot will be created from. This field is immutable after creation. Required. + properties: + persistentVolumeClaimName: + description: persistentVolumeClaimName specifies the name of the PersistentVolumeClaim object representing the volume from which a snapshot should be created. This PVC is assumed to be in the same namespace as the VolumeSnapshot object. This field should be set if the snapshot does not exists, and needs to be created. This field is immutable. + type: string + volumeSnapshotContentName: + description: volumeSnapshotContentName specifies the name of a pre-existing VolumeSnapshotContent object representing an existing volume snapshot. This field should be set if the snapshot already exists and only needs a representation in Kubernetes. This field is immutable. + type: string + type: object + volumeSnapshotClassName: + description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass requested by the VolumeSnapshot. VolumeSnapshotClassName may be left nil to indicate that the default SnapshotClass should be used. A given cluster may have multiple default Volume SnapshotClasses: one default per CSI Driver. If a VolumeSnapshot does not specify a SnapshotClass, VolumeSnapshotSource will be checked to figure out what the associated CSI Driver is, and the default VolumeSnapshotClass associated with that CSI Driver will be used. If more than one VolumeSnapshotClass exist for a given CSI Driver and more than one have been marked as default, CreateSnapshot will fail and generate an event. Empty string is not allowed for this field.' + type: string + required: + - source + type: object + status: + description: status represents the current information of a snapshot. Consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object. + properties: + boundVolumeSnapshotContentName: + description: 'boundVolumeSnapshotContentName is the name of the VolumeSnapshotContent object to which this VolumeSnapshot object intends to bind to. If not specified, it indicates that the VolumeSnapshot object has not been successfully bound to a VolumeSnapshotContent object yet. NOTE: To avoid possible security issues, consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object.' + type: string + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it may indicate that the creation time of the snapshot is unknown. + format: date-time + type: string + error: + description: error is the last observed error during snapshot creation, if any. This field could be helpful to upper level controllers(i.e., application controller) to decide whether they should continue on waiting for the snapshot to be created based on the type of error reported. The snapshot controller will keep retrying when an error occurs during the snapshot creation. Upon success, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if the snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + type: string + description: restoreSize represents the minimum size of volume required to create a volume from this snapshot. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] + +--- diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/volumesnapshotclass.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/volumesnapshotclass.yaml new file mode 100644 index 000000000..9f83c5e0b --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/volumesnapshotclass.yaml @@ -0,0 +1,111 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshotclasses.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshotClass + listKind: VolumeSnapshotClassList + plural: volumesnapshotclasses + singular: volumesnapshotclass + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .driver + name: Driver + type: string + - description: Determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .deletionPolicy + name: DeletionPolicy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshotClass specifies parameters that a underlying storage system uses when creating a volume snapshot. A specific VolumeSnapshotClass is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses are non-namespaced + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + deletionPolicy: + description: deletionPolicy determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the storage driver that handles this VolumeSnapshotClass. Required. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + parameters: + additionalProperties: + type: string + description: parameters is a key-value map with storage driver specific parameters for creating snapshots. These values are opaque to Kubernetes. + type: object + required: + - deletionPolicy + - driver + type: object + served: true + storage: false + subresources: {} + - additionalPrinterColumns: + - jsonPath: .driver + name: Driver + type: string + - description: Determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .deletionPolicy + name: DeletionPolicy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VolumeSnapshotClass specifies parameters that a underlying storage system uses when creating a volume snapshot. A specific VolumeSnapshotClass is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses are non-namespaced + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + deletionPolicy: + description: deletionPolicy determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the storage driver that handles this VolumeSnapshotClass. Required. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + parameters: + additionalProperties: + type: string + description: parameters is a key-value map with storage driver specific parameters for creating snapshots. These values are opaque to Kubernetes. + type: object + required: + - deletionPolicy + - driver + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/crds/volumesnapshotcontent.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/crds/volumesnapshotcontent.yaml new file mode 100644 index 000000000..888322d8a --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/crds/volumesnapshotcontent.yaml @@ -0,0 +1,291 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshotcontents.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshotContent + listKind: VolumeSnapshotContentList + plural: volumesnapshotcontents + singular: volumesnapshotcontent + scope: Cluster + versions: + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: Represents the complete size of the snapshot in bytes + jsonPath: .status.restoreSize + name: RestoreSize + type: integer + - description: Determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .spec.deletionPolicy + name: DeletionPolicy + type: string + - description: Name of the CSI driver used to create the physical snapshot on the underlying storage system. + jsonPath: .spec.driver + name: Driver + type: string + - description: Name of the VolumeSnapshotClass to which this snapshot belongs. + jsonPath: .spec.volumeSnapshotClassName + name: VolumeSnapshotClass + type: string + - description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.name + name: VolumeSnapshot + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshotContent represents the actual "on-disk" snapshot object in the underlying storage system + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: spec defines properties of a VolumeSnapshotContent created by the underlying storage system. Required. + properties: + deletionPolicy: + description: deletionPolicy determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. For dynamically provisioned snapshots, this field will automatically be filled in by the CSI snapshotter sidecar with the "DeletionPolicy" field defined in the corresponding VolumeSnapshotClass. For pre-existing snapshots, users MUST specify this field when creating the VolumeSnapshotContent object. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the CSI driver used to create the physical snapshot on the underlying storage system. This MUST be the same as the name returned by the CSI GetPluginName() call for that driver. Required. + type: string + source: + description: source specifies whether the snapshot is (or should be) dynamically provisioned or already exists, and just requires a Kubernetes object representation. This field is immutable after creation. Required. + properties: + snapshotHandle: + description: snapshotHandle specifies the CSI "snapshot_id" of a pre-existing snapshot on the underlying storage system for which a Kubernetes object representation was (or should be) created. This field is immutable. + type: string + volumeHandle: + description: volumeHandle specifies the CSI "volume_id" of the volume from which a snapshot should be dynamically taken from. This field is immutable. + type: string + type: object + oneOf: + - required: ["snapshotHandle"] + - required: ["volumeHandle"] + volumeSnapshotClassName: + description: name of the VolumeSnapshotClass from which this snapshot was (or will be) created. Note that after provisioning, the VolumeSnapshotClass may be deleted or recreated with different set of values, and as such, should not be referenced post-snapshot creation. + type: string + volumeSnapshotRef: + description: volumeSnapshotRef specifies the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName field must reference to this VolumeSnapshotContent's name for the bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent object, name and namespace of the VolumeSnapshot object MUST be provided for binding to happen. This field is immutable after creation. Required. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + required: + - deletionPolicy + - driver + - source + - volumeSnapshotRef + type: object + status: + description: status represents the current information of a snapshot. + properties: + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it indicates the creation time is unknown. The format of this field is a Unix nanoseconds time encoded as an int64. On Unix, the command `date +%s%N` returns the current time in nanoseconds since 1970-01-01 00:00:00 UTC. + format: int64 + type: integer + error: + description: error is the last observed error during snapshot creation, if any. Upon success after retry, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if a snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + description: restoreSize represents the complete size of the snapshot in bytes. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + format: int64 + minimum: 0 + type: integer + snapshotHandle: + description: snapshotHandle is the CSI "snapshot_id" of a snapshot on the underlying storage system. If not specified, it indicates that dynamic snapshot creation has either failed or it is still in progress. + type: string + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: Represents the complete size of the snapshot in bytes + jsonPath: .status.restoreSize + name: RestoreSize + type: integer + - description: Determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .spec.deletionPolicy + name: DeletionPolicy + type: string + - description: Name of the CSI driver used to create the physical snapshot on the underlying storage system. + jsonPath: .spec.driver + name: Driver + type: string + - description: Name of the VolumeSnapshotClass to which this snapshot belongs. + jsonPath: .spec.volumeSnapshotClassName + name: VolumeSnapshotClass + type: string + - description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.name + name: VolumeSnapshot + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VolumeSnapshotContent represents the actual "on-disk" snapshot object in the underlying storage system + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: spec defines properties of a VolumeSnapshotContent created by the underlying storage system. Required. + properties: + deletionPolicy: + description: deletionPolicy determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. For dynamically provisioned snapshots, this field will automatically be filled in by the CSI snapshotter sidecar with the "DeletionPolicy" field defined in the corresponding VolumeSnapshotClass. For pre-existing snapshots, users MUST specify this field when creating the VolumeSnapshotContent object. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the CSI driver used to create the physical snapshot on the underlying storage system. This MUST be the same as the name returned by the CSI GetPluginName() call for that driver. Required. + type: string + source: + description: source specifies whether the snapshot is (or should be) dynamically provisioned or already exists, and just requires a Kubernetes object representation. This field is immutable after creation. Required. + properties: + snapshotHandle: + description: snapshotHandle specifies the CSI "snapshot_id" of a pre-existing snapshot on the underlying storage system for which a Kubernetes object representation was (or should be) created. This field is immutable. + type: string + volumeHandle: + description: volumeHandle specifies the CSI "volume_id" of the volume from which a snapshot should be dynamically taken from. This field is immutable. + type: string + type: object + volumeSnapshotClassName: + description: name of the VolumeSnapshotClass from which this snapshot was (or will be) created. Note that after provisioning, the VolumeSnapshotClass may be deleted or recreated with different set of values, and as such, should not be referenced post-snapshot creation. + type: string + volumeSnapshotRef: + description: volumeSnapshotRef specifies the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName field must reference to this VolumeSnapshotContent's name for the bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent object, name and namespace of the VolumeSnapshot object MUST be provided for binding to happen. This field is immutable after creation. Required. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + required: + - deletionPolicy + - driver + - source + - volumeSnapshotRef + type: object + status: + description: status represents the current information of a snapshot. + properties: + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it indicates the creation time is unknown. The format of this field is a Unix nanoseconds time encoded as an int64. On Unix, the command `date +%s%N` returns the current time in nanoseconds since 1970-01-01 00:00:00 UTC. + format: int64 + type: integer + error: + description: error is the last observed error during snapshot creation, if any. Upon success after retry, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if a snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + description: restoreSize represents the complete size of the snapshot in bytes. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + format: int64 + minimum: 0 + type: integer + snapshotHandle: + description: snapshotHandle is the CSI "snapshot_id" of a snapshot on the underlying storage system. If not specified, it indicates that dynamic snapshot creation has either failed or it is still in progress. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/NOTES.txt b/charts/openebs/openebs/3.0.0/charts/cstor/templates/NOTES.txt new file mode 100644 index 000000000..1dadf47d5 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/NOTES.txt @@ -0,0 +1,11 @@ +The OpenEBS cstor has been installed check its status by running: +$ kubectl get pods -n {{ .Release.Namespace }} + +Use `kubectl get bd -n {{ .Release.Namespace }} ` to see the list of +blockdevices attached to the Kubernetes cluster nodes. + +For more information, visit our Slack at https://openebs.io/community or view +the documentation online at http://docs.openebs.io/. + +For more information related to cstor pool and volume provisioning, visit +https://github.com/openebs/cstor-operators/tree/master/docs . diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/_helpers.tpl b/charts/openebs/openebs/3.0.0/charts/cstor/templates/_helpers.tpl new file mode 100644 index 000000000..7c86f3a04 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/_helpers.tpl @@ -0,0 +1,217 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "cstor.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "cstor.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "cstor.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "cstor.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "cstor.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Define meta labels for cstor components +*/}} +{{- define "cstor.common.metaLabels" -}} +chart: {{ template "cstor.chart" . }} +heritage: {{ .Release.Service }} +openebs.io/version: {{ .Values.release.version | quote }} +{{- end -}} + +{{/* +Create match labels for cstor admission server +*/}} +{{- define "cstor.admissionServer.matchLabels" -}} +app: {{ .Values.admissionServer.componentName | quote }} +release: {{ .Release.Name }} +component: {{ .Values.admissionServer.componentName | quote }} +{{- end -}} + +{{/* +Create component labels for cstor admission server +*/}} +{{- define "cstor.admissionServer.componentLabels" -}} +openebs.io/component-name: {{ .Values.admissionServer.componentName | quote }} +{{- end -}} + +{{/* +Create labels for cstor admission server +*/}} +{{- define "cstor.admissionServer.labels" -}} +{{ include "cstor.common.metaLabels" . }} +{{ include "cstor.admissionServer.matchLabels" . }} +{{ include "cstor.admissionServer.componentLabels" . }} +{{- end -}} + +{{/* +Create match labels for cstor cspc operator +*/}} +{{- define "cstor.cspcOperator.matchLabels" -}} +name: {{ .Values.cspcOperator.componentName | quote }} +release: {{ .Release.Name }} +component: {{ .Values.cspcOperator.componentName | quote }} +{{- end -}} + +{{/* +Create component labels cstor cspc operator +*/}} +{{- define "cstor.cspcOperator.componentLabels" -}} +openebs.io/component-name: {{ .Values.cspcOperator.componentName | quote }} +{{- end -}} + + +{{/* +Create labels for cstor cspc operator +*/}} +{{- define "cstor.cspcOperator.labels" -}} +{{ include "cstor.common.metaLabels" . }} +{{ include "cstor.cspcOperator.matchLabels" . }} +{{ include "cstor.cspcOperator.componentLabels" . }} +{{- end -}} + +{{/* +Create match labels for cstor cvc operator +*/}} +{{- define "cstor.cvcOperator.matchLabels" -}} +name: {{ .Values.cvcOperator.componentName | quote }} +release: {{ .Release.Name }} +component: {{ .Values.cvcOperator.componentName | quote }} +{{- end -}} + +{{/* +Create component labels cstor cvc operator +*/}} +{{- define "cstor.cvcOperator.componentLabels" -}} +openebs.io/component-name: {{ .Values.cvcOperator.componentName | quote }} +{{- end -}} + +{{/* +Create component labels cstor cvc operator service +*/}} +{{- define "cstor.cvcOperatorService.componentLabels" -}} +openebs.io/component-name: {{ printf "%s-svc" .Values.cvcOperator.componentName | quote }} +{{- end -}} + + +{{/* +Create labels for cstor cvc operator +*/}} +{{- define "cstor.cvcOperator.labels" -}} +{{ include "cstor.common.metaLabels" . }} +{{ include "cstor.cvcOperator.matchLabels" . }} +{{ include "cstor.cvcOperator.componentLabels" . }} +{{- end -}} + +{{/* +Create labels for cstor cvc operator service +*/}} +{{- define "cstor.cvcOperatorService.labels" -}} +{{ include "cstor.common.metaLabels" . }} +{{ include "cstor.cvcOperator.matchLabels" . }} +{{ include "cstor.cvcOperatorService.componentLabels" . }} +{{- end -}} + +{{/* +Create match labels for cstor csi node operator +*/}} +{{- define "cstor.csiNode.matchLabels" -}} +name: {{ .Values.csiNode.componentName | quote }} +release: {{ .Release.Name }} +component: {{ .Values.csiNode.componentName | quote }} +{{- end -}} + +{{/* +Create component labels cstor csi node operator +*/}} +{{- define "cstor.csiNode.componentLabels" -}} +openebs.io/component-name: {{ .Values.csiNode.componentName | quote }} +{{- end -}} + +{{/* +Create labels for cstor csi node operator +*/}} +{{- define "cstor.csiNode.labels" -}} +{{ include "cstor.common.metaLabels" . }} +{{ include "cstor.csiNode.matchLabels" . }} +{{ include "cstor.csiNode.componentLabels" . }} +{{- end -}} + +{{/* +Create match labels for cstor csi controller +*/}} +{{- define "cstor.csiController.matchLabels" -}} +name: {{ .Values.csiController.componentName | quote }} +release: {{ .Release.Name }} +component: {{ .Values.csiController.componentName | quote }} +{{- end -}} + +{{/* +Create component labels cstor csi controller +*/}} +{{- define "cstor.csiController.componentLabels" -}} +openebs.io/component-name: {{ .Values.csiController.componentName | quote }} +{{- end -}} + +{{/* +Create labels for cstor csi controller +*/}} +{{- define "cstor.csiController.labels" -}} +{{ include "cstor.common.metaLabels" . }} +{{ include "cstor.csiController.matchLabels" . }} +{{ include "cstor.csiController.componentLabels" . }} +{{- end -}} + +{{/* +Create the name of the priority class for csi node plugin +*/}} +{{- define "cstor.csiNode.priorityClassName" -}} +{{- if .Values.csiNode.priorityClass.create }} +{{- printf "%s-%s" .Release.Name .Values.csiNode.priorityClass.name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s" .Values.csiNode.priorityClass.name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} + +{{/* +Create the name of the priority class for csi controller plugin +*/}} +{{- define "cstor.csiController.priorityClassName" -}} +{{- if .Values.csiController.priorityClass.create }} +{{- printf "%s-%s" .Release.Name .Values.csiController.priorityClass.name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s" .Values.csiController.priorityClass.name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/admission-server.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/admission-server.yaml new file mode 100644 index 000000000..0909c9d74 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/admission-server.yaml @@ -0,0 +1,59 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "cstor.fullname" . }}-admission-server + {{- with .Values.admissionServer.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "cstor.admissionServer.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.admissionServer.replicas }} + strategy: + type: Recreate + rollingUpdate: null + selector: + matchLabels: + {{- include "cstor.admissionServer.matchLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "cstor.admissionServer.labels" . | nindent 8 }} + {{- if .Values.admissionServer.podLabels }} + {{ toYaml .Values.admissionServer.podLabels | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ .Values.serviceAccount.cstorOperator.name }} + containers: + - name: {{ template "cstor.fullname" . }}-admission-webhook + image: "{{ .Values.admissionServer.image.registry }}{{ .Values.admissionServer.image.repository }}:{{ .Values.admissionServer.image.tag }}" + imagePullPolicy: {{ .Values.admissionServer.image.pullPolicy }} + resources: +{{ toYaml .Values.admissionServer.resources | indent 12 }} + args: + - -alsologtostderr + - -v=2 + - 2>&1 + env: + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: ADMISSION_WEBHOOK_FAILURE_POLICY + value: {{ .Values.admissionServer.failurePolicy }} +{{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 2 }} +{{- end }} +{{- if .Values.admissionServer.nodeSelector }} + nodeSelector: +{{ toYaml .Values.admissionServer.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.admissionServer.securityContext }} + securityContext: +{{ toYaml .Values.admissionServer.securityContext | indent 8 }} +{{- end }} +{{- if .Values.admissionServer.tolerations }} + tolerations: +{{ toYaml .Values.admissionServer.tolerations | indent 8 }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/cleanup-webhook.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/cleanup-webhook.yaml new file mode 100644 index 000000000..ea1d86984 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/cleanup-webhook.yaml @@ -0,0 +1,39 @@ +# HELM first deletes RBAC, then it tries to delete other resources like CSPC and PVC. +# We've got validating webhook on CSPC and PVC. +# But even that the policy of this webhook is Ignore, it fails because the ServiceAccount +# does not have permission to access resources like BDC anymore which are used for validation. +# Therefore we first need to delete webhook so we can delete the rest of the deployments. +{{- $kubeMinor := .Capabilities.KubeVersion.Minor | replace "+" "" }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "cstor.fullname" . }}-webhook-cleanup + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded + labels: + app: {{ template "cstor.name" . }} +spec: + template: + metadata: + name: {{ template "cstor.fullname" . }}-webhook-cleanup + labels: + app: {{ template "cstor.name" . }} + spec: + serviceAccountName: {{ .Values.serviceAccount.cstorOperator.name }} + containers: + - name: kubectl + {{- /* bitnami maintains an image for all k8s versions */}} + {{- /* see: https://hub.docker.com/r/bitnami/kubectl */}} + {{- if .Values.cleanup.image.tag }} + image: "{{ .Values.cleanup.image.registry }}{{ .Values.cleanup.image.repository }}:{{ .Values.cleanup.image.tag }}" + {{- else }} + image: "{{ .Values.cleanup.image.registry }}{{ .Values.cleanup.image.repository }}:{{ .Capabilities.KubeVersion.Major }}.{{ $kubeMinor }}" + {{- end }} + command: + - /bin/sh + - -c + - > + kubectl delete validatingWebhookConfiguration openebs-cstor-validation-webhook || true; + restartPolicy: OnFailure diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-controller-rbac.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-controller-rbac.yaml new file mode 100644 index 000000000..9926d0fb1 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-controller-rbac.yaml @@ -0,0 +1,196 @@ +{{- if .Values.serviceAccount.csiController.create -}} +kind: ServiceAccount +apiVersion: v1 +metadata: + name: {{ .Values.serviceAccount.csiController.name }} + labels: + {{- include "cstor.csiController.labels" . | nindent 4 }} + namespace: {{ .Release.Namespace }} +{{- end }} +{{- if .Values.rbac.create }} +--- +# cstor csi roles and bindings +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-cstor-csi-snapshotter-binding + labels: + {{- include "cstor.csiController.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.csiController.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-cstor-csi-snapshotter-role + apiGroup: rbac.authorization.k8s.io +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-cstor-csi-snapshotter-role + labels: + {{- include "cstor.csiController.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["update"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots/status"] + verbs: ["update"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete", "get", "update"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-cstor-csi-provisioner-role + labels: + {{- include "cstor.csiController.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["secrets","namespaces"] + verbs: ["get", "list"] + - apiGroups: [ "" ] + resources: [ "pods" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [""] + resources: ["persistentvolumes", "services"] + verbs: ["get", "list", "watch", "create", "delete", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses", "csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "create", "delete", "update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["get", "list"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["*"] + - apiGroups: ["*"] + resources: ["cstorvolumeattachments", "cstorvolumes","cstorvolumeconfigs"] + verbs: ["*"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-cstor-csi-provisioner-binding + labels: + {{- include "cstor.csiController.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.csiController.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-cstor-csi-provisioner-role + apiGroup: rbac.authorization.k8s.io +--- +############################## CSI- Attacher ####################### +# Attacher must be able to work with PVs, nodes and VolumeAttachments +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-cstor-csi-attacher-role + labels: + {{- include "cstor.csiController.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["csi.storage.k8s.io"] + resources: ["csinodeinfos"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments", "csinodes"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [ "storage.k8s.io" ] + resources: [ "volumeattachments/status" ] + verbs: [ "patch" ] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-cstor-csi-attacher-binding + labels: + {{- include "cstor.csiController.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.csiController.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-cstor-csi-attacher-role + apiGroup: rbac.authorization.k8s.io +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-cstor-csi-cluster-registrar-role + labels: + {{- include "cstor.csiController.labels" . | nindent 4 }} +rules: + - apiGroups: ["csi.storage.k8s.io"] + resources: ["csidrivers"] + verbs: ["create", "delete"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-cstor-csi-cluster-registrar-binding + labels: + {{- include "cstor.csiController.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.csiController.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-cstor-csi-cluster-registrar-role + apiGroup: rbac.authorization.k8s.io +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-controller.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-controller.yaml new file mode 100644 index 000000000..b8cb82732 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-controller.yaml @@ -0,0 +1,137 @@ +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: {{ template "cstor.fullname" . }}-csi-controller + {{- with .Values.csiController.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "cstor.csiController.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "cstor.csiController.matchLabels" . | nindent 6 }} + serviceName: "openebs-csi" + replicas: {{ .Values.csiController.replicas }} + template: + metadata: + labels: + {{- include "cstor.csiController.labels" . | nindent 8 }} + {{- if .Values.csiController.podLabels }} + {{ toYaml .Values.csiController.podLabels | nindent 8 }} + {{- end }} + spec: + priorityClassName: {{ template "cstor.csiController.priorityClassName" . }} + serviceAccount: {{ .Values.serviceAccount.csiController.name }} + containers: + - name: {{ .Values.csiController.resizer.name }} + image: "{{ .Values.csiController.resizer.image.registry }}{{ .Values.csiController.resizer.image.repository }}:{{ .Values.csiController.resizer.image.tag }}" + resources: +{{ toYaml .Values.csiController.resources | indent 12 }} + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + imagePullPolicy: {{ .Values.csiController.resizer.image.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + - name: {{ .Values.csiController.snapshotter.name }} + image: "{{ .Values.csiController.snapshotter.image.registry }}{{ .Values.csiController.snapshotter.image.repository }}:{{ .Values.csiController.snapshotter.image.tag }}" + args: + - "--csi-address=$(ADDRESS)" + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + imagePullPolicy: {{ .Values.csiController.snapshotter.image.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + - name: {{ .Values.csiController.snapshotController.name }} + image: "{{ .Values.csiController.snapshotController.image.registry }}{{ .Values.csiController.snapshotController.image.repository }}:{{ .Values.csiController.snapshotController.image.tag }}" + args: + - "--v=5" + - "--leader-election=false" + imagePullPolicy: {{ .Values.csiController.snapshotController.image.pullPolicy }} + - name: {{ .Values.csiController.provisioner.name }} + image: "{{ .Values.csiController.provisioner.image.registry }}{{ .Values.csiController.provisioner.image.repository }}:{{ .Values.csiController.provisioner.image.tag }}" + imagePullPolicy: {{ .Values.csiController.provisioner.image.pullPolicy }} + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--feature-gates=Topology=true" + - "--extra-create-metadata=true" + - "--metrics-address=:22011" + - "--timeout=250s" + - "--default-fstype=ext4" + env: + - name: MY_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + - name: {{ .Values.csiController.attacher.name }} + image: "{{ .Values.csiController.attacher.image.registry }}{{ .Values.csiController.attacher.image.repository }}:{{ .Values.csiController.attacher.image.tag }}" + imagePullPolicy: {{ .Values.csiController.attacher.image.pullPolicy }} + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + - name: {{ .Values.cstorCSIPlugin.name }} + image: "{{ .Values.cstorCSIPlugin.image.registry }}{{ .Values.cstorCSIPlugin.image.repository }}:{{ .Values.cstorCSIPlugin.image.tag }}" + imagePullPolicy: {{ .Values.cstorCSIPlugin.image.pullPolicy }} + env: + - name: OPENEBS_CONTROLLER_DRIVER + value: controller + - name: OPENEBS_CSI_ENDPOINT + value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock + - name: OPENEBS_CSI_API_URL + value: https://openebs.io + # OpenEBS namespace where the openebs cstor operator components + # has been installed + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPENEBS_IO_INSTALLER_TYPE + value: "cstor-helm" + - name: OPENEBS_IO_ENABLE_ANALYTICS + value: "{{ .Values.analytics.enabled }}" + args : + - "--endpoint=$(OPENEBS_CSI_ENDPOINT)" + - "--url=$(OPENEBS_CSI_API_URL)" + - "--plugin=$(OPENEBS_CONTROLLER_DRIVER)" + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + volumes: + - name: socket-dir + emptyDir: {} +{{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 2 }} +{{- end }} +{{- if .Values.csiController.nodeSelector }} + nodeSelector: +{{ toYaml .Values.csiController.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.csiController.securityContext }} + securityContext: +{{ toYaml .Values.csiController.securityContext | indent 8 }} +{{- end }} +{{- if .Values.csiController.tolerations }} + tolerations: +{{ toYaml .Values.csiController.tolerations | indent 8 }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-driver.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-driver.yaml new file mode 100644 index 000000000..fbb9b8e0d --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-driver.yaml @@ -0,0 +1,16 @@ +{{- if .Values.csiDriver.create -}} +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: cstor.csi.openebs.io +spec: + # Supports persistent inline volumes. + volumeLifecycleModes: + - Persistent + # Not yet supported but added just to support upgrade control plane seamlessly + - Ephemeral + # To determine at runtime which mode a volume uses, pod info and its + # "csi.storage.k8s.io/ephemeral" entry are needed. + podInfoOnMount: {{ .Values.csiDriver.podInfoOnMount }} + attachRequired: {{ .Values.csiDriver.attachRequired }} +{{- end }} \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-iscsiadm-config.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-iscsiadm-config.yaml new file mode 100644 index 000000000..4c134ad6e --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-iscsiadm-config.yaml @@ -0,0 +1,18 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: openebs-cstor-csi-iscsiadm +data: + iscsiadm: | + #!/bin/sh + if [ -x /host/sbin/iscsiadm ]; then + chroot /host /sbin/iscsiadm "$@" + elif [ -x /host/usr/local/sbin/iscsiadm ]; then + chroot /host /usr/local/sbin/iscsiadm "$@" + elif [ -x /host/bin/iscsiadm ]; then + chroot /host /bin/iscsiadm "$@" + elif [ -x /host/usr/local/bin/iscsiadm ]; then + chroot /host /usr/local/bin/iscsiadm "$@" + else + chroot /host iscsiadm "$@" + fi diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-node-rbac.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-node-rbac.yaml new file mode 100644 index 000000000..4af703b20 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-node-rbac.yaml @@ -0,0 +1,73 @@ +{{- if .Values.serviceAccount.csiNode.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.csiNode.name }} + labels: + {{- include "cstor.csiNode.labels" . | nindent 4 }} + namespace: {{ .Release.Namespace }} +{{- end }} +{{- if .Values.rbac.create }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-cstor-csi-registrar-role + labels: + {{- include "cstor.csiNode.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumes", "nodes", "services"] + verbs: ["get", "list", "patch"] + - apiGroups: ["*"] + resources: ["cstorvolumeattachments", "cstorvolumes","cstorvolumeconfigs"] + verbs: ["get", "list", "watch", "create", "update", "delete", "patch"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-cstor-csi-registrar-binding + labels: + {{- include "cstor.csiNode.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.csiNode.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-cstor-csi-registrar-role + apiGroup: rbac.authorization.k8s.io +{{- if .Values.rbac.pspEnabled }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-cstor-csi-node-role + labels: + {{- include "cstor.csiNode.labels" . | nindent 4 }} +rules: +- apiGroups: ['policy'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - openebs-cstor-csi-node-psp +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: openebs-cstor-csi-node-binding + labels: + {{- include "cstor.csiNode.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: openebs-cstor-csi-node-role +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.csiNode.name }} + namespace: {{ $.Release.Namespace }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-node.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-node.yaml new file mode 100644 index 000000000..8a9a59e2a --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/csi-node.yaml @@ -0,0 +1,143 @@ +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: {{ template "cstor.fullname" . }}-csi-node + {{- with .Values.csiNode.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "cstor.csiNode.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "cstor.csiNode.matchLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "cstor.csiNode.labels" . | nindent 8 }} + {{- if .Values.csiNode.podLabels }} + {{ toYaml .Values.csiNode.podLabels | nindent 8 }} + {{- end }} + spec: + priorityClassName: {{ template "cstor.csiNode.priorityClassName" . }} + serviceAccount: {{ .Values.serviceAccount.csiNode.name }} + hostNetwork: true + containers: + - name: {{ .Values.csiNode.driverRegistrar.name }} + image: "{{ .Values.csiNode.driverRegistrar.image.registry }}{{ .Values.csiNode.driverRegistrar.image.repository }}:{{ .Values.csiNode.driverRegistrar.image.tag }}" + imagePullPolicy: {{ .Values.csiNode.driverRegistrar.image.pullPolicy }} + resources: +{{ toYaml .Values.csiNode.resources | indent 12 }} + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" + lifecycle: + preStop: + exec: + command: ["/bin/sh", "-c", "rm -rf /registration/cstor.csi.openebs.io /registration/cstor.csi.openebs.io-reg.sock"] + env: + - name: ADDRESS + value: /plugin/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: {{ .Values.csiNode.kubeletDir }}plugins/cstor.csi.openebs.io/csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: NODE_DRIVER + value: openebs-cstor-csi + volumeMounts: + - name: plugin-dir + mountPath: /plugin + - name: registration-dir + mountPath: /registration + - name: {{ .Values.cstorCSIPlugin.name }} + securityContext: + privileged: true + allowPrivilegeEscalation: true + image: "{{ .Values.cstorCSIPlugin.image.registry }}{{ .Values.cstorCSIPlugin.image.repository }}:{{ .Values.cstorCSIPlugin.image.tag }}" + imagePullPolicy: {{ .Values.cstorCSIPlugin.image.pullPolicy }} + args: + - "--nodeid=$(OPENEBS_NODE_ID)" + - "--endpoint=$(OPENEBS_CSI_ENDPOINT)" + - "--url=$(OPENEBS_CSI_API_URL)" + - "--plugin=$(OPENEBS_NODE_DRIVER)" + env: + - name: OPENEBS_NODE_ID + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: OPENEBS_CSI_ENDPOINT + value: unix:///plugin/csi.sock + - name: OPENEBS_NODE_DRIVER + value: node + - name: OPENEBS_CSI_API_URL + value: https://openebs.io + # OpenEBS namespace where the openebs cstor operator components + # has been installed + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # Enable/Disable auto-remount feature, when volumes + # recovers from the read-only state + - name: REMOUNT + value: "{{ .Values.cstorCSIPlugin.remount }}" + volumeMounts: + - name: plugin-dir + mountPath: /plugin + - name: device-dir + mountPath: /dev + - name: pods-mount-dir + mountPath: {{ .Values.csiNode.kubeletDir }} + # needed so that any mounts setup inside this container are + # propagated back to the host machine. + mountPropagation: "Bidirectional" + - name: host-root + mountPath: /host + mountPropagation: "HostToContainer" + - name: chroot-iscsiadm + mountPath: /sbin/iscsiadm + subPath: iscsiadm + volumes: + - name: device-dir + hostPath: + path: /dev + type: Directory + - name: registration-dir + hostPath: + path: {{ .Values.csiNode.kubeletDir }}plugins_registry/ + type: DirectoryOrCreate + - name: plugin-dir + hostPath: + path: {{ .Values.csiNode.kubeletDir }}plugins/cstor.csi.openebs.io/ + type: DirectoryOrCreate + - name: pods-mount-dir + hostPath: + path: {{ .Values.csiNode.kubeletDir }} + type: Directory + - name: chroot-iscsiadm + configMap: + defaultMode: 0555 + name: openebs-cstor-csi-iscsiadm + - name: host-root + hostPath: + path: / + type: Directory +{{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 2 }} +{{- end }} +{{- if .Values.csiNode.nodeSelector }} + nodeSelector: +{{ toYaml .Values.csiNode.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.csiNode.securityContext }} + securityContext: +{{ toYaml .Values.csiNode.securityContext | indent 8 }} +{{- end }} +{{- if .Values.csiNode.tolerations }} + tolerations: +{{ toYaml .Values.csiNode.tolerations | indent 8 }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/cspc-operator.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/cspc-operator.yaml new file mode 100644 index 000000000..140929f28 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/cspc-operator.yaml @@ -0,0 +1,86 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "cstor.fullname" . }}-cspc-operator + {{- with .Values.cspcOperator.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "cstor.cspcOperator.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "cstor.cspcOperator.matchLabels" . | nindent 6 }} + replicas: {{ .Values.cspcOperator.replicas }} + strategy: + type: Recreate + template: + metadata: + {{- with .Values.cspcOperator.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "cstor.cspcOperator.labels" . | nindent 8 }} + {{- if .Values.cspcOperator.podLabels }} + {{ toYaml .Values.cspcOperator.podLabels | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ .Values.serviceAccount.cstorOperator.name }} + containers: + - name: {{ template "cstor.fullname" . }}-cspc-operator + imagePullPolicy: {{ .Values.cspcOperator.image.pullPolicy }} + image: "{{ .Values.cspcOperator.image.registry }}{{ .Values.cspcOperator.image.repository }}:{{ .Values.cspcOperator.image.tag }}" + resources: +{{ toYaml .Values.cspcOperator.resources | indent 12 }} + env: + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPENEBS_SERVICEACCOUNT_NAME + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + - name: CSPC_OPERATOR_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + # OPENEBS_IO_BASE_DIR is used to configure base directory for openebs on host path. + # Where OpenEBS can store required files. Default base path will be /var/openebs + # - name: OPENEBS_IO_BASE_DIR + # value: "/var/openebs" + # OPENEBS_IO_CSTOR_POOL_SPARSE_DIR can be used to specify the hostpath + # to be used for saving the shared content between the side cars + # of cstor pool pod. This ENV is also used to indicate the location + # of the sparse devices. + # The default path used is /var/openebs/sparse + #- name: OPENEBS_IO_CSTOR_POOL_SPARSE_DIR + # value: "/var/openebs/sparse" + - name: OPENEBS_IO_CSPI_MGMT_IMAGE + value: "{{ .Values.cspcOperator.poolManager.image.registry }}{{ .Values.cspcOperator.poolManager.image.repository }}:{{ .Values.cspcOperator.poolManager.image.tag }}" + - name: OPENEBS_IO_CSTOR_POOL_IMAGE + value: "{{ .Values.cspcOperator.cstorPool.image.registry }}{{ .Values.cspcOperator.cstorPool.image.repository }}:{{ .Values.cspcOperator.cstorPool.image.tag }}" + - name: OPENEBS_IO_CSTOR_POOL_EXPORTER_IMAGE + value: "{{ .Values.cspcOperator.cstorPoolExporter.image.registry }}{{ .Values.cspcOperator.cstorPoolExporter.image.repository }}:{{ .Values.cspcOperator.cstorPoolExporter.image.tag }}" + - name: RESYNC_INTERVAL + value: "{{ .Values.cspcOperator.resyncInterval }}" +{{- if .Values.imagePullSecrets }} + - name: OPENEBS_IO_IMAGE_PULL_SECRETS + value: "{{- range $.Values.imagePullSecrets }}{{ .name }},{{- end }}" +{{- end }} +{{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 2 }} +{{- end }} +{{- if .Values.cspcOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.cspcOperator.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.cspcOperator.securityContext }} + securityContext: +{{ toYaml .Values.cspcOperator.securityContext | indent 8 }} +{{- end }} +{{- if .Values.cspcOperator.tolerations }} + tolerations: +{{ toYaml .Values.cspcOperator.tolerations | indent 8 }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/cvc-operator-service.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/cvc-operator-service.yaml new file mode 100644 index 000000000..2962838e2 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/cvc-operator-service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "cstor.fullname" . }}-cvc-operator-svc + labels: + {{- include "cstor.cvcOperatorService.labels" . | nindent 4 }} +spec: + ports: + - name: api + port: 5757 + protocol: TCP + targetPort: 5757 + selector: + name: cvc-operator + sessionAffinity: None diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/cvc-operator.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/cvc-operator.yaml new file mode 100644 index 000000000..561c65629 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/cvc-operator.yaml @@ -0,0 +1,83 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "cstor.fullname" . }}-cvc-operator + {{- with .Values.cvcOperator.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "cstor.cvcOperator.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "cstor.cvcOperator.matchLabels" . | nindent 6 }} + replicas: {{ .Values.cvcOperator.replicas }} + strategy: + type: Recreate + template: + metadata: + labels: + {{- include "cstor.cvcOperator.labels" . | nindent 8 }} + {{- if .Values.cvcOperator.podLabels }} + {{ toYaml .Values.cvcOperator.podLabels | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ .Values.serviceAccount.cstorOperator.name }} + containers: + - name: {{ template "cstor.fullname" . }}-cvc-operator + imagePullPolicy: {{ .Values.cvcOperator.image.pullPolicy }} + image: "{{ .Values.cvcOperator.image.registry }}{{ .Values.cvcOperator.image.repository }}:{{ .Values.cvcOperator.image.tag }}" + args: + - "--v=2" + - "--leader-election=false" + - "--bind=$(OPENEBS_CVC_POD_IP)" + resources: +{{ toYaml .Values.cvcOperator.resources | indent 12 }} + env: + # OPENEBS_IO_BASE_DIR is used to configure base directory for openebs on host path. + # Where OpenEBS can store required files. Default base path will be /var/openebs + # - name: OPENEBS_IO_BASE_DIR + # value: "/var/openebs" + # OPENEBS_IO_CSTOR_TARGET_DIR can be used to specify the hostpath + # that to be used for saving the core dump of cstor volume pod. + # The default path used is /var/openebs/sparse + #- name: OPENEBS_IO_CSTOR_TARGET_DIR + # value: "/var/openebs/sparse" + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPENEBS_SERVICEACCOUNT_NAME + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + - name: OPENEBS_CVC_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: OPENEBS_IO_CSTOR_TARGET_IMAGE + value: "{{ .Values.cvcOperator.target.image.registry }}{{ .Values.cvcOperator.target.image.repository }}:{{ .Values.cvcOperator.target.image.tag }}" + - name: OPENEBS_IO_CSTOR_VOLUME_MGMT_IMAGE + value: "{{ .Values.cvcOperator.volumeMgmt.image.registry }}{{ .Values.cvcOperator.volumeMgmt.image.repository }}:{{ .Values.cvcOperator.volumeMgmt.image.tag }}" + - name: OPENEBS_IO_VOLUME_MONITOR_IMAGE + value: "{{ .Values.cvcOperator.volumeExporter.image.registry }}{{ .Values.cvcOperator.volumeExporter.image.repository }}:{{ .Values.cvcOperator.volumeExporter.image.tag }}" +{{- if .Values.imagePullSecrets }} + - name: OPENEBS_IO_IMAGE_PULL_SECRETS + value: "{{- range $.Values.imagePullSecrets }}{{ .name }},{{- end }}" +{{- end }} +{{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 2 }} +{{- end }} +{{- if .Values.cvcOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.cvcOperator.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.cvcOperator.securityContext }} + securityContext: +{{ toYaml .Values.cvcOperator.securityContext | indent 8 }} +{{- end }} +{{- if .Values.cvcOperator.tolerations }} + tolerations: +{{ toYaml .Values.cvcOperator.tolerations | indent 8 }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/priority-class.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/priority-class.yaml new file mode 100644 index 000000000..70b8e1220 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/priority-class.yaml @@ -0,0 +1,19 @@ +{{- if .Values.csiController.priorityClass.create }} +apiVersion: scheduling.k8s.io/v1 +kind: PriorityClass +metadata: + name: {{ template "cstor.csiController.priorityClassName" . }} +value: 900000000 +globalDefault: false +description: "This priority class should be used for the CStor CSI driver controller deployment only." +{{- end }} +--- +{{- if .Values.csiNode.priorityClass.create }} +apiVersion: scheduling.k8s.io/v1 +kind: PriorityClass +metadata: + name: {{ template "cstor.csiNode.priorityClassName" . }} +value: 900001000 +globalDefault: false +description: "This priority class should be used for the CStor CSI driver node deployment only." +{{- end }} \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/psp.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/psp.yaml new file mode 100644 index 000000000..138b52e09 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/psp.yaml @@ -0,0 +1,24 @@ +{{- if .Values.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: openebs-cstor-csi-node-psp + labels: + {{- include "cstor.csiNode.labels" . | nindent 4 }} +spec: + privileged: true + allowPrivilegeEscalation: true + allowedCapabilities: ['*'] + volumes: ['*'] + hostNetwork: true + hostIPC: true + hostPID: true + runAsUser: + rule: 'RunAsAny' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'RunAsAny' + fsGroup: + rule: 'RunAsAny' +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/rbac.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/rbac.yaml new file mode 100644 index 000000000..74845bde7 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/rbac.yaml @@ -0,0 +1,117 @@ +{{- if .Values.serviceAccount.cstorOperator.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.cstorOperator.name }} + labels: + {{- include "cstor.common.metaLabels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- if .Values.rbac.create }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-cstor-operator + {{- with .Values.serviceAccount.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "cstor.common.metaLabels" . | nindent 4 }} +rules: + - apiGroups: ["*"] + resources: ["nodes", "nodes/proxy"] + verbs: ["*"] + - apiGroups: ["*"] + resources: ["namespaces", "services", "pods", "deployments", "deployments/finalizers", "replicationcontrollers", "replicasets", "events", "endpoints", "configmaps", "secrets", "jobs", "cronjobs"] + verbs: ["*"] + - apiGroups: ["*"] + resources: ["statefulsets", "daemonsets"] + verbs: ["*"] + - apiGroups: ["*"] + resources: ["resourcequotas", "limitranges"] + verbs: ["list", "watch"] + - apiGroups: ["*"] + resources: ["certificatesigningrequests"] + verbs: ["list", "watch"] + - apiGroups: ["*"] + resources: ["storageclasses", "persistentvolumeclaims", "persistentvolumes"] + verbs: ["*"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: [ "get", "list", "create", "update", "delete", "patch"] + - apiGroups: ["openebs.io"] + resources: ["*"] + verbs: ["*" ] + - apiGroups: ["cstor.openebs.io"] + resources: ["*"] + verbs: ["*" ] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + verbs: ["get", "create", "list", "delete", "update", "patch"] + - nonResourceURLs: ["/metrics"] + verbs: ["get"] + - apiGroups: ["*"] + resources: ["upgradetasks","migrationtasks"] + verbs: ["*"] + - apiGroups: ["*"] + resources: ["poddisruptionbudgets"] + verbs: ["get", "list", "create", "delete", "watch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: openebs-cstor-operator + {{- with .Values.serviceAccount.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "cstor.common.metaLabels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: openebs-cstor-operator +subjects: +- kind: ServiceAccount + name: {{ .Values.serviceAccount.cstorOperator.name }} + namespace: {{ .Release.Namespace }} +--- +# Define Role that allows operations required for migration of snapshots +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-cstor-migration + labels: + {{- include "cstor.common.metaLabels" . | nindent 4 }} +rules: + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["create", "get", "list"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-cstor-migration + labels: + {{- include "cstor.common.metaLabels" . | nindent 4 }} +subjects: +- kind: ServiceAccount + name: {{ .Values.serviceAccount.cstorOperator.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-cstor-migration + apiGroup: rbac.authorization.k8s.io +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/templates/snapshot-class.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/templates/snapshot-class.yaml new file mode 100644 index 000000000..6418d0d89 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/templates/snapshot-class.yaml @@ -0,0 +1,8 @@ +kind: VolumeSnapshotClass +apiVersion: snapshot.storage.k8s.io/v1 +metadata: + name: csi-cstor-snapshotclass + annotations: + snapshot.storage.kubernetes.io/is-default-class: "true" +driver: cstor.csi.openebs.io +deletionPolicy: Delete \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/charts/cstor/values.yaml b/charts/openebs/openebs/3.0.0/charts/cstor/values.yaml new file mode 100644 index 000000000..7e51a8df4 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/cstor/values.yaml @@ -0,0 +1,248 @@ +# Default values for cstor-operators. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +release: + version: "2.11.0" + +# If false, openebs NDM sub-chart will not be installed +openebsNDM: + enabled: true + +rbac: + # rbac.create: `true` if rbac resources should be created + create: true + # rbac.pspEnabled: `true` if PodSecurityPolicy resources should be created + pspEnabled: false + +imagePullSecrets: +# - name: "image-pull-secret" + +cspcOperator: + componentName: cspc-operator + poolManager: + image: + registry: + repository: openebs/cstor-pool-manager + tag: 2.11.0 + cstorPool: + image: + registry: + repository: openebs/cstor-pool + tag: 2.11.0 + cstorPoolExporter: + image: + registry: + repository: openebs/m-exporter + tag: 2.11.0 + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/cspc-operator + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 2.11.0 + annotations: {} + resyncInterval: "30" + podAnnotations: {} + podLabels: {} + nodeSelector: {} + tolerations: [] + resources: {} + securityContext: {} + +cvcOperator: + componentName: cvc-operator + target: + image: + registry: + repository: openebs/cstor-istgt + tag: 2.11.0 + volumeMgmt: + image: + registry: + repository: openebs/cstor-volume-manager + tag: 2.11.0 + volumeExporter: + image: + registry: + repository: openebs/m-exporter + tag: 2.11.0 + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/cvc-operator + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 2.11.0 + annotations: {} + resyncInterval: "30" + podAnnotations: {} + podLabels: {} + nodeSelector: {} + tolerations: [] + resources: {} + securityContext: {} + +csiController: + priorityClass: + create: true + name: cstor-csi-controller-critical + componentName: "openebs-cstor-csi-controller" + resizer: + name: "csi-resizer" + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-resizer + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v1.1.0 + snapshotter: + name: "csi-snapshotter" + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-snapshotter + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v3.0.3 + snapshotController: + name: "snapshot-controller" + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/snapshot-controller + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v3.0.3 + attacher: + name: "csi-attacher" + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-attacher + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v3.1.0 + provisioner: + name: "csi-provisioner" + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-provisioner + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v2.1.0 + annotations: {} + podAnnotations: {} + podLabels: {} + nodeSelector: {} + tolerations: [] + resources: {} + securityContext: {} + +cstorCSIPlugin: + name: cstor-csi-plugin + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/cstor-csi-driver + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 2.11.0 + remount: "true" + +csiNode: + priorityClass: + create: true + name: cstor-csi-node-critical + componentName: "openebs-cstor-csi-node" + driverRegistrar: + name: "csi-node-driver-registrar" + image: + registry: k8s.gcr.io/ + repository: sig-storage/csi-node-driver-registrar + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v2.1.0 + updateStrategy: + type: RollingUpdate + annotations: {} + podAnnotations: {} + resources: {} + # limits: + # cpu: 10m + # memory: 32Mi + # requests: + # cpu: 10m + # memory: 32Mi + ## Labels to be added to openebs-cstor-csi-node pods + podLabels: {} + # kubeletDir path can be configured to run on various different k8s distributions like + # microk8s where kubelet root dir is not (/var/lib/kubelet/). For example microk8s, + # we need to change the kubelet directory to `/var/snap/microk8s/common/var/lib/kubelet/` + kubeletDir: "/var/lib/kubelet/" + nodeSelector: {} + tolerations: [] + securityContext: {} + +csiDriver: + create: true + podInfoOnMount: true + attachRequired: false + +admissionServer: + componentName: cstor-admission-webhook + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/cstor-webhook + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 2.11.0 + failurePolicy: "Fail" + annotations: {} + podAnnotations: {} + podLabels: {} + nodeSelector: {} + tolerations: [] + resources: {} + securityContext: {} + +serviceAccount: + # Annotations to add to the service account + annotations: {} + cstorOperator: + create: true + name: openebs-cstor-operator + csiController: + # Specifies whether a service account should be created + create: true + name: openebs-cstor-csi-controller-sa + csiNode: + # Specifies whether a service account should be created + create: true + name: openebs-cstor-csi-node-sa + +analytics: + enabled: true + # Specify in hours the duration after which a ping event needs to be sent. + pingInterval: "24h" + +cleanup: + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: bitnami/kubectl + tag: diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/.helmignore b/charts/openebs/openebs/3.0.0/charts/jiva/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/Chart.lock b/charts/openebs/openebs/3.0.0/charts/jiva/Chart.lock new file mode 100644 index 000000000..9ca339356 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: localpv-provisioner + repository: https://openebs.github.io/dynamic-localpv-provisioner + version: 2.11.0 +digest: sha256:947f9f89e8ce4efb17f542729a44d6be93c87441acde7f866fd420402a086f72 +generated: "2021-07-16T06:37:41.704645964Z" diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/Chart.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/Chart.yaml new file mode 100644 index 000000000..24cd22445 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/Chart.yaml @@ -0,0 +1,27 @@ +apiVersion: v2 +appVersion: 2.11.0 +dependencies: +- condition: openebsLocalpv.enabled + name: localpv-provisioner + repository: https://openebs.github.io/dynamic-localpv-provisioner + version: 2.11.0 +description: Jiva-Operator helm chart for Kubernetes +home: http://www.openebs.io/ +icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/openebs/icon/color/openebs-icon-color.png +keywords: +- cloud-native-storage +- block-storage +- iSCSI +- storage +- jiva +- jiva-operator +maintainers: +- email: prateek.pandey@mayadata.io + name: prateekpandey14 +- email: shubham.bajpai@mayadata.io + name: shubham14bajpai +name: jiva +sources: +- https://github.com/openebs/jiva-operator +type: application +version: 2.11.0 diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/README.md b/charts/openebs/openebs/3.0.0/charts/jiva/README.md new file mode 100644 index 000000000..50def8ff2 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/README.md @@ -0,0 +1,207 @@ + +# OpenEBS Jiva + +[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) +![Release Charts](https://github.com/openebs/jiva-operator/workflows/Release%20Charts/badge.svg?branch=master) +![Chart Lint and Test](https://github.com/openebs/jiva-operator/workflows/Chart%20Lint%20and%20Test/badge.svg) + +OpenEBS Jiva helm chart for Kubernetes. This chart bootstraps OpenEBS jiva operators and csi driver deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| prateekpandey14 | prateek.pandey@mayadata.io | | +| shubham14bajpai | shubham.bajpai@mayadata.io | | + +## Get Repo Info + +```console +helm repo add openebs-jiva https://openebs.github.io/jiva-operator +helm repo update +``` + +_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + +## Install Chart + +Please visit the [link](https://openebs.github.io/jiva-operator) for install instructions via helm3. + +```console +# Helm +helm install [RELEASE_NAME] openebs-jiva/jiva --namespace [NAMESPACE] --create-namespace +``` + +_See [configuration](#configuration) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + + +## Dependencies + +By default this chart installs additional, dependent charts: + +| Repository | Name | Version | +|------------|------|---------| +| https://openebs.github.io/dynamic-localpv-provisioner | localpv-provisioner | 2.11.0 | + +**Note:** Find detailed Dynamic LocalPV Provisioner Helm chart configuration options [here](https://github.com/openebs/dynamic-localpv-provisioner/blob/develop/deploy/helm/charts/README.md). + +To disable the dependency during installation, set `openebsLocalpv.enabled` to `false`. + +```console +helm install openebs-jiva/jiva --namespace --create-namespace --set openebsLocalpv.enabled=false +``` + +For more details on dependency see [Jiva chart readme](https://github.com/openebs/jiva-operator/blob/master/deploy/helm/charts/README.md). + +_See [helm dependency](https://helm.sh/docs/helm/helm_dependency/) for command documentation._ + +## Uninstall Chart + +```console +# Helm +helm uninstall [RELEASE_NAME] --namespace [NAMESPACE] +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +## Upgrading Chart + +```console +# Helm +helm upgrade [RELEASE_NAME] [CHART] --install --namespace [NAMESPACE] +``` + +## Configuration + +The following table lists the configurable parameters of the OpenEBS Jiva chart and their default values. +You can modify different parameters by specifying the desired value in the helm install command by using the `--set` and/or the `--set-string` flag(s). You can modify the parameters of the [Dynamic LocalPV Provisioner chart](https://openebs.github.io/dynamic-localpv-provisioner) by adding `localpv-provisioner` before the desired parameter in the helm install command. + +In the following sample command we modify `csiNode.nodeSelector` from the Jiva chart to only use the NodeSelector label `openebs.io/data-plane=true` to schedule the openebs-jiva-csi-node DaemonSet pods, and we also modify `hostpathClass.basePath` from the localpv-provisioner chart to change the BasePath directory to '/data' used by the openebs-hostpath StorageClass. + +```console +helm install openebs-jiva openebs-jiva/jiva -n openebs --create-namespace \ + --set-string csiNode.nodeSelector."openebs\.io/data-plane"=true \ + --set-string localpv-provisioner.hostpathClass.basePath="/data" +``` + +The Dynamic LocalPV Provisioner helm chart (this is a dependency for the Jiva helm chart) includes the [Node Disk Manager (NDM)](https://openebs.github.io/node-disk-manager/) helm chart. This NDM helm chart is disabled by default. You can enable the NDM chart during installation using flags as shown below: + +```console +helm install openebs-jiva openebs-jiva/jiva -n openebs --create-namespace \ + --set localpv-provisioner.openebsNDM.enabled=true \ + --set localpv-provisioner.deviceClass.enabled=true +``` + +If you have already installed Jiva without NDM, and would like to enable it after installation, use the following command: + +```console +helm upgrade openebs-jiva openebs-jiva/jiva -n openebs \ + --set localpv-provisioner.openebsNDM.enabled=true \ + --set localpv-provisioner.deviceClass.enabled=true +``` + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| csiController.annotations | object | `{}` | CSI controller annotations | +| csiController.attacher.image.pullPolicy | string | `"IfNotPresent"` | CSI attacher image pull policy | +| csiController.attacher.image.registry | string | `"k8s.gcr.io/"` | CSI attacher image registry | +| csiController.attacher.image.repository | string | `"k8scsi/csi-attacher"` | CSI attacher image repo | +| csiController.attacher.image.tag | string | `"v3.1.0"` | CSI attacher image tag | +| csiController.attacher.name | string | `"csi-attacher"` | CSI attacher container name| +| csiController.componentName | string | `""` | CSI controller component name | +| csiController.driverRegistrar.image.pullPolicy | string | `"IfNotPresent"` | CSI driver registrar image pull policy | +| csiController.driverRegistrar.image.registry | string | `"k8s.gcr.io/"` | CSI driver registrar image registry | +| csiController.driverRegistrar.image.repository | string | `"k8scsi/csi-cluster-driver-registrar"` | CSI driver registrar image repo | +| csiController.driverRegistrar.image.tag | string | `"v1.0.1"` | CSI driver registrar image tag| +| csiController.driverRegistrar.name | string | `"csi-cluster-driver-registrar"` | CSI driver registrar container name | +| csiController.livenessprobe.image.pullPolicy | string | `"IfNotPresent"` | CSI livenessprobe image pull policy | +| csiController.livenessprobe.image.registry | string | `"k8s.gcr.io/"` | CSI livenessprobe image registry | +| csiController.livenessprobe.image.repository | string | `"k8scsi/livenessprobe"` | CSI livenessprobe image repo | +| csiController.livenessprobe.image.tag | string | `"v2.2.0"` | CSI livenessprobe image tag | +| csiController.livenessprobe.name | string | `"liveness-probe"` | CSI livenessprobe container name| +| csiController.nodeSelector | object | `{}` | CSI controller pod node selector | +| csiController.podAnnotations | object | `{}` | CSI controller pod annotations | +| csiController.provisioner.image.pullPolicy | string | `"IfNotPresent"` | CSI provisioner image pull policy | +| csiController.provisioner.image.registry | string | `"k8s.gcr.io/"` | CSI provisioner image pull registry | +| csiController.provisioner.image.repository | string | `"k8scsi/csi-provisioner"` | CSI provisioner image pull repository | +| csiController.provisioner.image.tag | string | `"v2.1.0"` | CSI provisioner image tag | +| csiController.provisioner.name | string | `"csi-provisioner"` | CSI provisioner container name | +| csiController.resizer.image.pullPolicy | string | `"IfNotPresent"` | CSI resizer image pull policy | +| csiController.resizer.image.registry | string | `"k8s.gcr.io/"` | CSI resizer image registry | +| csiController.resizer.image.repository | string | `"k8scsi/csi-resizer"` | CSI resizer image repository| +| csiController.resizer.image.tag | string | `"v1.1.0"` | CSI resizer image tag | +| csiController.resizer.name | string | `"csi-resizer"` | CSI resizer container name | +| csiController.resources | object | `{}` | CSI controller container resources | +| csiController.securityContext | object | `{}` | CSI controller security context | +| csiController.tolerations | list | `[]` | CSI controller pod tolerations | +| csiNode.annotations | object | `{}` | CSI Node annotations | +| csiNode.componentName | string | `"openebs-jiva-csi-node"` | CSI Node component name | +| csiNode.driverRegistrar.image.pullPolicy | string | `"IfNotPresent"` | CSI Node driver registrar image pull policy| +| csiNode.driverRegistrar.image.registry | string | `"k8s.gcr.io/"` | CSI Node driver registrar image registry | +| csiNode.driverRegistrar.image.repository | string | `"k8scsi/csi-node-driver-registrar"` | CSI Node driver registrar image repository | +| csiNode.driverRegistrar.image.tag | string | `"v2.0.1"` | CSI Node driver registrar image tag| +| csiNode.driverRegistrar.name | string | `"csi-node-driver-registrar"` | CSI Node driver registrar container name | +| csiNode.kubeletDir | string | `"/var/lib/kubelet/"` | Kubelet root dir | +| csiNode.labels | object | `{}` | CSI Node pod labels | +| csiNode.nodeSelector | object | `{}` | CSI Node pod nodeSelector | +| csiNode.podAnnotations | object | `{}` | CSI Node pod annotations | +| csiNode.resources | object | `{}` | CSI Node pod resources | +| csiNode.securityContext | object | `{}` | CSI Node pod security context | +| csiNode.tolerations | list | `[]` | CSI Node pod tolerations | +| csiNode.updateStrategy.type | string | `"RollingUpdate"` | CSI Node daemonset update strategy | +| csiNode.livenessprobe.image.pullPolicy | string | `"IfNotPresent"` | CSI livenessprobe image pull policy | +| csiNode.livenessprobe.image.registry | string | `"k8s.gcr.io/"` | CSI livenessprobe image registry | +| csiNode.livenessprobe.image.repository | string | `"k8scsi/livenessprobe"` | CSI livenessprobe image repo | +| csiNode.livenessprobe.image.tag | string | `"v2.2.0"` | CSI livenessprobe image tag | +| csiNode.livenessprobe.name | string | `"liveness-probe"` | CSI livenessprobe container name| +| defaultPolicy.name | string | `"openebs-jiva-default-policy"` | Default jiva volume policy | +| defaultPolicy.enabled | bool | `true` | Enable default jiva volume policy | +| defaultPolicy.replicaSC | string | `"openebs-hostpath"` | StorageClass used for creating the PVC for the replica STS | +| defaultPolicy.replicas | string | `"3"` | The desired replication factor for the jiva volumes | +| defaultClass.name | string | `"openebs-jiva-csi-default"` | Default jiva csi StorageClass | +| defaultClass.enabled | bool | `true` | Enable default jiva csi StorageClass | +| defaultClass.reclaimPolicy | string | `"Delete"` | Reclaim Policy for the StorageClass | +| defaultClass.isDefaultClass | bool | `false` | Make jiva csi StorageClass as the default StorageClass | +| jivaOperator.annotations | object | `{}` | Jiva operator annotations | +| jivaOperator.componentName | string | `"jiva-operator"` | Jiva operator component name | +| jivaOperator.image.pullPolicy | string | `"IfNotPresent"` | Jiva operator image pull policy | +| jivaOperator.image.registry | string | `nil` | Jiva operator image registry | +| jivaOperator.image.repository | string | `"openebs/jiva-operator"` | Jiva operator image repository | +| jivaOperator.image.tag | string | `"2.11.0"` | Jiva operator image tag | +| jivaOperator.nodeSelector | object | `{}` | Jiva operator pod nodeSelector| +| jivaOperator.podAnnotations | object | `{}` | Jiva operator pod annotations | +| jivaOperator.resources | object | `{}` | Jiva operator pod resources | +| jivaOperator.securityContext | object | `{}` | Jiva operator security context | +| jivaOperator.tolerations | list | `[]` | Jiva operator pod tolerations | +| jivaCSIPlugin.image.pullPolicy | string | `"IfNotPresent"` | Jiva CSI driver image pull policy | +| jivaCSIPlugin.image.registry | string | `nil` | Jiva CSI driver image registry | +| jivaCSIPlugin.image.repository | string | `"openebs/jiva-csi"` | Jiva CSI driver image repository | +| jivaCSIPlugin.image.tag | string | `"2.11.0"` | Jiva CSI driver image tag | +| jivaCSIPlugin.name | string | `"jiva-csi-plugin"` | Jiva CSI driver container name | +| jivaCSIPlugin.remount | string | `"true"` | Jiva CSI driver remount feature, enabled by default | +| rbac.create | bool | `true` | Enable RBAC | +| rbac.pspEnabled | bool | `false` | Enable PodSecurityPolicy | +| release.version | string | `"2.11.0"` | Openebs Jiva release version | +| serviceAccount.annotations | object | `{}` | Service Account annotations | +| serviceAccount.csiController.create | bool | `true` | Enable CSI Controller ServiceAccount | +| serviceAccount.csiController.name | string | `"openebs-jiva-csi-controller-sa"` | CSI Controller ServiceAccount name | +| serviceAccount.csiNode.create | bool | `true` | Enable CSI Node ServiceAccount | +| serviceAccount.csiNode.name | string | `"openebs-jiva-csi-node-sa"` | CSI Node ServiceAccount name | +| serviceAccount.jivaOperator.create | bool | `true` | Enable Jiva Operator Node ServiceAccount | +| serviceAccount.jivaOperator.name | string | `"openebs-jiva-operator"` | Jiva Operator ServiceAccount name | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```bash +helm install -f values.yaml openebs-jiva/jiva +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/.helmignore b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/Chart.lock b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/Chart.lock new file mode 100644 index 000000000..1399387a0 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: openebs-ndm + repository: https://openebs.github.io/node-disk-manager + version: 1.6.0 +digest: sha256:bb37660c475faea9651f07b43f655da8f19d251b3227da70ec4990fae6d380f0 +generated: "2021-07-16T06:29:18.04468484Z" diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/Chart.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/Chart.yaml new file mode 100644 index 000000000..8e02a3469 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/Chart.yaml @@ -0,0 +1,27 @@ +apiVersion: v2 +appVersion: 2.11.0 +dependencies: +- condition: openebsNDM.enabled + name: openebs-ndm + repository: https://openebs.github.io/node-disk-manager + version: 1.6.0 +description: Helm chart for OpenEBS Dynamic Local PV. For instructions to install + OpenEBS Dynamic Local PV using helm chart, refer to https://openebs.github.io/dynamic-localpv-provisioner/. +home: http://www.openebs.io/ +icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/openebs/icon/color/openebs-icon-color.png +keywords: +- storage +- local +- dynamic-localpv +maintainers: +- email: akhil.mohan@mayadata.io + name: akhilerm +- email: kiran.mova@mayadata.io + name: kiranmova +- email: prateek.pandey@mayadata.io + name: prateekpandey14 +name: localpv-provisioner +sources: +- https://github.com/openebs/dynamic-localpv-provisioner +type: application +version: 2.11.0 diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/README.md b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/README.md new file mode 100644 index 000000000..139ac268c --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/README.md @@ -0,0 +1,143 @@ +# OpenEBS LocalPV Provisioner + +[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) +![Chart Lint and Test](https://github.com/openebs/dynamic-localpv-provisioner/workflows/Chart%20Lint%20and%20Test/badge.svg) +![Release Charts](https://github.com/openebs/dynamic-localpv-provisioner/workflows/Release%20Charts/badge.svg?branch=develop) + +A Helm chart for openebs dynamic localpv provisioner. This chart bootstraps OpenEBS Dynamic LocalPV provisioner deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| akhilerm | akhil.mohan@mayadata.io | | +| kiranmova | kiran.mova@mayadata.io | | +| prateekpandey14 | prateek.pandey@mayadata.io | | + + +## Get Repo Info + +```console +helm repo add openebs-localpv https://openebs.github.io/dynamic-localpv-provisioner +helm repo update +``` + +_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + +## Install Chart + +Please visit the [link](https://openebs.github.io/dynamic-localpv-provisioner/) for install instructions via helm3. + +```console +# Helm +helm install [RELEASE_NAME] openebs-localpv/localpv-provisioner --namespace [NAMESPACE] --create-namespace +``` + +_See [configuration](#configuration) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + +## Dependencies + +By default this chart installs additional, dependent charts: + +| Repository | Name | Version | +|------------|------|---------| +| https://openebs.github.io/node-disk-manager | openebs-ndm | 1.6.0 | + +**Note:** Find detailed Node Disk Manager Helm chart configuration options [here](https://github.com/openebs/node-disk-manager/blob/master/deploy/helm/charts/README.md). + + +To disable the dependency during installation, set `openebsNDM.enabled` to `false`. + +_See [helm dependency](https://helm.sh/docs/helm/helm_dependency/) for command documentation._ + +## Uninstall Chart + +```console +# Helm +helm uninstall [RELEASE_NAME] --namespace [NAMESPACE] +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +## Upgrading Chart + +```console +# Helm +helm upgrade [RELEASE_NAME] [CHART] --install --namespace [NAMESPACE] +``` + + +## Configuration + +The following table lists the configurable parameters of the OpenEBS Dynamic LocalPV Provisioner chart and their default values. + +You can modify different parameters by specifying the desired value in the `helm install` command by using the `--set` and/or the `--set-string` flag(s). You can modify the parameters of the [Node Disk Manager chart](https://openebs.github.io/node-disk-manager) by adding `openebs-ndm` before the desired parameter in the `helm install` command. + +In the following sample command we modify `deviceClass.fsType` from the localpv-provisioner chart and `ndm.nodeSelector` from the openebs-ndm chart to only schedule openebs-ndm DaemonSet pods on nodes labelled with `openebs.io/data-plane=true`. We also enable the 'Use OS-disk' feature gate using the `featureGates.UseOSDisk.enabled` parameter from the openebs-ndm chart. + + +```console +helm install openebs-localpv openebs-localpv/localpv-provisioner --namespace openebs --create-namespace \ + --set-string deviceClass.fsType="xfs" \ + --set-string openebs-ndm.ndm.nodeSelector."openebs\.io/data-plane"=true \ + --set openebs-ndm.featureGates.UseOSDisk.enabled=true +``` + +| Parameter | Description | Default | +| ------------------------------------------- | --------------------------------------------- | ----------------------------------------- | +| `release.version` | LocalPV Provisioner release version | `2.11.0` | +| `analytics.enabled` | Enable sending stats to Google Analytics | `true` | +| `analytics.pingInterval` | Duration(hours) between sending ping stat | `24h` | +| `deviceClass.blockDeviceTag` | Value of `openebs.io/block-device-tag` BD label | `""` | +| `deviceClass.enabled` | Enables creation of default Device StorageClass | `true` | +| `deviceClass.fsType` | Filesystem type for openebs-device StorageClass | `"ext4"` | +| `deviceClass.isDefaultClass` | Make openebs-device the default StorageClass | `"false"` | +| `deviceClass.reclaimPolicy` | ReclaimPolicy for Device PVs | `"Delete"` | +| `helperPod.image.registry` | Registry for helper image | `""` | +| `helperPod.image.repository` | Image for helper pod | `"openebs/linux-utils"` | +| `helperPod.image.pullPolicy` | Pull policy for helper pod | `"IfNotPresent"` | +| `helperPod.image.tag` | Image tag for helper image | `2.11.0` | +| `hostpathClass.basePath` | BasePath for openebs-hostpath StorageClass | `"/var/openebs/local"` | +| `hostpathClass.enabled` | Enables creation of default Hostpath StorageClass | `true` | +| `hostpathClass.isDefaultClass` | Make openebs-hostpath the default StorageClass | `"false"` | +| `hostpathClass.nodeAffinityLabel` | Custom node label key to uniquely identify nodes. `kubernetes.io/hostname` is the default label key for node selection. | `""` | +| `hostpathClass.reclaimPolicy` | ReclaimPolicy for Hostpath PVs | `"Delete"` | +| `imagePullSecrets` | Provides image pull secrect | `""` | +| `localpv.enabled` | Enable LocalPV Provisioner | `true` | +| `localpv.image.registry` | Registry for LocalPV Provisioner image | `""` | +| `localpv.image.repository` | Image repository for LocalPV Provisioner | `openebs/localpv-provisioner` | +| `localpv.image.pullPolicy` | Image pull policy for LocalPV Provisioner | `IfNotPresent` | +| `localpv.image.tag` | Image tag for LocalPV Provisioner | `2.11.0` | +| `localpv.updateStrategy.type` | Update strategy for LocalPV Provisioner | `RollingUpdate` | +| `localpv.annotations` | Annotations for LocalPV Provisioner metadata | `""` | +| `localpv.podAnnotations` | Annotations for LocalPV Provisioner pods metadata | `""` | +| `localpv.privileged` | Run LocalPV Provisioner with extra privileges | `true` | +| `localpv.resources` | Resource and request and limit for containers | `""` | +| `localpv.podLabels` | Appends labels to the pods | `""` | +| `localpv.nodeSelector` | Nodeselector for LocalPV Provisioner pods | `""` | +| `localpv.tolerations` | LocalPV Provisioner pod toleration values | `""` | +| `localpv.securityContext` | Seurity context for container | `""` | +| `localpv.healthCheck.initialDelaySeconds` | Delay before liveness probe is initiated | `30` | +| `localpv.healthCheck.periodSeconds` | How often to perform the liveness probe | `60` | +| `localpv.replicas` | No. of LocalPV Provisioner replica | `1` | +| `localpv.enableLeaderElection` | Enable leader election | `true` | +| `localpv.affinity` | LocalPV Provisioner pod affinity | `{}` | +| `openebsNDM.enabled` | Install openebs NDM dependency | `true` | +| `rbac.create` | Enable RBAC Resources | `true` | +| `rbac.pspEnabled` | Create pod security policy resources | `false` | + + +A YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```bash +helm install -f values.yaml --namespace openebs openebs-localpv/localpv-provisioner +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/Chart.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/Chart.yaml new file mode 100644 index 000000000..890c4887b --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/Chart.yaml @@ -0,0 +1,23 @@ +apiVersion: v2 +appVersion: 1.6.0 +description: Helm chart for OpenEBS Node Disk Manager - a Kubernetes native storage + device management solution. For instructions on how to install, refer to https://openebs.github.io/node-disk-manager/. +home: http://www.openebs.io/ +icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/openebs/icon/color/openebs-icon-color.png +keywords: +- cloud-native-storage +- block-storage +- ndm +- disk-inventory +- storage +maintainers: +- email: akhil.mohan@mayadata.io + name: akhilerm +- email: michaelfornaro@gmail.com + name: xUnholy +- email: prateek.pandey@mayadata.io + name: prateekpandey14 +name: openebs-ndm +sources: +- https://github.com/openebs/node-disk-manager +version: 1.6.0 diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/README.md b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/README.md new file mode 100644 index 000000000..497b6b450 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/README.md @@ -0,0 +1,79 @@ +## Introduction + +This chart bootstraps OpenEBS NDM deployment on a [Kubernetes](http://kubernetes.io) cluster using the +[Helm](https://helm.sh) package manager. + +## Installation + +You can run OpenEBS NDM on any Kubernetes 1.13+ cluster in a matter of seconds. + +Please visit the [link](https://openebs.github.io/node-disk-manager/) for install instructions via helm3. + +## Configuration + +The following table lists the configurable parameters of the OpenEBS NDM chart and their default values. + +| Parameter | Description | Default | +| ----------------------------------------| --------------------------------------------- | ----------------------------------------- | +| `imagePullSecrets` | Provides image pull secrect | `""` | +| `ndm.enabled` | Enable Node Disk Manager | `true` | +| `ndm.image.registry` | Registry for Node Disk Manager image | `""` | +| `ndm.image.repository` | Image repository for Node Disk Manager | `openebs/node-disk-manager` | +| `ndm.image.pullPolicy` | Image pull policy for Node Disk Manager | `IfNotPresent` | +| `ndm.image.tag` | Image tag for Node Disk Manager | `1.5.0` | +| `ndm.sparse.path` | Directory where Sparse files are created | `/var/openebs/sparse` | +| `ndm.sparse.size` | Size of the sparse file in bytes | `10737418240` | +| `ndm.sparse.count` | Number of sparse files to be created | `0` | +| `ndm.updateStrategy.type` | Update strategy for NDM daemonset | `RollingUpdate` | +| `ndm.annotations` | Annotations for NDM daemonset metadata | `""` | +| `ndm.podAnnotations` | Annotations for NDM daemonset's pods metadata | `""` | +| `ndm.resources` | Resource and request and limit for containers | `""` | +| `ndm.podLabels` | Appends labels to the pods | `""` | +| `ndm.nodeSelector` | Nodeselector for daemonset pods | `""` | +| `ndm.tolerations` | NDM daemonset's pod toleration values | `""` | +| `ndm.securityContext` | Seurity context for container | `""` | +| `ndm.filters.enableOsDiskExcludeFilter` | Enable filters of OS disk exclude | `true` | +| `ndm.filters.osDiskExcludePaths` | Paths/Mountpoints to be excluded by OS Disk Filter| `/,/etc/hosts,/boot` | +| `ndm.filters.enableVendorFilter` | Enable filters of vendors | `true` | +| `ndm.filters.excludeVendors` | Exclude devices with specified vendor | `CLOUDBYT,OpenEBS` | +| `ndm.filters.enablePathFilter` | Enable filters of paths | `true` | +| `ndm.filters.includePaths` | Include devices with specified path patterns | `""` | +| `ndm.filters.excludePaths` | Exclude devices with specified path patterns | `loop,fd0,sr0,/dev/ram,/dev/dm-,/dev/md,/dev/rbd,/dev/zd`| +| `ndm.probes.enableSeachest` | Enable Seachest probe for NDM | `false` | +| `ndm.probes.enableUdevProbe` | Enable Udev probe for NDM | `true` | +| `ndm.probes.enableSmartProbe` | Enable Smart probe for NDM | `true` | +| `ndmOperator.enabled` | Enable NDM Operator | `true` | +| `ndmOperator.replica` | Pod replica count for NDM operator | `1` | +| `ndmOperator.upgradeStrategy` | Update strategy NDM operator | `"Recreate"` | +| `ndmOperator.image.registry` | Registry for NDM operator image | `""` | +| `ndmOperator.image.repository` | Image repository for NDM operator | `openebs/node-disk-operator` | +| `ndmOperator.image.pullPolicy` | Image pull policy for NDM operator | `IfNotPresent` | +| `ndmOperator.image.tag` | Image tag for NDM operator | `1.5.0` | +| `ndmOperator.annotations` | Annotations for NDM operator metadata | `""` | +| `ndmOperator.podAnnotations` | Annotations for NDM operator's pods metadata | `""` | +| `ndmOperator.resources` | Resource and request and limit for containers | `""` | +| `ndmOperator.podLabels` | Appends labels to the pods | `""` | +| `ndmOperator.nodeSelector` | Nodeselector for operator pods | `""` | +| `ndmOperator.tolerations` | NDM operator's pod toleration values | `""` | +| `ndmOperator.securityContext` | Seurity context for container | `""` | +| `featureGates.APIService.enabled` | Enable the gRPC API service of NDM | `false` | +| `featureGates.UseOSDisk.enabled` | Enable feature-gate to use free space on OS disk | `false` | +| `featureGates.MountChangeDetection.enabled` | Enable feature-gate to detect mountpoint/filesystem changes | `false` | +| `helperPod.image.registry` | Registry for helper image | `""` | +| `helperPod.image.repository` | Image for helper pod | `openebs/linux-utils` | +| `helperPod.image.pullPolicy` | Pull policy for helper pod | `IfNotPresent` | +| `helperPod.image.tag` | Image tag for helper image | `2.10.0` | +| `varDirectoryPath.baseDir` | Directory to store debug info and so forth | `/var/openebs` | +| `serviceAccount.create` | Create a service account or not | `true` | +| `serviceAccount.name` | Name for the service account | `true` | + + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```bash +helm install -f values.yaml ndm/openebs-ndm +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/crds/blockdevice.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/crds/blockdevice.yaml new file mode 100644 index 000000000..95f40703c --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/crds/blockdevice.yaml @@ -0,0 +1,241 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: blockdevices.openebs.io +spec: + group: openebs.io + names: + kind: BlockDevice + listKind: BlockDeviceList + plural: blockdevices + shortNames: + - bd + singular: blockdevice + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.nodeAttributes.nodeName + name: NodeName + type: string + - jsonPath: .spec.path + name: Path + priority: 1 + type: string + - jsonPath: .spec.filesystem.fsType + name: FSType + priority: 1 + type: string + - jsonPath: .spec.capacity.storage + name: Size + type: string + - jsonPath: .status.claimState + name: ClaimState + type: string + - jsonPath: .status.state + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: BlockDevice is the Schema for the blockdevices API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DeviceSpec defines the properties and runtime status of a BlockDevice + properties: + aggregateDevice: + description: AggregateDevice was intended to store the hierarchical information in cases of LVM. However this is currently not implemented and may need to be re-looked into for better design. To be deprecated + type: string + capacity: + description: Capacity + properties: + logicalSectorSize: + description: LogicalSectorSize is blockdevice logical-sector size in bytes + format: int32 + type: integer + physicalSectorSize: + description: PhysicalSectorSize is blockdevice physical-Sector size in bytes + format: int32 + type: integer + storage: + description: Storage is the blockdevice capacity in bytes + format: int64 + type: integer + required: + - storage + type: object + claimRef: + description: ClaimRef is the reference to the BDC which has claimed this BD + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + details: + description: Details contain static attributes of BD like model,serial, and so forth + properties: + compliance: + description: Compliance is standards/specifications version implemented by device firmware such as SPC-1, SPC-2, etc + type: string + deviceType: + description: DeviceType represents the type of device like sparse, disk, partition, lvm, crypt + enum: + - disk + - partition + - sparse + - loop + - lvm + - crypt + - dm + - mpath + type: string + driveType: + description: DriveType is the type of backing drive, HDD/SSD + enum: + - HDD + - SSD + - Unknown + - "" + type: string + firmwareRevision: + description: FirmwareRevision is the disk firmware revision + type: string + hardwareSectorSize: + description: HardwareSectorSize is the hardware sector size in bytes + format: int32 + type: integer + logicalBlockSize: + description: LogicalBlockSize is the logical block size in bytes reported by /sys/class/block/sda/queue/logical_block_size + format: int32 + type: integer + model: + description: Model is model of disk + type: string + physicalBlockSize: + description: PhysicalBlockSize is the physical block size in bytes reported by /sys/class/block/sda/queue/physical_block_size + format: int32 + type: integer + serial: + description: Serial is serial number of disk + type: string + vendor: + description: Vendor is vendor of disk + type: string + type: object + devlinks: + description: DevLinks contains soft links of a block device like /dev/by-id/... /dev/by-uuid/... + items: + description: DeviceDevLink holds the mapping between type and links like by-id type or by-path type link + properties: + kind: + description: Kind is the type of link like by-id or by-path. + enum: + - by-id + - by-path + type: string + links: + description: Links are the soft links + items: + type: string + type: array + type: object + type: array + filesystem: + description: FileSystem contains mountpoint and filesystem type + properties: + fsType: + description: Type represents the FileSystem type of the block device + type: string + mountPoint: + description: MountPoint represents the mountpoint of the block device. + type: string + type: object + nodeAttributes: + description: NodeAttributes has the details of the node on which BD is attached + properties: + nodeName: + description: NodeName is the name of the Kubernetes node resource on which the device is attached + type: string + type: object + parentDevice: + description: "ParentDevice was intended to store the UUID of the parent Block Device as is the case for partitioned block devices. \n For example: /dev/sda is the parent for /dev/sda1 To be deprecated" + type: string + partitioned: + description: Partitioned represents if BlockDevice has partitions or not (Yes/No) Currently always default to No. To be deprecated + enum: + - "Yes" + - "No" + type: string + path: + description: Path contain devpath (e.g. /dev/sdb) + type: string + required: + - capacity + - devlinks + - nodeAttributes + - path + type: object + status: + description: DeviceStatus defines the observed state of BlockDevice + properties: + claimState: + description: ClaimState represents the claim state of the block device + enum: + - Claimed + - Unclaimed + - Released + type: string + state: + description: State is the current state of the blockdevice (Active/Inactive/Unknown) + enum: + - Active + - Inactive + - Unknown + type: string + required: + - claimState + - state + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/crds/blockdeviceclaim.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/crds/blockdeviceclaim.yaml new file mode 100644 index 000000000..81b9a355e --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/crds/blockdeviceclaim.yaml @@ -0,0 +1,144 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: blockdeviceclaims.openebs.io +spec: + group: openebs.io + names: + kind: BlockDeviceClaim + listKind: BlockDeviceClaimList + plural: blockdeviceclaims + shortNames: + - bdc + singular: blockdeviceclaim + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.blockDeviceName + name: BlockDeviceName + type: string + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: BlockDeviceClaim is the Schema for the blockdeviceclaims API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DeviceClaimSpec defines the request details for a BlockDevice + properties: + blockDeviceName: + description: BlockDeviceName is the reference to the block-device backing this claim + type: string + blockDeviceNodeAttributes: + description: BlockDeviceNodeAttributes is the attributes on the node from which a BD should be selected for this claim. It can include nodename, failure domain etc. + properties: + hostName: + description: HostName represents the hostname of the Kubernetes node resource where the BD should be present + type: string + nodeName: + description: NodeName represents the name of the Kubernetes node resource where the BD should be present + type: string + type: object + deviceClaimDetails: + description: Details of the device to be claimed + properties: + allowPartition: + description: AllowPartition represents whether to claim a full block device or a device that is a partition + type: boolean + blockVolumeMode: + description: 'BlockVolumeMode represents whether to claim a device in Block mode or Filesystem mode. These are use cases of BlockVolumeMode: 1) Not specified: VolumeMode check will not be effective 2) VolumeModeBlock: BD should not have any filesystem or mountpoint 3) VolumeModeFileSystem: BD should have a filesystem and mountpoint. If DeviceFormat is specified then the format should match with the FSType in BD' + type: string + formatType: + description: Format of the device required, eg:ext4, xfs + type: string + type: object + deviceType: + description: DeviceType represents the type of drive like SSD, HDD etc., + nullable: true + type: string + hostName: + description: Node name from where blockdevice has to be claimed. To be deprecated. Use NodeAttributes.HostName instead + type: string + resources: + description: Resources will help with placing claims on Capacity, IOPS + properties: + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum resources required. eg: if storage resource of 10G is requested minimum capacity of 10G should be available TODO for validating' + type: object + required: + - requests + type: object + selector: + description: Selector is used to find block devices to be considered for claiming + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: object + status: + description: DeviceClaimStatus defines the observed state of BlockDeviceClaim + properties: + phase: + description: Phase represents the current phase of the claim + type: string + required: + - phase + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/NOTES.txt b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/NOTES.txt new file mode 100644 index 000000000..3c84551b5 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/NOTES.txt @@ -0,0 +1,8 @@ +The OpenEBS Node Disk Manager has been installed. Check its status by running: +$ kubectl get pods -n {{ .Release.Namespace }} + +Use `kubectl get bd -n {{ .Release.Namespace }} ` to see the list of +blockdevices attached to the Kubernetes cluster nodes. + +For more information, visit our Slack at https://openebs.io/community or view +the documentation online at http://docs.openebs.io/. diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/_helpers.tpl b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/_helpers.tpl new file mode 100644 index 000000000..e6d5b99dc --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/_helpers.tpl @@ -0,0 +1,132 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +This name is used for ndm daemonset +*/}} +{{- define "openebs-ndm.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "openebs-ndm.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified ndm daemonset app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "openebs-ndm.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains .Release.Name $name }} +{{- $name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{- define "openebs-ndm.operator.name" -}} +{{- $ndmName := default .Chart.Name .Values.ndmOperator.nameOverride | trunc 63 | trimSuffix "-" }} +{{- $componentName := .Values.ndmOperator.name | trunc 63 | trimSuffix "-" }} +{{- printf "%s-%s" $ndmName $componentName | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified ndm operator app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "openebs-ndm.operator.fullname" -}} +{{- if .Values.ndmOperator.fullnameOverride }} +{{- .Values.ndmOperator.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $ndmOperatorName := include "openebs-ndm.operator.name" .}} + +{{- $name := default $ndmOperatorName .Values.ndmOperator.nameOverride }} +{{- if contains .Release.Name $name }} +{{- $name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "openebs-ndm.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "openebs-ndm.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Define meta labels for ndm components +*/}} +{{- define "openebs-ndm.common.metaLabels" -}} +chart: {{ template "openebs-ndm.chart" . }} +heritage: {{ .Release.Service }} +openebs.io/version: {{ .Values.release.version | quote }} +{{- end -}} + + +{{/* +Create match labels for ndm daemonset component +*/}} +{{- define "openebs-ndm.matchLabels" -}} +app: {{ template "openebs-ndm.name" . }} +release: {{ .Release.Name }} +component: {{ .Values.ndm.componentName | quote }} +{{- end -}} + +{{/* +Create component labels for ndm daemonset component +*/}} +{{- define "openebs-ndm.componentLabels" -}} +openebs.io/component-name: {{ .Values.ndm.componentName | quote }} +{{- end -}} + + +{{/* +Create labels for ndm daemonset component +*/}} +{{- define "openebs-ndm.labels" -}} +{{ include "openebs-ndm.common.metaLabels" . }} +{{ include "openebs-ndm.matchLabels" . }} +{{ include "openebs-ndm.componentLabels" . }} +{{- end -}} + +{{/* +Create match labels for ndm operator deployment +*/}} +{{- define "openebs-ndm.operator.matchLabels" -}} +app: {{ template "openebs-ndm.operator.name" . }} +release: {{ .Release.Name }} +component: {{ default (include "openebs-ndm.operator.name" .) .Values.ndmOperator.componentName }} +{{- end -}} + +{{/* +Create component labels for ndm operator component +*/}} +{{- define "openebs-ndm.operator.componentLabels" -}} +openebs.io/component-name: {{ default (include "openebs-ndm.operator.name" .) .Values.ndmOperator.componentName }} +{{- end -}} + + +{{/* +Create labels for ndm operator component +*/}} +{{- define "openebs-ndm.operator.labels" -}} +{{ include "openebs-ndm.common.metaLabels" . }} +{{ include "openebs-ndm.operator.matchLabels" . }} +{{ include "openebs-ndm.operator.componentLabels" . }} +{{- end -}} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/configmap.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/configmap.yaml new file mode 100644 index 000000000..337b0e593 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/configmap.yaml @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "openebs-ndm.fullname" . }}-config +data: + # node-disk-manager-config contains config of available probes and filters. + # Probes and Filters will initialize with default values if config for that + # filter or probe are not present in configmap + + # udev-probe is default or primary probe it should be enabled to run ndm + # filterconfigs contains configs of filters. To provide a group of include + # and exclude values add it as , separated string + node-disk-manager.config: | + probeconfigs: + - key: udev-probe + name: udev probe + state: {{ .Values.ndm.probes.enableUdevProbe }} + - key: seachest-probe + name: seachest probe + state: {{ .Values.ndm.probes.enableSeachest }} + - key: smart-probe + name: smart probe + state: {{ .Values.ndm.probes.enableSmartProbe }} + filterconfigs: + - key: os-disk-exclude-filter + name: os disk exclude filter + state: {{ .Values.ndm.filters.enableOsDiskExcludeFilter }} + exclude: "{{ .Values.ndm.filters.osDiskExcludePaths }}" + - key: vendor-filter + name: vendor filter + state: {{ .Values.ndm.filters.enableVendorFilter }} + include: "" + exclude: "{{ .Values.ndm.filters.excludeVendors }}" + - key: path-filter + name: path filter + state: {{ .Values.ndm.filters.enablePathFilter }} + include: "{{ .Values.ndm.filters.includePaths }}" + exclude: "{{ .Values.ndm.filters.excludePaths }}" diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/daemonset.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/daemonset.yaml new file mode 100644 index 000000000..af66edfe5 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/daemonset.yaml @@ -0,0 +1,176 @@ +{{- if .Values.ndm.enabled }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ template "openebs-ndm.fullname" . }} + {{- with .Values.ndm.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "openebs-ndm.labels" . | nindent 4 }} +spec: + updateStrategy: +{{ toYaml .Values.ndm.updateStrategy | indent 4 }} + selector: + matchLabels: + {{- include "openebs-ndm.matchLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.ndm.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "openebs-ndm.labels" . | nindent 8 }} + {{- with .Values.ndm.podLabels}} + {{ toYaml . | nindent 8 }} + {{- end}} + spec: + serviceAccountName: {{ template "openebs-ndm.serviceAccountName" . }} +{{- if .Values.featureGates.enabled }} +{{- if .Values.featureGates.APIService.enabled }} + hostPID: true +{{- end}} +{{- end}} + containers: + - name: {{ template "openebs-ndm.name" . }} + image: "{{ .Values.ndm.image.registry }}{{ .Values.ndm.image.repository }}:{{ .Values.ndm.image.tag }}" + args: + - -v=4 +{{- if .Values.featureGates.enabled }} +{{- if .Values.featureGates.GPTBasedUUID.enabled }} + - --feature-gates={{ .Values.featureGates.GPTBasedUUID.featureGateFlag }} +{{- end}} +{{- if .Values.featureGates.APIService.enabled }} + - --feature-gates={{ .Values.featureGates.APIService.featureGateFlag }} + - --api-service-address={{ .Values.featureGates.APIService.address }} +{{- end}} +{{- if .Values.featureGates.UseOSDisk.enabled }} + - --feature-gates={{ .Values.featureGates.UseOSDisk.featureGateFlag }} +{{- end}} +{{- if .Values.featureGates.MountChangeDetection.enabled }} + - --feature-gates={{ .Values.featureGates.MountChangeDetection.featureGateFlag }} +{{- end}} +{{- end}} + imagePullPolicy: {{ .Values.ndm.image.pullPolicy }} + resources: +{{ toYaml .Values.ndm.resources | indent 12 }} + securityContext: + privileged: true + env: + # namespace in which NDM is installed will be passed to NDM Daemonset + # as environment variable + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # pass hostname as env variable using downward API to the NDM container + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + # specify the directory where the sparse files need to be created. + # if not specified, then sparse files will not be created. + - name: SPARSE_FILE_DIR + value: "{{ .Values.ndm.sparse.path }}" +{{- end }} +{{- if .Values.ndm.sparse.size }} + # Size(bytes) of the sparse file to be created. + - name: SPARSE_FILE_SIZE + value: "{{ .Values.ndm.sparse.size }}" +{{- end }} +{{- if .Values.ndm.sparse.count }} + # Specify the number of sparse files to be created + - name: SPARSE_FILE_COUNT + value: "{{ .Values.ndm.sparse.count }}" +{{- end }} +{{- end }} + # Process name used for matching is limited to the 15 characters + # present in the pgrep output. + # So fullname can be used here with pgrep (cmd is < 15 chars). + livenessProbe: + exec: + command: + - pgrep + - "ndm" + initialDelaySeconds: {{ .Values.ndm.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndm.healthCheck.periodSeconds }} + volumeMounts: + - name: config + mountPath: /host/node-disk-manager.config + subPath: node-disk-manager.config + readOnly: true + - name: udev + mountPath: /run/udev + - name: procmount + mountPath: /host/proc + readOnly: true + - name: devmount + mountPath: /dev + - name: basepath + mountPath: /var/openebs/ndm +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + - name: sparsepath + mountPath: {{ .Values.ndm.sparse.path }} +{{- end }} +{{- end }} + volumes: + - name: config + configMap: + name: {{ include "openebs-ndm.fullname" . }}-config + - name: udev + hostPath: + path: /run/udev + type: Directory + # mount /proc (to access mount file of process 1 of host) inside container + # to read mount-point of disks and partitions + - name: procmount + hostPath: + path: /proc + type: Directory + - name: devmount + # the /dev directory is mounted so that we have access to the devices that + # are connected at runtime of the pod. + hostPath: + path: /dev + type: Directory + - name: basepath + hostPath: + path: "{{ .Values.varDirectoryPath.baseDir }}/ndm" + type: DirectoryOrCreate +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + - name: sparsepath + hostPath: + path: {{ .Values.ndm.sparse.path }} +{{- end }} +{{- end }} + # By default the node-disk-manager will be run on all kubernetes nodes + # If you would like to limit this to only some nodes, say the nodes + # that have storage attached, you could label those node and use + # nodeSelector. + # + # e.g. label the storage nodes with - "openebs.io/nodegroup"="storage-node" + # kubectl label node "openebs.io/nodegroup"="storage-node" + #nodeSelector: + # "openebs.io/nodegroup": "storage-node" +{{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 6 }} +{{- end }} +{{- if .Values.ndm.nodeSelector }} + nodeSelector: +{{ toYaml .Values.ndm.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.ndm.tolerations }} + tolerations: +{{ toYaml .Values.ndm.tolerations | indent 8 }} +{{- end }} +{{- if .Values.ndm.securityContext }} + securityContext: +{{ toYaml .Values.ndm.securityContext | indent 8 }} +{{- end }} + hostNetwork: true +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/deployment.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/deployment.yaml new file mode 100644 index 000000000..4a54dc777 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/deployment.yaml @@ -0,0 +1,87 @@ +{{- if .Values.ndmOperator.enabled }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "openebs-ndm.operator.fullname" . }} + {{- with .Values.ndmOperator.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "openebs-ndm.operator.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.ndmOperator.replicas }} + strategy: + type: "Recreate" + rollingUpdate: null + selector: + matchLabels: + {{- include "openebs-ndm.operator.matchLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.ndmOperator.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "openebs-ndm.operator.labels" . | nindent 8 }} + {{- with .Values.ndmOperator.podLabels}} + {{ toYaml . | nindent 8 }} + {{- end}} + spec: + serviceAccountName: {{ template "openebs-ndm.serviceAccountName" . }} + containers: + - name: {{ template "openebs-ndm.operator.fullname" . }} + image: "{{ .Values.ndmOperator.image.registry }}{{ .Values.ndmOperator.image.repository }}:{{ .Values.ndmOperator.image.tag }}" + imagePullPolicy: {{ .Values.ndmOperator.image.pullPolicy }} + resources: +{{ toYaml .Values.ndmOperator.resources | indent 12 }} + livenessProbe: + httpGet: + path: /healthz + port: 8585 + initialDelaySeconds: {{ .Values.ndmOperator.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndmOperator.healthCheck.periodSeconds }} + readinessProbe: + httpGet: + path: /readyz + port: 8585 + initialDelaySeconds: {{ .Values.ndmOperator.readinessCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndmOperator.readinessCheck.periodSeconds }} + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + - name: OPERATOR_NAME + value: "node-disk-operator" + - name: CLEANUP_JOB_IMAGE + value: "{{ .Values.helperPod.image.registry }}{{ .Values.helperPod.image.repository }}:{{ .Values.helperPod.image.tag }}" +{{- if .Values.imagePullSecrets }} + - name: OPENEBS_IO_IMAGE_PULL_SECRETS + value: "{{- range $index, $secret := .Values.imagePullSecrets}}{{if $index}},{{end}}{{ $secret.name }}{{- end}}" +{{- end }} +{{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 6 }} +{{- end }} +{{- if .Values.ndmOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.ndmOperator.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.ndmOperator.securityContext }} + securityContext: +{{ toYaml .Values.ndmOperator.securityContext | indent 8 }} +{{- end }} +{{- if .Values.ndmOperator.tolerations }} + tolerations: +{{ toYaml .Values.ndmOperator.tolerations | indent 8 }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/rbac.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/rbac.yaml new file mode 100644 index 000000000..8e81c4922 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/templates/rbac.yaml @@ -0,0 +1,44 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "openebs-ndm.serviceAccountName" . }} +{{- end }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "openebs-ndm.fullname" . }} +rules: + - apiGroups: ["*"] + resources: ["nodes", "pods", "events", "configmaps", "jobs"] + verbs: + - '*' + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: + - '*' + - apiGroups: + - openebs.io + resources: + - blockdevices + - blockdeviceclaims + verbs: + - '*' +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "openebs-ndm.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "openebs-ndm.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + - kind: User + name: system:serviceaccount:default:default + apiGroup: rbac.authorization.k8s.io +roleRef: + kind: ClusterRole + name: {{ include "openebs-ndm.fullname" . }} + apiGroup: rbac.authorization.k8s.io +--- diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/values.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/values.yaml new file mode 100644 index 000000000..14928d497 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/charts/openebs-ndm/values.yaml @@ -0,0 +1,121 @@ +# Default values for ndm. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +release: + version: "1.6.0" + +imagePullSecrets: +# - name: "image-pull-secret" + +ndm: + componentName: ndm + enabled: true + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/node-disk-manager + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 1.6.0 + sparse: + path: "/var/openebs/sparse" + size: "10737418240" + count: "0" + updateStrategy: + type: RollingUpdate + annotations: {} + podAnnotations: {} + resources: {} + # limits: + # cpu: 10m + # memory: 32Mi + # requests: + # cpu: 10m + # memory: 32Mi + ## Labels to be added to ndm daemonset pods + podLabels: + name: openebs-ndm + nodeSelector: {} + tolerations: [] + securityContext: {} + filters: + enableOsDiskExcludeFilter: true + osDiskExcludePaths: "/,/etc/hosts,/boot" + enableVendorFilter: true + excludeVendors: "CLOUDBYT,OpenEBS" + enablePathFilter: true + includePaths: "" + excludePaths: "loop,fd0,sr0,/dev/ram,/dev/dm-,/dev/md,/dev/rbd,/dev/zd" + probes: + enableSeachest: false + enableUdevProbe: true + enableSmartProbe: true + healthCheck: + initialDelaySeconds: 30 + periodSeconds: 60 + +ndmOperator: + name: operator + enabled: true + image: + registry: + repository: openebs/node-disk-operator + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 1.6.0 + podLabels: + name: openebs-ndm-operator + annotations: {} + podAnnotations: {} + nodeSelector: {} + resources: {} + securityContext: {} + tolerations: [] + healthCheck: + initialDelaySeconds: 15 + periodSeconds: 20 + readinessCheck: + initialDelaySeconds: 5 + periodSeconds: 10 + replicas: 1 + upgradeStrategy: Recreate + +helperPod: + image: + registry: "" + repository: openebs/linux-utils + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 2.11.0 + +crd: + enableInstall: false + +featureGates: + enabled: true + GPTBasedUUID: + enabled: true + featureGateFlag: "GPTBasedUUID" + APIService: + enabled: false + featureGateFlag: "APIService" + address: "0.0.0.0:9115" + UseOSDisk: + enabled: false + featureGateFlag: "UseOSDisk" + MountChangeDetection: + enabled: false + featureGateFlag: "MountChangeDetection" + +# Directory used by the OpenEBS to store debug information and so forth +# that are generated in the course of running OpenEBS containers. +varDirectoryPath: + baseDir: "/var/openebs" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: openebs-ndm diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/NOTES.txt b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/NOTES.txt new file mode 100644 index 000000000..a2a0aea84 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/NOTES.txt @@ -0,0 +1,12 @@ +The OpenEBS Dynamic LocalPV Provisioner has been installed. +Check its status by running: +$ kubectl get pods -n {{ .Release.Namespace }} + +Use `kubectl get bd -n {{ .Release.Namespace }}` to list the +blockdevices attached to the Kubernetes cluster nodes. + +Get started with the Dynamic LocalPV Provisioner Quickstart guide at: +https://github.com/openebs/dynamic-localpv-provisioner/blob/develop/docs/quickstart.md + +For more information, visit our Slack at https://openebs.io/community or view +the OpenEBS documentation online at https://docs.openebs.io. diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/_helpers.tpl b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/_helpers.tpl new file mode 100644 index 000000000..ea1ce3111 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/_helpers.tpl @@ -0,0 +1,79 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "localpv.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified localpv provisioner name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "localpv.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "localpv.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{/* +Meta labels +*/}} +{{- define "localpv.common.metaLabels" -}} +chart: {{ template "localpv.chart" . }} +heritage: {{ .Release.Service }} +openebs.io/version: {{ .Values.release.version | quote }} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "localpv.selectorLabels" -}} +app: {{ template "localpv.name" . }} +release: {{ .Release.Name }} +component: {{ .Values.localpv.name | quote }} +{{- end -}} + +{{/* +Component labels +*/}} +{{- define "localpv.componentLabels" -}} +openebs.io/component-name: openebs-{{ .Values.localpv.name }} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "localpv.labels" -}} +{{ include "localpv.common.metaLabels" . }} +{{ include "localpv.selectorLabels" . }} +{{ include "localpv.componentLabels" . }} +{{- end -}} + + +{{/* +Create the name of the service account to use +*/}} +{{- define "localpv.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "localpv.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/deployment.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/deployment.yaml new file mode 100644 index 000000000..bc736d981 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/deployment.yaml @@ -0,0 +1,114 @@ +{{- if .Values.localpv.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "localpv.fullname" . }} + {{- with .Values.localpv.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "localpv.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.localpv.replicas }} + strategy: + type: "Recreate" + rollingUpdate: null + selector: + matchLabels: + {{- include "localpv.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.localpv.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "localpv.labels" . | nindent 8 }} + {{- with .Values.localpv.podLabels }} + {{ toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "localpv.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ template "localpv.fullname" . }} + image: "{{ .Values.localpv.image.registry }}{{ .Values.localpv.image.repository }}:{{ .Values.localpv.image.tag }}" + imagePullPolicy: {{ .Values.localpv.image.pullPolicy }} + resources: +{{ toYaml .Values.localpv.resources | indent 10 }} + env: + # OPENEBS_IO_K8S_MASTER enables openebs provisioner to connect to K8s + # based on this address. This is ignored if empty. + # This is supported for openebs provisioner version 0.5.2 onwards + #- name: OPENEBS_IO_K8S_MASTER + # value: "http://10.128.0.12:8080" + # OPENEBS_IO_KUBE_CONFIG enables openebs provisioner to connect to K8s + # based on this config. This is ignored if empty. + # This is supported for openebs provisioner version 0.5.2 onwards + #- name: OPENEBS_IO_KUBE_CONFIG + # value: "/home/ubuntu/.kube/config" + # OPENEBS_NAMESPACE is the namespace that this provisioner will + # lookup to find maya api service + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + # OPENEBS_SERVICE_ACCOUNT provides the service account of this pod as + # environment variable + - name: OPENEBS_SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + # OPENEBS_IO_BASE_PATH is the environment variable that provides the + # default base path on the node where host-path PVs will be provisioned. + - name: OPENEBS_IO_ENABLE_ANALYTICS + value: "{{ .Values.analytics.enabled }}" + - name: OPENEBS_IO_BASE_PATH + value: "{{ .Values.localpv.basePath }}" + - name: OPENEBS_IO_HELPER_IMAGE + value: "{{ .Values.helperPod.image.registry }}{{ .Values.helperPod.image.repository }}:{{ .Values.helperPod.image.tag }}" + - name: OPENEBS_IO_INSTALLER_TYPE + value: "charts-helm" + # LEADER_ELECTION_ENABLED is used to enable/disable leader election. By default + # leader election is enabled. + - name: LEADER_ELECTION_ENABLED + value: "{{ .Values.localpv.enableLeaderElection }}" +{{- if .Values.imagePullSecrets }} + - name: OPENEBS_IO_IMAGE_PULL_SECRETS + value: "{{- range $index, $secret := .Values.imagePullSecrets}}{{if $index}},{{end}}{{ $secret.name }}{{- end}}" +{{- end }} + # Process name used for matching is limited to the 15 characters + # present in the pgrep output. + # So fullname can't be used here with pgrep (>15 chars).A regular expression + # that matches the entire command name has to specified. + # Anchor `^` : matches any string that starts with `provisioner-loc` + # `.*`: matches any string that has `provisioner-loc` followed by zero or more char + livenessProbe: + exec: + command: + - sh + - -c + - test `pgrep -c "^provisioner-loc.*"` = 1 + initialDelaySeconds: {{ .Values.localpv.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.localpv.healthCheck.periodSeconds }} +{{- if .Values.localpv.nodeSelector }} + nodeSelector: +{{ toYaml .Values.localpv.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.localpv.tolerations }} + tolerations: +{{ toYaml .Values.localpv.tolerations | indent 8 }} +{{- end }} +{{- if .Values.localpv.affinity }} + affinity: +{{ toYaml .Values.localpv.affinity | indent 8 }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/device-class.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/device-class.yaml new file mode 100644 index 000000000..f7cf95465 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/device-class.yaml @@ -0,0 +1,25 @@ +{{- if .Values.deviceClass.enabled }} +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.deviceClass.name }} + annotations: + openebs.io/cas-type: local + cas.openebs.io/config: | + - name: StorageType + value: "device" +{{- if .Values.deviceClass.fsType }} + - name: FSType + value: {{ .Values.deviceClass.fsType }} +{{- end }} +{{- if .Values.deviceClass.blockDeviceTag }} + - name: BlockDeviceTag + value: {{ .Values.deviceClass.blockDeviceTag }} +{{- end }} +{{- if .Values.deviceClass.isDefaultClass }} + storageclass.kubernetes.io/is-default-class: "true" +{{- end }} +provisioner: openebs.io/local +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: {{ .Values.deviceClass.reclaimPolicy }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/hostpath-class.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/hostpath-class.yaml new file mode 100644 index 000000000..d4fbfd3d2 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/hostpath-class.yaml @@ -0,0 +1,25 @@ +{{- if .Values.hostpathClass.enabled }} +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.hostpathClass.name }} + annotations: + openebs.io/cas-type: local + cas.openebs.io/config: | + - name: StorageType + value: "hostpath" +{{- if .Values.hostpathClass.basePath }} + - name: BasePath + value: {{ .Values.hostpathClass.basePath }} +{{- end }} +{{- if .Values.hostpathClass.nodeAffinityLabel }} + - name: NodeAffinityLabel + value: {{ .Values.hostpathClass.nodeAffinityLabel }} +{{- end }} +{{- if .Values.hostpathClass.isDefaultClass }} + storageclass.kubernetes.io/is-default-class: "true" +{{- end }} +provisioner: openebs.io/local +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: {{ .Values.hostpathClass.reclaimPolicy }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/psp.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/psp.yaml new file mode 100644 index 000000000..ec64aad40 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/psp.yaml @@ -0,0 +1,30 @@ +{{- if .Values.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "localpv.fullname" . }}-psp + {{- with .Values.localpv.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "localpv.labels" . | nindent 4 }} +spec: + privileged: {{ .Values.localpv.privileged }} + allowPrivilegeEscalation: true + allowedCapabilities: ['*'] + volumes: ['*'] + hostNetwork: true + hostPorts: + - min: 0 + max: 65535 + hostIPC: true + hostPID: true + runAsUser: + rule: 'RunAsAny' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'RunAsAny' + fsGroup: + rule: 'RunAsAny' +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/rbac.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/rbac.yaml new file mode 100644 index 000000000..04cd5409c --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/templates/rbac.yaml @@ -0,0 +1,99 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "localpv.serviceAccountName" . }} + labels: + {{- include "localpv.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- if .Values.rbac.create }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "localpv.fullname" . }} + {{- with .Values.localpv.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "localpv.labels" . | nindent 4 }} +rules: +- apiGroups: ["*"] + resources: ["nodes"] + verbs: ["get", "list", "watch"] +- apiGroups: ["*"] + resources: ["namespaces", "pods", "events", "endpoints"] + verbs: ["*"] +- apiGroups: ["*"] + resources: ["resourcequotas", "limitranges"] + verbs: ["list", "watch"] +- apiGroups: ["*"] + resources: ["storageclasses", "persistentvolumeclaims", "persistentvolumes"] + verbs: ["*"] +- apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: [ "get", "list", "create", "update", "delete", "patch"] +- apiGroups: ["openebs.io"] + resources: [ "*"] + verbs: ["*" ] +- nonResourceURLs: ["/metrics"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "localpv.fullname" . }} + {{- with .Values.localpv.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "localpv.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "localpv.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ template "localpv.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- if .Values.rbac.pspEnabled }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "localpv.fullname" . }}-psp + {{- with .Values.localpv.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "localpv.labels" . | nindent 4 }} +rules: +- apiGroups: ['policy'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ template "localpv.fullname" . }}-psp +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "localpv.fullname" . }}-psp + {{- with .Values.localpv.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "localpv.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "localpv.fullname" . }}-psp +subjects: + - kind: ServiceAccount + name: {{ template "localpv.serviceAccountName" . }} + namespace: {{ $.Release.Namespace }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/values.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/values.yaml new file mode 100644 index 000000000..0d9fb270f --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/charts/localpv-provisioner/values.yaml @@ -0,0 +1,121 @@ +# Default values for localpv. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +release: + version: "2.11.0" + +rbac: + # rbac.create: `true` if rbac resources should be created + create: true + # rbac.pspEnabled: `true` if PodSecurityPolicy resources should be created + pspEnabled: false + +# If false, openebs NDM sub-chart will not be installed +openebsNDM: + enabled: true + +localpv: + name: localpv-provisioner + enabled: true + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/provisioner-localpv + tag: 2.11.0 + pullPolicy: IfNotPresent + updateStrategy: + type: RollingUpdate + # If set to false, containers created by the localpv provisioner will run without extra privileges. + privileged: true + annotations: {} + podAnnotations: {} + ## Labels to be added to localpv provisioner deployment pods + podLabels: + name: openebs-localpv-provisioner + healthCheck: + initialDelaySeconds: 30 + periodSeconds: 60 + replicas: 1 + enableLeaderElection: true + basePath: "/var/openebs/local" + resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + nodeSelector: {} + tolerations: [] + affinity: {} + securityContext: {} + +imagePullSecrets: +# - name: img-pull-secret + +podSecurityContext: {} + # fsGroup: 2000 + +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: + +deviceClass: + # Name of default device StorageClass. + name: openebs-device + # If true, enables creation of the openebs-device StorageClass + enabled: true + # Available reclaim policies: Delete/Retain, defaults: Delete. + reclaimPolicy: Delete + # If true, sets the openebs-device StorageClass as the default StorageClass + isDefaultClass: false + fsType: "ext4" + # Label block devices in the cluster that you would like the openEBS localPV + # Provisioner to pick up those specific block devices available on the node. + # + # To read more: https://docs.openebs.io/docs/next/uglocalpv-device.html#optional-block-device-tagging + blockDeviceTag: "" + +hostpathClass: + # Name of the default hostpath StorageClass + name: openebs-hostpath + # If true, enables creation of the openebs-hostpath StorageClass + enabled: true + # Available reclaim policies: Delete/Retain, defaults: Delete. + reclaimPolicy: Delete + # If true, sets the openebs-hostpath StorageClass as the default StorageClass + isDefaultClass: false + # Path on the host where local volumes of this storage class are mounted under. + basePath: "/var/openebs/local" + # Custom node affinity label for example "openebs.io/node-affinity-value" that will be + # used instead of hostnames + # This helps in cases where the hostname changes when the node is removed and + # added back with the disks still intact. + nodeAffinityLabel: "" + +helperPod: + image: + registry: "" + repository: openebs/linux-utils + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 2.11.0 + +analytics: + enabled: true + # Specify in hours the duration after which a ping event needs to be sent. + pingInterval: "24h" diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/crds/jivavolumepolicy.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/crds/jivavolumepolicy.yaml new file mode 100644 index 000000000..dabb741a9 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/crds/jivavolumepolicy.yaml @@ -0,0 +1,1506 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: jivavolumepolicies.openebs.io +spec: + group: openebs.io + names: + kind: JivaVolumePolicy + listKind: JivaVolumePolicyList + plural: jivavolumepolicies + shortNames: + - jvp + singular: jivavolumepolicy + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: 'JivaVolumePolicy is the Schema for the jivavolumes API Important: + Run "operator-sdk generate k8s" to regenerate code after modifying this + file' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: JivaVolumePolicySpec defines the desired state of JivaVolumePolicy + properties: + autoScaling: + description: AutoScaling ... + type: boolean + enableBufio: + description: EnableBufio ... + type: boolean + priorityClassName: + description: PriorityClassName if specified applies to the pod If + left empty, no priority class is applied. + type: string + replica: + description: ReplicaSpec represents configuration related to replicas + resources + nullable: true + properties: + affinity: + description: Affinity if specified, are the pod's affinities + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from + its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them are + ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node that + violates one or more of the expressions. The node that + is most preferred is the one with the greatest sum of + weights, i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the pod + will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod + label update), the system may or may not try to eventually + evict the pod from its node. When there are multiple + elements, the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector is the labels that will be used to select + a node for pod scheduleing + type: object + resources: + description: Resources are the compute resources required by the + jiva container. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + tolerations: + description: Tolerations, if specified, are the pod's tolerations + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + type: object + replicaSC: + description: ReplicaSC represents the storage class used for creating + the pvc for the replicas (provisioned by localpv provisioner) + type: string + serviceAccountName: + description: ServiceAccountName can be provided to enable PSP + type: string + target: + description: TargetSpec represents configuration related to jiva target + and its resources + nullable: true + properties: + affinity: + description: Affinity if specified, are the pod's affinities + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from + its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them are + ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node that + violates one or more of the expressions. The node that + is most preferred is the one with the greatest sum of + weights, i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the pod + will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod + label update), the system may or may not try to eventually + evict the pod from its node. When there are multiple + elements, the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + auxResources: + description: AuxResources are the compute resources required by + the jiva-target pod side car containers. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + monitor: + description: Monitor enables or disables the target exporter sidecar + type: boolean + nodeSelector: + additionalProperties: + type: string + description: NodeSelector is the labels that will be used to select + a node for pod scheduleing + type: object + replicationFactor: + description: ReplicationFactor represents maximum number of replicas + that are allowed to connect to the target + type: integer + resources: + description: Resources are the compute resources required by the + jiva container. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + tolerations: + description: Tolerations, if specified, are the pod's tolerations + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + type: object + required: + - autoScaling + - enableBufio + type: object + status: + description: JivaVolumePolicyStatus is for handling status of JivaVolumePolicy + properties: + phase: + type: string + required: + - phase + type: object + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/crds/jivavolumes.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/crds/jivavolumes.yaml new file mode 100644 index 000000000..9f6fb40ce --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/crds/jivavolumes.yaml @@ -0,0 +1,1670 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: jivavolumes.openebs.io +spec: + group: openebs.io + names: + kind: JivaVolume + listKind: JivaVolumeList + plural: jivavolumes + shortNames: + - jv + singular: jivavolume + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.replicaCount + name: ReplicaCount + type: string + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .status.status + name: Status + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: 'JivaVolume is the Schema for the jivavolumes API Important: + Run "operator-sdk generate k8s" to regenerate code after modifying this + file' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: JivaVolumeSpec defines the desired state of JivaVolume + properties: + accessType: + description: AccessType can be specified as Block or Mount type + type: string + capacity: + type: string + desiredReplicationFactor: + type: integer + iscsiSpec: + nullable: true + properties: + iqn: + type: string + targetIP: + type: string + targetPort: + format: int32 + type: integer + type: object + mountInfo: + nullable: true + properties: + devicePath: + type: string + fsType: + type: string + stagingPath: + description: StagingPath is the path provided by K8s during NodeStageVolume + rpc call, where volume is mounted globally. + type: string + targetPath: + description: TargetPath is the path provided by K8s during NodePublishVolume + rpc call where bind mount happens. + type: string + type: object + policy: + description: Policy is the configuration used for creating target + and replica pods during volume provisioning + nullable: true + properties: + autoScaling: + description: AutoScaling ... + type: boolean + enableBufio: + description: EnableBufio ... + type: boolean + priorityClassName: + description: PriorityClassName if specified applies to the pod + If left empty, no priority class is applied. + type: string + replica: + description: ReplicaSpec represents configuration related to replicas + resources + nullable: true + properties: + affinity: + description: Affinity if specified, are the pod's affinities + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term + matches all objects with implicit weight 0 (i.e. + it's a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to an update), the system may or may not try + to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them + are ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which + namespaces the labelSelector applies to + (matches against); null or empty list + means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to a pod label update), the system may or may + not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, + etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to + the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which + namespaces the labelSelector applies to + (matches against); null or empty list + means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + anti-affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may + or may not try to eventually evict the pod from + its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector is the labels that will be used + to select a node for pod scheduleing + type: object + resources: + description: Resources are the compute resources required + by the jiva container. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + tolerations: + description: Tolerations, if specified, are the pod's tolerations + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value should + be empty, otherwise just a regular string. + type: string + type: object + type: array + type: object + replicaSC: + description: ReplicaSC represents the storage class used for creating + the pvc for the replicas (provisioned by localpv provisioner) + type: string + serviceAccountName: + description: ServiceAccountName can be provided to enable PSP + type: string + target: + description: TargetSpec represents configuration related to jiva + target and its resources + nullable: true + properties: + affinity: + description: Affinity if specified, are the pod's affinities + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term + matches all objects with implicit weight 0 (i.e. + it's a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to an update), the system may or may not try + to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them + are ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which + namespaces the labelSelector applies to + (matches against); null or empty list + means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to a pod label update), the system may or may + not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, + etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to + the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which + namespaces the labelSelector applies to + (matches against); null or empty list + means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + anti-affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may + or may not try to eventually evict the pod from + its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + auxResources: + description: AuxResources are the compute resources required + by the jiva-target pod side car containers. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + monitor: + description: Monitor enables or disables the target exporter + sidecar + type: boolean + nodeSelector: + additionalProperties: + type: string + description: NodeSelector is the labels that will be used + to select a node for pod scheduleing + type: object + replicationFactor: + description: ReplicationFactor represents maximum number of + replicas that are allowed to connect to the target + type: integer + resources: + description: Resources are the compute resources required + by the jiva container. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of + compute resources required. If Requests is omitted for + a container, it defaults to Limits if that is explicitly + specified, otherwise to an implementation-defined value. + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + tolerations: + description: Tolerations, if specified, are the pod's tolerations + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value should + be empty, otherwise just a regular string. + type: string + type: object + type: array + type: object + required: + - autoScaling + - enableBufio + type: object + pv: + type: string + required: + - accessType + - capacity + - pv + type: object + status: + description: JivaVolumeStatus defines the observed state of JivaVolume + properties: + phase: + description: Phase represents the current phase of JivaVolume. + type: string + replicaCount: + type: integer + replicaStatus: + items: + description: ReplicaStatus stores the status of replicas + properties: + address: + type: string + mode: + type: string + type: object + nullable: true + type: array + status: + type: string + type: object + versionDetails: + description: VersionDetails provides the details for upgrade + properties: + autoUpgrade: + description: If AutoUpgrade is set to true then the resource is upgraded + automatically without any manual steps + type: boolean + desired: + description: Desired is the version that we want to upgrade or the + control plane version + type: string + status: + description: Status gives the status of reconciliation triggered when + the desired and current version are not same + properties: + current: + description: Current is the version of resource + type: string + dependentsUpgraded: + description: DependentsUpgraded gives the details whether all + children of a resource are upgraded to desired version or not + type: boolean + lastUpdateTime: + description: LastUpdateTime is the time the status was last updated + format: date-time + nullable: true + type: string + message: + description: Message is a human readable message if some error + occurs + type: string + reason: + description: Reason is the actual reason for the error state + type: string + state: + description: State is the state of reconciliation + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/crds/upgradetask.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/crds/upgradetask.yaml new file mode 100644 index 000000000..ab35065be --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/crds/upgradetask.yaml @@ -0,0 +1,257 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: upgradetasks.openebs.io +spec: + group: openebs.io + names: + kind: UpgradeTask + listKind: UpgradeTaskList + plural: upgradetasks + singular: upgradetask + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: UpgradeTask represents an upgrade task + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec i.e. specifications of the UpgradeTask + properties: + cstorPool: + description: CStorPool contains the details of the cstor pool to be + upgraded + properties: + options: + description: Options can be used to change the default behaviour + of upgrade + properties: + ignoreStepsOnError: + description: IgnoreStepsOnError allows to ignore steps which + failed + items: + type: string + type: array + type: object + poolName: + description: PoolName contains the name of the cstor pool to be + upgraded + type: string + type: object + cstorPoolCluster: + description: CStorPoolCluster contains the details of the storage + pool claim to be upgraded + properties: + cspcName: + description: CSPCName contains the name of the storage pool claim + to be upgraded + type: string + options: + description: Options can be used to change the default behaviour + of upgrade + properties: + ignoreStepsOnError: + description: IgnoreStepsOnError allows to ignore steps which + failed + items: + type: string + type: array + type: object + type: object + cstorPoolInstance: + description: CStorPoolInstance contains the details of the cstor pool + to be upgraded + properties: + cspiName: + description: CSPCName contains the name of the storage pool claim + to be upgraded + type: string + options: + description: Options can be used to change the default behaviour + of upgrade + properties: + ignoreStepsOnError: + description: IgnoreStepsOnError allows to ignore steps which + failed + items: + type: string + type: array + type: object + type: object + cstorVolume: + description: CStorVolume contains the details of the cstor volume + to be upgraded + properties: + options: + description: Options can be used to change the default behaviour + of upgrade + properties: + ignoreStepsOnError: + description: IgnoreStepsOnError allows to ignore steps which + failed + items: + type: string + type: array + type: object + pvName: + description: PVName contains the name of the pv associated with + the cstor volume + type: string + type: object + fromVersion: + description: FromVersion is the current version of the resource. + type: string + imagePrefix: + description: ImagePrefix contains the url prefix of the image url. + This field is optional. If not present upgrade takes the previously + present ImagePrefix. + type: string + imageTag: + description: ImageTag contains the customized tag for ToVersion if + any. This field is optional. If not present upgrade takes the ToVersion + as the ImageTag + type: string + jivaVolume: + description: JivaVolume contains the details of the jiva volume to + be upgraded + properties: + options: + description: Options can be used to change the default behaviour + of upgrade + properties: + ignoreStepsOnError: + description: IgnoreStepsOnError allows to ignore steps which + failed + items: + type: string + type: array + type: object + pvName: + description: PVName contains the name of the pv associated with + the jiva volume + type: string + type: object + options: + description: Options contains the optional flags that can be passed + during upgrade. + properties: + timeout: + description: Timeout is maximum seconds to wait at any given step + in the upgrade + type: integer + type: object + storagePoolClaim: + description: StoragePoolClaim contains the details of the storage + pool claim to be upgraded + properties: + options: + description: Options can be used to change the default behaviour + of upgrade + properties: + ignoreStepsOnError: + description: IgnoreStepsOnError allows to ignore steps which + failed + items: + type: string + type: array + type: object + spcName: + description: SPCName contains the name of the storage pool claim + to be upgraded + type: string + type: object + toVersion: + description: ToVersion is the upgraded version of the resource. It + should be same as the version of control plane components version. + type: string + required: + - fromVersion + - toVersion + type: object + status: + description: Status of UpgradeTask + properties: + completedTime: + description: CompletedTime of Upgrade + format: date-time + nullable: true + type: string + phase: + description: Phase indicates if a upgradeTask is started, success + or errored + type: string + retries: + description: Retries is the number of times the job attempted to upgrade + the resource + type: integer + startTime: + description: StartTime of Upgrade + format: date-time + nullable: true + type: string + upgradeDetailedStatuses: + description: UpgradeDetailedStatuses contains the list of statuses + of each step + items: + description: UpgradeDetailedStatuses represents the latest available + observations of a UpgradeTask current state. + properties: + lastUpdatedAt: + description: LastUpdatedTime of a UpgradeStep + format: date-time + nullable: true + type: string + message: + description: A human-readable message indicating details about + why the upgradeStep is in this state + type: string + phase: + description: Phase indicates if the UpgradeStep is waiting, + errored or completed. + type: string + reason: + description: Reason is a brief CamelCase string that describes + any failure and is meant for machine parsing and tidy display + in the CLI + type: string + startTime: + description: StartTime of a UpgradeStep + format: date-time + nullable: true + type: string + step: + description: UpgradeStep is the current step being performed + for a particular resource upgrade + type: string + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/templates/NOTES.txt b/charts/openebs/openebs/3.0.0/charts/jiva/templates/NOTES.txt new file mode 100644 index 000000000..de04887f6 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/templates/NOTES.txt @@ -0,0 +1,8 @@ +The OpenEBS jiva has been installed check its status by running: +$ kubectl get pods -n {{ .Release.Namespace }} + +For more information, visit our Slack at https://openebs.io/community or view +the documentation online at http://docs.openebs.io/. + +For more information related to jiva volume provisioning, visit +https://github.com/openebs/jiva-operator/tree/master/docs . diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/templates/_helpers.tpl b/charts/openebs/openebs/3.0.0/charts/jiva/templates/_helpers.tpl new file mode 100644 index 000000000..88fed2e1c --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/templates/_helpers.tpl @@ -0,0 +1,150 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "jiva.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "jiva.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "jiva.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "jiva.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "jiva.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Define meta labels for jiva components +*/}} +{{- define "jiva.common.metaLabels" -}} +chart: {{ template "jiva.chart" . }} +heritage: {{ .Release.Service }} +openebs.io/version: {{ .Values.release.version | quote }} +{{- end -}} + +{{/* +Create match labels for jiva operator +*/}} +{{- define "jiva.operator.matchLabels" -}} +name: {{ .Values.jivaOperator.componentName | quote }} +release: {{ .Release.Name }} +component: {{ .Values.jivaOperator.componentName | quote }} +{{- end -}} + +{{/* +Create component labels jiva operator +*/}} +{{- define "jiva.operator.componentLabels" -}} +openebs.io/component-name: {{ .Values.jivaOperator.componentName | quote }} +{{- end -}} + + +{{/* +Create labels for jiva operator +*/}} +{{- define "jiva.operator.labels" -}} +{{ include "jiva.common.metaLabels" . }} +{{ include "jiva.operator.matchLabels" . }} +{{ include "jiva.operator.componentLabels" . }} +{{- end -}} + +{{/* +Create match labels for jiva csi node operator +*/}} +{{- define "jiva.csiNode.matchLabels" -}} +name: {{ .Values.csiNode.componentName | quote }} +release: {{ .Release.Name }} +component: {{ .Values.csiNode.componentName | quote }} +{{- end -}} + +{{/* +Create component labels jiva csi node operator +*/}} +{{- define "jiva.csiNode.componentLabels" -}} +openebs.io/component-name: {{ .Values.csiNode.componentName | quote }} +{{- end -}} + +{{/* +Create labels for jiva csi node operator +*/}} +{{- define "jiva.csiNode.labels" -}} +{{ include "jiva.common.metaLabels" . }} +{{ include "jiva.csiNode.matchLabels" . }} +{{ include "jiva.csiNode.componentLabels" . }} +{{- end -}} + +{{/* +Create match labels for jiva csi controller +*/}} +{{- define "jiva.csiController.matchLabels" -}} +name: {{ .Values.csiController.componentName | quote }} +release: {{ .Release.Name }} +component: {{ .Values.csiController.componentName | quote }} +{{- end -}} + +{{/* +Create component labels jiva csi controller +*/}} +{{- define "jiva.csiController.componentLabels" -}} +openebs.io/component-name: {{ .Values.csiController.componentName | quote }} +{{- end -}} + +{{/* +Create labels for jiva csi controller +*/}} +{{- define "jiva.csiController.labels" -}} +{{ include "jiva.common.metaLabels" . }} +{{ include "jiva.csiController.matchLabels" . }} +{{ include "jiva.csiController.componentLabels" . }} +{{- end -}} + +{{/* +Create the name of the priority class for csi node plugin +*/}} +{{- define "jiva.csiNode.priorityClassName" -}} +{{- if .Values.csiNode.priorityClass.create }} +{{- printf "%s-%s" .Release.Name .Values.csiNode.priorityClass.name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s" .Values.csiNode.priorityClass.name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} + +{{/* +Create the name of the priority class for csi controller plugin +*/}} +{{- define "jiva.csiController.priorityClassName" -}} +{{- if .Values.csiController.priorityClass.create }} +{{- printf "%s-%s" .Release.Name .Values.csiController.priorityClass.name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s" .Values.csiController.priorityClass.name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-controller-rbac.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-controller-rbac.yaml new file mode 100644 index 000000000..c19db646a --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-controller-rbac.yaml @@ -0,0 +1,196 @@ +{{- if .Values.serviceAccount.csiController.create -}} +kind: ServiceAccount +apiVersion: v1 +metadata: + name: {{ .Values.serviceAccount.csiController.name }} + labels: + {{- include "jiva.csiController.labels" . | nindent 4 }} + namespace: {{ .Release.Namespace }} +{{- end }} +{{- if .Values.rbac.create }} +--- +# jiva csi roles and bindings +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-jiva-csi-snapshotter-binding + labels: + {{- include "jiva.csiController.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.csiController.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-jiva-csi-snapshotter-role + apiGroup: rbac.authorization.k8s.io +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-jiva-csi-snapshotter-role + labels: + {{- include "jiva.csiController.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["update"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots/status"] + verbs: ["update"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete", "get", "update"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-jiva-csi-provisioner-role + labels: + {{- include "jiva.csiController.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["secrets","namespaces"] + verbs: ["get", "list"] + - apiGroups: [ "" ] + resources: [ "pods" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [""] + resources: ["persistentvolumes", "services"] + verbs: ["get", "list", "watch", "create", "delete", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses", "csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "create", "delete", "update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["get", "list"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["*"] + - apiGroups: ["*"] + resources: ["jivavolumeattachments", "jivavolumes","jivavolumeconfigs"] + verbs: ["*"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-jiva-csi-provisioner-binding + labels: + {{- include "jiva.csiController.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.csiController.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-jiva-csi-provisioner-role + apiGroup: rbac.authorization.k8s.io +--- +############################## CSI- Attacher ####################### +# Attacher must be able to work with PVs, nodes and VolumeAttachments +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-jiva-csi-attacher-role + labels: + {{- include "jiva.csiController.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["csi.storage.k8s.io"] + resources: ["csinodeinfos"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments", "csinodes"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [ "storage.k8s.io" ] + resources: [ "volumeattachments/status" ] + verbs: [ "patch" ] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-jiva-csi-attacher-binding + labels: + {{- include "jiva.csiController.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.csiController.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-jiva-csi-attacher-role + apiGroup: rbac.authorization.k8s.io +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-jiva-csi-cluster-registrar-role + labels: + {{- include "jiva.csiController.labels" . | nindent 4 }} +rules: + - apiGroups: ["csi.storage.k8s.io"] + resources: ["csidrivers"] + verbs: ["create", "delete"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-jiva-csi-cluster-registrar-binding + labels: + {{- include "jiva.csiController.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.csiController.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-jiva-csi-cluster-registrar-role + apiGroup: rbac.authorization.k8s.io +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-controller.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-controller.yaml new file mode 100644 index 000000000..76094f6d3 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-controller.yaml @@ -0,0 +1,134 @@ +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: {{ template "jiva.fullname" . }}-csi-controller + {{- with .Values.csiController.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "jiva.csiController.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "jiva.csiController.matchLabels" . | nindent 6 }} + serviceName: "openebs-csi" + replicas: {{ .Values.csiController.replicas }} + template: + metadata: + labels: + {{- include "jiva.csiController.labels" . | nindent 8 }} + {{- if .Values.csiController.podLabels }} + {{ toYaml .Values.csiController.podLabels | nindent 8 }} + {{- end }} + spec: + priorityClassName: {{ template "jiva.csiController.priorityClassName" . }} + serviceAccount: {{ .Values.serviceAccount.csiController.name }} + containers: + - name: {{ .Values.csiController.resizer.name }} + image: "{{ .Values.csiController.resizer.image.registry }}{{ .Values.csiController.resizer.image.repository }}:{{ .Values.csiController.resizer.image.tag }}" + resources: +{{ toYaml .Values.csiController.resources | indent 12 }} + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + imagePullPolicy: {{ .Values.csiController.resizer.image.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + - name: {{ .Values.csiController.provisioner.name }} + image: "{{ .Values.csiController.provisioner.image.registry }}{{ .Values.csiController.provisioner.image.repository }}:{{ .Values.csiController.provisioner.image.tag }}" + imagePullPolicy: {{ .Values.csiController.provisioner.image.pullPolicy }} + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--feature-gates=Topology=true" + - "--extra-create-metadata=true" + - "--metrics-address=:22011" + - "--timeout=250s" + - "--default-fstype=ext4" + env: + - name: MY_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + - name: {{ .Values.csiController.attacher.name }} + image: "{{ .Values.csiController.attacher.image.registry }}{{ .Values.csiController.attacher.image.repository }}:{{ .Values.csiController.attacher.image.tag }}" + imagePullPolicy: {{ .Values.csiController.attacher.image.pullPolicy }} + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + - name: {{ .Values.jivaCSIPlugin.name }} + image: "{{ .Values.jivaCSIPlugin.image.registry }}{{ .Values.jivaCSIPlugin.image.repository }}:{{ .Values.jivaCSIPlugin.image.tag }}" + imagePullPolicy: {{ .Values.jivaCSIPlugin.image.pullPolicy }} + env: + - name: OPENEBS_JIVA_CSI_CONTROLLER + value: controller + - name: OPENEBS_JIVA_CSI_ENDPOINT + value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock + - name: OPENEBS_CSI_API_URL + value: https://openebs.io + - name: OPENEBS_NODEID + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + # OpenEBS namespace where the openebs jiva operator components + # has been installed + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPENEBS_IO_INSTALLER_TYPE + value: "jiva-helm" + - name: OPENEBS_IO_ENABLE_ANALYTICS + value: "{{ .Values.analytics.enabled }}" + args : + - "--endpoint=$(OPENEBS_JIVA_CSI_ENDPOINT)" + - "--plugin=$(OPENEBS_JIVA_CSI_CONTROLLER)" + - "--name=jiva.csi.openebs.io" + - "--nodeid=$(OPENEBS_NODEID)" + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + - name: {{ .Values.csiController.livenessprobe.name }} + image: "{{ .Values.csiController.livenessprobe.image.registry }}{{ .Values.csiController.livenessprobe.image.repository }}:{{ .Values.csiController.livenessprobe.image.tag }}" + imagePullPolicy: {{ .Values.csiController.livenessprobe.image.pullPolicy }} + args: + - "--csi-address=/csi/csi.sock" + volumeMounts: + - mountPath: /csi + name: socket-dir + volumes: + - name: socket-dir + emptyDir: {} +{{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 2 }} +{{- end }} +{{- if .Values.csiController.nodeSelector }} + nodeSelector: +{{ toYaml .Values.csiController.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.csiController.securityContext }} + securityContext: +{{ toYaml .Values.csiController.securityContext | indent 8 }} +{{- end }} +{{- if .Values.csiController.tolerations }} + tolerations: +{{ toYaml .Values.csiController.tolerations | indent 8 }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-driver.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-driver.yaml new file mode 100644 index 000000000..04bd6e3ab --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-driver.yaml @@ -0,0 +1,9 @@ +{{- if .Values.csiDriver.create -}} +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: jiva.csi.openebs.io +spec: + podInfoOnMount: {{ .Values.csiDriver.podInfoOnMount }} + attachRequired: {{ .Values.csiDriver.attachRequired }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-iscsiadm-config.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-iscsiadm-config.yaml new file mode 100644 index 000000000..f25f155a7 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-iscsiadm-config.yaml @@ -0,0 +1,18 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: openebs-jiva-csi-iscsiadm +data: + iscsiadm: | + #!/bin/sh + if [ -x /host/sbin/iscsiadm ]; then + chroot /host /sbin/iscsiadm "$@" + elif [ -x /host/usr/local/sbin/iscsiadm ]; then + chroot /host /usr/local/sbin/iscsiadm "$@" + elif [ -x /host/bin/iscsiadm ]; then + chroot /host /bin/iscsiadm "$@" + elif [ -x /host/usr/local/bin/iscsiadm ]; then + chroot /host /usr/local/bin/iscsiadm "$@" + else + chroot /host iscsiadm "$@" + fi diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-node-rbac.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-node-rbac.yaml new file mode 100644 index 000000000..68e33fe14 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-node-rbac.yaml @@ -0,0 +1,43 @@ +{{- if .Values.serviceAccount.csiNode.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.csiNode.name }} + labels: + {{- include "jiva.csiNode.labels" . | nindent 4 }} + namespace: {{ .Release.Namespace }} +{{- end }} +{{- if .Values.rbac.create }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-jiva-csi-registrar-role + labels: + {{- include "jiva.csiNode.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumes", "nodes", "services"] + verbs: ["get", "list", "patch"] + - apiGroups: ["*"] + resources: ["jivavolumes"] + verbs: ["get", "list", "watch", "create", "update", "delete", "patch"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-jiva-csi-registrar-binding + labels: + {{- include "jiva.csiNode.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.csiNode.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-jiva-csi-registrar-role + apiGroup: rbac.authorization.k8s.io +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-node.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-node.yaml new file mode 100644 index 000000000..3acf07f56 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/templates/csi-node.yaml @@ -0,0 +1,165 @@ +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: {{ template "jiva.fullname" . }}-csi-node + {{- with .Values.csiNode.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "jiva.csiNode.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "jiva.csiNode.matchLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "jiva.csiNode.labels" . | nindent 8 }} + {{- if .Values.csiNode.podLabels }} + {{ toYaml .Values.csiNode.podLabels | nindent 8 }} + {{- end }} + spec: + priorityClassName: {{ template "jiva.csiNode.priorityClassName" . }} + serviceAccount: {{ .Values.serviceAccount.csiNode.name }} + hostNetwork: true + containers: + - name: {{ .Values.csiNode.driverRegistrar.name }} + image: "{{ .Values.csiNode.driverRegistrar.image.registry }}{{ .Values.csiNode.driverRegistrar.image.repository }}:{{ .Values.csiNode.driverRegistrar.image.tag }}" + imagePullPolicy: {{ .Values.csiNode.driverRegistrar.image.pullPolicy }} + resources: +{{ toYaml .Values.csiNode.resources | indent 12 }} + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" + lifecycle: + preStop: + exec: + command: ["/bin/sh", "-c", "rm -rf /registration/jiva.csi.openebs.io /registration/jiva.csi.openebs.io-reg.sock"] + env: + - name: ADDRESS + value: /plugin/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: {{ .Values.csiNode.kubeletDir }}plugins/jiva.csi.openebs.io/csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: NODE_DRIVER + value: openebs-jiva-csi + volumeMounts: + - name: plugin-dir + mountPath: /plugin + - name: registration-dir + mountPath: /registration + - name: {{ .Values.jivaCSIPlugin.name }} + securityContext: + privileged: true + allowPrivilegeEscalation: true + image: "{{ .Values.jivaCSIPlugin.image.registry }}{{ .Values.jivaCSIPlugin.image.repository }}:{{ .Values.jivaCSIPlugin.image.tag }}" + imagePullPolicy: {{ .Values.jivaCSIPlugin.image.pullPolicy }} + args: + - "--name=jiva.csi.openebs.io" + - "--nodeid=$(OPENEBS_NODE_ID)" + - "--endpoint=$(OPENEBS_CSI_ENDPOINT)" + - "--plugin=$(OPENEBS_NODE_DRIVER)" + # enableiscsidebug is used to enable debug logs for iscsi operations + - "--enableiscsidebug=true" + # logging level for klog library used in k8s packages + #- "--v=5" + # retrycount is the max number of retries per nodeStaging rpc + # request on a timeout of 5 sec + # This count has been set to 20 for sanity test cases as it takes + # time in minikube + - "--retrycount=20" + # metricsBindAddress is the TCP address that the controller should bind to + # for serving prometheus metrics. By default the address is set to localhost:9505. + # The address can be configured to any desired address. + # Remove the flag to disable prometheus metrics. + - "--metricsBindAddress=:9505" + env: + - name: OPENEBS_NODE_ID + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: OPENEBS_CSI_ENDPOINT + value: unix:///plugin/csi.sock + - name: OPENEBS_NODE_DRIVER + value: node + - name: OPENEBS_CSI_API_URL + value: https://openebs.io + # OpenEBS namespace where the openebs jiva operator components + # has been installed + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # Enable/Disable auto-remount feature, when volumes + # recovers form the read-only state + - name: REMOUNT + value: "{{ .Values.jivaCSIPlugin.remount }}" + volumeMounts: + - name: plugin-dir + mountPath: /plugin + - name: device-dir + mountPath: /dev + - name: pods-mount-dir + mountPath: {{ .Values.csiNode.kubeletDir }} + # needed so that any mounts setup inside this container are + # propagated back to the host machine. + mountPropagation: "Bidirectional" + - name: host-root + mountPath: /host + mountPropagation: "HostToContainer" + - name: chroot-iscsiadm + mountPath: /sbin/iscsiadm + subPath: iscsiadm + - name: {{ .Values.csiNode.livenessprobe.name }} + image: "{{ .Values.csiNode.livenessprobe.image.registry }}{{ .Values.csiNode.livenessprobe.image.repository }}:{{ .Values.csiNode.livenessprobe.image.tag }}" + imagePullPolicy: {{ .Values.csiNode.livenessprobe.image.pullPolicy }} + args: + - "--csi-address=/plugin/csi.sock" + volumeMounts: + - mountPath: /plugin + name: plugin-dir + volumes: + - name: device-dir + hostPath: + path: /dev + type: Directory + - name: registration-dir + hostPath: + path: {{ .Values.csiNode.kubeletDir }}plugins_registry/ + type: DirectoryOrCreate + - name: plugin-dir + hostPath: + path: {{ .Values.csiNode.kubeletDir }}plugins/jiva.csi.openebs.io/ + type: DirectoryOrCreate + - name: pods-mount-dir + hostPath: + path: {{ .Values.csiNode.kubeletDir }} + type: Directory + - name: chroot-iscsiadm + configMap: + defaultMode: 0555 + name: openebs-jiva-csi-iscsiadm + - name: host-root + hostPath: + path: / + type: Directory +{{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 2 }} +{{- end }} +{{- if .Values.csiNode.nodeSelector }} + nodeSelector: +{{ toYaml .Values.csiNode.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.csiNode.securityContext }} + securityContext: +{{ toYaml .Values.csiNode.securityContext | indent 8 }} +{{- end }} +{{- if .Values.csiNode.tolerations }} + tolerations: +{{ toYaml .Values.csiNode.tolerations | indent 8 }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/templates/default-policy.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/templates/default-policy.yaml new file mode 100644 index 000000000..0c89de5ba --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/templates/default-policy.yaml @@ -0,0 +1,12 @@ +{{- if .Values.defaultPolicy.enabled }} +apiVersion: openebs.io/v1alpha1 +kind: JivaVolumePolicy +metadata: + name: {{ .Values.defaultPolicy.name }} +spec: + replicaSC: {{ .Values.defaultPolicy.replicaSC }} + enableBufio: false + autoScaling: false + target: + replicationFactor: {{ .Values.defaultPolicy.replicas }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/templates/default-storageclass.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/templates/default-storageclass.yaml new file mode 100644 index 000000000..d9848eaae --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/templates/default-storageclass.yaml @@ -0,0 +1,16 @@ +{{- if .Values.defaultClass.enabled }} +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.defaultClass.name }} + annotations: +{{- if .Values.defaultClass.isDefaultClass }} + storageclass.kubernetes.io/is-default-class: "true" +{{- end }} +provisioner: jiva.csi.openebs.io +volumeBindingMode: Immediate +reclaimPolicy: {{ .Values.defaultClass.reclaimPolicy }} +parameters: + cas-type: "jiva" + policy: {{ .Values.defaultPolicy.name }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/templates/jiva-operator-rbac.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/templates/jiva-operator-rbac.yaml new file mode 100644 index 000000000..4c5b5e8a5 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/templates/jiva-operator-rbac.yaml @@ -0,0 +1,103 @@ +{{- if .Values.serviceAccount.jivaOperator.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.jivaOperator.name }} + labels: + {{- include "jiva.common.metaLabels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- if .Values.rbac.create }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: jiva-operator +rules: +- apiGroups: + - "" + resources: + - pods + - services + - services/finalizers + - endpoints + - persistentvolumes + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - '*' +- apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create +- apiGroups: + - apps + resourceNames: + - jiva-operator + resources: + - deployments/finalizers + verbs: + - update +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch +- apiGroups: + - apps + resources: + - replicasets + verbs: + - get +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - openebs.io + resources: + - '*' + verbs: + - '*' +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-jiva-operator + {{- with .Values.serviceAccount.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "jiva.common.metaLabels" . | nindent 4 }} +subjects: +- kind: ServiceAccount + name: {{ .Values.serviceAccount.jivaOperator.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: jiva-operator + apiGroup: rbac.authorization.k8s.io +{{- end }} + diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/templates/jiva-operator.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/templates/jiva-operator.yaml new file mode 100644 index 000000000..0d0b4b3de --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/templates/jiva-operator.yaml @@ -0,0 +1,76 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "jiva.fullname" . }}-operator + {{- with .Values.jivaOperator.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "jiva.operator.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "jiva.operator.matchLabels" . | nindent 6 }} + replicas: {{ .Values.jivaOperator.replicas }} + strategy: + type: Recreate + template: + metadata: + labels: + {{- include "jiva.operator.labels" . | nindent 8 }} + {{- if .Values.jivaOperator.podLabels }} + {{ toYaml .Values.jivaOperator.podLabels | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ .Values.serviceAccount.jivaOperator.name }} + containers: + - name: {{ template "jiva.fullname" . }}-operator + imagePullPolicy: {{ .Values.jivaOperator.image.pullPolicy }} + image: "{{ .Values.jivaOperator.image.registry }}{{ .Values.jivaOperator.image.repository }}:{{ .Values.jivaOperator.image.tag }}" + command: + - jiva-operator + resources: +{{ toYaml .Values.jivaOperator.resources | indent 12 }} + env: + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPENEBS_SERVICEACCOUNT_NAME + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + - name: OPERATOR_NAME + value: "jiva-operator" + - name: OPENEBS_SERVICEACCOUNT_NAME + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + - name: OPENEBS_IO_JIVA_CONTOLLER_IMAGE + value: "{{ .Values.jivaOperator.controller.image.registry }}{{ .Values.jivaOperator.controller.image.repository }}:{{ .Values.jivaOperator.controller.image.tag }}" + - name: OPENEBS_IO_JIVA_REPLICA_IMAGE + value: "{{ .Values.jivaOperator.replica.image.registry }}{{ .Values.jivaOperator.replica.image.repository }}:{{ .Values.jivaOperator.replica.image.tag }}" +{{- if .Values.imagePullSecrets }} + - name: OPENEBS_IO_IMAGE_PULL_SECRETS + value: "{{- range $.Values.imagePullSecrets }}{{ .name }},{{- end }}" +{{- end }} +{{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 2 }} +{{- end }} +{{- if .Values.jivaOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.jivaOperator.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.jivaOperator.securityContext }} + securityContext: +{{ toYaml .Values.jivaOperator.securityContext | indent 8 }} +{{- end }} +{{- if .Values.jivaOperator.tolerations }} + tolerations: +{{ toYaml .Values.jivaOperator.tolerations | indent 8 }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/templates/priority-class.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/templates/priority-class.yaml new file mode 100644 index 000000000..4e3c77406 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/templates/priority-class.yaml @@ -0,0 +1,19 @@ +{{- if .Values.csiController.priorityClass.create }} +apiVersion: scheduling.k8s.io/v1 +kind: PriorityClass +metadata: + name: {{ template "jiva.csiController.priorityClassName" . }} +value: 900000000 +globalDefault: false +description: "This priority class should be used for the OpenEBS CSI driver controller deployment only." +{{- end }} +--- +{{- if .Values.csiNode.priorityClass.create }} +apiVersion: scheduling.k8s.io/v1 +kind: PriorityClass +metadata: + name: {{ template "jiva.csiNode.priorityClassName" . }} +value: 900001000 +globalDefault: false +description: "This priority class should be used for the OpenEBS CSI driver node deployment only." +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/templates/psp.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/templates/psp.yaml new file mode 100644 index 000000000..a8bfc3ed9 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/templates/psp.yaml @@ -0,0 +1,27 @@ +{{- if .Values.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "jiva.fullname" . }}-psp + {{- with .Values.csiNode.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "jiva.csiNode.labels" . | nindent 4 }} +spec: + privileged: true + allowPrivilegeEscalation: true + allowedCapabilities: ['*'] + volumes: ['*'] + hostNetwork: true + hostIPC: true + hostPID: true + runAsUser: + rule: 'RunAsAny' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'RunAsAny' + fsGroup: + rule: 'RunAsAny' +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/jiva/values.yaml b/charts/openebs/openebs/3.0.0/charts/jiva/values.yaml new file mode 100644 index 000000000..234e703d0 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/jiva/values.yaml @@ -0,0 +1,213 @@ +# Default values for jiva-operator. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +release: + version: "2.11.0" + + +# If false, openebs localpv sub-chart will not be installed +openebsLocalpv: + enabled: true + +rbac: + # rbac.create: `true` if rbac resources should be created + create: true + # rbac.pspEnabled: `true` if PodSecurityPolicy resources should be created + pspEnabled: false + +imagePullSecrets: +# - name: "image-pull-secret" + +jivaOperator: + componentName: "jiva-operator" + controller: + image: + registry: + repository: openebs/jiva + tag: 2.11.0 + replica: + image: + registry: + repository: openebs/jiva + tag: 2.11.0 + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/jiva-operator + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 2.11.0 + annotations: {} + resyncInterval: "30" + podAnnotations: {} + podLabels: {} + nodeSelector: {} + tolerations: [] + resources: {} + securityContext: {} + + +csiController: + priorityClass: + create: true + name: jiva-csi-controller-critical + componentName: "openebs-jiva-csi-controller" + attacher: + name: "csi-attacher" + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-attacher + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v3.1.0 + livenessprobe: + name: "liveness-probe" + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/livenessprobe + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v2.2.0 + provisioner: + name: "csi-provisioner" + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-provisioner + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v2.1.0 + resizer: + name: "csi-resizer" + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-resizer + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v1.1.0 + annotations: {} + podAnnotations: {} + podLabels: {} + nodeSelector: {} + tolerations: [] + resources: {} + securityContext: {} + +jivaCSIPlugin: + name: jiva-csi-plugin + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/jiva-csi + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 2.11.0 + remount: "true" + +csiNode: + priorityClass: + create: true + name: jiva-csi-node-critical + componentName: "openebs-jiva-csi-node" + driverRegistrar: + name: "csi-node-driver-registrar" + image: + registry: k8s.gcr.io/ + repository: sig-storage/csi-node-driver-registrar + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v2.0.1 + livenessprobe: + name: "liveness-probe" + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/livenessprobe + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v2.2.0 + updateStrategy: + type: RollingUpdate + annotations: {} + podAnnotations: {} + resources: {} + # limits: + # cpu: 10m + # memory: 32Mi + # requests: + # cpu: 10m + # memory: 32Mi + ## Labels to be added to openebs-jiva-csi-node pods + podLabels: {} + # kubeletDir path can be configured to run on various different k8s distributions like + # microk8s where kubelet root dir is not (/var/lib/kubelet/). For example microk8s, + # we need to change the kubelet directory to `/var/snap/microk8s/common/var/lib/kubelet/` + kubeletDir: "/var/lib/kubelet/" + nodeSelector: {} + tolerations: [] + securityContext: {} + +csiDriver: + create: true + podInfoOnMount: true + attachRequired: false + +serviceAccount: + # Annotations to add to the service account + annotations: {} + jivaOperator: + create: true + name: openebs-jiva-operator + csiController: + # Specifies whether a service account should be created + create: true + name: openebs-jiva-csi-controller-sa + csiNode: + # Specifies whether a service account should be created + create: true + name: openebs-jiva-csi-node-sa + +defaultClass: + # Name of the default default StorageClass + name: openebs-jiva-csi-default + # If true, enables creation of the openebs-jiva-csi-default StorageClass + enabled: true + # Available reclaim policies: Delete/Retain, defaults: Delete. + reclaimPolicy: Delete + # If true, sets the openebs-jiva-csi-default StorageClass as the default StorageClass + isDefaultClass: false + +defaultPolicy: + # Name of the default default JivaVolumePolicy + name: openebs-jiva-default-policy + # If true, enables creation of the openebs-jiva-default-policy JivaVolumePolicy + enabled: true + # replicaSC represents the storage class used for creating + # the pvc for the replica sts provisioned by localpv provisioner + replicaSC: openebs-hostpath + # replicas represent the desired replication factor for the jiva volume + replicas: 3 + +analytics: + enabled: true + # Specify in hours the duration after which a ping event needs to be sent. + pingInterval: "24h" + +localpv-provisioner: + # Disable installation of node-disk-manager components by default + openebsNDM: + enabled: false + # Disable openebs-device deviceClass by default. + deviceClass: + enabled: false diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/.helmignore b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/Chart.lock b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/Chart.lock new file mode 100644 index 000000000..1399387a0 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: openebs-ndm + repository: https://openebs.github.io/node-disk-manager + version: 1.6.0 +digest: sha256:bb37660c475faea9651f07b43f655da8f19d251b3227da70ec4990fae6d380f0 +generated: "2021-07-16T06:29:18.04468484Z" diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/Chart.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/Chart.yaml new file mode 100644 index 000000000..8e02a3469 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/Chart.yaml @@ -0,0 +1,27 @@ +apiVersion: v2 +appVersion: 2.11.0 +dependencies: +- condition: openebsNDM.enabled + name: openebs-ndm + repository: https://openebs.github.io/node-disk-manager + version: 1.6.0 +description: Helm chart for OpenEBS Dynamic Local PV. For instructions to install + OpenEBS Dynamic Local PV using helm chart, refer to https://openebs.github.io/dynamic-localpv-provisioner/. +home: http://www.openebs.io/ +icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/openebs/icon/color/openebs-icon-color.png +keywords: +- storage +- local +- dynamic-localpv +maintainers: +- email: akhil.mohan@mayadata.io + name: akhilerm +- email: kiran.mova@mayadata.io + name: kiranmova +- email: prateek.pandey@mayadata.io + name: prateekpandey14 +name: localpv-provisioner +sources: +- https://github.com/openebs/dynamic-localpv-provisioner +type: application +version: 2.11.0 diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/README.md b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/README.md new file mode 100644 index 000000000..139ac268c --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/README.md @@ -0,0 +1,143 @@ +# OpenEBS LocalPV Provisioner + +[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) +![Chart Lint and Test](https://github.com/openebs/dynamic-localpv-provisioner/workflows/Chart%20Lint%20and%20Test/badge.svg) +![Release Charts](https://github.com/openebs/dynamic-localpv-provisioner/workflows/Release%20Charts/badge.svg?branch=develop) + +A Helm chart for openebs dynamic localpv provisioner. This chart bootstraps OpenEBS Dynamic LocalPV provisioner deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| akhilerm | akhil.mohan@mayadata.io | | +| kiranmova | kiran.mova@mayadata.io | | +| prateekpandey14 | prateek.pandey@mayadata.io | | + + +## Get Repo Info + +```console +helm repo add openebs-localpv https://openebs.github.io/dynamic-localpv-provisioner +helm repo update +``` + +_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + +## Install Chart + +Please visit the [link](https://openebs.github.io/dynamic-localpv-provisioner/) for install instructions via helm3. + +```console +# Helm +helm install [RELEASE_NAME] openebs-localpv/localpv-provisioner --namespace [NAMESPACE] --create-namespace +``` + +_See [configuration](#configuration) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + +## Dependencies + +By default this chart installs additional, dependent charts: + +| Repository | Name | Version | +|------------|------|---------| +| https://openebs.github.io/node-disk-manager | openebs-ndm | 1.6.0 | + +**Note:** Find detailed Node Disk Manager Helm chart configuration options [here](https://github.com/openebs/node-disk-manager/blob/master/deploy/helm/charts/README.md). + + +To disable the dependency during installation, set `openebsNDM.enabled` to `false`. + +_See [helm dependency](https://helm.sh/docs/helm/helm_dependency/) for command documentation._ + +## Uninstall Chart + +```console +# Helm +helm uninstall [RELEASE_NAME] --namespace [NAMESPACE] +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +## Upgrading Chart + +```console +# Helm +helm upgrade [RELEASE_NAME] [CHART] --install --namespace [NAMESPACE] +``` + + +## Configuration + +The following table lists the configurable parameters of the OpenEBS Dynamic LocalPV Provisioner chart and their default values. + +You can modify different parameters by specifying the desired value in the `helm install` command by using the `--set` and/or the `--set-string` flag(s). You can modify the parameters of the [Node Disk Manager chart](https://openebs.github.io/node-disk-manager) by adding `openebs-ndm` before the desired parameter in the `helm install` command. + +In the following sample command we modify `deviceClass.fsType` from the localpv-provisioner chart and `ndm.nodeSelector` from the openebs-ndm chart to only schedule openebs-ndm DaemonSet pods on nodes labelled with `openebs.io/data-plane=true`. We also enable the 'Use OS-disk' feature gate using the `featureGates.UseOSDisk.enabled` parameter from the openebs-ndm chart. + + +```console +helm install openebs-localpv openebs-localpv/localpv-provisioner --namespace openebs --create-namespace \ + --set-string deviceClass.fsType="xfs" \ + --set-string openebs-ndm.ndm.nodeSelector."openebs\.io/data-plane"=true \ + --set openebs-ndm.featureGates.UseOSDisk.enabled=true +``` + +| Parameter | Description | Default | +| ------------------------------------------- | --------------------------------------------- | ----------------------------------------- | +| `release.version` | LocalPV Provisioner release version | `2.11.0` | +| `analytics.enabled` | Enable sending stats to Google Analytics | `true` | +| `analytics.pingInterval` | Duration(hours) between sending ping stat | `24h` | +| `deviceClass.blockDeviceTag` | Value of `openebs.io/block-device-tag` BD label | `""` | +| `deviceClass.enabled` | Enables creation of default Device StorageClass | `true` | +| `deviceClass.fsType` | Filesystem type for openebs-device StorageClass | `"ext4"` | +| `deviceClass.isDefaultClass` | Make openebs-device the default StorageClass | `"false"` | +| `deviceClass.reclaimPolicy` | ReclaimPolicy for Device PVs | `"Delete"` | +| `helperPod.image.registry` | Registry for helper image | `""` | +| `helperPod.image.repository` | Image for helper pod | `"openebs/linux-utils"` | +| `helperPod.image.pullPolicy` | Pull policy for helper pod | `"IfNotPresent"` | +| `helperPod.image.tag` | Image tag for helper image | `2.11.0` | +| `hostpathClass.basePath` | BasePath for openebs-hostpath StorageClass | `"/var/openebs/local"` | +| `hostpathClass.enabled` | Enables creation of default Hostpath StorageClass | `true` | +| `hostpathClass.isDefaultClass` | Make openebs-hostpath the default StorageClass | `"false"` | +| `hostpathClass.nodeAffinityLabel` | Custom node label key to uniquely identify nodes. `kubernetes.io/hostname` is the default label key for node selection. | `""` | +| `hostpathClass.reclaimPolicy` | ReclaimPolicy for Hostpath PVs | `"Delete"` | +| `imagePullSecrets` | Provides image pull secrect | `""` | +| `localpv.enabled` | Enable LocalPV Provisioner | `true` | +| `localpv.image.registry` | Registry for LocalPV Provisioner image | `""` | +| `localpv.image.repository` | Image repository for LocalPV Provisioner | `openebs/localpv-provisioner` | +| `localpv.image.pullPolicy` | Image pull policy for LocalPV Provisioner | `IfNotPresent` | +| `localpv.image.tag` | Image tag for LocalPV Provisioner | `2.11.0` | +| `localpv.updateStrategy.type` | Update strategy for LocalPV Provisioner | `RollingUpdate` | +| `localpv.annotations` | Annotations for LocalPV Provisioner metadata | `""` | +| `localpv.podAnnotations` | Annotations for LocalPV Provisioner pods metadata | `""` | +| `localpv.privileged` | Run LocalPV Provisioner with extra privileges | `true` | +| `localpv.resources` | Resource and request and limit for containers | `""` | +| `localpv.podLabels` | Appends labels to the pods | `""` | +| `localpv.nodeSelector` | Nodeselector for LocalPV Provisioner pods | `""` | +| `localpv.tolerations` | LocalPV Provisioner pod toleration values | `""` | +| `localpv.securityContext` | Seurity context for container | `""` | +| `localpv.healthCheck.initialDelaySeconds` | Delay before liveness probe is initiated | `30` | +| `localpv.healthCheck.periodSeconds` | How often to perform the liveness probe | `60` | +| `localpv.replicas` | No. of LocalPV Provisioner replica | `1` | +| `localpv.enableLeaderElection` | Enable leader election | `true` | +| `localpv.affinity` | LocalPV Provisioner pod affinity | `{}` | +| `openebsNDM.enabled` | Install openebs NDM dependency | `true` | +| `rbac.create` | Enable RBAC Resources | `true` | +| `rbac.pspEnabled` | Create pod security policy resources | `false` | + + +A YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```bash +helm install -f values.yaml --namespace openebs openebs-localpv/localpv-provisioner +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/Chart.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/Chart.yaml new file mode 100644 index 000000000..890c4887b --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/Chart.yaml @@ -0,0 +1,23 @@ +apiVersion: v2 +appVersion: 1.6.0 +description: Helm chart for OpenEBS Node Disk Manager - a Kubernetes native storage + device management solution. For instructions on how to install, refer to https://openebs.github.io/node-disk-manager/. +home: http://www.openebs.io/ +icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/openebs/icon/color/openebs-icon-color.png +keywords: +- cloud-native-storage +- block-storage +- ndm +- disk-inventory +- storage +maintainers: +- email: akhil.mohan@mayadata.io + name: akhilerm +- email: michaelfornaro@gmail.com + name: xUnholy +- email: prateek.pandey@mayadata.io + name: prateekpandey14 +name: openebs-ndm +sources: +- https://github.com/openebs/node-disk-manager +version: 1.6.0 diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/README.md b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/README.md new file mode 100644 index 000000000..497b6b450 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/README.md @@ -0,0 +1,79 @@ +## Introduction + +This chart bootstraps OpenEBS NDM deployment on a [Kubernetes](http://kubernetes.io) cluster using the +[Helm](https://helm.sh) package manager. + +## Installation + +You can run OpenEBS NDM on any Kubernetes 1.13+ cluster in a matter of seconds. + +Please visit the [link](https://openebs.github.io/node-disk-manager/) for install instructions via helm3. + +## Configuration + +The following table lists the configurable parameters of the OpenEBS NDM chart and their default values. + +| Parameter | Description | Default | +| ----------------------------------------| --------------------------------------------- | ----------------------------------------- | +| `imagePullSecrets` | Provides image pull secrect | `""` | +| `ndm.enabled` | Enable Node Disk Manager | `true` | +| `ndm.image.registry` | Registry for Node Disk Manager image | `""` | +| `ndm.image.repository` | Image repository for Node Disk Manager | `openebs/node-disk-manager` | +| `ndm.image.pullPolicy` | Image pull policy for Node Disk Manager | `IfNotPresent` | +| `ndm.image.tag` | Image tag for Node Disk Manager | `1.5.0` | +| `ndm.sparse.path` | Directory where Sparse files are created | `/var/openebs/sparse` | +| `ndm.sparse.size` | Size of the sparse file in bytes | `10737418240` | +| `ndm.sparse.count` | Number of sparse files to be created | `0` | +| `ndm.updateStrategy.type` | Update strategy for NDM daemonset | `RollingUpdate` | +| `ndm.annotations` | Annotations for NDM daemonset metadata | `""` | +| `ndm.podAnnotations` | Annotations for NDM daemonset's pods metadata | `""` | +| `ndm.resources` | Resource and request and limit for containers | `""` | +| `ndm.podLabels` | Appends labels to the pods | `""` | +| `ndm.nodeSelector` | Nodeselector for daemonset pods | `""` | +| `ndm.tolerations` | NDM daemonset's pod toleration values | `""` | +| `ndm.securityContext` | Seurity context for container | `""` | +| `ndm.filters.enableOsDiskExcludeFilter` | Enable filters of OS disk exclude | `true` | +| `ndm.filters.osDiskExcludePaths` | Paths/Mountpoints to be excluded by OS Disk Filter| `/,/etc/hosts,/boot` | +| `ndm.filters.enableVendorFilter` | Enable filters of vendors | `true` | +| `ndm.filters.excludeVendors` | Exclude devices with specified vendor | `CLOUDBYT,OpenEBS` | +| `ndm.filters.enablePathFilter` | Enable filters of paths | `true` | +| `ndm.filters.includePaths` | Include devices with specified path patterns | `""` | +| `ndm.filters.excludePaths` | Exclude devices with specified path patterns | `loop,fd0,sr0,/dev/ram,/dev/dm-,/dev/md,/dev/rbd,/dev/zd`| +| `ndm.probes.enableSeachest` | Enable Seachest probe for NDM | `false` | +| `ndm.probes.enableUdevProbe` | Enable Udev probe for NDM | `true` | +| `ndm.probes.enableSmartProbe` | Enable Smart probe for NDM | `true` | +| `ndmOperator.enabled` | Enable NDM Operator | `true` | +| `ndmOperator.replica` | Pod replica count for NDM operator | `1` | +| `ndmOperator.upgradeStrategy` | Update strategy NDM operator | `"Recreate"` | +| `ndmOperator.image.registry` | Registry for NDM operator image | `""` | +| `ndmOperator.image.repository` | Image repository for NDM operator | `openebs/node-disk-operator` | +| `ndmOperator.image.pullPolicy` | Image pull policy for NDM operator | `IfNotPresent` | +| `ndmOperator.image.tag` | Image tag for NDM operator | `1.5.0` | +| `ndmOperator.annotations` | Annotations for NDM operator metadata | `""` | +| `ndmOperator.podAnnotations` | Annotations for NDM operator's pods metadata | `""` | +| `ndmOperator.resources` | Resource and request and limit for containers | `""` | +| `ndmOperator.podLabels` | Appends labels to the pods | `""` | +| `ndmOperator.nodeSelector` | Nodeselector for operator pods | `""` | +| `ndmOperator.tolerations` | NDM operator's pod toleration values | `""` | +| `ndmOperator.securityContext` | Seurity context for container | `""` | +| `featureGates.APIService.enabled` | Enable the gRPC API service of NDM | `false` | +| `featureGates.UseOSDisk.enabled` | Enable feature-gate to use free space on OS disk | `false` | +| `featureGates.MountChangeDetection.enabled` | Enable feature-gate to detect mountpoint/filesystem changes | `false` | +| `helperPod.image.registry` | Registry for helper image | `""` | +| `helperPod.image.repository` | Image for helper pod | `openebs/linux-utils` | +| `helperPod.image.pullPolicy` | Pull policy for helper pod | `IfNotPresent` | +| `helperPod.image.tag` | Image tag for helper image | `2.10.0` | +| `varDirectoryPath.baseDir` | Directory to store debug info and so forth | `/var/openebs` | +| `serviceAccount.create` | Create a service account or not | `true` | +| `serviceAccount.name` | Name for the service account | `true` | + + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```bash +helm install -f values.yaml ndm/openebs-ndm +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/crds/blockdevice.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/crds/blockdevice.yaml new file mode 100644 index 000000000..95f40703c --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/crds/blockdevice.yaml @@ -0,0 +1,241 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: blockdevices.openebs.io +spec: + group: openebs.io + names: + kind: BlockDevice + listKind: BlockDeviceList + plural: blockdevices + shortNames: + - bd + singular: blockdevice + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.nodeAttributes.nodeName + name: NodeName + type: string + - jsonPath: .spec.path + name: Path + priority: 1 + type: string + - jsonPath: .spec.filesystem.fsType + name: FSType + priority: 1 + type: string + - jsonPath: .spec.capacity.storage + name: Size + type: string + - jsonPath: .status.claimState + name: ClaimState + type: string + - jsonPath: .status.state + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: BlockDevice is the Schema for the blockdevices API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DeviceSpec defines the properties and runtime status of a BlockDevice + properties: + aggregateDevice: + description: AggregateDevice was intended to store the hierarchical information in cases of LVM. However this is currently not implemented and may need to be re-looked into for better design. To be deprecated + type: string + capacity: + description: Capacity + properties: + logicalSectorSize: + description: LogicalSectorSize is blockdevice logical-sector size in bytes + format: int32 + type: integer + physicalSectorSize: + description: PhysicalSectorSize is blockdevice physical-Sector size in bytes + format: int32 + type: integer + storage: + description: Storage is the blockdevice capacity in bytes + format: int64 + type: integer + required: + - storage + type: object + claimRef: + description: ClaimRef is the reference to the BDC which has claimed this BD + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + details: + description: Details contain static attributes of BD like model,serial, and so forth + properties: + compliance: + description: Compliance is standards/specifications version implemented by device firmware such as SPC-1, SPC-2, etc + type: string + deviceType: + description: DeviceType represents the type of device like sparse, disk, partition, lvm, crypt + enum: + - disk + - partition + - sparse + - loop + - lvm + - crypt + - dm + - mpath + type: string + driveType: + description: DriveType is the type of backing drive, HDD/SSD + enum: + - HDD + - SSD + - Unknown + - "" + type: string + firmwareRevision: + description: FirmwareRevision is the disk firmware revision + type: string + hardwareSectorSize: + description: HardwareSectorSize is the hardware sector size in bytes + format: int32 + type: integer + logicalBlockSize: + description: LogicalBlockSize is the logical block size in bytes reported by /sys/class/block/sda/queue/logical_block_size + format: int32 + type: integer + model: + description: Model is model of disk + type: string + physicalBlockSize: + description: PhysicalBlockSize is the physical block size in bytes reported by /sys/class/block/sda/queue/physical_block_size + format: int32 + type: integer + serial: + description: Serial is serial number of disk + type: string + vendor: + description: Vendor is vendor of disk + type: string + type: object + devlinks: + description: DevLinks contains soft links of a block device like /dev/by-id/... /dev/by-uuid/... + items: + description: DeviceDevLink holds the mapping between type and links like by-id type or by-path type link + properties: + kind: + description: Kind is the type of link like by-id or by-path. + enum: + - by-id + - by-path + type: string + links: + description: Links are the soft links + items: + type: string + type: array + type: object + type: array + filesystem: + description: FileSystem contains mountpoint and filesystem type + properties: + fsType: + description: Type represents the FileSystem type of the block device + type: string + mountPoint: + description: MountPoint represents the mountpoint of the block device. + type: string + type: object + nodeAttributes: + description: NodeAttributes has the details of the node on which BD is attached + properties: + nodeName: + description: NodeName is the name of the Kubernetes node resource on which the device is attached + type: string + type: object + parentDevice: + description: "ParentDevice was intended to store the UUID of the parent Block Device as is the case for partitioned block devices. \n For example: /dev/sda is the parent for /dev/sda1 To be deprecated" + type: string + partitioned: + description: Partitioned represents if BlockDevice has partitions or not (Yes/No) Currently always default to No. To be deprecated + enum: + - "Yes" + - "No" + type: string + path: + description: Path contain devpath (e.g. /dev/sdb) + type: string + required: + - capacity + - devlinks + - nodeAttributes + - path + type: object + status: + description: DeviceStatus defines the observed state of BlockDevice + properties: + claimState: + description: ClaimState represents the claim state of the block device + enum: + - Claimed + - Unclaimed + - Released + type: string + state: + description: State is the current state of the blockdevice (Active/Inactive/Unknown) + enum: + - Active + - Inactive + - Unknown + type: string + required: + - claimState + - state + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/crds/blockdeviceclaim.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/crds/blockdeviceclaim.yaml new file mode 100644 index 000000000..81b9a355e --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/crds/blockdeviceclaim.yaml @@ -0,0 +1,144 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: blockdeviceclaims.openebs.io +spec: + group: openebs.io + names: + kind: BlockDeviceClaim + listKind: BlockDeviceClaimList + plural: blockdeviceclaims + shortNames: + - bdc + singular: blockdeviceclaim + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.blockDeviceName + name: BlockDeviceName + type: string + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: BlockDeviceClaim is the Schema for the blockdeviceclaims API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DeviceClaimSpec defines the request details for a BlockDevice + properties: + blockDeviceName: + description: BlockDeviceName is the reference to the block-device backing this claim + type: string + blockDeviceNodeAttributes: + description: BlockDeviceNodeAttributes is the attributes on the node from which a BD should be selected for this claim. It can include nodename, failure domain etc. + properties: + hostName: + description: HostName represents the hostname of the Kubernetes node resource where the BD should be present + type: string + nodeName: + description: NodeName represents the name of the Kubernetes node resource where the BD should be present + type: string + type: object + deviceClaimDetails: + description: Details of the device to be claimed + properties: + allowPartition: + description: AllowPartition represents whether to claim a full block device or a device that is a partition + type: boolean + blockVolumeMode: + description: 'BlockVolumeMode represents whether to claim a device in Block mode or Filesystem mode. These are use cases of BlockVolumeMode: 1) Not specified: VolumeMode check will not be effective 2) VolumeModeBlock: BD should not have any filesystem or mountpoint 3) VolumeModeFileSystem: BD should have a filesystem and mountpoint. If DeviceFormat is specified then the format should match with the FSType in BD' + type: string + formatType: + description: Format of the device required, eg:ext4, xfs + type: string + type: object + deviceType: + description: DeviceType represents the type of drive like SSD, HDD etc., + nullable: true + type: string + hostName: + description: Node name from where blockdevice has to be claimed. To be deprecated. Use NodeAttributes.HostName instead + type: string + resources: + description: Resources will help with placing claims on Capacity, IOPS + properties: + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum resources required. eg: if storage resource of 10G is requested minimum capacity of 10G should be available TODO for validating' + type: object + required: + - requests + type: object + selector: + description: Selector is used to find block devices to be considered for claiming + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: object + status: + description: DeviceClaimStatus defines the observed state of BlockDeviceClaim + properties: + phase: + description: Phase represents the current phase of the claim + type: string + required: + - phase + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/NOTES.txt b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/NOTES.txt new file mode 100644 index 000000000..3c84551b5 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/NOTES.txt @@ -0,0 +1,8 @@ +The OpenEBS Node Disk Manager has been installed. Check its status by running: +$ kubectl get pods -n {{ .Release.Namespace }} + +Use `kubectl get bd -n {{ .Release.Namespace }} ` to see the list of +blockdevices attached to the Kubernetes cluster nodes. + +For more information, visit our Slack at https://openebs.io/community or view +the documentation online at http://docs.openebs.io/. diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/_helpers.tpl b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/_helpers.tpl new file mode 100644 index 000000000..e6d5b99dc --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/_helpers.tpl @@ -0,0 +1,132 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +This name is used for ndm daemonset +*/}} +{{- define "openebs-ndm.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "openebs-ndm.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified ndm daemonset app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "openebs-ndm.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains .Release.Name $name }} +{{- $name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{- define "openebs-ndm.operator.name" -}} +{{- $ndmName := default .Chart.Name .Values.ndmOperator.nameOverride | trunc 63 | trimSuffix "-" }} +{{- $componentName := .Values.ndmOperator.name | trunc 63 | trimSuffix "-" }} +{{- printf "%s-%s" $ndmName $componentName | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified ndm operator app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "openebs-ndm.operator.fullname" -}} +{{- if .Values.ndmOperator.fullnameOverride }} +{{- .Values.ndmOperator.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $ndmOperatorName := include "openebs-ndm.operator.name" .}} + +{{- $name := default $ndmOperatorName .Values.ndmOperator.nameOverride }} +{{- if contains .Release.Name $name }} +{{- $name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "openebs-ndm.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "openebs-ndm.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Define meta labels for ndm components +*/}} +{{- define "openebs-ndm.common.metaLabels" -}} +chart: {{ template "openebs-ndm.chart" . }} +heritage: {{ .Release.Service }} +openebs.io/version: {{ .Values.release.version | quote }} +{{- end -}} + + +{{/* +Create match labels for ndm daemonset component +*/}} +{{- define "openebs-ndm.matchLabels" -}} +app: {{ template "openebs-ndm.name" . }} +release: {{ .Release.Name }} +component: {{ .Values.ndm.componentName | quote }} +{{- end -}} + +{{/* +Create component labels for ndm daemonset component +*/}} +{{- define "openebs-ndm.componentLabels" -}} +openebs.io/component-name: {{ .Values.ndm.componentName | quote }} +{{- end -}} + + +{{/* +Create labels for ndm daemonset component +*/}} +{{- define "openebs-ndm.labels" -}} +{{ include "openebs-ndm.common.metaLabels" . }} +{{ include "openebs-ndm.matchLabels" . }} +{{ include "openebs-ndm.componentLabels" . }} +{{- end -}} + +{{/* +Create match labels for ndm operator deployment +*/}} +{{- define "openebs-ndm.operator.matchLabels" -}} +app: {{ template "openebs-ndm.operator.name" . }} +release: {{ .Release.Name }} +component: {{ default (include "openebs-ndm.operator.name" .) .Values.ndmOperator.componentName }} +{{- end -}} + +{{/* +Create component labels for ndm operator component +*/}} +{{- define "openebs-ndm.operator.componentLabels" -}} +openebs.io/component-name: {{ default (include "openebs-ndm.operator.name" .) .Values.ndmOperator.componentName }} +{{- end -}} + + +{{/* +Create labels for ndm operator component +*/}} +{{- define "openebs-ndm.operator.labels" -}} +{{ include "openebs-ndm.common.metaLabels" . }} +{{ include "openebs-ndm.operator.matchLabels" . }} +{{ include "openebs-ndm.operator.componentLabels" . }} +{{- end -}} diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/configmap.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/configmap.yaml new file mode 100644 index 000000000..337b0e593 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/configmap.yaml @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "openebs-ndm.fullname" . }}-config +data: + # node-disk-manager-config contains config of available probes and filters. + # Probes and Filters will initialize with default values if config for that + # filter or probe are not present in configmap + + # udev-probe is default or primary probe it should be enabled to run ndm + # filterconfigs contains configs of filters. To provide a group of include + # and exclude values add it as , separated string + node-disk-manager.config: | + probeconfigs: + - key: udev-probe + name: udev probe + state: {{ .Values.ndm.probes.enableUdevProbe }} + - key: seachest-probe + name: seachest probe + state: {{ .Values.ndm.probes.enableSeachest }} + - key: smart-probe + name: smart probe + state: {{ .Values.ndm.probes.enableSmartProbe }} + filterconfigs: + - key: os-disk-exclude-filter + name: os disk exclude filter + state: {{ .Values.ndm.filters.enableOsDiskExcludeFilter }} + exclude: "{{ .Values.ndm.filters.osDiskExcludePaths }}" + - key: vendor-filter + name: vendor filter + state: {{ .Values.ndm.filters.enableVendorFilter }} + include: "" + exclude: "{{ .Values.ndm.filters.excludeVendors }}" + - key: path-filter + name: path filter + state: {{ .Values.ndm.filters.enablePathFilter }} + include: "{{ .Values.ndm.filters.includePaths }}" + exclude: "{{ .Values.ndm.filters.excludePaths }}" diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/daemonset.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/daemonset.yaml new file mode 100644 index 000000000..af66edfe5 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/daemonset.yaml @@ -0,0 +1,176 @@ +{{- if .Values.ndm.enabled }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ template "openebs-ndm.fullname" . }} + {{- with .Values.ndm.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "openebs-ndm.labels" . | nindent 4 }} +spec: + updateStrategy: +{{ toYaml .Values.ndm.updateStrategy | indent 4 }} + selector: + matchLabels: + {{- include "openebs-ndm.matchLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.ndm.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "openebs-ndm.labels" . | nindent 8 }} + {{- with .Values.ndm.podLabels}} + {{ toYaml . | nindent 8 }} + {{- end}} + spec: + serviceAccountName: {{ template "openebs-ndm.serviceAccountName" . }} +{{- if .Values.featureGates.enabled }} +{{- if .Values.featureGates.APIService.enabled }} + hostPID: true +{{- end}} +{{- end}} + containers: + - name: {{ template "openebs-ndm.name" . }} + image: "{{ .Values.ndm.image.registry }}{{ .Values.ndm.image.repository }}:{{ .Values.ndm.image.tag }}" + args: + - -v=4 +{{- if .Values.featureGates.enabled }} +{{- if .Values.featureGates.GPTBasedUUID.enabled }} + - --feature-gates={{ .Values.featureGates.GPTBasedUUID.featureGateFlag }} +{{- end}} +{{- if .Values.featureGates.APIService.enabled }} + - --feature-gates={{ .Values.featureGates.APIService.featureGateFlag }} + - --api-service-address={{ .Values.featureGates.APIService.address }} +{{- end}} +{{- if .Values.featureGates.UseOSDisk.enabled }} + - --feature-gates={{ .Values.featureGates.UseOSDisk.featureGateFlag }} +{{- end}} +{{- if .Values.featureGates.MountChangeDetection.enabled }} + - --feature-gates={{ .Values.featureGates.MountChangeDetection.featureGateFlag }} +{{- end}} +{{- end}} + imagePullPolicy: {{ .Values.ndm.image.pullPolicy }} + resources: +{{ toYaml .Values.ndm.resources | indent 12 }} + securityContext: + privileged: true + env: + # namespace in which NDM is installed will be passed to NDM Daemonset + # as environment variable + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # pass hostname as env variable using downward API to the NDM container + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + # specify the directory where the sparse files need to be created. + # if not specified, then sparse files will not be created. + - name: SPARSE_FILE_DIR + value: "{{ .Values.ndm.sparse.path }}" +{{- end }} +{{- if .Values.ndm.sparse.size }} + # Size(bytes) of the sparse file to be created. + - name: SPARSE_FILE_SIZE + value: "{{ .Values.ndm.sparse.size }}" +{{- end }} +{{- if .Values.ndm.sparse.count }} + # Specify the number of sparse files to be created + - name: SPARSE_FILE_COUNT + value: "{{ .Values.ndm.sparse.count }}" +{{- end }} +{{- end }} + # Process name used for matching is limited to the 15 characters + # present in the pgrep output. + # So fullname can be used here with pgrep (cmd is < 15 chars). + livenessProbe: + exec: + command: + - pgrep + - "ndm" + initialDelaySeconds: {{ .Values.ndm.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndm.healthCheck.periodSeconds }} + volumeMounts: + - name: config + mountPath: /host/node-disk-manager.config + subPath: node-disk-manager.config + readOnly: true + - name: udev + mountPath: /run/udev + - name: procmount + mountPath: /host/proc + readOnly: true + - name: devmount + mountPath: /dev + - name: basepath + mountPath: /var/openebs/ndm +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + - name: sparsepath + mountPath: {{ .Values.ndm.sparse.path }} +{{- end }} +{{- end }} + volumes: + - name: config + configMap: + name: {{ include "openebs-ndm.fullname" . }}-config + - name: udev + hostPath: + path: /run/udev + type: Directory + # mount /proc (to access mount file of process 1 of host) inside container + # to read mount-point of disks and partitions + - name: procmount + hostPath: + path: /proc + type: Directory + - name: devmount + # the /dev directory is mounted so that we have access to the devices that + # are connected at runtime of the pod. + hostPath: + path: /dev + type: Directory + - name: basepath + hostPath: + path: "{{ .Values.varDirectoryPath.baseDir }}/ndm" + type: DirectoryOrCreate +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + - name: sparsepath + hostPath: + path: {{ .Values.ndm.sparse.path }} +{{- end }} +{{- end }} + # By default the node-disk-manager will be run on all kubernetes nodes + # If you would like to limit this to only some nodes, say the nodes + # that have storage attached, you could label those node and use + # nodeSelector. + # + # e.g. label the storage nodes with - "openebs.io/nodegroup"="storage-node" + # kubectl label node "openebs.io/nodegroup"="storage-node" + #nodeSelector: + # "openebs.io/nodegroup": "storage-node" +{{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 6 }} +{{- end }} +{{- if .Values.ndm.nodeSelector }} + nodeSelector: +{{ toYaml .Values.ndm.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.ndm.tolerations }} + tolerations: +{{ toYaml .Values.ndm.tolerations | indent 8 }} +{{- end }} +{{- if .Values.ndm.securityContext }} + securityContext: +{{ toYaml .Values.ndm.securityContext | indent 8 }} +{{- end }} + hostNetwork: true +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/deployment.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/deployment.yaml new file mode 100644 index 000000000..4a54dc777 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/deployment.yaml @@ -0,0 +1,87 @@ +{{- if .Values.ndmOperator.enabled }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "openebs-ndm.operator.fullname" . }} + {{- with .Values.ndmOperator.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "openebs-ndm.operator.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.ndmOperator.replicas }} + strategy: + type: "Recreate" + rollingUpdate: null + selector: + matchLabels: + {{- include "openebs-ndm.operator.matchLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.ndmOperator.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "openebs-ndm.operator.labels" . | nindent 8 }} + {{- with .Values.ndmOperator.podLabels}} + {{ toYaml . | nindent 8 }} + {{- end}} + spec: + serviceAccountName: {{ template "openebs-ndm.serviceAccountName" . }} + containers: + - name: {{ template "openebs-ndm.operator.fullname" . }} + image: "{{ .Values.ndmOperator.image.registry }}{{ .Values.ndmOperator.image.repository }}:{{ .Values.ndmOperator.image.tag }}" + imagePullPolicy: {{ .Values.ndmOperator.image.pullPolicy }} + resources: +{{ toYaml .Values.ndmOperator.resources | indent 12 }} + livenessProbe: + httpGet: + path: /healthz + port: 8585 + initialDelaySeconds: {{ .Values.ndmOperator.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndmOperator.healthCheck.periodSeconds }} + readinessProbe: + httpGet: + path: /readyz + port: 8585 + initialDelaySeconds: {{ .Values.ndmOperator.readinessCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndmOperator.readinessCheck.periodSeconds }} + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + - name: OPERATOR_NAME + value: "node-disk-operator" + - name: CLEANUP_JOB_IMAGE + value: "{{ .Values.helperPod.image.registry }}{{ .Values.helperPod.image.repository }}:{{ .Values.helperPod.image.tag }}" +{{- if .Values.imagePullSecrets }} + - name: OPENEBS_IO_IMAGE_PULL_SECRETS + value: "{{- range $index, $secret := .Values.imagePullSecrets}}{{if $index}},{{end}}{{ $secret.name }}{{- end}}" +{{- end }} +{{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 6 }} +{{- end }} +{{- if .Values.ndmOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.ndmOperator.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.ndmOperator.securityContext }} + securityContext: +{{ toYaml .Values.ndmOperator.securityContext | indent 8 }} +{{- end }} +{{- if .Values.ndmOperator.tolerations }} + tolerations: +{{ toYaml .Values.ndmOperator.tolerations | indent 8 }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/rbac.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/rbac.yaml new file mode 100644 index 000000000..8e81c4922 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/templates/rbac.yaml @@ -0,0 +1,44 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "openebs-ndm.serviceAccountName" . }} +{{- end }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "openebs-ndm.fullname" . }} +rules: + - apiGroups: ["*"] + resources: ["nodes", "pods", "events", "configmaps", "jobs"] + verbs: + - '*' + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: + - '*' + - apiGroups: + - openebs.io + resources: + - blockdevices + - blockdeviceclaims + verbs: + - '*' +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "openebs-ndm.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "openebs-ndm.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + - kind: User + name: system:serviceaccount:default:default + apiGroup: rbac.authorization.k8s.io +roleRef: + kind: ClusterRole + name: {{ include "openebs-ndm.fullname" . }} + apiGroup: rbac.authorization.k8s.io +--- diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/values.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/values.yaml new file mode 100644 index 000000000..14928d497 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/charts/openebs-ndm/values.yaml @@ -0,0 +1,121 @@ +# Default values for ndm. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +release: + version: "1.6.0" + +imagePullSecrets: +# - name: "image-pull-secret" + +ndm: + componentName: ndm + enabled: true + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/node-disk-manager + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 1.6.0 + sparse: + path: "/var/openebs/sparse" + size: "10737418240" + count: "0" + updateStrategy: + type: RollingUpdate + annotations: {} + podAnnotations: {} + resources: {} + # limits: + # cpu: 10m + # memory: 32Mi + # requests: + # cpu: 10m + # memory: 32Mi + ## Labels to be added to ndm daemonset pods + podLabels: + name: openebs-ndm + nodeSelector: {} + tolerations: [] + securityContext: {} + filters: + enableOsDiskExcludeFilter: true + osDiskExcludePaths: "/,/etc/hosts,/boot" + enableVendorFilter: true + excludeVendors: "CLOUDBYT,OpenEBS" + enablePathFilter: true + includePaths: "" + excludePaths: "loop,fd0,sr0,/dev/ram,/dev/dm-,/dev/md,/dev/rbd,/dev/zd" + probes: + enableSeachest: false + enableUdevProbe: true + enableSmartProbe: true + healthCheck: + initialDelaySeconds: 30 + periodSeconds: 60 + +ndmOperator: + name: operator + enabled: true + image: + registry: + repository: openebs/node-disk-operator + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 1.6.0 + podLabels: + name: openebs-ndm-operator + annotations: {} + podAnnotations: {} + nodeSelector: {} + resources: {} + securityContext: {} + tolerations: [] + healthCheck: + initialDelaySeconds: 15 + periodSeconds: 20 + readinessCheck: + initialDelaySeconds: 5 + periodSeconds: 10 + replicas: 1 + upgradeStrategy: Recreate + +helperPod: + image: + registry: "" + repository: openebs/linux-utils + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 2.11.0 + +crd: + enableInstall: false + +featureGates: + enabled: true + GPTBasedUUID: + enabled: true + featureGateFlag: "GPTBasedUUID" + APIService: + enabled: false + featureGateFlag: "APIService" + address: "0.0.0.0:9115" + UseOSDisk: + enabled: false + featureGateFlag: "UseOSDisk" + MountChangeDetection: + enabled: false + featureGateFlag: "MountChangeDetection" + +# Directory used by the OpenEBS to store debug information and so forth +# that are generated in the course of running OpenEBS containers. +varDirectoryPath: + baseDir: "/var/openebs" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: openebs-ndm diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/NOTES.txt b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/NOTES.txt new file mode 100644 index 000000000..a2a0aea84 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/NOTES.txt @@ -0,0 +1,12 @@ +The OpenEBS Dynamic LocalPV Provisioner has been installed. +Check its status by running: +$ kubectl get pods -n {{ .Release.Namespace }} + +Use `kubectl get bd -n {{ .Release.Namespace }}` to list the +blockdevices attached to the Kubernetes cluster nodes. + +Get started with the Dynamic LocalPV Provisioner Quickstart guide at: +https://github.com/openebs/dynamic-localpv-provisioner/blob/develop/docs/quickstart.md + +For more information, visit our Slack at https://openebs.io/community or view +the OpenEBS documentation online at https://docs.openebs.io. diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/_helpers.tpl b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/_helpers.tpl new file mode 100644 index 000000000..ea1ce3111 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/_helpers.tpl @@ -0,0 +1,79 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "localpv.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified localpv provisioner name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "localpv.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "localpv.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{/* +Meta labels +*/}} +{{- define "localpv.common.metaLabels" -}} +chart: {{ template "localpv.chart" . }} +heritage: {{ .Release.Service }} +openebs.io/version: {{ .Values.release.version | quote }} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "localpv.selectorLabels" -}} +app: {{ template "localpv.name" . }} +release: {{ .Release.Name }} +component: {{ .Values.localpv.name | quote }} +{{- end -}} + +{{/* +Component labels +*/}} +{{- define "localpv.componentLabels" -}} +openebs.io/component-name: openebs-{{ .Values.localpv.name }} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "localpv.labels" -}} +{{ include "localpv.common.metaLabels" . }} +{{ include "localpv.selectorLabels" . }} +{{ include "localpv.componentLabels" . }} +{{- end -}} + + +{{/* +Create the name of the service account to use +*/}} +{{- define "localpv.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "localpv.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/deployment.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/deployment.yaml new file mode 100644 index 000000000..bc736d981 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/deployment.yaml @@ -0,0 +1,114 @@ +{{- if .Values.localpv.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "localpv.fullname" . }} + {{- with .Values.localpv.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "localpv.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.localpv.replicas }} + strategy: + type: "Recreate" + rollingUpdate: null + selector: + matchLabels: + {{- include "localpv.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.localpv.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "localpv.labels" . | nindent 8 }} + {{- with .Values.localpv.podLabels }} + {{ toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "localpv.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ template "localpv.fullname" . }} + image: "{{ .Values.localpv.image.registry }}{{ .Values.localpv.image.repository }}:{{ .Values.localpv.image.tag }}" + imagePullPolicy: {{ .Values.localpv.image.pullPolicy }} + resources: +{{ toYaml .Values.localpv.resources | indent 10 }} + env: + # OPENEBS_IO_K8S_MASTER enables openebs provisioner to connect to K8s + # based on this address. This is ignored if empty. + # This is supported for openebs provisioner version 0.5.2 onwards + #- name: OPENEBS_IO_K8S_MASTER + # value: "http://10.128.0.12:8080" + # OPENEBS_IO_KUBE_CONFIG enables openebs provisioner to connect to K8s + # based on this config. This is ignored if empty. + # This is supported for openebs provisioner version 0.5.2 onwards + #- name: OPENEBS_IO_KUBE_CONFIG + # value: "/home/ubuntu/.kube/config" + # OPENEBS_NAMESPACE is the namespace that this provisioner will + # lookup to find maya api service + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + # OPENEBS_SERVICE_ACCOUNT provides the service account of this pod as + # environment variable + - name: OPENEBS_SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + # OPENEBS_IO_BASE_PATH is the environment variable that provides the + # default base path on the node where host-path PVs will be provisioned. + - name: OPENEBS_IO_ENABLE_ANALYTICS + value: "{{ .Values.analytics.enabled }}" + - name: OPENEBS_IO_BASE_PATH + value: "{{ .Values.localpv.basePath }}" + - name: OPENEBS_IO_HELPER_IMAGE + value: "{{ .Values.helperPod.image.registry }}{{ .Values.helperPod.image.repository }}:{{ .Values.helperPod.image.tag }}" + - name: OPENEBS_IO_INSTALLER_TYPE + value: "charts-helm" + # LEADER_ELECTION_ENABLED is used to enable/disable leader election. By default + # leader election is enabled. + - name: LEADER_ELECTION_ENABLED + value: "{{ .Values.localpv.enableLeaderElection }}" +{{- if .Values.imagePullSecrets }} + - name: OPENEBS_IO_IMAGE_PULL_SECRETS + value: "{{- range $index, $secret := .Values.imagePullSecrets}}{{if $index}},{{end}}{{ $secret.name }}{{- end}}" +{{- end }} + # Process name used for matching is limited to the 15 characters + # present in the pgrep output. + # So fullname can't be used here with pgrep (>15 chars).A regular expression + # that matches the entire command name has to specified. + # Anchor `^` : matches any string that starts with `provisioner-loc` + # `.*`: matches any string that has `provisioner-loc` followed by zero or more char + livenessProbe: + exec: + command: + - sh + - -c + - test `pgrep -c "^provisioner-loc.*"` = 1 + initialDelaySeconds: {{ .Values.localpv.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.localpv.healthCheck.periodSeconds }} +{{- if .Values.localpv.nodeSelector }} + nodeSelector: +{{ toYaml .Values.localpv.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.localpv.tolerations }} + tolerations: +{{ toYaml .Values.localpv.tolerations | indent 8 }} +{{- end }} +{{- if .Values.localpv.affinity }} + affinity: +{{ toYaml .Values.localpv.affinity | indent 8 }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/device-class.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/device-class.yaml new file mode 100644 index 000000000..f7cf95465 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/device-class.yaml @@ -0,0 +1,25 @@ +{{- if .Values.deviceClass.enabled }} +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.deviceClass.name }} + annotations: + openebs.io/cas-type: local + cas.openebs.io/config: | + - name: StorageType + value: "device" +{{- if .Values.deviceClass.fsType }} + - name: FSType + value: {{ .Values.deviceClass.fsType }} +{{- end }} +{{- if .Values.deviceClass.blockDeviceTag }} + - name: BlockDeviceTag + value: {{ .Values.deviceClass.blockDeviceTag }} +{{- end }} +{{- if .Values.deviceClass.isDefaultClass }} + storageclass.kubernetes.io/is-default-class: "true" +{{- end }} +provisioner: openebs.io/local +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: {{ .Values.deviceClass.reclaimPolicy }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/hostpath-class.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/hostpath-class.yaml new file mode 100644 index 000000000..d4fbfd3d2 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/hostpath-class.yaml @@ -0,0 +1,25 @@ +{{- if .Values.hostpathClass.enabled }} +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.hostpathClass.name }} + annotations: + openebs.io/cas-type: local + cas.openebs.io/config: | + - name: StorageType + value: "hostpath" +{{- if .Values.hostpathClass.basePath }} + - name: BasePath + value: {{ .Values.hostpathClass.basePath }} +{{- end }} +{{- if .Values.hostpathClass.nodeAffinityLabel }} + - name: NodeAffinityLabel + value: {{ .Values.hostpathClass.nodeAffinityLabel }} +{{- end }} +{{- if .Values.hostpathClass.isDefaultClass }} + storageclass.kubernetes.io/is-default-class: "true" +{{- end }} +provisioner: openebs.io/local +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: {{ .Values.hostpathClass.reclaimPolicy }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/psp.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/psp.yaml new file mode 100644 index 000000000..ec64aad40 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/psp.yaml @@ -0,0 +1,30 @@ +{{- if .Values.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "localpv.fullname" . }}-psp + {{- with .Values.localpv.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "localpv.labels" . | nindent 4 }} +spec: + privileged: {{ .Values.localpv.privileged }} + allowPrivilegeEscalation: true + allowedCapabilities: ['*'] + volumes: ['*'] + hostNetwork: true + hostPorts: + - min: 0 + max: 65535 + hostIPC: true + hostPID: true + runAsUser: + rule: 'RunAsAny' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'RunAsAny' + fsGroup: + rule: 'RunAsAny' +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/rbac.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/rbac.yaml new file mode 100644 index 000000000..04cd5409c --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/templates/rbac.yaml @@ -0,0 +1,99 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "localpv.serviceAccountName" . }} + labels: + {{- include "localpv.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- if .Values.rbac.create }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "localpv.fullname" . }} + {{- with .Values.localpv.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "localpv.labels" . | nindent 4 }} +rules: +- apiGroups: ["*"] + resources: ["nodes"] + verbs: ["get", "list", "watch"] +- apiGroups: ["*"] + resources: ["namespaces", "pods", "events", "endpoints"] + verbs: ["*"] +- apiGroups: ["*"] + resources: ["resourcequotas", "limitranges"] + verbs: ["list", "watch"] +- apiGroups: ["*"] + resources: ["storageclasses", "persistentvolumeclaims", "persistentvolumes"] + verbs: ["*"] +- apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: [ "get", "list", "create", "update", "delete", "patch"] +- apiGroups: ["openebs.io"] + resources: [ "*"] + verbs: ["*" ] +- nonResourceURLs: ["/metrics"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "localpv.fullname" . }} + {{- with .Values.localpv.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "localpv.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "localpv.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ template "localpv.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- if .Values.rbac.pspEnabled }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "localpv.fullname" . }}-psp + {{- with .Values.localpv.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "localpv.labels" . | nindent 4 }} +rules: +- apiGroups: ['policy'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ template "localpv.fullname" . }}-psp +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "localpv.fullname" . }}-psp + {{- with .Values.localpv.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "localpv.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "localpv.fullname" . }}-psp +subjects: + - kind: ServiceAccount + name: {{ template "localpv.serviceAccountName" . }} + namespace: {{ $.Release.Namespace }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/values.yaml b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/values.yaml new file mode 100644 index 000000000..0d9fb270f --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/localpv-provisioner/values.yaml @@ -0,0 +1,121 @@ +# Default values for localpv. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +release: + version: "2.11.0" + +rbac: + # rbac.create: `true` if rbac resources should be created + create: true + # rbac.pspEnabled: `true` if PodSecurityPolicy resources should be created + pspEnabled: false + +# If false, openebs NDM sub-chart will not be installed +openebsNDM: + enabled: true + +localpv: + name: localpv-provisioner + enabled: true + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/provisioner-localpv + tag: 2.11.0 + pullPolicy: IfNotPresent + updateStrategy: + type: RollingUpdate + # If set to false, containers created by the localpv provisioner will run without extra privileges. + privileged: true + annotations: {} + podAnnotations: {} + ## Labels to be added to localpv provisioner deployment pods + podLabels: + name: openebs-localpv-provisioner + healthCheck: + initialDelaySeconds: 30 + periodSeconds: 60 + replicas: 1 + enableLeaderElection: true + basePath: "/var/openebs/local" + resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + nodeSelector: {} + tolerations: [] + affinity: {} + securityContext: {} + +imagePullSecrets: +# - name: img-pull-secret + +podSecurityContext: {} + # fsGroup: 2000 + +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: + +deviceClass: + # Name of default device StorageClass. + name: openebs-device + # If true, enables creation of the openebs-device StorageClass + enabled: true + # Available reclaim policies: Delete/Retain, defaults: Delete. + reclaimPolicy: Delete + # If true, sets the openebs-device StorageClass as the default StorageClass + isDefaultClass: false + fsType: "ext4" + # Label block devices in the cluster that you would like the openEBS localPV + # Provisioner to pick up those specific block devices available on the node. + # + # To read more: https://docs.openebs.io/docs/next/uglocalpv-device.html#optional-block-device-tagging + blockDeviceTag: "" + +hostpathClass: + # Name of the default hostpath StorageClass + name: openebs-hostpath + # If true, enables creation of the openebs-hostpath StorageClass + enabled: true + # Available reclaim policies: Delete/Retain, defaults: Delete. + reclaimPolicy: Delete + # If true, sets the openebs-hostpath StorageClass as the default StorageClass + isDefaultClass: false + # Path on the host where local volumes of this storage class are mounted under. + basePath: "/var/openebs/local" + # Custom node affinity label for example "openebs.io/node-affinity-value" that will be + # used instead of hostnames + # This helps in cases where the hostname changes when the node is removed and + # added back with the disks still intact. + nodeAffinityLabel: "" + +helperPod: + image: + registry: "" + repository: openebs/linux-utils + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 2.11.0 + +analytics: + enabled: true + # Specify in hours the duration after which a ping event needs to be sent. + pingInterval: "24h" diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/.helmignore b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/Chart.yaml b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/Chart.yaml new file mode 100644 index 000000000..cd411ff8f --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/Chart.yaml @@ -0,0 +1,23 @@ +apiVersion: v2 +appVersion: 0.7.0 +description: CSI Driver for dynamic provisioning of LVM Persistent Local Volumes. +home: http://www.openebs.io/ +icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/openebs/icon/color/openebs-icon-color.png +keywords: +- cloud-native-storage +- block-storage +- filesystem +- LVM +- Local Persistent Volumes +- storage +maintainers: +- email: prateek.pandey@mayadata.io + name: prateekpandey14 +- email: pawan@mayadata.io + name: pawanpraka1 +- email: yashpal.c1995@gmail.com + name: iyashu +name: lvm-localpv +sources: +- https://github.com/openebs/lvm-localpv +version: 0.7.0 diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/README.md b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/README.md new file mode 100644 index 000000000..733e8df80 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/README.md @@ -0,0 +1,159 @@ + +# OpenEBS LocalPV Provisioner + +[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) +![Chart Lint and Test](https://github.com/openebs/lvm-localpv/workflows/Chart%20Lint%20and%20Test/badge.svg) +![Release Charts](https://github.com/openebs/lvm-localpv/workflows/Release%20Charts/badge.svg?branch=develop) + +A Helm chart for openebs lvm localpv provisioner. This chart bootstraps OpenEBS LVM LocalPV provisioner deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| pawanpraka1 | pawan@mayadata.io | | +| prateekpandey14 | prateek.pandey@mayadata.io | | +| iyashu | yashpal.c1995@gmail.com | | + + +## Get Repo Info + +```console +helm repo add openebs-lvmlocalpv https://openebs.github.io/lvm-localpv +helm repo update +``` + +_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + +## Install Chart + +Please visit the [link](https://openebs.github.io/lvm-localpv/) for install instructions via helm3. + +```console +# Helm +$ helm install [RELEASE_NAME] openebs-lvmlocalpv/lvm-localpv --namespace [NAMESPACE] +``` + +
+ Click here if you're using MicroK8s. + + ```console + microk8s helm3 install [RELEASE_NAME] openebs-lvmlocalpv/lvm-localpv --namespace [NAMESPACE] --set-string lvmNode.kubeletDir="/var/snap/microk8s/common/var/lib/kubelet/" + ``` +
+ + +**Note:** If moving from the operator to helm +- Make sure the namespace provided in the helm install command is same as `LVM_NAMESPACE` (by default it is `openebs`) env in the controller statefulset. +- Before installing, clean up the stale statefulset and daemonset from `kube-system` namespace using the below commands +```sh +kubectl delete sts openebs-lvm-controller -n kube-system +kubectl delete ds openebs-lvm-node -n kube-system +``` + + +_See [configuration](#configuration) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + +## Uninstall Chart + +```console +# Helm +$ helm uninstall [RELEASE_NAME] +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +## Upgrading Chart + +```console +# Helm +$ helm upgrade [RELEASE_NAME] [CHART] --install --namespace [NAMESPACE] +``` + +## Configuration + +The following table lists the configurable parameters of the OpenEBS LVM Localpv chart and their default values. + +```console +helm install openebs-lvmlocalpv openebs-lvmlocalpv/lvm-localpv --namespace openebs --create-namespace +``` +
+ Click here if you're using MicroK8s. + + If you are using MicroK8s, it is necessary to add the following flag: + + ```console + --set-string lvmNode.kubeletDir="/var/snap/microk8s/common/var/lib/kubelet/" + ``` +
+ +| Parameter| Description| Default| +| -| -| -| +| `imagePullSecrets`| Provides image pull secrect| `""`| +| `lvmPlugin.image.registry`| Registry for openebs-lvm-plugin image| `""`| +| `lvmPlugin.image.repository`| Image repository for openebs-lvm-plugin| `openebs/lvm-driver`| +| `lvmPlugin.image.pullPolicy`| Image pull policy for openebs-lvm-plugin| `IfNotPresent`| +| `lvmPlugin.image.tag`| Image tag for openebs-lvm-plugin| `0.7.0`| +| `lvmPlugin.metricsPort`| The TCP port number used for exposing lvm-metrics | `9500`| +| `lvmNode.driverRegistrar.image.registry`| Registry for csi-node-driver-registrar image| `k8s.gcr.io/`| +| `lvmNode.driverRegistrar.image.repository`| Image repository for csi-node-driver-registrar| `sig-storage/csi-node-driver-registrar`| +| `lvmNode.driverRegistrar.image.pullPolicy`| Image pull policy for csi-node-driver-registrar| `IfNotPresent`| +| `lvmNode.driverRegistrar.image.tag`| Image tag for csi-node-driver-registrar| `v1.2.0`| +| `lvmNode.updateStrategy.type`| Update strategy for lvmnode daemonset | `RollingUpdate` | +| `lvmNode.kubeletDir`| Kubelet mount point for lvmnode daemonset| `"/var/lib/kubelet/"` | +| `lvmNode.annotations` | Annotations for lvmnode daemonset metadata| `""`| +| `lvmNode.podAnnotations`| Annotations for lvmnode daemonset's pods metadata | `""`| +| `lvmNode.resources`| Resource and request and limit for lvmnode daemonset containers | `""`| +| `lvmNode.labels`| Labels for lvmnode daemonset metadata | `""`| +| `lvmNode.podLabels`| Appends labels to the lvmnode daemonset pods| `""`| +| `lvmNode.nodeSelector`| Nodeselector for lvmnode daemonset pods| `""`| +| `lvmNode.tolerations` | lvmnode daemonset's pod toleration values | `""`| +| `lvmNode.securityContext` | Security context for lvmnode daemonset container | `""`| +| `lvmController.resizer.image.registry`| Registry for csi-resizer image| `k8s.gcr.io/`| +| `lvmController.resizer.image.repository`| Image repository for csi-resizer| `sig-storage/csi-resizer`| +| `lvmController.resizer.image.pullPolicy`| Image pull policy for csi-resizer| `IfNotPresent`| +| `lvmController.resizer.image.tag`| Image tag for csi-resizer| `v1.1.0`| +| `lvmController.snapshotter.image.registry`| Registry for csi-snapshotter image| `k8s.gcr.io/`| +| `lvmController.snapshotter.image.repository`| Image repository for csi-snapshotter| `sig-storage/csi-snapshotter`| +| `lvmController.snapshotter.image.pullPolicy`| Image pull policy for csi-snapshotter| `IfNotPresent`| +| `lvmController.snapshotter.image.tag`| Image tag for csi-snapshotter| `v4.0.0`| +| `lvmController.snapshotController.image.registry`| Registry for snapshot-controller image| `k8s.gcr.io/`| +| `lvmController.snapshotController.image.repository`| Image repository for snapshot-controller| `sig-storage/snapshot-controller`| +| `lvmController.snapshotController.image.pullPolicy`| Image pull policy for snapshot-controller| `IfNotPresent`| +| `lvmController.snapshotController.image.tag`| Image tag for snapshot-controller| `v4.0.0`| +| `lvmController.provisioner.image.registry`| Registry for csi-provisioner image| `k8s.gcr.io/`| +| `lvmController.provisioner.image.repository`| Image repository for csi-provisioner| `sig-storage/csi-provisioner`| +| `lvmController.provisioner.image.pullPolicy`| Image pull policy for csi-provisioner| `IfNotPresent`| +| `lvmController.provisioner.image.tag`| Image tag for csi-provisioner| `v2.1.0`| +| `lvmController.updateStrategy.type`| Update strategy for lvm localpv controller statefulset | `RollingUpdate` | +| `lvmController.annotations` | Annotations for lvm localpv controller statefulset metadata| `""`| +| `lvmController.podAnnotations`| Annotations for lvm localpv controller statefulset's pods metadata | `""`| +| `lvmController.resources`| Resource and request and limit for lvm localpv controller statefulset containers | `""`| +| `lvmController.labels`| Labels for lvm localpv controller statefulset metadata | `""`| +| `lvmController.podLabels`| Appends labels to the lvm localpv controller statefulset pods| `""`| +| `lvmController.nodeSelector`| Nodeselector for lvm localpv controller statefulset pods| `""`| +| `lvmController.tolerations` | lvm localpv controller statefulset's pod toleration values | `""`| +| `lvmController.securityContext` | Seurity context for lvm localpv controller statefulset container | `""`| +| `rbac.pspEnabled` | Enable PodSecurityPolicy | `false` | +| `serviceAccount.lvmNode.create` | Create a service account for lvmnode or not| `true`| +| `serviceAccount.lvmNode.name` | Name for the lvmnode service account| `openebs-lvm-node-sa`| +| `serviceAccount.lvmController.create` | Create a service account for lvm localpv controller or not| `true`| +| `serviceAccount.lvmController.name` | Name for the lvm localpv controller service account| `openebs-lvm-controller-sa`| +| `analytics.enabled` | Enable or Disable google analytics for the controller| `true`| + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```bash +helm install -f values.yaml openebs/lvm-localpv +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/lvmnode.yaml b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/lvmnode.yaml new file mode 100644 index 000000000..d2aed0c65 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/lvmnode.yaml @@ -0,0 +1,110 @@ + + +############################################## +########### ############ +########### LVMNode CRD ############ +########### ############ +############################################## + +# LVMNode CRD is autogenerated via `make manifests` command. +# Do the modification in the code and run the `make manifests` command +# to generate the CRD definition + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: lvmnodes.local.openebs.io +spec: + group: local.openebs.io + names: + kind: LVMNode + listKind: LVMNodeList + plural: lvmnodes + shortNames: + - lvmnode + singular: lvmnode + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: LVMNode records information about all lvm volume groups available + in a node. In general, the openebs node-agent creates the LVMNode object + & periodically synchronizing the volume groups available in the node. LVMNode + has an owner reference pointing to the corresponding node object. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + volumeGroups: + items: + description: VolumeGroup specifies attributes of a given vg exists on + node. + properties: + free: + anyOf: + - type: integer + - type: string + description: Free specifies the available capacity of volume group. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + lvCount: + description: LVCount denotes total number of logical volumes in + volume group. + format: int32 + minimum: 0 + type: integer + name: + description: Name of the lvm volume group. + minLength: 1 + type: string + pvCount: + description: PVCount denotes total number of physical volumes constituting + the volume group. + format: int32 + minimum: 0 + type: integer + size: + anyOf: + - type: integer + - type: string + description: Size specifies the total size of volume group. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + uuid: + description: UUID denotes a unique identity of a lvm volume group. + minLength: 1 + type: string + required: + - free + - lvCount + - name + - pvCount + - size + - uuid + type: object + type: array + required: + - volumeGroups + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/lvmsnapshot.yaml b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/lvmsnapshot.yaml new file mode 100644 index 000000000..63458c13d --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/lvmsnapshot.yaml @@ -0,0 +1,109 @@ + + +############################################## +########### ############ +########### LVMSnapshot CRD ############ +########### ############ +############################################## + +# LVMSnapshot CRD is autogenerated via `make manifests` command. +# Do the modification in the code and run the `make manifests` command +# to generate the CRD definition + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: lvmsnapshots.local.openebs.io +spec: + group: local.openebs.io + names: + kind: LVMSnapshot + listKind: LVMSnapshotList + plural: lvmsnapshots + singular: lvmsnapshot + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: LVMSnapshot represents an LVM Snapshot of the lvm volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VolumeInfo defines LVM info + properties: + capacity: + description: Capacity of the volume + minLength: 1 + type: string + ownerNodeID: + description: OwnerNodeID is the Node ID where the volume group is + present which is where the volume has been provisioned. OwnerNodeID + can not be edited after the volume has been provisioned. + minLength: 1 + type: string + shared: + description: Shared specifies whether the volume can be shared among + multiple pods. If it is not set to "yes", then the LVM LocalPV Driver + will not allow the volumes to be mounted by more than one pods. + enum: + - "yes" + - "no" + type: string + thinProvision: + description: ThinProvision specifies whether logical volumes can be + thinly provisioned. If it is set to "yes", then the LVM LocalPV + Driver will create thinProvision i.e. logical volumes that are larger + than the available extents. + enum: + - "yes" + - "no" + type: string + vgPattern: + description: VgPattern specifies the regex to choose volume groups + where volume needs to be created. + type: string + volGroup: + description: VolGroup specifies the name of the volume group where + the volume has been created. + type: string + required: + - capacity + - ownerNodeID + - vgPattern + - volGroup + type: object + status: + description: SnapStatus string that reflects if the snapshot was created + successfully + properties: + state: + type: string + type: object + required: + - spec + - status + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/lvmvolume.yaml b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/lvmvolume.yaml new file mode 100644 index 000000000..f6c61e26c --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/lvmvolume.yaml @@ -0,0 +1,153 @@ + + +############################################## +########### ############ +########### LVMVolume CRD ############ +########### ############ +############################################## + +# LVMVolume CRD is autogenerated via `make manifests` command. +# Do the modification in the code and run the `make manifests` command +# to generate the CRD definition + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: lvmvolumes.local.openebs.io +spec: + group: local.openebs.io + names: + kind: LVMVolume + listKind: LVMVolumeList + plural: lvmvolumes + shortNames: + - lvmvol + singular: lvmvolume + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: volume group where the volume is created + jsonPath: .spec.volGroup + name: VolGroup + type: string + - description: Node where the volume is created + jsonPath: .spec.ownerNodeID + name: Node + type: string + - description: Size of the volume + jsonPath: .spec.capacity + name: Size + type: string + - description: Status of the volume + jsonPath: .status.state + name: Status + type: string + - description: Age of the volume + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: LVMVolume represents a LVM based volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VolumeInfo defines LVM info + properties: + capacity: + description: Capacity of the volume + minLength: 1 + type: string + ownerNodeID: + description: OwnerNodeID is the Node ID where the volume group is + present which is where the volume has been provisioned. OwnerNodeID + can not be edited after the volume has been provisioned. + minLength: 1 + type: string + shared: + description: Shared specifies whether the volume can be shared among + multiple pods. If it is not set to "yes", then the LVM LocalPV Driver + will not allow the volumes to be mounted by more than one pods. + enum: + - "yes" + - "no" + type: string + thinProvision: + description: ThinProvision specifies whether logical volumes can be + thinly provisioned. If it is set to "yes", then the LVM LocalPV + Driver will create thinProvision i.e. logical volumes that are larger + than the available extents. + enum: + - "yes" + - "no" + type: string + vgPattern: + description: VgPattern specifies the regex to choose volume groups + where volume needs to be created. + type: string + volGroup: + description: VolGroup specifies the name of the volume group where + the volume has been created. + type: string + required: + - capacity + - ownerNodeID + - vgPattern + - volGroup + type: object + status: + description: VolStatus string that specifies the current state of the + volume provisioning request. + properties: + error: + description: Error denotes the error occurred during provisioning/expanding + a volume. Error field should only be set when State becomes Failed. + properties: + code: + description: VolumeErrorCode represents the error code to represent + specific class of errors. + type: string + message: + type: string + type: object + state: + description: State specifies the current state of the volume provisioning + request. The state "Pending" means that the volume creation request + has not processed yet. The state "Ready" means that the volume has + been created and it is ready for the use. "Failed" means that volume + provisioning has been failed and will not be retried by node agent + controller. + enum: + - Pending + - Ready + - Failed + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/volumesnapshotclasses.yaml b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/volumesnapshotclasses.yaml new file mode 100644 index 000000000..afd637b19 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/volumesnapshotclasses.yaml @@ -0,0 +1,112 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshotclasses.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshotClass + listKind: VolumeSnapshotClassList + plural: volumesnapshotclasses + singular: volumesnapshotclass + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .driver + name: Driver + type: string + - description: Determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .deletionPolicy + name: DeletionPolicy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshotClass specifies parameters that a underlying storage system uses when creating a volume snapshot. A specific VolumeSnapshotClass is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses are non-namespaced + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + deletionPolicy: + description: deletionPolicy determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the storage driver that handles this VolumeSnapshotClass. Required. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + parameters: + additionalProperties: + type: string + description: parameters is a key-value map with storage driver specific parameters for creating snapshots. These values are opaque to Kubernetes. + type: object + required: + - deletionPolicy + - driver + type: object + served: true + storage: false + subresources: {} + - additionalPrinterColumns: + - jsonPath: .driver + name: Driver + type: string + - description: Determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .deletionPolicy + name: DeletionPolicy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VolumeSnapshotClass specifies parameters that a underlying storage system uses when creating a volume snapshot. A specific VolumeSnapshotClass is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses are non-namespaced + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + deletionPolicy: + description: deletionPolicy determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the storage driver that handles this VolumeSnapshotClass. Required. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + parameters: + additionalProperties: + type: string + description: parameters is a key-value map with storage driver specific parameters for creating snapshots. These values are opaque to Kubernetes. + type: object + required: + - deletionPolicy + - driver + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] + + diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/volumesnapshotcontents.yaml b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/volumesnapshotcontents.yaml new file mode 100644 index 000000000..c57a2e4a6 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/volumesnapshotcontents.yaml @@ -0,0 +1,291 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshotcontents.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshotContent + listKind: VolumeSnapshotContentList + plural: volumesnapshotcontents + singular: volumesnapshotcontent + scope: Cluster + versions: + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: Represents the complete size of the snapshot in bytes + jsonPath: .status.restoreSize + name: RestoreSize + type: integer + - description: Determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .spec.deletionPolicy + name: DeletionPolicy + type: string + - description: Name of the CSI driver used to create the physical snapshot on the underlying storage system. + jsonPath: .spec.driver + name: Driver + type: string + - description: Name of the VolumeSnapshotClass to which this snapshot belongs. + jsonPath: .spec.volumeSnapshotClassName + name: VolumeSnapshotClass + type: string + - description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.name + name: VolumeSnapshot + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshotContent represents the actual "on-disk" snapshot object in the underlying storage system + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: spec defines properties of a VolumeSnapshotContent created by the underlying storage system. Required. + properties: + deletionPolicy: + description: deletionPolicy determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. For dynamically provisioned snapshots, this field will automatically be filled in by the CSI snapshotter sidecar with the "DeletionPolicy" field defined in the corresponding VolumeSnapshotClass. For pre-existing snapshots, users MUST specify this field when creating the VolumeSnapshotContent object. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the CSI driver used to create the physical snapshot on the underlying storage system. This MUST be the same as the name returned by the CSI GetPluginName() call for that driver. Required. + type: string + source: + description: source specifies whether the snapshot is (or should be) dynamically provisioned or already exists, and just requires a Kubernetes object representation. This field is immutable after creation. Required. + properties: + snapshotHandle: + description: snapshotHandle specifies the CSI "snapshot_id" of a pre-existing snapshot on the underlying storage system for which a Kubernetes object representation was (or should be) created. This field is immutable. + type: string + volumeHandle: + description: volumeHandle specifies the CSI "volume_id" of the volume from which a snapshot should be dynamically taken from. This field is immutable. + type: string + type: object + oneOf: + - required: ["snapshotHandle"] + - required: ["volumeHandle"] + volumeSnapshotClassName: + description: name of the VolumeSnapshotClass from which this snapshot was (or will be) created. Note that after provisioning, the VolumeSnapshotClass may be deleted or recreated with different set of values, and as such, should not be referenced post-snapshot creation. + type: string + volumeSnapshotRef: + description: volumeSnapshotRef specifies the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName field must reference to this VolumeSnapshotContent's name for the bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent object, name and namespace of the VolumeSnapshot object MUST be provided for binding to happen. This field is immutable after creation. Required. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + required: + - deletionPolicy + - driver + - source + - volumeSnapshotRef + type: object + status: + description: status represents the current information of a snapshot. + properties: + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it indicates the creation time is unknown. The format of this field is a Unix nanoseconds time encoded as an int64. On Unix, the command `date +%s%N` returns the current time in nanoseconds since 1970-01-01 00:00:00 UTC. + format: int64 + type: integer + error: + description: error is the last observed error during snapshot creation, if any. Upon success after retry, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if a snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + description: restoreSize represents the complete size of the snapshot in bytes. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + format: int64 + minimum: 0 + type: integer + snapshotHandle: + description: snapshotHandle is the CSI "snapshot_id" of a snapshot on the underlying storage system. If not specified, it indicates that dynamic snapshot creation has either failed or it is still in progress. + type: string + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: Represents the complete size of the snapshot in bytes + jsonPath: .status.restoreSize + name: RestoreSize + type: integer + - description: Determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .spec.deletionPolicy + name: DeletionPolicy + type: string + - description: Name of the CSI driver used to create the physical snapshot on the underlying storage system. + jsonPath: .spec.driver + name: Driver + type: string + - description: Name of the VolumeSnapshotClass to which this snapshot belongs. + jsonPath: .spec.volumeSnapshotClassName + name: VolumeSnapshotClass + type: string + - description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.name + name: VolumeSnapshot + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VolumeSnapshotContent represents the actual "on-disk" snapshot object in the underlying storage system + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: spec defines properties of a VolumeSnapshotContent created by the underlying storage system. Required. + properties: + deletionPolicy: + description: deletionPolicy determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. For dynamically provisioned snapshots, this field will automatically be filled in by the CSI snapshotter sidecar with the "DeletionPolicy" field defined in the corresponding VolumeSnapshotClass. For pre-existing snapshots, users MUST specify this field when creating the VolumeSnapshotContent object. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the CSI driver used to create the physical snapshot on the underlying storage system. This MUST be the same as the name returned by the CSI GetPluginName() call for that driver. Required. + type: string + source: + description: source specifies whether the snapshot is (or should be) dynamically provisioned or already exists, and just requires a Kubernetes object representation. This field is immutable after creation. Required. + properties: + snapshotHandle: + description: snapshotHandle specifies the CSI "snapshot_id" of a pre-existing snapshot on the underlying storage system for which a Kubernetes object representation was (or should be) created. This field is immutable. + type: string + volumeHandle: + description: volumeHandle specifies the CSI "volume_id" of the volume from which a snapshot should be dynamically taken from. This field is immutable. + type: string + type: object + volumeSnapshotClassName: + description: name of the VolumeSnapshotClass from which this snapshot was (or will be) created. Note that after provisioning, the VolumeSnapshotClass may be deleted or recreated with different set of values, and as such, should not be referenced post-snapshot creation. + type: string + volumeSnapshotRef: + description: volumeSnapshotRef specifies the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName field must reference to this VolumeSnapshotContent's name for the bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent object, name and namespace of the VolumeSnapshot object MUST be provided for binding to happen. This field is immutable after creation. Required. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + required: + - deletionPolicy + - driver + - source + - volumeSnapshotRef + type: object + status: + description: status represents the current information of a snapshot. + properties: + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it indicates the creation time is unknown. The format of this field is a Unix nanoseconds time encoded as an int64. On Unix, the command `date +%s%N` returns the current time in nanoseconds since 1970-01-01 00:00:00 UTC. + format: int64 + type: integer + error: + description: error is the last observed error during snapshot creation, if any. Upon success after retry, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if a snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + description: restoreSize represents the complete size of the snapshot in bytes. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + format: int64 + minimum: 0 + type: integer + snapshotHandle: + description: snapshotHandle is the CSI "snapshot_id" of a snapshot on the underlying storage system. If not specified, it indicates that dynamic snapshot creation has either failed or it is still in progress. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/volumesnapshots.yaml b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/volumesnapshots.yaml new file mode 100644 index 000000000..13d894144 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/crds/volumesnapshots.yaml @@ -0,0 +1,225 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshots.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshot + listKind: VolumeSnapshotList + plural: volumesnapshots + singular: volumesnapshot + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: If a new snapshot needs to be created, this contains the name of the source PVC from which this snapshot was (or will be) created. + jsonPath: .spec.source.persistentVolumeClaimName + name: SourcePVC + type: string + - description: If a snapshot already exists, this contains the name of the existing VolumeSnapshotContent object representing the existing snapshot. + jsonPath: .spec.source.volumeSnapshotContentName + name: SourceSnapshotContent + type: string + - description: Represents the minimum size of volume required to rehydrate from this snapshot. + jsonPath: .status.restoreSize + name: RestoreSize + type: string + - description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. + jsonPath: .spec.volumeSnapshotClassName + name: SnapshotClass + type: string + - description: Name of the VolumeSnapshotContent object to which the VolumeSnapshot object intends to bind to. Please note that verification of binding actually requires checking both VolumeSnapshot and VolumeSnapshotContent to ensure both are pointing at each other. Binding MUST be verified prior to usage of this object. + jsonPath: .status.boundVolumeSnapshotContentName + name: SnapshotContent + type: string + - description: Timestamp when the point-in-time snapshot was taken by the underlying storage system. + jsonPath: .status.creationTime + name: CreationTime + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshot is a user's request for either creating a point-in-time snapshot of a persistent volume, or binding to a pre-existing snapshot. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: 'spec defines the desired characteristics of a snapshot requested by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots Required.' + properties: + source: + description: source specifies where a snapshot will be created from. This field is immutable after creation. Required. + properties: + persistentVolumeClaimName: + description: persistentVolumeClaimName specifies the name of the PersistentVolumeClaim object representing the volume from which a snapshot should be created. This PVC is assumed to be in the same namespace as the VolumeSnapshot object. This field should be set if the snapshot does not exists, and needs to be created. This field is immutable. + type: string + volumeSnapshotContentName: + description: volumeSnapshotContentName specifies the name of a pre-existing VolumeSnapshotContent object representing an existing volume snapshot. This field should be set if the snapshot already exists and only needs a representation in Kubernetes. This field is immutable. + type: string + type: object + oneOf: + - required: ["persistentVolumeClaimName"] + - required: ["volumeSnapshotContentName"] + volumeSnapshotClassName: + description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass requested by the VolumeSnapshot. VolumeSnapshotClassName may be left nil to indicate that the default SnapshotClass should be used. A given cluster may have multiple default Volume SnapshotClasses: one default per CSI Driver. If a VolumeSnapshot does not specify a SnapshotClass, VolumeSnapshotSource will be checked to figure out what the associated CSI Driver is, and the default VolumeSnapshotClass associated with that CSI Driver will be used. If more than one VolumeSnapshotClass exist for a given CSI Driver and more than one have been marked as default, CreateSnapshot will fail and generate an event. Empty string is not allowed for this field.' + type: string + required: + - source + type: object + status: + description: status represents the current information of a snapshot. Consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object. + properties: + boundVolumeSnapshotContentName: + description: 'boundVolumeSnapshotContentName is the name of the VolumeSnapshotContent object to which this VolumeSnapshot object intends to bind to. If not specified, it indicates that the VolumeSnapshot object has not been successfully bound to a VolumeSnapshotContent object yet. NOTE: To avoid possible security issues, consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object.' + type: string + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it may indicate that the creation time of the snapshot is unknown. + format: date-time + type: string + error: + description: error is the last observed error during snapshot creation, if any. This field could be helpful to upper level controllers(i.e., application controller) to decide whether they should continue on waiting for the snapshot to be created based on the type of error reported. The snapshot controller will keep retrying when an error occurs during the snapshot creation. Upon success, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if the snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + type: string + description: restoreSize represents the minimum size of volume required to create a volume from this snapshot. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: If a new snapshot needs to be created, this contains the name of the source PVC from which this snapshot was (or will be) created. + jsonPath: .spec.source.persistentVolumeClaimName + name: SourcePVC + type: string + - description: If a snapshot already exists, this contains the name of the existing VolumeSnapshotContent object representing the existing snapshot. + jsonPath: .spec.source.volumeSnapshotContentName + name: SourceSnapshotContent + type: string + - description: Represents the minimum size of volume required to rehydrate from this snapshot. + jsonPath: .status.restoreSize + name: RestoreSize + type: string + - description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. + jsonPath: .spec.volumeSnapshotClassName + name: SnapshotClass + type: string + - description: Name of the VolumeSnapshotContent object to which the VolumeSnapshot object intends to bind to. Please note that verification of binding actually requires checking both VolumeSnapshot and VolumeSnapshotContent to ensure both are pointing at each other. Binding MUST be verified prior to usage of this object. + jsonPath: .status.boundVolumeSnapshotContentName + name: SnapshotContent + type: string + - description: Timestamp when the point-in-time snapshot was taken by the underlying storage system. + jsonPath: .status.creationTime + name: CreationTime + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VolumeSnapshot is a user's request for either creating a point-in-time snapshot of a persistent volume, or binding to a pre-existing snapshot. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: 'spec defines the desired characteristics of a snapshot requested by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots Required.' + properties: + source: + description: source specifies where a snapshot will be created from. This field is immutable after creation. Required. + properties: + persistentVolumeClaimName: + description: persistentVolumeClaimName specifies the name of the PersistentVolumeClaim object representing the volume from which a snapshot should be created. This PVC is assumed to be in the same namespace as the VolumeSnapshot object. This field should be set if the snapshot does not exists, and needs to be created. This field is immutable. + type: string + volumeSnapshotContentName: + description: volumeSnapshotContentName specifies the name of a pre-existing VolumeSnapshotContent object representing an existing volume snapshot. This field should be set if the snapshot already exists and only needs a representation in Kubernetes. This field is immutable. + type: string + type: object + volumeSnapshotClassName: + description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass requested by the VolumeSnapshot. VolumeSnapshotClassName may be left nil to indicate that the default SnapshotClass should be used. A given cluster may have multiple default Volume SnapshotClasses: one default per CSI Driver. If a VolumeSnapshot does not specify a SnapshotClass, VolumeSnapshotSource will be checked to figure out what the associated CSI Driver is, and the default VolumeSnapshotClass associated with that CSI Driver will be used. If more than one VolumeSnapshotClass exist for a given CSI Driver and more than one have been marked as default, CreateSnapshot will fail and generate an event. Empty string is not allowed for this field.' + type: string + required: + - source + type: object + status: + description: status represents the current information of a snapshot. Consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object. + properties: + boundVolumeSnapshotContentName: + description: 'boundVolumeSnapshotContentName is the name of the VolumeSnapshotContent object to which this VolumeSnapshot object intends to bind to. If not specified, it indicates that the VolumeSnapshot object has not been successfully bound to a VolumeSnapshotContent object yet. NOTE: To avoid possible security issues, consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object.' + type: string + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it may indicate that the creation time of the snapshot is unknown. + format: date-time + type: string + error: + description: error is the last observed error during snapshot creation, if any. This field could be helpful to upper level controllers(i.e., application controller) to decide whether they should continue on waiting for the snapshot to be created based on the type of error reported. The snapshot controller will keep retrying when an error occurs during the snapshot creation. Upon success, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if the snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + type: string + description: restoreSize represents the minimum size of volume required to create a volume from this snapshot. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/NOTES.txt b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/NOTES.txt new file mode 100644 index 000000000..cc5aaf67f --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/NOTES.txt @@ -0,0 +1,5 @@ +The OpenEBS LVM LocalPV has been installed. Check its status by running: +$ kubectl get pods -n {{ .Release.Namespace }} -l role=openebs-lvm + +For more information, visit our Slack at https://openebs.io/community or view +the documentation online at http://docs.openebs.io/. diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/_helpers.tpl b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/_helpers.tpl new file mode 100644 index 000000000..ab3590fb9 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/_helpers.tpl @@ -0,0 +1,116 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "lvmlocalpv.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified localpv provisioner name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "lvmlocalpv.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "lvmlocalpv.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{/* +Create the name of the service account for controller +*/}} +{{- define "lvmlocalpv.lvmController.serviceAccountName" -}} +{{- if .Values.serviceAccount.lvmController.create }} +{{- default (include "lvmlocalpv.fullname" .) .Values.serviceAccount.lvmController.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.lvmController.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "lvmlocalpv.lvmNode.serviceAccountName" -}} +{{- if .Values.serviceAccount.lvmNode.create }} +{{- default (include "lvmlocalpv.fullname" .) .Values.serviceAccount.lvmNode.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.lvmNode.name }} +{{- end -}} +{{- end -}} + +{{/* +Define meta labels for openebs lvm-localpv components +*/}} +{{- define "lvmlocalpv.common.metaLabels" -}} +chart: {{ template "lvmlocalpv.chart" . }} +heritage: {{ .Release.Service }} +openebs.io/version: {{ .Values.release.version | quote }} +role: {{ .Values.role | quote }} +{{- end -}} + +{{/* +Create match labels for openebs lvm-localpv controller +*/}} +{{- define "lvmlocalpv.lvmController.matchLabels" -}} +app: {{ .Values.lvmController.componentName | quote }} +release: {{ .Release.Name }} +component: {{ .Values.lvmController.componentName | quote }} +{{- end -}} + +{{/* +Create component labels for lvmlocalpv controller +*/}} +{{- define "lvmlocalpv.lvmController.componentLabels" -}} +openebs.io/component-name: {{ .Values.lvmController.componentName | quote }} +{{- end -}} + + +{{/* +Create labels for openebs lvm-localpv controller +*/}} +{{- define "lvmlocalpv.lvmController.labels" -}} +{{ include "lvmlocalpv.common.metaLabels" . }} +{{ include "lvmlocalpv.lvmController.matchLabels" . }} +{{ include "lvmlocalpv.lvmController.componentLabels" . }} +{{- end -}} + +{{/* +Create match labels for openebs lvm-localpv node daemon +*/}} +{{- define "lvmlocalpv.lvmNode.matchLabels" -}} +name: {{ .Values.lvmNode.componentName | quote }} +release: {{ .Release.Name }} +{{- end -}} + +{{/* +Create component labels openebs lvm-localpv node daemon +*/}} +{{- define "lvmlocalpv.lvmNode.componentLabels" -}} +openebs.io/component-name: {{ .Values.lvmNode.componentName | quote }} +{{- end -}} + + +{{/* +Create labels for openebs lvm-localpv node daemon +*/}} +{{- define "lvmlocalpv.lvmNode.labels" -}} +{{ include "lvmlocalpv.common.metaLabels" . }} +{{ include "lvmlocalpv.lvmNode.matchLabels" . }} +{{ include "lvmlocalpv.lvmNode.componentLabels" . }} +{{- end -}} diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/csidriver.yaml b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/csidriver.yaml new file mode 100644 index 000000000..5eeac5427 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/csidriver.yaml @@ -0,0 +1,10 @@ +# Create the CSI Driver object +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: local.csi.openebs.io +spec: + # do not require volumeattachment + attachRequired: false + podInfoOnMount: true + storageCapacity: {{ .Values.storageCapacity }} diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/lvm-controller.yaml b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/lvm-controller.yaml new file mode 100644 index 000000000..0e09dbf9a --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/lvm-controller.yaml @@ -0,0 +1,147 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ template "lvmlocalpv.fullname" . }}-controller + {{- with .Values.lvmController.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "lvmlocalpv.lvmController.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "lvmlocalpv.lvmController.matchLabels" . | nindent 6 }} + serviceName: "{{ .Values.lvmController.serviceName }}" + replicas: {{ .Values.lvmController.replicas }} + template: + metadata: + {{- with .Values.lvmController.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "lvmlocalpv.lvmController.labels" . | nindent 8 }} + {{- with .Values.lvmController.podLabels}} + {{ toYaml . | nindent 8 }} + {{- end}} + spec: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - openebs-lvm-controller + topologyKey: "kubernetes.io/hostname" + priorityClassName: system-cluster-critical + serviceAccount: {{ .Values.serviceAccount.lvmController.name }} + containers: + - name: {{ .Values.lvmController.resizer.name }} + image: "{{ .Values.lvmController.resizer.image.registry }}{{ .Values.lvmController.resizer.image.repository }}:{{ .Values.lvmController.resizer.image.tag }}" + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + imagePullPolicy: {{ .Values.lvmController.resizer.image.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + resources: + {{- toYaml .Values.lvmController.resources | nindent 12 }} + - name: {{ .Values.lvmController.snapshotter.name }} + image: "{{ .Values.lvmController.snapshotter.image.registry }}{{ .Values.lvmController.snapshotter.image.repository }}:{{ .Values.lvmController.snapshotter.image.tag }}" + imagePullPolicy: {{ .Values.lvmController.snapshotter.image.pullPolicy }} + args: + - "--csi-address=$(ADDRESS)" + - "--leader-election" + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + resources: + {{- toYaml .Values.lvmController.resources | nindent 12 }} + - name: {{ .Values.lvmController.snapshotController.name }} + image: "{{ .Values.lvmController.snapshotController.image.registry }}{{ .Values.lvmController.snapshotController.image.repository }}:{{ .Values.lvmController.snapshotController.image.tag }}" + args: + - "--v=5" + - "--leader-election=true" + imagePullPolicy: {{ .Values.lvmController.snapshotController.image.pullPolicy }} + resources: + {{- toYaml .Values.lvmController.resources | nindent 12 }} + - name: {{ .Values.lvmController.provisioner.name }} + image: "{{ .Values.lvmController.provisioner.image.registry }}{{ .Values.lvmController.provisioner.image.repository }}:{{ .Values.lvmController.provisioner.image.tag }}" + imagePullPolicy: {{ .Values.lvmController.provisioner.image.pullPolicy }} + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--feature-gates=Topology=true" + - "--strict-topology" + - "--leader-election" + - "--enable-capacity={{ .Values.storageCapacity }}" + - "--extra-create-metadata=true" + - "--default-fstype=ext4" + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + resources: + {{- toYaml .Values.lvmController.resources | nindent 12 }} + - name: {{ .Values.lvmPlugin.name }} + image: "{{ .Values.lvmPlugin.image.registry }}{{ .Values.lvmPlugin.image.repository }}:{{ .Values.lvmPlugin.image.tag }}" + imagePullPolicy: {{ .Values.lvmPlugin.image.pullPolicy }} + env: + - name: OPENEBS_CONTROLLER_DRIVER + value: controller + - name: OPENEBS_CSI_ENDPOINT + value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock + - name: LVM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPENEBS_IO_INSTALLER_TYPE + value: "lvm-localpv-helm" + - name: OPENEBS_IO_ENABLE_ANALYTICS + value: "{{ .Values.analytics.enabled }}" + args : + - "--endpoint=$(OPENEBS_CSI_ENDPOINT)" + - "--plugin=$(OPENEBS_CONTROLLER_DRIVER)" + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + resources: + {{- toYaml .Values.lvmController.resources | nindent 12 }} + volumes: + - name: socket-dir + emptyDir: {} +{{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 2 }} +{{- end }} +{{- if .Values.lvmController.nodeSelector }} + nodeSelector: +{{ toYaml .Values.lvmController.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.lvmController.securityContext }} + securityContext: +{{ toYaml .Values.lvmController.securityContext | indent 8 }} +{{- end }} +{{- if .Values.lvmController.tolerations }} + tolerations: +{{ toYaml .Values.lvmController.tolerations | indent 8 }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/lvm-node-service.yaml b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/lvm-node-service.yaml new file mode 100644 index 000000000..4825c2592 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/lvm-node-service.yaml @@ -0,0 +1,18 @@ +{{- if .Values.lvmPlugin.metricsPort }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "lvmlocalpv.fullname" . }}-node-service + labels: + {{- include "lvmlocalpv.lvmNode.labels" . | nindent 4 }} +spec: + clusterIP: None + ports: + - name: metrics + port: {{ .Values.lvmPlugin.metricsPort }} + targetPort: {{ .Values.lvmPlugin.metricsPort }} + selector: + {{- with .Values.lvmNode.podLabels }} + {{ toYaml . }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/lvm-node.yaml b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/lvm-node.yaml new file mode 100644 index 000000000..6d973c455 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/lvm-node.yaml @@ -0,0 +1,150 @@ +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: {{ template "lvmlocalpv.fullname" . }}-node + {{- with .Values.lvmNode.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "lvmlocalpv.lvmNode.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "lvmlocalpv.lvmNode.matchLabels" . | nindent 6 }} + updateStrategy: + rollingUpdate: + maxUnavailable: 100% + type: RollingUpdate + template: + metadata: + {{- with .Values.lvmNode.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "lvmlocalpv.lvmNode.labels" . | nindent 8 }} + {{- with .Values.lvmNode.podLabels}} + {{ toYaml . | nindent 8 }} + {{- end}} + spec: + priorityClassName: system-node-critical + serviceAccount: {{ .Values.serviceAccount.lvmNode.name }} + hostNetwork: true + containers: + - name: {{ .Values.lvmNode.driverRegistrar.name }} + image: "{{ .Values.lvmNode.driverRegistrar.image.registry }}{{ .Values.lvmNode.driverRegistrar.image.repository }}:{{ .Values.lvmNode.driverRegistrar.image.tag }}" + imagePullPolicy: {{ .Values.lvmNode.driverRegistrar.image.pullPolicy }} + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" + lifecycle: + preStop: + exec: + command: ["/bin/sh", "-c", "rm -rf /registration/lvm-localpv /registration/lvm-localpv-reg.sock"] + env: + - name: ADDRESS + value: /plugin/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: {{ .Values.lvmNode.kubeletDir }}plugins/lvm-localpv/csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: NODE_DRIVER + value: openebs-lvm + volumeMounts: + - name: plugin-dir + mountPath: /plugin + - name: registration-dir + mountPath: /registration + resources: + {{- toYaml .Values.lvmNode.resources | nindent 12 }} + - name: {{ .Values.lvmPlugin.name }} + securityContext: + privileged: true + allowPrivilegeEscalation: true + image: "{{ .Values.lvmPlugin.image.registry }}{{ .Values.lvmPlugin.image.repository }}:{{ .Values.lvmPlugin.image.tag }}" + imagePullPolicy: {{ .Values.lvmPlugin.image.pullPolicy }} + args: + - "--nodeid=$(OPENEBS_NODE_ID)" + - "--endpoint=$(OPENEBS_CSI_ENDPOINT)" + - "--plugin=$(OPENEBS_NODE_DRIVER)" + {{- if .Values.lvmPlugin.ioLimits.enabled }} + - "--setiolimits" + - "--container-runtime=$(CONTAINER_RUNTIME)" + - "--riops-per-gb=$(RIOPS_PER_GB)" + - "--wiops-per-gb=$(WIOPS_PER_GB)" + {{- end }} + {{- if .Values.lvmPlugin.metricsPort }} + - "--listen-address=$(METRICS_LISTEN_ADDRESS)" + {{- end }} + env: + - name: OPENEBS_NODE_ID + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: OPENEBS_CSI_ENDPOINT + value: unix:///plugin/csi.sock + - name: OPENEBS_NODE_DRIVER + value: agent + - name: LVM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- if .Values.lvmPlugin.ioLimits.enabled }} + - name: CONTAINER_RUNTIME + value: {{ .Values.lvmPlugin.ioLimits.containerRuntime }} + - name: RIOPS_PER_GB + value: {{ .Values.lvmPlugin.ioLimits.readIopsPerGB }} + - name: WIOPS_PER_GB + value: {{ .Values.lvmPlugin.ioLimits.writeIopsPerGB }} + {{- end }} + {{- if .Values.lvmPlugin.metricsPort }} + - name: METRICS_LISTEN_ADDRESS + value: :{{ .Values.lvmPlugin.metricsPort }} + {{- end }} + volumeMounts: + - name: plugin-dir + mountPath: /plugin + - name: device-dir + mountPath: /dev + - name: pods-mount-dir + mountPath: {{ .Values.lvmNode.kubeletDir }} + # needed so that any mounts setup inside this container are + # propagated back to the host machine. + mountPropagation: "Bidirectional" + resources: + {{- toYaml .Values.lvmNode.resources | nindent 12 }} + volumes: + - name: device-dir + hostPath: + path: /dev + type: Directory + - name: registration-dir + hostPath: + path: {{ .Values.lvmNode.kubeletDir }}plugins_registry/ + type: DirectoryOrCreate + - name: plugin-dir + hostPath: + path: {{ .Values.lvmNode.kubeletDir }}plugins/lvm-localpv/ + type: DirectoryOrCreate + - name: pods-mount-dir + hostPath: + path: {{ .Values.lvmNode.kubeletDir }} + type: Directory +{{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 2 }} +{{- end }} +{{- if .Values.lvmNode.nodeSelector }} + nodeSelector: +{{ toYaml .Values.lvmNode.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.lvmNode.securityContext }} + securityContext: +{{ toYaml .Values.lvmNode.securityContext | indent 8 }} +{{- end }} +{{- if .Values.lvmNode.tolerations }} + tolerations: +{{ toYaml .Values.lvmNode.tolerations | indent 8 }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/psp.yaml b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/psp.yaml new file mode 100644 index 000000000..7472d7c66 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/psp.yaml @@ -0,0 +1,24 @@ +{{- if .Values.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: openebs-lvm-node-psp + labels: + {{- include "lvmlocalpv.lvmNode.labels" . | nindent 4 }} +spec: + privileged: true + allowPrivilegeEscalation: true + allowedCapabilities: ['*'] + volumes: ['*'] + hostNetwork: true + hostIPC: true + hostPID: true + runAsUser: + rule: 'RunAsAny' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'RunAsAny' + fsGroup: + rule: 'RunAsAny' +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/rbac.yaml b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/rbac.yaml new file mode 100644 index 000000000..5f54948cd --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/templates/rbac.yaml @@ -0,0 +1,197 @@ +{{- if .Values.serviceAccount.lvmController.create -}} +kind: ServiceAccount +apiVersion: v1 +metadata: + name: {{ .Values.serviceAccount.lvmController.name }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "lvmlocalpv.lvmController.labels" . | nindent 4 }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-lvm-provisioner-role + labels: + {{- include "lvmlocalpv.lvmController.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumes", "services"] + verbs: ["get", "list", "watch", "create", "delete", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses", "csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [ "storage.k8s.io" ] + resources: [ "csistoragecapacities"] + verbs: ["*"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["local.openebs.io"] + resources: ["lvmvolumes", "lvmsnapshots", "lvmnodes"] + verbs: ["*"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-lvm-provisioner-binding + labels: + {{- include "lvmlocalpv.lvmController.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.lvmController.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-lvm-provisioner-role + apiGroup: rbac.authorization.k8s.io +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-lvm-snapshotter-role + labels: + {{- include "lvmlocalpv.lvmController.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["update"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots/status"] + verbs: ["update"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-lvm-snapshotter-binding + labels: + {{- include "lvmlocalpv.lvmController.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.lvmController.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-lvm-snapshotter-role + apiGroup: rbac.authorization.k8s.io +--- +{{- end }} +{{- if .Values.serviceAccount.lvmNode.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.lvmNode.name }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "lvmlocalpv.lvmNode.labels" . | nindent 4 }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-lvm-driver-registrar-role + labels: + {{- include "lvmlocalpv.lvmNode.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumes", "nodes", "services"] + verbs: ["get", "list"] + - apiGroups: ["local.openebs.io"] + resources: ["lvmvolumes", "lvmsnapshots", "lvmnodes"] + verbs: ["get", "list", "watch", "create", "update", "patch"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-lvm-driver-registrar-binding + labels: + {{- include "lvmlocalpv.lvmNode.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.lvmNode.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-lvm-driver-registrar-role + apiGroup: rbac.authorization.k8s.io + +{{- if .Values.rbac.pspEnabled }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-lvm-node-role + labels: + {{- include "lvmlocalpv.lvmNode.labels" . | nindent 4 }} +rules: +- apiGroups: ['policy'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - openebs-lvm-node-psp +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: openebs-lvm-node-binding + labels: + {{- include "lvmlocalpv.lvmNode.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: openebs-lvm-node-role +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.lvmNode.name }} + namespace: {{ $.Release.Namespace }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/lvm-localpv/values.yaml b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/values.yaml new file mode 100644 index 000000000..e398a7aed --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/lvm-localpv/values.yaml @@ -0,0 +1,159 @@ +# Default values for openebs-lvmlocalpv. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +release: + version: "0.7.0" + +imagePullSecrets: +# - name: "image-pull-secret" + +# enable storage capacity tracking feature +# Ref: https://kubernetes:io/docs/concepts/storage/storage-capacity +storageCapacity: true + +rbac: + # rbac.pspEnabled: `true` if PodSecurityPolicy resources should be created + pspEnabled: false + +# lvmNode contains the configurables for +# the lvm node daemonset +lvmNode: + componentName: openebs-lvm-node + driverRegistrar: + name: "csi-node-driver-registrar" + image: + # Make sure that registry name end with a '/'. + # For example : k8s.gcr.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-node-driver-registrar + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v2.1.0 + updateStrategy: + type: RollingUpdate + annotations: {} + podAnnotations: {} + # This can be configured to run on various different k8s distributions like + # microk8s where kubelet dir is different + kubeletDir: "/var/lib/kubelet/" + resources: {} +# limits: +# cpu: 10m +# memory: 32Mi +# requests: +# cpu: 10m +# memory: 32Mi + ## Labels to be added to openebs-lvm node pods + podLabels: + name: openebs-lvm-node + nodeSelector: {} + tolerations: [] + securityContext: {} + labels: {} + +# lvmController contains the configurables for +# the lvm controller statefulset +lvmController: + componentName: openebs-lvm-controller + replicas: 1 + serviceName: openebs-lvm + resizer: + name: "csi-resizer" + image: + # Make sure that registry name end with a '/'. + # For example : k8s.gcr.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-resizer + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v1.1.0 + snapshotter: + name: "csi-snapshotter" + image: + # Make sure that registry name end with a '/'. + # For example : k8s.gcr.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-snapshotter + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v4.0.0 + snapshotController: + name: "snapshot-controller" + image: + # Make sure that registry name end with a '/'. + # For example : k8s.gcr.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/snapshot-controller + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v4.0.0 + provisioner: + name: "csi-provisioner" + image: + # Make sure that registry name end with a '/'. + # For example : k8s.gcr.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-provisioner + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v2.1.0 + updateStrategy: + type: RollingUpdate + annotations: {} + podAnnotations: {} + resources: {} +# limits: +# cpu: 10m +# memory: 32Mi +# requests: +# cpu: 10m +# memory: 32Mi + ## Labels to be added to openebs-lvm controller pods + podLabels: + name: openebs-lvm-controller + nodeSelector: {} + tolerations: [] + securityContext: {} + +# lvmPlugin is the common csi container used by the +# controller statefulset and node daemonset +lvmPlugin: + name: "openebs-lvm-plugin" + image: + # Make sure that registry name end with a '/'. + # For example : k8s.gcr.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/lvm-driver + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 0.7.0 + ioLimits: + enabled: false + containerRuntime: containerd + readIopsPerGB: "" + writeIopsPerGB: "" + # The TCP port number used for exposing lvm-metrics. + # If not set, service will not be created to expose metrics endpoint to serviceMonitor and listen-address flag will not be set. + metricsPort: 9500 + +role: openebs-lvm + +crd: + enableInstall: true + +serviceAccount: + lvmController: + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: openebs-lvm-controller-sa + lvmNode: + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: openebs-lvm-node-sa + +analytics: + enabled: true diff --git a/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/Chart.yaml b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/Chart.yaml new file mode 100644 index 000000000..8d5e0b384 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/Chart.yaml @@ -0,0 +1,25 @@ +apiVersion: v2 +appVersion: 0.6.0 +description: Helm chart for OpenEBS Dynamic NFS PV. For instructions to install OpenEBS + Dynamic NFS PV using helm chart, refer to https://openebs.github.io/dynamic-nfs-provisioner. +home: http://www.openebs.io/ +icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/openebs/icon/color/openebs-icon-color.png +keywords: +- storage +- nfs +- dynamic-nfs-pv +- kubernetes +maintainers: +- email: kiran.mova@mayadata.io + name: kmova +- email: mayank.patel@mayadata.io + name: mynktl +- email: rahulkrishnanfs@gmail.com + name: rahulkrishnanra +- email: sai.chaithanya@mayadata.io + name: mittachaitu +name: nfs-provisioner +sources: +- https://github.com/openebs/dynamic-nfs-provisioner +type: application +version: 0.6.0 diff --git a/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/README.md b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/README.md new file mode 100644 index 000000000..a41f4d532 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/README.md @@ -0,0 +1,150 @@ +# OpenEBS NFS Provisioner + +[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) + +A Helm chart for openebs dynamic nfs provisioner. This chart bootstraps OpenEBS Dynamic NFS Provisioner deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| kmova | kiran.mova@mayadata.io | | +| mynktl | mayank.patel@mayadata.io | | +| rahulkrishnanra | rahulkrishnanfs@gmail.com | | +| mittachaitu | sai.chaithanya@mayadata.io | | + + +## Get Repo Info + +```console +helm repo add openebs-nfs https://openebs.github.io/dynamic-nfs-provisioner +helm repo update +``` + +_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + +## Install Chart + +Run the following command to install the OpenEBS Dynamic NFS Provisioner helm chart using the default StorageClass as the Backend StorageClass: + +```console +# Helm +helm install [RELEASE_NAME] openebs-nfs/nfs-provisioner --namespace [NAMESPACE] --create-namespace +``` + +The chart requires a StorageClass to provision the backend volume for the NFS share. You can use the `--set-string nfsStorageClass.backendStorageClass=` flag in the `helm install` command to specify the Backend StorageClass. If a StorageClass is not specified, the default StorageClass is used. + +Use the command below to get the name of the default StorageClasses in your cluster: + +```console +kubectl get sc -o=jsonpath='{range .items[?(@.metadata.annotations.storageclass\.kubernetes\.io/is-default-class=="true")]}{@.metadata.name}{"\n"}{end}' +``` + +Sample command to install the OpenEBS Dynamic NFS Provisioner helm chart using the default StorageClass as BackendStorageClass: + +```console +helm install openebs-nfs openebs-nfs/nfs-provisioner --namespace openebs --create-namespace +``` + +If you do not have an available StorageClass, you can install the [OpenEBS Dynamic LocalPV Provisioner helm chart](https://openebs.github.io/dynamic-localpv-provisioner) and use the 'openebs-hostpath' StorageClass as Backend Storage Class. Sample commands: + +```console +# Add openebs-localpv repo +helm repo add openebs-localpv https://openebs.github.io/dynamic-localpv-provisioner +helm repo update + +# Install localpv-provisioner +helm install openebs-localpv openebs-localpv/localpv-provisioner -n openebs --create-namespace \ + --set openebsNDM.enabled=false \ + --set deviceClass.enabled=false + +# Install nfs-provisioner +helm install openebs-nfs openebs-nfs/nfs-provisioner -n openebs \ + --set-string nfsStorageClass.backendStorageClass="openebs-hostpath" +``` + +Please visit this [link](https://helm.sh/docs/) for helm 3 installation instructions. + +_See [configuration](#configuration) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + + +## Uninstall Chart + +```console +# Helm +helm uninstall [RELEASE_NAME] --namespace [NAMESPACE] +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +## Upgrading Chart + +```console +# Helm +helm upgrade [RELEASE_NAME] [CHART] --install --namespace [NAMESPACE] +``` + + +## Configuration + +The following table lists the configurable parameters of the OpenEBS Dynamic NFS Provisioner chart and their default values. You can modify different parameters by specifying the desired value in the `helm install` command by using the `--set` and/or the `--set-string` flag(s). + +In the following sample command we modify `nfsStorageClass.backendStorageClass` to specify the StorageClass to be used to provision the backend volume used for the NFS share. We also use `nfsStorageClass.isDefaultClass` to set an annotation such that the 'openebs-kernel-nfs' StorageClass is used as the default StorageClass for the cluster. + +```console +helm install openebs-nfs openebs-nfs/nfs-provisioner --namespace openebs --create-namespace \ + --set-string nfsStorageClass.backendStorageClass="openebs-hostpath" \ + --set nfsStorageClass.isDefaultClass=true +``` + +| Parameter | Description | Default | +| ------------------------------------- | --------------------------------------------- | ------------------------------- | +| `analytics.enabled` | Enable sending stats to Google Analytics | `true` | +| `fullnameOverride` | Set custom Full Name for resources. Defaults to ( Release-name + `nfsProvisioner.name` ) | `""` | +| `imagePullSecrets` | Provides image pull secret | `""` | +| `nameOverride` | Set custom name for resources. Defaults to `nfsProvisioner.name` | `""` | +| `nfsProvisioner.affinity` | NFS Provisioner pod affinity | `{}` | +| `nfsProvisioner.enabled` | Enable NFS Provisioner | `true` | +| `nfsProvisioner.enableLeaderElection` | Enable leader election | `true` | +| `nfsProvisioner.healthCheck.initialDelaySeconds` | Delay before liveness probe is initiated | `30` | +| `nfsProvisioner.healthCheck.periodSeconds` | How often to perform the liveness probe | `60` | +| `nfsProvisioner.image.registry` | Registry for NFS Provisioner image | `""` | +| `nfsProvisioner.image.repository` | Image repository for NFS Provisioner | `openebs/provisioner-nfs` | +| `nfsProvisioner.image.tag` | Image tag for NFS Provisioner | `0.6.0` | +| `nfsProvisioner.image.pullPolicy` | Image pull policy for NFS Provisioner image | `IfNotPresent` | +| `nfsProvisioner.annotations` | Annotations for NFS Provisioner metadata | `""` | +| `nfsProvisioner.nodeSelector` | Nodeselector for NFS Provisioner pod | `""` | +| `nfsProvisioner.nfsServerAlpineImage.registry` | Registry for nfs-server-alpine | `""` | +| `nfsProvisioner.nfsServerAlpineImage.repository` | Image repository for nfs-server-alpine | `openebs/nfs-server-alpine` | +| `nfsProvisioner.nfsServerAlpineImage.tag` | Image tag for nfs-server-alpine | `0.6.0` | +| `nfsProvisioner.resources` | Resource request and limit for the container | `true` | +| `nfsProvisioner.securityContext` | Security context for container | `""` | +| `nfsProvisioner.tolerations` | NFS Provisioner pod toleration values | `""` | +| `nfsProvisioner.nfsServerNamespace` | NFS server namespace | `"openebs"` | +| `nfsProvisioner.nfsServerNodeAffinity` | NFS Server node affinity rules | `""` | +| `nfsProvisioner.nfsBackendPvcTimeout` | Timeout for backend PVC binding in seconds | `"60"` | +| `nfsStorageClass.backendStorageClass` | StorageClass to be used to provision the backend volume. If not specified, the default StorageClass is used. | `""` | +| `nfsStorageClass.isDefaultClass` | Make 'openebs-kernel-nfs' the default StorageClass | `"false"` | +| `nfsStorageClass.reclaimPolicy` | ReclaimPolicy for NFS PVs | `"Delete"` | +| `nfsStorageClass.leaseTime` | Renewal period(in seconds) for NFS client state | `90` | +| `nfsStorageClass.graceTime` | Recovery period(in seconds) to reclaim locks for NFS client | `90` | +| `rbac.create` | Enable RBAC Resources | `true` | +| `rbac.pspEnabled` | Create pod security policy resources | `false` | + + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```console +helm install -f values.yaml ----namespace openebs openebs-nfs/nfs-provisioner --create-namespace +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) diff --git a/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/NOTES.txt b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/NOTES.txt new file mode 100644 index 000000000..93b598434 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/NOTES.txt @@ -0,0 +1,9 @@ +Thank you for installing {{ .Chart.Name }} 😀 + +Your release is named {{ .Release.Name }} and it's installed to namespace: {{ .Release.Namespace }}. + +The OpenEBS NFSPV Provisioner has been installed check its status by running: +$ kubectl get pods -n {{ .Release.Namespace }} + +For more information, visit our Slack at https://openebs.io/community or view +the documentation online at https://github.com/openebs/dynamic-nfs-provisioner/. diff --git a/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/_helpers.tpl b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/_helpers.tpl new file mode 100644 index 000000000..9df575f02 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/_helpers.tpl @@ -0,0 +1,77 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "nfsProvisioner.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "nfsProvisioner.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "nfsProvisioner.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "nfsProvisioner.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "nfsProvisioner.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Meta labels +*/}} +{{- define "nfsProvisioner.common.metaLabels" -}} +chart: {{ include "nfsProvisioner.chart" . }} +heritage: {{ .Release.Service }} +openebs.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} + +{{/* +Selector Labels +*/}} +{{- define "nfsProvisioner.selectorLabels" -}} +app: {{ include "nfsProvisioner.name" . }} +release: {{ .Release.Name }} +component: {{ .Values.nfsProvisioner.name }} +{{- end }} + +{{/* +Component labels +*/}} +{{- define "nfsProvisioner.componentLabels" -}} +openebs.io/component-name: openebs-{{ .Values.nfsProvisioner.name }} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "nfsProvisioner.labels" -}} +{{ include "nfsProvisioner.common.metaLabels" . }} +{{ include "nfsProvisioner.selectorLabels" . }} +{{ include "nfsProvisioner.componentLabels" . }} +{{- end -}} diff --git a/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/clusterrole.yaml b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/clusterrole.yaml new file mode 100644 index 000000000..a4accbc33 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/clusterrole.yaml @@ -0,0 +1,58 @@ +# Define Role that allows operations on K8s pods/deployments +{{- if .Values.rbac.create }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "nfsProvisioner.fullname" . }} + {{- with .Values.nfsProvisioner.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "nfsProvisioner.labels" . | nindent 4 }} +rules: + - apiGroups: ["*"] + resources: ["nodes", "nodes/proxy"] + verbs: ["*"] + - apiGroups: ["*"] + resources: ["namespaces", "services", "pods", "pods/exec", "deployments", "deployments/finalizers", "replicationcontrollers", "replicasets", "events", "endpoints", "configmaps", "secrets", "jobs", "cronjobs"] + verbs: ["*"] + - apiGroups: ["*"] + resources: ["statefulsets", "daemonsets"] + verbs: ["*"] + - apiGroups: ["*"] + resources: ["resourcequotas", "limitranges"] + verbs: ["list", "watch"] + - apiGroups: ["*"] + resources: ["ingresses", "horizontalpodautoscalers", "verticalpodautoscalers", "poddisruptionbudgets", "certificatesigningrequests"] + verbs: ["list", "watch"] + - apiGroups: ["*"] + resources: ["storageclasses", "persistentvolumeclaims", "persistentvolumes"] + verbs: ["*"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: [ "get", "list", "create", "update", "delete", "patch"] + - apiGroups: ["openebs.io"] + resources: [ "*"] + verbs: ["*"] + - nonResourceURLs: ["/metrics"] + verbs: ["get"] + +{{- if .Values.rbac.pspEnabled }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "nfsProvisioner.fullname" . }}-psp + {{- with .Values.nfsProvisioner.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "nfsProvisioner.labels" . | nindent 4 }} +rules: + - apiGroups: ['policy'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ include "nfsProvisioner.fullname" . }}-psp +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/clusterrolebinding.yaml b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/clusterrolebinding.yaml new file mode 100644 index 000000000..caca823ea --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/clusterrolebinding.yaml @@ -0,0 +1,43 @@ +--- +# Bind the Service Account with the Role Privileges. +{{- if .Values.rbac.create }} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "nfsProvisioner.fullname" . }} + {{- with .Values.nfsProvisioner.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "nfsProvisioner.labels" . | nindent 4 }} +roleRef: + kind: ClusterRole + name: {{ include "nfsProvisioner.fullname" . }} + apiGroup: rbac.authorization.k8s.io +subjects: + - kind: ServiceAccount + name: {{ include "nfsProvisioner.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + +{{- if .Values.rbac.pspEnabled }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "nfsProvisioner.fullname" . }}-psp + {{- with .Values.nfsProvisioner.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "nfsProvisioner.labels" . | nindent 4 }} +roleRef: + kind: ClusterRole + name: {{ include "nfsProvisioner.fullname" . }}-psp + apiGroup: rbac.authorization.k8s.io +subjects: + # Authorize specific service accounts: + - kind: ServiceAccount + name: {{ include "nfsProvisioner.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/deployment.yaml b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/deployment.yaml new file mode 100644 index 000000000..edfe33ad4 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/deployment.yaml @@ -0,0 +1,132 @@ +{{- if .Values.nfsProvisioner.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "nfsProvisioner.fullname" . }} + namespace: {{ .Release.Namespace }} + {{- if .Values.nfsProvisioner.annotations }} + annotations: {{- with .Values.nfsProvisioner.annotations }} + {{ toYaml . | nindent 4 }} + {{- end }} + {{- end }} + labels: + {{- include "nfsProvisioner.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "nfsProvisioner.selectorLabels" . | nindent 8 }} + replicas: 1 + strategy: + type: Recreate + rollingUpdate: null + template: + metadata: + labels: + {{- include "nfsProvisioner.labels" . | nindent 8 }} + {{- with .Values.nfsProvisioner.podLabels -}} + {{ toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "nfsProvisioner.serviceAccountName" . }} + {{- if .Values.podSecurityContext }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- end }} + containers: + - name: {{ include "nfsProvisioner.fullname" . }} + imagePullPolicy: {{ .Values.nfsProvisioner.image.pullPolicy }} + image: "{{ .Values.nfsProvisioner.image.registry }}{{ .Values.nfsProvisioner.image.repository }}:{{ default .Chart.AppVersion .Values.nfsProvisioner.image.tag }}" + {{- if .Values.nfsProvisioner.resources }} + resources: + {{- toYaml .Values.nfsProvisioner.resources | nindent 12 }} + {{ end }} + env: + # OPENEBS_IO_K8S_MASTER enables openebs provisioner to connect to K8s + # based on this address. This is ignored if empty. + # This is supported for openebs provisioner version 0.5.2 onwards + #- name: OPENEBS_IO_K8S_MASTER + # value: "http://10.128.0.12:8080" + # OPENEBS_IO_KUBE_CONFIG enables openebs provisioner to connect to K8s + # based on this config. This is ignored if empty. + # This is supported for openebs provisioner version 0.5.2 onwards + #- name: OPENEBS_IO_KUBE_CONFIG + # value: "/home/ubuntu/.kube/config" + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # OPENEBS_SERVICE_ACCOUNT provides the service account of this pod as + # environment variable + - name: OPENEBS_SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + - name: OPENEBS_IO_ENABLE_ANALYTICS + value: "{{ .Values.analytics.enabled }}" + - name: OPENEBS_IO_NFS_SERVER_USE_CLUSTERIP + value: "{{ .Values.nfsServer.useClusterIP }}" + - name: OPENEBS_IO_INSTALLER_TYPE + value: "charts-helm" + # OPENEBS_IO_NFS_SERVER_IMG defines the nfs-server-alpine image name to be used + # while creating nfs volume + - name: OPENEBS_IO_NFS_SERVER_IMG + value: "{{ .Values.nfsProvisioner.nfsServerAlpineImage.registry }}{{ .Values.nfsProvisioner.nfsServerAlpineImage.repository }}:{{ default .Chart.AppVersion .Values.nfsProvisioner.nfsServerAlpineImage.tag }}" + # LEADER_ELECTION_ENABLED is used to enable/disable leader election. By default + # leader election is enabled. + - name: LEADER_ELECTION_ENABLED + value: "{{ .Values.nfsProvisioner.enableLeaderElection }}" + {{- if .Values.nfsProvisioner.nfsServerNamespace }} + - name: OPENEBS_IO_NFS_SERVER_NS + value: {{ .Values.nfsProvisioner.nfsServerNamespace }} + {{- end }} + # OPENEBS_IO_NFS_SERVER_NODE_AFFINITY defines the node affinity rules to place NFS Server + # instance. It accepts affinity rules in multiple ways: + # - If NFS Server needs to be placed on storage nodes as well as only in + # zone-1 & zone-2 then value can be: + # value: "kubernetes.io/zone:[zone-1,zone-2],kubernetes.io/storage-node". + # - If NFS Server needs to be placed only on storage nodes & nfs nodes then + # value can be: + # value: "kubernetes.io/storage-node,kubernetes.io/nfs-node" + {{- if .Values.nfsProvisioner.nfsServerNodeAffinity }} + - name: OPENEBS_IO_NFS_SERVER_NODE_AFFINITY + value: "{{ .Values.nfsProvisioner.nfsServerNodeAffinity }}" + {{- end }} + {{- if .Values.nfsProvisioner.nfsBackendPvcTimeout }} + - name: OPENEBS_IO_NFS_SERVER_BACKEND_PVC_TIMEOUT + value: "{{ .Values.nfsProvisioner.nfsBackendPvcTimeout }}" + {{- end }} + # Process name used for matching is limited to the 15 characters + # present in the pgrep output. + # So fullname can't be used here with pgrep (>15 chars).A regular expression + # that matches the entire command name has to specified. + # Anchor `^` : matches any string that starts with `provisioner-nfs` + # `.*`: matches any string that has `provisioner-loc` followed by zero or more char + livenessProbe: + exec: + command: + - sh + - -c + - test `pgrep "^provisioner-nfs.*"` = 1 + initialDelaySeconds: {{ .Values.nfsProvisioner.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.nfsProvisioner.healthCheck.periodSeconds }} +{{- if .Values.nfsProvisioner.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nfsProvisioner.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.nfsProvisioner.tolerations }} + tolerations: +{{ toYaml .Values.nfsProvisioner.tolerations | indent 8 }} +{{- end }} +{{- if .Values.nfsProvisioner.affinity }} + affinity: +{{ toYaml .Values.nfsProvisioner.affinity | indent 8 }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/kernel-nfs-storageclass.yaml b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/kernel-nfs-storageclass.yaml new file mode 100644 index 000000000..abdfcab4b --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/kernel-nfs-storageclass.yaml @@ -0,0 +1,32 @@ +--- +# Storage classes for OpenEBS NFS Dynamic PV +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.nfsStorageClass.name }} + annotations: + openebs.io/cas-type: nfsrwx + cas.openebs.io/config: | + - name: NFSServerType + value: {{ .Values.nfsStorageClass.nfsServerType }} +{{- if .Values.nfsStorageClass.backendStorageClass }} + - name: BackendStorageClass + value: {{ .Values.nfsStorageClass.backendStorageClass }} +{{- end }} +{{- if .Values.nfsStorageClass.customServerConfig }} + - name: CustomServerConfig + value: {{ .Values.nfsStorageClass.customServerConfig }} +{{- end }} +{{- if .Values.nfsStorageClass.leaseTime }} + - name: LeaseTime + value: {{ .Values.nfsStorageClass.leaseTime }} +{{- end }} +{{- if .Values.nfsStorageClass.graceTime }} + - name: GraceTime + value: {{ .Values.nfsStorageClass.graceTime }} +{{- end }} +{{- if .Values.nfsStorageClass.isDefaultClass }} + storageclass.kubernetes.io/is-default-class: "true" +{{- end }} +provisioner: openebs.io/nfsrwx +reclaimPolicy: {{ .Values.nfsStorageClass.reclaimPolicy }} diff --git a/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/psp.yaml b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/psp.yaml new file mode 100644 index 000000000..f17e37f27 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/psp.yaml @@ -0,0 +1,31 @@ +{{- if .Values.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "nfsProvisioner.fullname" . }}-psp + {{- with .Values.nfsProvisioner.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "nfsProvisioner.labels" . | nindent 4 }} +spec: + privileged: {{ .Values.nfsProvisioner.privileged }} + allowPrivilegeEscalation: true + allowedCapabilities: ['*'] + volumes: ['*'] + hostNetwork: true + hostPorts: + - min: 0 + max: 65535 + hostIPC: true + hostPID: true + runAsUser: + rule: 'RunAsAny' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'RunAsAny' + fsGroup: + rule: 'RunAsAny' + {{- end }} + diff --git a/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/serviceaccount.yaml b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/serviceaccount.yaml new file mode 100644 index 000000000..45079bfa5 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/templates/serviceaccount.yaml @@ -0,0 +1,10 @@ +# Create Service Account for nfs-provisioner. +{{- if .Values.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "nfsProvisioner.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "nfsProvisioner.labels" . | nindent 4 }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/values.yaml b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/values.yaml new file mode 100644 index 000000000..ff67c1a4f --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/nfs-provisioner/values.yaml @@ -0,0 +1,108 @@ +# Default values for nfspv-provisioner. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: + +rbac: + # rbac.create: `true` if rbac resources should be created + create: true + # rbac.pspEnabled: `true` if PodSecurityPolicy resources should be created + pspEnabled: false + +podSecurityContext: {} +# fsGroup: 2000 + +imagePullSecrets: +# - name: image-pull-secret + +fullnameOverride: "" +nameOverride: "" + +nfsProvisioner: + name: nfs-provisioner + enabled: true + annotations: {} + podLabels: + name: openebs-nfs-provisioner + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/provisioner-nfs + tag: + pullPolicy: IfNotPresent + enableLeaderElection: "true" + # Specify image name of nfs-server-alpine used for creating nfs server deployment + # If not mentioned, default value openebs/nfs-server-alpine:tag will be used where + # the tag will be the same as a provisioner-nfs image tag + nfsServerAlpineImage: + registry: + repository: openebs/nfs-server-alpine + tag: + resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # ## Normal cases CPU and memory usage are around ~10 millicores and + # ## memory usage is around ~16Mb(after provisioing 70 volumes) + # requests: + # cpu: 50m + # memory: 50M + # ## During provisioning(large no.of pvcs at a time) time CPU and memory usage + # ## are around ~67 millicores(6.7% of cpu) and memory usage is around ~34Mb + # limits: + # cpu: 200m + # memory: 200Mi + # If set to false, containers created by the nfs provisioner will run without extra privileges. + privileged: true + nodeSelector: {} + tolerations: [] + affinity: {} + healthCheck: + initialDelaySeconds: 30 + periodSeconds: 60 + # namespace in which nfs server objects should be created + # By default, nfs provisioner will create these resources in nfs provisioner's namespace + # nfsServerNamespace: openebs + # + # nfsServerNodeAffinity defines the node affinity rules to place NFS Server + # instance. It accepts affinity rules in multiple ways: + # - If NFS Server needs to be placed on storage nodes as well as only in + # zone-1 & zone-2 then value can be: "kubernetes.io/zone:[zone-1,zone-2],kubernetes.io/storage-node". + # - If NFS Server needs to be placed only on storage nodes & nfs nodes then + # value can be: "kubernetes.io/storage-node,kubernetes.io/nfs-node" + # nfsServerNodeAffinity: "kubernetes.io/storage-node,kubernetes.io/nfs-node" + +nfsStorageClass: + name: openebs-kernel-nfs + reclaimPolicy: Delete + nfsServerType: kernel + isDefaultClass: false + backendStorageClass: "" + # The customServerConfig key passes a custom /etc/exports configuration to + # the NFS servers created using this StorageClass. + # The configuration settings are not validated, and can lead to security + # vulnerability. + # USING THIS IS NOT RECOMMENDED + customServerConfig: "" + # leaseTime defines the renewal period(in seconds) for client state + leaseTime: + # graceTime defines the recovery period(in seconds) to reclaim locks + # setting graceTime and leaseTime lower will reduce the io pause time during nfs server restart + graceTime: + + +nfsServer: + useClusterIP: "true" + +analytics: + enabled: "true" diff --git a/charts/openebs/openebs/3.0.0/charts/openebs-ndm/Chart.yaml b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/Chart.yaml new file mode 100644 index 000000000..890c4887b --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/Chart.yaml @@ -0,0 +1,23 @@ +apiVersion: v2 +appVersion: 1.6.0 +description: Helm chart for OpenEBS Node Disk Manager - a Kubernetes native storage + device management solution. For instructions on how to install, refer to https://openebs.github.io/node-disk-manager/. +home: http://www.openebs.io/ +icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/openebs/icon/color/openebs-icon-color.png +keywords: +- cloud-native-storage +- block-storage +- ndm +- disk-inventory +- storage +maintainers: +- email: akhil.mohan@mayadata.io + name: akhilerm +- email: michaelfornaro@gmail.com + name: xUnholy +- email: prateek.pandey@mayadata.io + name: prateekpandey14 +name: openebs-ndm +sources: +- https://github.com/openebs/node-disk-manager +version: 1.6.0 diff --git a/charts/openebs/openebs/3.0.0/charts/openebs-ndm/README.md b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/README.md new file mode 100644 index 000000000..497b6b450 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/README.md @@ -0,0 +1,79 @@ +## Introduction + +This chart bootstraps OpenEBS NDM deployment on a [Kubernetes](http://kubernetes.io) cluster using the +[Helm](https://helm.sh) package manager. + +## Installation + +You can run OpenEBS NDM on any Kubernetes 1.13+ cluster in a matter of seconds. + +Please visit the [link](https://openebs.github.io/node-disk-manager/) for install instructions via helm3. + +## Configuration + +The following table lists the configurable parameters of the OpenEBS NDM chart and their default values. + +| Parameter | Description | Default | +| ----------------------------------------| --------------------------------------------- | ----------------------------------------- | +| `imagePullSecrets` | Provides image pull secrect | `""` | +| `ndm.enabled` | Enable Node Disk Manager | `true` | +| `ndm.image.registry` | Registry for Node Disk Manager image | `""` | +| `ndm.image.repository` | Image repository for Node Disk Manager | `openebs/node-disk-manager` | +| `ndm.image.pullPolicy` | Image pull policy for Node Disk Manager | `IfNotPresent` | +| `ndm.image.tag` | Image tag for Node Disk Manager | `1.5.0` | +| `ndm.sparse.path` | Directory where Sparse files are created | `/var/openebs/sparse` | +| `ndm.sparse.size` | Size of the sparse file in bytes | `10737418240` | +| `ndm.sparse.count` | Number of sparse files to be created | `0` | +| `ndm.updateStrategy.type` | Update strategy for NDM daemonset | `RollingUpdate` | +| `ndm.annotations` | Annotations for NDM daemonset metadata | `""` | +| `ndm.podAnnotations` | Annotations for NDM daemonset's pods metadata | `""` | +| `ndm.resources` | Resource and request and limit for containers | `""` | +| `ndm.podLabels` | Appends labels to the pods | `""` | +| `ndm.nodeSelector` | Nodeselector for daemonset pods | `""` | +| `ndm.tolerations` | NDM daemonset's pod toleration values | `""` | +| `ndm.securityContext` | Seurity context for container | `""` | +| `ndm.filters.enableOsDiskExcludeFilter` | Enable filters of OS disk exclude | `true` | +| `ndm.filters.osDiskExcludePaths` | Paths/Mountpoints to be excluded by OS Disk Filter| `/,/etc/hosts,/boot` | +| `ndm.filters.enableVendorFilter` | Enable filters of vendors | `true` | +| `ndm.filters.excludeVendors` | Exclude devices with specified vendor | `CLOUDBYT,OpenEBS` | +| `ndm.filters.enablePathFilter` | Enable filters of paths | `true` | +| `ndm.filters.includePaths` | Include devices with specified path patterns | `""` | +| `ndm.filters.excludePaths` | Exclude devices with specified path patterns | `loop,fd0,sr0,/dev/ram,/dev/dm-,/dev/md,/dev/rbd,/dev/zd`| +| `ndm.probes.enableSeachest` | Enable Seachest probe for NDM | `false` | +| `ndm.probes.enableUdevProbe` | Enable Udev probe for NDM | `true` | +| `ndm.probes.enableSmartProbe` | Enable Smart probe for NDM | `true` | +| `ndmOperator.enabled` | Enable NDM Operator | `true` | +| `ndmOperator.replica` | Pod replica count for NDM operator | `1` | +| `ndmOperator.upgradeStrategy` | Update strategy NDM operator | `"Recreate"` | +| `ndmOperator.image.registry` | Registry for NDM operator image | `""` | +| `ndmOperator.image.repository` | Image repository for NDM operator | `openebs/node-disk-operator` | +| `ndmOperator.image.pullPolicy` | Image pull policy for NDM operator | `IfNotPresent` | +| `ndmOperator.image.tag` | Image tag for NDM operator | `1.5.0` | +| `ndmOperator.annotations` | Annotations for NDM operator metadata | `""` | +| `ndmOperator.podAnnotations` | Annotations for NDM operator's pods metadata | `""` | +| `ndmOperator.resources` | Resource and request and limit for containers | `""` | +| `ndmOperator.podLabels` | Appends labels to the pods | `""` | +| `ndmOperator.nodeSelector` | Nodeselector for operator pods | `""` | +| `ndmOperator.tolerations` | NDM operator's pod toleration values | `""` | +| `ndmOperator.securityContext` | Seurity context for container | `""` | +| `featureGates.APIService.enabled` | Enable the gRPC API service of NDM | `false` | +| `featureGates.UseOSDisk.enabled` | Enable feature-gate to use free space on OS disk | `false` | +| `featureGates.MountChangeDetection.enabled` | Enable feature-gate to detect mountpoint/filesystem changes | `false` | +| `helperPod.image.registry` | Registry for helper image | `""` | +| `helperPod.image.repository` | Image for helper pod | `openebs/linux-utils` | +| `helperPod.image.pullPolicy` | Pull policy for helper pod | `IfNotPresent` | +| `helperPod.image.tag` | Image tag for helper image | `2.10.0` | +| `varDirectoryPath.baseDir` | Directory to store debug info and so forth | `/var/openebs` | +| `serviceAccount.create` | Create a service account or not | `true` | +| `serviceAccount.name` | Name for the service account | `true` | + + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```bash +helm install -f values.yaml ndm/openebs-ndm +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) diff --git a/charts/openebs/openebs/3.0.0/charts/openebs-ndm/crds/blockdevice.yaml b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/crds/blockdevice.yaml new file mode 100644 index 000000000..95f40703c --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/crds/blockdevice.yaml @@ -0,0 +1,241 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: blockdevices.openebs.io +spec: + group: openebs.io + names: + kind: BlockDevice + listKind: BlockDeviceList + plural: blockdevices + shortNames: + - bd + singular: blockdevice + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.nodeAttributes.nodeName + name: NodeName + type: string + - jsonPath: .spec.path + name: Path + priority: 1 + type: string + - jsonPath: .spec.filesystem.fsType + name: FSType + priority: 1 + type: string + - jsonPath: .spec.capacity.storage + name: Size + type: string + - jsonPath: .status.claimState + name: ClaimState + type: string + - jsonPath: .status.state + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: BlockDevice is the Schema for the blockdevices API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DeviceSpec defines the properties and runtime status of a BlockDevice + properties: + aggregateDevice: + description: AggregateDevice was intended to store the hierarchical information in cases of LVM. However this is currently not implemented and may need to be re-looked into for better design. To be deprecated + type: string + capacity: + description: Capacity + properties: + logicalSectorSize: + description: LogicalSectorSize is blockdevice logical-sector size in bytes + format: int32 + type: integer + physicalSectorSize: + description: PhysicalSectorSize is blockdevice physical-Sector size in bytes + format: int32 + type: integer + storage: + description: Storage is the blockdevice capacity in bytes + format: int64 + type: integer + required: + - storage + type: object + claimRef: + description: ClaimRef is the reference to the BDC which has claimed this BD + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + details: + description: Details contain static attributes of BD like model,serial, and so forth + properties: + compliance: + description: Compliance is standards/specifications version implemented by device firmware such as SPC-1, SPC-2, etc + type: string + deviceType: + description: DeviceType represents the type of device like sparse, disk, partition, lvm, crypt + enum: + - disk + - partition + - sparse + - loop + - lvm + - crypt + - dm + - mpath + type: string + driveType: + description: DriveType is the type of backing drive, HDD/SSD + enum: + - HDD + - SSD + - Unknown + - "" + type: string + firmwareRevision: + description: FirmwareRevision is the disk firmware revision + type: string + hardwareSectorSize: + description: HardwareSectorSize is the hardware sector size in bytes + format: int32 + type: integer + logicalBlockSize: + description: LogicalBlockSize is the logical block size in bytes reported by /sys/class/block/sda/queue/logical_block_size + format: int32 + type: integer + model: + description: Model is model of disk + type: string + physicalBlockSize: + description: PhysicalBlockSize is the physical block size in bytes reported by /sys/class/block/sda/queue/physical_block_size + format: int32 + type: integer + serial: + description: Serial is serial number of disk + type: string + vendor: + description: Vendor is vendor of disk + type: string + type: object + devlinks: + description: DevLinks contains soft links of a block device like /dev/by-id/... /dev/by-uuid/... + items: + description: DeviceDevLink holds the mapping between type and links like by-id type or by-path type link + properties: + kind: + description: Kind is the type of link like by-id or by-path. + enum: + - by-id + - by-path + type: string + links: + description: Links are the soft links + items: + type: string + type: array + type: object + type: array + filesystem: + description: FileSystem contains mountpoint and filesystem type + properties: + fsType: + description: Type represents the FileSystem type of the block device + type: string + mountPoint: + description: MountPoint represents the mountpoint of the block device. + type: string + type: object + nodeAttributes: + description: NodeAttributes has the details of the node on which BD is attached + properties: + nodeName: + description: NodeName is the name of the Kubernetes node resource on which the device is attached + type: string + type: object + parentDevice: + description: "ParentDevice was intended to store the UUID of the parent Block Device as is the case for partitioned block devices. \n For example: /dev/sda is the parent for /dev/sda1 To be deprecated" + type: string + partitioned: + description: Partitioned represents if BlockDevice has partitions or not (Yes/No) Currently always default to No. To be deprecated + enum: + - "Yes" + - "No" + type: string + path: + description: Path contain devpath (e.g. /dev/sdb) + type: string + required: + - capacity + - devlinks + - nodeAttributes + - path + type: object + status: + description: DeviceStatus defines the observed state of BlockDevice + properties: + claimState: + description: ClaimState represents the claim state of the block device + enum: + - Claimed + - Unclaimed + - Released + type: string + state: + description: State is the current state of the blockdevice (Active/Inactive/Unknown) + enum: + - Active + - Inactive + - Unknown + type: string + required: + - claimState + - state + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/openebs-ndm/crds/blockdeviceclaim.yaml b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/crds/blockdeviceclaim.yaml new file mode 100644 index 000000000..81b9a355e --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/crds/blockdeviceclaim.yaml @@ -0,0 +1,144 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: blockdeviceclaims.openebs.io +spec: + group: openebs.io + names: + kind: BlockDeviceClaim + listKind: BlockDeviceClaimList + plural: blockdeviceclaims + shortNames: + - bdc + singular: blockdeviceclaim + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.blockDeviceName + name: BlockDeviceName + type: string + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: BlockDeviceClaim is the Schema for the blockdeviceclaims API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DeviceClaimSpec defines the request details for a BlockDevice + properties: + blockDeviceName: + description: BlockDeviceName is the reference to the block-device backing this claim + type: string + blockDeviceNodeAttributes: + description: BlockDeviceNodeAttributes is the attributes on the node from which a BD should be selected for this claim. It can include nodename, failure domain etc. + properties: + hostName: + description: HostName represents the hostname of the Kubernetes node resource where the BD should be present + type: string + nodeName: + description: NodeName represents the name of the Kubernetes node resource where the BD should be present + type: string + type: object + deviceClaimDetails: + description: Details of the device to be claimed + properties: + allowPartition: + description: AllowPartition represents whether to claim a full block device or a device that is a partition + type: boolean + blockVolumeMode: + description: 'BlockVolumeMode represents whether to claim a device in Block mode or Filesystem mode. These are use cases of BlockVolumeMode: 1) Not specified: VolumeMode check will not be effective 2) VolumeModeBlock: BD should not have any filesystem or mountpoint 3) VolumeModeFileSystem: BD should have a filesystem and mountpoint. If DeviceFormat is specified then the format should match with the FSType in BD' + type: string + formatType: + description: Format of the device required, eg:ext4, xfs + type: string + type: object + deviceType: + description: DeviceType represents the type of drive like SSD, HDD etc., + nullable: true + type: string + hostName: + description: Node name from where blockdevice has to be claimed. To be deprecated. Use NodeAttributes.HostName instead + type: string + resources: + description: Resources will help with placing claims on Capacity, IOPS + properties: + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum resources required. eg: if storage resource of 10G is requested minimum capacity of 10G should be available TODO for validating' + type: object + required: + - requests + type: object + selector: + description: Selector is used to find block devices to be considered for claiming + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: object + status: + description: DeviceClaimStatus defines the observed state of BlockDeviceClaim + properties: + phase: + description: Phase represents the current phase of the claim + type: string + required: + - phase + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/NOTES.txt b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/NOTES.txt new file mode 100644 index 000000000..3c84551b5 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/NOTES.txt @@ -0,0 +1,8 @@ +The OpenEBS Node Disk Manager has been installed. Check its status by running: +$ kubectl get pods -n {{ .Release.Namespace }} + +Use `kubectl get bd -n {{ .Release.Namespace }} ` to see the list of +blockdevices attached to the Kubernetes cluster nodes. + +For more information, visit our Slack at https://openebs.io/community or view +the documentation online at http://docs.openebs.io/. diff --git a/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/_helpers.tpl b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/_helpers.tpl new file mode 100644 index 000000000..e6d5b99dc --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/_helpers.tpl @@ -0,0 +1,132 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +This name is used for ndm daemonset +*/}} +{{- define "openebs-ndm.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "openebs-ndm.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified ndm daemonset app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "openebs-ndm.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains .Release.Name $name }} +{{- $name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{- define "openebs-ndm.operator.name" -}} +{{- $ndmName := default .Chart.Name .Values.ndmOperator.nameOverride | trunc 63 | trimSuffix "-" }} +{{- $componentName := .Values.ndmOperator.name | trunc 63 | trimSuffix "-" }} +{{- printf "%s-%s" $ndmName $componentName | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified ndm operator app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "openebs-ndm.operator.fullname" -}} +{{- if .Values.ndmOperator.fullnameOverride }} +{{- .Values.ndmOperator.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $ndmOperatorName := include "openebs-ndm.operator.name" .}} + +{{- $name := default $ndmOperatorName .Values.ndmOperator.nameOverride }} +{{- if contains .Release.Name $name }} +{{- $name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "openebs-ndm.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "openebs-ndm.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Define meta labels for ndm components +*/}} +{{- define "openebs-ndm.common.metaLabels" -}} +chart: {{ template "openebs-ndm.chart" . }} +heritage: {{ .Release.Service }} +openebs.io/version: {{ .Values.release.version | quote }} +{{- end -}} + + +{{/* +Create match labels for ndm daemonset component +*/}} +{{- define "openebs-ndm.matchLabels" -}} +app: {{ template "openebs-ndm.name" . }} +release: {{ .Release.Name }} +component: {{ .Values.ndm.componentName | quote }} +{{- end -}} + +{{/* +Create component labels for ndm daemonset component +*/}} +{{- define "openebs-ndm.componentLabels" -}} +openebs.io/component-name: {{ .Values.ndm.componentName | quote }} +{{- end -}} + + +{{/* +Create labels for ndm daemonset component +*/}} +{{- define "openebs-ndm.labels" -}} +{{ include "openebs-ndm.common.metaLabels" . }} +{{ include "openebs-ndm.matchLabels" . }} +{{ include "openebs-ndm.componentLabels" . }} +{{- end -}} + +{{/* +Create match labels for ndm operator deployment +*/}} +{{- define "openebs-ndm.operator.matchLabels" -}} +app: {{ template "openebs-ndm.operator.name" . }} +release: {{ .Release.Name }} +component: {{ default (include "openebs-ndm.operator.name" .) .Values.ndmOperator.componentName }} +{{- end -}} + +{{/* +Create component labels for ndm operator component +*/}} +{{- define "openebs-ndm.operator.componentLabels" -}} +openebs.io/component-name: {{ default (include "openebs-ndm.operator.name" .) .Values.ndmOperator.componentName }} +{{- end -}} + + +{{/* +Create labels for ndm operator component +*/}} +{{- define "openebs-ndm.operator.labels" -}} +{{ include "openebs-ndm.common.metaLabels" . }} +{{ include "openebs-ndm.operator.matchLabels" . }} +{{ include "openebs-ndm.operator.componentLabels" . }} +{{- end -}} diff --git a/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/configmap.yaml b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/configmap.yaml new file mode 100644 index 000000000..337b0e593 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/configmap.yaml @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "openebs-ndm.fullname" . }}-config +data: + # node-disk-manager-config contains config of available probes and filters. + # Probes and Filters will initialize with default values if config for that + # filter or probe are not present in configmap + + # udev-probe is default or primary probe it should be enabled to run ndm + # filterconfigs contains configs of filters. To provide a group of include + # and exclude values add it as , separated string + node-disk-manager.config: | + probeconfigs: + - key: udev-probe + name: udev probe + state: {{ .Values.ndm.probes.enableUdevProbe }} + - key: seachest-probe + name: seachest probe + state: {{ .Values.ndm.probes.enableSeachest }} + - key: smart-probe + name: smart probe + state: {{ .Values.ndm.probes.enableSmartProbe }} + filterconfigs: + - key: os-disk-exclude-filter + name: os disk exclude filter + state: {{ .Values.ndm.filters.enableOsDiskExcludeFilter }} + exclude: "{{ .Values.ndm.filters.osDiskExcludePaths }}" + - key: vendor-filter + name: vendor filter + state: {{ .Values.ndm.filters.enableVendorFilter }} + include: "" + exclude: "{{ .Values.ndm.filters.excludeVendors }}" + - key: path-filter + name: path filter + state: {{ .Values.ndm.filters.enablePathFilter }} + include: "{{ .Values.ndm.filters.includePaths }}" + exclude: "{{ .Values.ndm.filters.excludePaths }}" diff --git a/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/daemonset.yaml b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/daemonset.yaml new file mode 100644 index 000000000..af66edfe5 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/daemonset.yaml @@ -0,0 +1,176 @@ +{{- if .Values.ndm.enabled }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ template "openebs-ndm.fullname" . }} + {{- with .Values.ndm.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "openebs-ndm.labels" . | nindent 4 }} +spec: + updateStrategy: +{{ toYaml .Values.ndm.updateStrategy | indent 4 }} + selector: + matchLabels: + {{- include "openebs-ndm.matchLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.ndm.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "openebs-ndm.labels" . | nindent 8 }} + {{- with .Values.ndm.podLabels}} + {{ toYaml . | nindent 8 }} + {{- end}} + spec: + serviceAccountName: {{ template "openebs-ndm.serviceAccountName" . }} +{{- if .Values.featureGates.enabled }} +{{- if .Values.featureGates.APIService.enabled }} + hostPID: true +{{- end}} +{{- end}} + containers: + - name: {{ template "openebs-ndm.name" . }} + image: "{{ .Values.ndm.image.registry }}{{ .Values.ndm.image.repository }}:{{ .Values.ndm.image.tag }}" + args: + - -v=4 +{{- if .Values.featureGates.enabled }} +{{- if .Values.featureGates.GPTBasedUUID.enabled }} + - --feature-gates={{ .Values.featureGates.GPTBasedUUID.featureGateFlag }} +{{- end}} +{{- if .Values.featureGates.APIService.enabled }} + - --feature-gates={{ .Values.featureGates.APIService.featureGateFlag }} + - --api-service-address={{ .Values.featureGates.APIService.address }} +{{- end}} +{{- if .Values.featureGates.UseOSDisk.enabled }} + - --feature-gates={{ .Values.featureGates.UseOSDisk.featureGateFlag }} +{{- end}} +{{- if .Values.featureGates.MountChangeDetection.enabled }} + - --feature-gates={{ .Values.featureGates.MountChangeDetection.featureGateFlag }} +{{- end}} +{{- end}} + imagePullPolicy: {{ .Values.ndm.image.pullPolicy }} + resources: +{{ toYaml .Values.ndm.resources | indent 12 }} + securityContext: + privileged: true + env: + # namespace in which NDM is installed will be passed to NDM Daemonset + # as environment variable + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # pass hostname as env variable using downward API to the NDM container + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + # specify the directory where the sparse files need to be created. + # if not specified, then sparse files will not be created. + - name: SPARSE_FILE_DIR + value: "{{ .Values.ndm.sparse.path }}" +{{- end }} +{{- if .Values.ndm.sparse.size }} + # Size(bytes) of the sparse file to be created. + - name: SPARSE_FILE_SIZE + value: "{{ .Values.ndm.sparse.size }}" +{{- end }} +{{- if .Values.ndm.sparse.count }} + # Specify the number of sparse files to be created + - name: SPARSE_FILE_COUNT + value: "{{ .Values.ndm.sparse.count }}" +{{- end }} +{{- end }} + # Process name used for matching is limited to the 15 characters + # present in the pgrep output. + # So fullname can be used here with pgrep (cmd is < 15 chars). + livenessProbe: + exec: + command: + - pgrep + - "ndm" + initialDelaySeconds: {{ .Values.ndm.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndm.healthCheck.periodSeconds }} + volumeMounts: + - name: config + mountPath: /host/node-disk-manager.config + subPath: node-disk-manager.config + readOnly: true + - name: udev + mountPath: /run/udev + - name: procmount + mountPath: /host/proc + readOnly: true + - name: devmount + mountPath: /dev + - name: basepath + mountPath: /var/openebs/ndm +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + - name: sparsepath + mountPath: {{ .Values.ndm.sparse.path }} +{{- end }} +{{- end }} + volumes: + - name: config + configMap: + name: {{ include "openebs-ndm.fullname" . }}-config + - name: udev + hostPath: + path: /run/udev + type: Directory + # mount /proc (to access mount file of process 1 of host) inside container + # to read mount-point of disks and partitions + - name: procmount + hostPath: + path: /proc + type: Directory + - name: devmount + # the /dev directory is mounted so that we have access to the devices that + # are connected at runtime of the pod. + hostPath: + path: /dev + type: Directory + - name: basepath + hostPath: + path: "{{ .Values.varDirectoryPath.baseDir }}/ndm" + type: DirectoryOrCreate +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + - name: sparsepath + hostPath: + path: {{ .Values.ndm.sparse.path }} +{{- end }} +{{- end }} + # By default the node-disk-manager will be run on all kubernetes nodes + # If you would like to limit this to only some nodes, say the nodes + # that have storage attached, you could label those node and use + # nodeSelector. + # + # e.g. label the storage nodes with - "openebs.io/nodegroup"="storage-node" + # kubectl label node "openebs.io/nodegroup"="storage-node" + #nodeSelector: + # "openebs.io/nodegroup": "storage-node" +{{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 6 }} +{{- end }} +{{- if .Values.ndm.nodeSelector }} + nodeSelector: +{{ toYaml .Values.ndm.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.ndm.tolerations }} + tolerations: +{{ toYaml .Values.ndm.tolerations | indent 8 }} +{{- end }} +{{- if .Values.ndm.securityContext }} + securityContext: +{{ toYaml .Values.ndm.securityContext | indent 8 }} +{{- end }} + hostNetwork: true +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/deployment.yaml b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/deployment.yaml new file mode 100644 index 000000000..4a54dc777 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/deployment.yaml @@ -0,0 +1,87 @@ +{{- if .Values.ndmOperator.enabled }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "openebs-ndm.operator.fullname" . }} + {{- with .Values.ndmOperator.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "openebs-ndm.operator.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.ndmOperator.replicas }} + strategy: + type: "Recreate" + rollingUpdate: null + selector: + matchLabels: + {{- include "openebs-ndm.operator.matchLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.ndmOperator.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "openebs-ndm.operator.labels" . | nindent 8 }} + {{- with .Values.ndmOperator.podLabels}} + {{ toYaml . | nindent 8 }} + {{- end}} + spec: + serviceAccountName: {{ template "openebs-ndm.serviceAccountName" . }} + containers: + - name: {{ template "openebs-ndm.operator.fullname" . }} + image: "{{ .Values.ndmOperator.image.registry }}{{ .Values.ndmOperator.image.repository }}:{{ .Values.ndmOperator.image.tag }}" + imagePullPolicy: {{ .Values.ndmOperator.image.pullPolicy }} + resources: +{{ toYaml .Values.ndmOperator.resources | indent 12 }} + livenessProbe: + httpGet: + path: /healthz + port: 8585 + initialDelaySeconds: {{ .Values.ndmOperator.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndmOperator.healthCheck.periodSeconds }} + readinessProbe: + httpGet: + path: /readyz + port: 8585 + initialDelaySeconds: {{ .Values.ndmOperator.readinessCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndmOperator.readinessCheck.periodSeconds }} + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + - name: OPERATOR_NAME + value: "node-disk-operator" + - name: CLEANUP_JOB_IMAGE + value: "{{ .Values.helperPod.image.registry }}{{ .Values.helperPod.image.repository }}:{{ .Values.helperPod.image.tag }}" +{{- if .Values.imagePullSecrets }} + - name: OPENEBS_IO_IMAGE_PULL_SECRETS + value: "{{- range $index, $secret := .Values.imagePullSecrets}}{{if $index}},{{end}}{{ $secret.name }}{{- end}}" +{{- end }} +{{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 6 }} +{{- end }} +{{- if .Values.ndmOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.ndmOperator.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.ndmOperator.securityContext }} + securityContext: +{{ toYaml .Values.ndmOperator.securityContext | indent 8 }} +{{- end }} +{{- if .Values.ndmOperator.tolerations }} + tolerations: +{{ toYaml .Values.ndmOperator.tolerations | indent 8 }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/rbac.yaml b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/rbac.yaml new file mode 100644 index 000000000..8e81c4922 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/templates/rbac.yaml @@ -0,0 +1,44 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "openebs-ndm.serviceAccountName" . }} +{{- end }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "openebs-ndm.fullname" . }} +rules: + - apiGroups: ["*"] + resources: ["nodes", "pods", "events", "configmaps", "jobs"] + verbs: + - '*' + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: + - '*' + - apiGroups: + - openebs.io + resources: + - blockdevices + - blockdeviceclaims + verbs: + - '*' +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "openebs-ndm.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "openebs-ndm.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + - kind: User + name: system:serviceaccount:default:default + apiGroup: rbac.authorization.k8s.io +roleRef: + kind: ClusterRole + name: {{ include "openebs-ndm.fullname" . }} + apiGroup: rbac.authorization.k8s.io +--- diff --git a/charts/openebs/openebs/3.0.0/charts/openebs-ndm/values.yaml b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/values.yaml new file mode 100644 index 000000000..14928d497 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/openebs-ndm/values.yaml @@ -0,0 +1,121 @@ +# Default values for ndm. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +release: + version: "1.6.0" + +imagePullSecrets: +# - name: "image-pull-secret" + +ndm: + componentName: ndm + enabled: true + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/node-disk-manager + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 1.6.0 + sparse: + path: "/var/openebs/sparse" + size: "10737418240" + count: "0" + updateStrategy: + type: RollingUpdate + annotations: {} + podAnnotations: {} + resources: {} + # limits: + # cpu: 10m + # memory: 32Mi + # requests: + # cpu: 10m + # memory: 32Mi + ## Labels to be added to ndm daemonset pods + podLabels: + name: openebs-ndm + nodeSelector: {} + tolerations: [] + securityContext: {} + filters: + enableOsDiskExcludeFilter: true + osDiskExcludePaths: "/,/etc/hosts,/boot" + enableVendorFilter: true + excludeVendors: "CLOUDBYT,OpenEBS" + enablePathFilter: true + includePaths: "" + excludePaths: "loop,fd0,sr0,/dev/ram,/dev/dm-,/dev/md,/dev/rbd,/dev/zd" + probes: + enableSeachest: false + enableUdevProbe: true + enableSmartProbe: true + healthCheck: + initialDelaySeconds: 30 + periodSeconds: 60 + +ndmOperator: + name: operator + enabled: true + image: + registry: + repository: openebs/node-disk-operator + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 1.6.0 + podLabels: + name: openebs-ndm-operator + annotations: {} + podAnnotations: {} + nodeSelector: {} + resources: {} + securityContext: {} + tolerations: [] + healthCheck: + initialDelaySeconds: 15 + periodSeconds: 20 + readinessCheck: + initialDelaySeconds: 5 + periodSeconds: 10 + replicas: 1 + upgradeStrategy: Recreate + +helperPod: + image: + registry: "" + repository: openebs/linux-utils + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 2.11.0 + +crd: + enableInstall: false + +featureGates: + enabled: true + GPTBasedUUID: + enabled: true + featureGateFlag: "GPTBasedUUID" + APIService: + enabled: false + featureGateFlag: "APIService" + address: "0.0.0.0:9115" + UseOSDisk: + enabled: false + featureGateFlag: "UseOSDisk" + MountChangeDetection: + enabled: false + featureGateFlag: "MountChangeDetection" + +# Directory used by the OpenEBS to store debug information and so forth +# that are generated in the course of running OpenEBS containers. +varDirectoryPath: + baseDir: "/var/openebs" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: openebs-ndm diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/.helmignore b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/Chart.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/Chart.yaml new file mode 100644 index 000000000..53a9d8c42 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/Chart.yaml @@ -0,0 +1,23 @@ +apiVersion: v2 +appVersion: 1.9.0 +description: CSI Driver for dynamic provisioning of ZFS Persistent Local Volumes. +home: http://www.openebs.io/ +icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/openebs/icon/color/openebs-icon-color.png +keywords: +- cloud-native-storage +- block-storage +- filesystem +- ZFS +- Local Persistent Volumes +- storage +maintainers: +- email: michaelfornaro@gmail.com + name: xUnholy +- email: prateek.pandey@mayadata.io + name: prateekpandey14 +- email: pawan@mayadata.io + name: pawanpraka1 +name: zfs-localpv +sources: +- https://github.com/openebs/zfs-localpv +version: 1.9.0 diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/README.md b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/README.md new file mode 100644 index 000000000..ea6ea79f0 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/README.md @@ -0,0 +1,136 @@ + +# OpenEBS LocalPV Provisioner + +[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) +![Chart Lint and Test](https://github.com/openebs/zfs-localpv/workflows/Chart%20Lint%20and%20Test/badge.svg) +![Release Charts](https://github.com/openebs/zfs-localpv/workflows/Release%20Charts/badge.svg?branch=develop) + +A Helm chart for openebs zfs localpv provisioner. This chart bootstraps OpenEBS ZFS LocalPV provisioner deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| pawanpraka1 | pawan@mayadata.io | | +| xUnholy | michaelfornaro@gmail.com | | +| prateekpandey14 | prateek.pandey@mayadata.io | | + + +## Get Repo Info + +```console +helm repo add openebs-zfslocalpv https://openebs.github.io/zfs-localpv +helm repo update +``` + +_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + +## Install Chart + +Please visit the [link](https://openebs.github.io/zfs-localpv/) for install instructions via helm3. + +```console +# Helm +$ helm install [RELEASE_NAME] openebs-zfslocalpv/zfs-localpv +``` + +**Note:** If moving from the operator to helm +- Make sure the namespace provided in the helm install command is same as `OPENEBS_NAMESPACE` (by default it is `openebs`) env in the controller statefulset. +- Before installing, clean up the stale statefulset and daemonset from `kube-system` namespace using the below commands +```sh +kubectl delete sts openebs-zfs-controller -n kube-system +kubectl delete ds openebs-zfs-node -n kube-system +``` + + +_See [configuration](#configuration) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + +## Uninstall Chart + +```console +# Helm +$ helm uninstall [RELEASE_NAME] +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +## Upgrading Chart + +```console +# Helm +$ helm upgrade [RELEASE_NAME] [CHART] --install +``` + +## Configuration + +The following table lists the configurable parameters of the OpenEBS ZFS Localpv chart and their default values. + +| Parameter| Description| Default| +| -| -| -| +| `imagePullSecrets`| Provides image pull secrect| `""`| +| `zfsPlugin.image.registry`| Registry for openebs-zfs-plugin image| `""`| +| `zfsPlugin.image.repository`| Image repository for openebs-zfs-plugin| `openebs/zfs-driver`| +| `zfsPlugin.image.pullPolicy`| Image pull policy for openebs-zfs-plugin| `IfNotPresent`| +| `zfsPlugin.image.tag`| Image tag for openebs-zfs-plugin| `1.9.0`| +| `zfsNode.driverRegistrar.image.registry`| Registry for csi-node-driver-registrar image| `k8s.gcr.io/`| +| `zfsNode.driverRegistrar.image.repository`| Image repository for csi-node-driver-registrar| `sig-storage/csi-node-driver-registrar`| +| `zfsNode.driverRegistrar.image.pullPolicy`| Image pull policy for csi-node-driver-registrar| `IfNotPresent`| +| `zfsNode.driverRegistrar.image.tag`| Image tag for csi-node-driver-registrar| `v1.2.0`| +| `zfsNode.updateStrategy.type`| Update strategy for zfsnode daemonset | `RollingUpdate` | +| `zfsNode.kubeletDir`| Kubelet mount point for zfsnode daemonset| `"/var/lib/kubelet/"` | +| `zfsNode.annotations` | Annotations for zfsnode daemonset metadata| `""`| +| `zfsNode.podAnnotations`| Annotations for zfsnode daemonset's pods metadata | `""`| +| `zfsNode.resources`| Resource and request and limit for zfsnode daemonset containers | `""`| +| `zfsNode.labels`| Labels for zfsnode daemonset metadata | `""`| +| `zfsNode.podLabels`| Appends labels to the zfsnode daemonset pods| `""`| +| `zfsNode.nodeSelector`| Nodeselector for zfsnode daemonset pods| `""`| +| `zfsNode.tolerations` | zfsnode daemonset's pod toleration values | `""`| +| `zfsNode.securityContext` | Seurity context for zfsnode daemonset container | `""`| +| `zfsController.resizer.image.registry`| Registry for csi-resizer image| `k8s.gcr.io/`| +| `zfsController.resizer.image.repository`| Image repository for csi-resizer| `sig-storage/csi-resizer`| +| `zfsController.resizer.image.pullPolicy`| Image pull policy for csi-resizer| `IfNotPresent`| +| `zfsController.resizer.image.tag`| Image tag for csi-resizer| `v1.1.0`| +| `zfsController.snapshotter.image.registry`| Registry for csi-snapshotter image| `k8s.gcr.io/`| +| `zfsController.snapshotter.image.repository`| Image repository for csi-snapshotter| `sig-storage/csi-snapshotter`| +| `zfsController.snapshotter.image.pullPolicy`| Image pull policy for csi-snapshotter| `IfNotPresent`| +| `zfsController.snapshotter.image.tag`| Image tag for csi-snapshotter| `v4.0.0`| +| `zfsController.snapshotController.image.registry`| Registry for snapshot-controller image| `k8s.gcr.io/`| +| `zfsController.snapshotController.image.repository`| Image repository for snapshot-controller| `sig-storage/snapshot-controller`| +| `zfsController.snapshotController.image.pullPolicy`| Image pull policy for snapshot-controller| `IfNotPresent`| +| `zfsController.snapshotController.image.tag`| Image tag for snapshot-controller| `v4.0.0`| +| `zfsController.provisioner.image.registry`| Registry for csi-provisioner image| `k8s.gcr.io/`| +| `zfsController.provisioner.image.repository`| Image repository for csi-provisioner| `sig-storage/csi-provisioner`| +| `zfsController.provisioner.image.pullPolicy`| Image pull policy for csi-provisioner| `IfNotPresent`| +| `zfsController.provisioner.image.tag`| Image tag for csi-provisioner| `v2.1.0`| +| `zfsController.updateStrategy.type`| Update strategy for zfs localpv controller statefulset | `RollingUpdate` | +| `zfsController.annotations` | Annotations for zfs localpv controller statefulset metadata| `""`| +| `zfsController.podAnnotations`| Annotations for zfs localpv controller statefulset's pods metadata | `""`| +| `zfsController.resources`| Resource and request and limit for zfs localpv controller statefulset containers | `""`| +| `zfsController.labels`| Labels for zfs localpv controller statefulset metadata | `""`| +| `zfsController.podLabels`| Appends labels to the zfs localpv controller statefulset pods| `""`| +| `zfsController.nodeSelector`| Nodeselector for zfs localpv controller statefulset pods| `""`| +| `zfsController.tolerations` | zfs localpv controller statefulset's pod toleration values | `""`| +| `zfsController.securityContext` | Seurity context for zfs localpv controller statefulset container | `""`| +| `rbac.pspEnabled` | Enable PodSecurityPolicy | `false` | +| `serviceAccount.zfsNode.create` | Create a service account for zfsnode or not| `true`| +| `serviceAccount.zfsNode.name` | Name for the zfsnode service account| `openebs-zfs-node-sa`| +| `serviceAccount.zfsController.create` | Create a service account for zfs localpv controller or not| `true`| +| `serviceAccount.zfsController.name` | Name for the zfs localpv controller service account| `openebs-zfs-controller-sa`| +| `analytics.enabled` | Enable or Disable google analytics for the controller| `true`| + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```bash +helm install -f values.yaml openebs/zfs-localpv +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/volumesnapshotclasses.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/volumesnapshotclasses.yaml new file mode 100644 index 000000000..820a9a394 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/volumesnapshotclasses.yaml @@ -0,0 +1,111 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshotclasses.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshotClass + listKind: VolumeSnapshotClassList + plural: volumesnapshotclasses + singular: volumesnapshotclass + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .driver + name: Driver + type: string + - description: Determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .deletionPolicy + name: DeletionPolicy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshotClass specifies parameters that a underlying storage system uses when creating a volume snapshot. A specific VolumeSnapshotClass is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses are non-namespaced + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + deletionPolicy: + description: deletionPolicy determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the storage driver that handles this VolumeSnapshotClass. Required. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + parameters: + additionalProperties: + type: string + description: parameters is a key-value map with storage driver specific parameters for creating snapshots. These values are opaque to Kubernetes. + type: object + required: + - deletionPolicy + - driver + type: object + served: true + storage: false + subresources: {} + - additionalPrinterColumns: + - jsonPath: .driver + name: Driver + type: string + - description: Determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .deletionPolicy + name: DeletionPolicy + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VolumeSnapshotClass specifies parameters that a underlying storage system uses when creating a volume snapshot. A specific VolumeSnapshotClass is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses are non-namespaced + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + deletionPolicy: + description: deletionPolicy determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the storage driver that handles this VolumeSnapshotClass. Required. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + parameters: + additionalProperties: + type: string + description: parameters is a key-value map with storage driver specific parameters for creating snapshots. These values are opaque to Kubernetes. + type: object + required: + - deletionPolicy + - driver + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/volumesnapshotcontents.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/volumesnapshotcontents.yaml new file mode 100644 index 000000000..b27b3286e --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/volumesnapshotcontents.yaml @@ -0,0 +1,292 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshotcontents.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshotContent + listKind: VolumeSnapshotContentList + plural: volumesnapshotcontents + singular: volumesnapshotcontent + scope: Cluster + versions: + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: Represents the complete size of the snapshot in bytes + jsonPath: .status.restoreSize + name: RestoreSize + type: integer + - description: Determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .spec.deletionPolicy + name: DeletionPolicy + type: string + - description: Name of the CSI driver used to create the physical snapshot on the underlying storage system. + jsonPath: .spec.driver + name: Driver + type: string + - description: Name of the VolumeSnapshotClass to which this snapshot belongs. + jsonPath: .spec.volumeSnapshotClassName + name: VolumeSnapshotClass + type: string + - description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.name + name: VolumeSnapshot + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshotContent represents the actual "on-disk" snapshot object in the underlying storage system + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: spec defines properties of a VolumeSnapshotContent created by the underlying storage system. Required. + properties: + deletionPolicy: + description: deletionPolicy determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. For dynamically provisioned snapshots, this field will automatically be filled in by the CSI snapshotter sidecar with the "DeletionPolicy" field defined in the corresponding VolumeSnapshotClass. For pre-existing snapshots, users MUST specify this field when creating the VolumeSnapshotContent object. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the CSI driver used to create the physical snapshot on the underlying storage system. This MUST be the same as the name returned by the CSI GetPluginName() call for that driver. Required. + type: string + source: + description: source specifies whether the snapshot is (or should be) dynamically provisioned or already exists, and just requires a Kubernetes object representation. This field is immutable after creation. Required. + properties: + snapshotHandle: + description: snapshotHandle specifies the CSI "snapshot_id" of a pre-existing snapshot on the underlying storage system for which a Kubernetes object representation was (or should be) created. This field is immutable. + type: string + volumeHandle: + description: volumeHandle specifies the CSI "volume_id" of the volume from which a snapshot should be dynamically taken from. This field is immutable. + type: string + type: object + oneOf: + - required: ["snapshotHandle"] + - required: ["volumeHandle"] + volumeSnapshotClassName: + description: name of the VolumeSnapshotClass from which this snapshot was (or will be) created. Note that after provisioning, the VolumeSnapshotClass may be deleted or recreated with different set of values, and as such, should not be referenced post-snapshot creation. + type: string + volumeSnapshotRef: + description: volumeSnapshotRef specifies the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName field must reference to this VolumeSnapshotContent's name for the bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent object, name and namespace of the VolumeSnapshot object MUST be provided for binding to happen. This field is immutable after creation. Required. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + required: + - deletionPolicy + - driver + - source + - volumeSnapshotRef + type: object + status: + description: status represents the current information of a snapshot. + properties: + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it indicates the creation time is unknown. The format of this field is a Unix nanoseconds time encoded as an int64. On Unix, the command `date +%s%N` returns the current time in nanoseconds since 1970-01-01 00:00:00 UTC. + format: int64 + type: integer + error: + description: error is the last observed error during snapshot creation, if any. Upon success after retry, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if a snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + description: restoreSize represents the complete size of the snapshot in bytes. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + format: int64 + minimum: 0 + type: integer + snapshotHandle: + description: snapshotHandle is the CSI "snapshot_id" of a snapshot on the underlying storage system. If not specified, it indicates that dynamic snapshot creation has either failed or it is still in progress. + type: string + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: Represents the complete size of the snapshot in bytes + jsonPath: .status.restoreSize + name: RestoreSize + type: integer + - description: Determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. + jsonPath: .spec.deletionPolicy + name: DeletionPolicy + type: string + - description: Name of the CSI driver used to create the physical snapshot on the underlying storage system. + jsonPath: .spec.driver + name: Driver + type: string + - description: Name of the VolumeSnapshotClass to which this snapshot belongs. + jsonPath: .spec.volumeSnapshotClassName + name: VolumeSnapshotClass + type: string + - description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. + jsonPath: .spec.volumeSnapshotRef.name + name: VolumeSnapshot + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VolumeSnapshotContent represents the actual "on-disk" snapshot object in the underlying storage system + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: spec defines properties of a VolumeSnapshotContent created by the underlying storage system. Required. + properties: + deletionPolicy: + description: deletionPolicy determines whether this VolumeSnapshotContent and its physical snapshot on the underlying storage system should be deleted when its bound VolumeSnapshot is deleted. Supported values are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are kept. "Delete" means that the VolumeSnapshotContent and its physical snapshot on underlying storage system are deleted. For dynamically provisioned snapshots, this field will automatically be filled in by the CSI snapshotter sidecar with the "DeletionPolicy" field defined in the corresponding VolumeSnapshotClass. For pre-existing snapshots, users MUST specify this field when creating the VolumeSnapshotContent object. Required. + enum: + - Delete + - Retain + type: string + driver: + description: driver is the name of the CSI driver used to create the physical snapshot on the underlying storage system. This MUST be the same as the name returned by the CSI GetPluginName() call for that driver. Required. + type: string + source: + description: source specifies whether the snapshot is (or should be) dynamically provisioned or already exists, and just requires a Kubernetes object representation. This field is immutable after creation. Required. + properties: + snapshotHandle: + description: snapshotHandle specifies the CSI "snapshot_id" of a pre-existing snapshot on the underlying storage system for which a Kubernetes object representation was (or should be) created. This field is immutable. + type: string + volumeHandle: + description: volumeHandle specifies the CSI "volume_id" of the volume from which a snapshot should be dynamically taken from. This field is immutable. + type: string + type: object + volumeSnapshotClassName: + description: name of the VolumeSnapshotClass from which this snapshot was (or will be) created. Note that after provisioning, the VolumeSnapshotClass may be deleted or recreated with different set of values, and as such, should not be referenced post-snapshot creation. + type: string + volumeSnapshotRef: + description: volumeSnapshotRef specifies the VolumeSnapshot object to which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName field must reference to this VolumeSnapshotContent's name for the bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent object, name and namespace of the VolumeSnapshot object MUST be provided for binding to happen. This field is immutable after creation. Required. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + required: + - deletionPolicy + - driver + - source + - volumeSnapshotRef + type: object + status: + description: status represents the current information of a snapshot. + properties: + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it indicates the creation time is unknown. The format of this field is a Unix nanoseconds time encoded as an int64. On Unix, the command `date +%s%N` returns the current time in nanoseconds since 1970-01-01 00:00:00 UTC. + format: int64 + type: integer + error: + description: error is the last observed error during snapshot creation, if any. Upon success after retry, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if a snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + description: restoreSize represents the complete size of the snapshot in bytes. In dynamic snapshot creation case, this field will be filled in by the CSI snapshotter sidecar with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + format: int64 + minimum: 0 + type: integer + snapshotHandle: + description: snapshotHandle is the CSI "snapshot_id" of a snapshot on the underlying storage system. If not specified, it indicates that dynamic snapshot creation has either failed or it is still in progress. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/volumesnapshots.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/volumesnapshots.yaml new file mode 100644 index 000000000..bf27a7aff --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/volumesnapshots.yaml @@ -0,0 +1,225 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/419" + creationTimestamp: null + name: volumesnapshots.snapshot.storage.k8s.io +spec: + group: snapshot.storage.k8s.io + names: + kind: VolumeSnapshot + listKind: VolumeSnapshotList + plural: volumesnapshots + singular: volumesnapshot + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: If a new snapshot needs to be created, this contains the name of the source PVC from which this snapshot was (or will be) created. + jsonPath: .spec.source.persistentVolumeClaimName + name: SourcePVC + type: string + - description: If a snapshot already exists, this contains the name of the existing VolumeSnapshotContent object representing the existing snapshot. + jsonPath: .spec.source.volumeSnapshotContentName + name: SourceSnapshotContent + type: string + - description: Represents the minimum size of volume required to rehydrate from this snapshot. + jsonPath: .status.restoreSize + name: RestoreSize + type: string + - description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. + jsonPath: .spec.volumeSnapshotClassName + name: SnapshotClass + type: string + - description: Name of the VolumeSnapshotContent object to which the VolumeSnapshot object intends to bind to. Please note that verification of binding actually requires checking both VolumeSnapshot and VolumeSnapshotContent to ensure both are pointing at each other. Binding MUST be verified prior to usage of this object. + jsonPath: .status.boundVolumeSnapshotContentName + name: SnapshotContent + type: string + - description: Timestamp when the point-in-time snapshot was taken by the underlying storage system. + jsonPath: .status.creationTime + name: CreationTime + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: VolumeSnapshot is a user's request for either creating a point-in-time snapshot of a persistent volume, or binding to a pre-existing snapshot. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: 'spec defines the desired characteristics of a snapshot requested by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots Required.' + properties: + source: + description: source specifies where a snapshot will be created from. This field is immutable after creation. Required. + properties: + persistentVolumeClaimName: + description: persistentVolumeClaimName specifies the name of the PersistentVolumeClaim object representing the volume from which a snapshot should be created. This PVC is assumed to be in the same namespace as the VolumeSnapshot object. This field should be set if the snapshot does not exists, and needs to be created. This field is immutable. + type: string + volumeSnapshotContentName: + description: volumeSnapshotContentName specifies the name of a pre-existing VolumeSnapshotContent object representing an existing volume snapshot. This field should be set if the snapshot already exists and only needs a representation in Kubernetes. This field is immutable. + type: string + type: object + oneOf: + - required: ["persistentVolumeClaimName"] + - required: ["volumeSnapshotContentName"] + volumeSnapshotClassName: + description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass requested by the VolumeSnapshot. VolumeSnapshotClassName may be left nil to indicate that the default SnapshotClass should be used. A given cluster may have multiple default Volume SnapshotClasses: one default per CSI Driver. If a VolumeSnapshot does not specify a SnapshotClass, VolumeSnapshotSource will be checked to figure out what the associated CSI Driver is, and the default VolumeSnapshotClass associated with that CSI Driver will be used. If more than one VolumeSnapshotClass exist for a given CSI Driver and more than one have been marked as default, CreateSnapshot will fail and generate an event. Empty string is not allowed for this field.' + type: string + required: + - source + type: object + status: + description: status represents the current information of a snapshot. Consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object. + properties: + boundVolumeSnapshotContentName: + description: 'boundVolumeSnapshotContentName is the name of the VolumeSnapshotContent object to which this VolumeSnapshot object intends to bind to. If not specified, it indicates that the VolumeSnapshot object has not been successfully bound to a VolumeSnapshotContent object yet. NOTE: To avoid possible security issues, consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object.' + type: string + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it may indicate that the creation time of the snapshot is unknown. + format: date-time + type: string + error: + description: error is the last observed error during snapshot creation, if any. This field could be helpful to upper level controllers(i.e., application controller) to decide whether they should continue on waiting for the snapshot to be created based on the type of error reported. The snapshot controller will keep retrying when an error occurs during the snapshot creation. Upon success, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if the snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + type: string + description: restoreSize represents the minimum size of volume required to create a volume from this snapshot. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Indicates if the snapshot is ready to be used to restore a volume. + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: If a new snapshot needs to be created, this contains the name of the source PVC from which this snapshot was (or will be) created. + jsonPath: .spec.source.persistentVolumeClaimName + name: SourcePVC + type: string + - description: If a snapshot already exists, this contains the name of the existing VolumeSnapshotContent object representing the existing snapshot. + jsonPath: .spec.source.volumeSnapshotContentName + name: SourceSnapshotContent + type: string + - description: Represents the minimum size of volume required to rehydrate from this snapshot. + jsonPath: .status.restoreSize + name: RestoreSize + type: string + - description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. + jsonPath: .spec.volumeSnapshotClassName + name: SnapshotClass + type: string + - description: Name of the VolumeSnapshotContent object to which the VolumeSnapshot object intends to bind to. Please note that verification of binding actually requires checking both VolumeSnapshot and VolumeSnapshotContent to ensure both are pointing at each other. Binding MUST be verified prior to usage of this object. + jsonPath: .status.boundVolumeSnapshotContentName + name: SnapshotContent + type: string + - description: Timestamp when the point-in-time snapshot was taken by the underlying storage system. + jsonPath: .status.creationTime + name: CreationTime + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: VolumeSnapshot is a user's request for either creating a point-in-time snapshot of a persistent volume, or binding to a pre-existing snapshot. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + spec: + description: 'spec defines the desired characteristics of a snapshot requested by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots Required.' + properties: + source: + description: source specifies where a snapshot will be created from. This field is immutable after creation. Required. + properties: + persistentVolumeClaimName: + description: persistentVolumeClaimName specifies the name of the PersistentVolumeClaim object representing the volume from which a snapshot should be created. This PVC is assumed to be in the same namespace as the VolumeSnapshot object. This field should be set if the snapshot does not exists, and needs to be created. This field is immutable. + type: string + volumeSnapshotContentName: + description: volumeSnapshotContentName specifies the name of a pre-existing VolumeSnapshotContent object representing an existing volume snapshot. This field should be set if the snapshot already exists and only needs a representation in Kubernetes. This field is immutable. + type: string + type: object + volumeSnapshotClassName: + description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass requested by the VolumeSnapshot. VolumeSnapshotClassName may be left nil to indicate that the default SnapshotClass should be used. A given cluster may have multiple default Volume SnapshotClasses: one default per CSI Driver. If a VolumeSnapshot does not specify a SnapshotClass, VolumeSnapshotSource will be checked to figure out what the associated CSI Driver is, and the default VolumeSnapshotClass associated with that CSI Driver will be used. If more than one VolumeSnapshotClass exist for a given CSI Driver and more than one have been marked as default, CreateSnapshot will fail and generate an event. Empty string is not allowed for this field.' + type: string + required: + - source + type: object + status: + description: status represents the current information of a snapshot. Consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object. + properties: + boundVolumeSnapshotContentName: + description: 'boundVolumeSnapshotContentName is the name of the VolumeSnapshotContent object to which this VolumeSnapshot object intends to bind to. If not specified, it indicates that the VolumeSnapshot object has not been successfully bound to a VolumeSnapshotContent object yet. NOTE: To avoid possible security issues, consumers must verify binding between VolumeSnapshot and VolumeSnapshotContent objects is successful (by validating that both VolumeSnapshot and VolumeSnapshotContent point at each other) before using this object.' + type: string + creationTime: + description: creationTime is the timestamp when the point-in-time snapshot is taken by the underlying storage system. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "creation_time" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "creation_time" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. If not specified, it may indicate that the creation time of the snapshot is unknown. + format: date-time + type: string + error: + description: error is the last observed error during snapshot creation, if any. This field could be helpful to upper level controllers(i.e., application controller) to decide whether they should continue on waiting for the snapshot to be created based on the type of error reported. The snapshot controller will keep retrying when an error occurs during the snapshot creation. Upon success, this error field will be cleared. + properties: + message: + description: 'message is a string detailing the encountered error during snapshot creation if specified. NOTE: message may be logged, and it should not contain sensitive information.' + type: string + time: + description: time is the timestamp when the error was encountered. + format: date-time + type: string + type: object + readyToUse: + description: readyToUse indicates if the snapshot is ready to be used to restore a volume. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "ready_to_use" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "ready_to_use" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, this field will be set to "True". If not specified, it means the readiness of a snapshot is unknown. + type: boolean + restoreSize: + type: string + description: restoreSize represents the minimum size of volume required to create a volume from this snapshot. In dynamic snapshot creation case, this field will be filled in by the snapshot controller with the "size_bytes" value returned from CSI "CreateSnapshot" gRPC call. For a pre-existing snapshot, this field will be filled with the "size_bytes" value returned from the CSI "ListSnapshots" gRPC call if the driver supports it. When restoring a volume from this snapshot, the size of the volume MUST NOT be smaller than the restoreSize if it is specified, otherwise the restoration will fail. If not specified, it indicates that the size is unknown. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfsbackup.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfsbackup.yaml new file mode 100644 index 000000000..492e5d4b9 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfsbackup.yaml @@ -0,0 +1,116 @@ + + +############################################## +########### ############ +########### ZFSBackup CRD ############ +########### ############ +############################################## + +# ZFSBackups CRD is autogenerated via `make manifests` command. +# Do the modification in the code and run the `make manifests` command +# to generate the CRD definition + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: zfsbackups.zfs.openebs.io +spec: + group: zfs.openebs.io + names: + kind: ZFSBackup + listKind: ZFSBackupList + plural: zfsbackups + shortNames: + - zb + singular: zfsbackup + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Previous snapshot for backup + jsonPath: .spec.prevSnapName + name: PrevSnap + type: string + - description: Backup status + jsonPath: .status + name: Status + type: string + - description: Age of the volume + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: ZFSBackup describes a zfs backup resource created as a custom + resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ZFSBackupSpec is the spec for a ZFSBackup resource + properties: + backupDest: + description: BackupDest is the remote address for backup transfer + minLength: 1 + pattern: ^([0-9]+.[0-9]+.[0-9]+.[0-9]+:[0-9]+)$ + type: string + ownerNodeID: + description: OwnerNodeID is a name of the nodes where the source volume + is + minLength: 1 + type: string + prevSnapName: + description: PrevSnapName is the last completed-backup's snapshot + name + type: string + snapName: + description: SnapName is the snapshot name for backup + minLength: 1 + type: string + volumeName: + description: VolumeName is a name of the volume for which this backup + is destined + minLength: 1 + type: string + required: + - backupDest + - ownerNodeID + - volumeName + type: object + status: + description: ZFSBackupStatus is to hold status of backup + enum: + - Init + - Done + - Failed + - Pending + - InProgress + - Invalid + type: string + required: + - spec + - status + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfsnode.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfsnode.yaml new file mode 100644 index 000000000..db0540d4b --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfsnode.yaml @@ -0,0 +1,87 @@ + +############################################## +########### ############ +########### ZFSNode CRD ############ +########### ############ +############################################## + +# ZFSNode CRD is autogenerated via `make manifests` command. +# Do the modification in the code and run the `make manifests` command +# to generate the CRD definition + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: zfsnodes.zfs.openebs.io +spec: + group: zfs.openebs.io + names: + kind: ZFSNode + listKind: ZFSNodeList + plural: zfsnodes + shortNames: + - zfsnode + singular: zfsnode + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: ZFSNode records information about all zfs pools available in + a node. In general, the openebs node-agent creates the ZFSNode object & + periodically synchronizing the zfs pools available in the node. ZFSNode + has an owner reference pointing to the corresponding node object. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + pools: + items: + description: Pool specifies attributes of a given zfs pool that exists + on the node. + properties: + free: + anyOf: + - type: integer + - type: string + description: Free specifies the available capacity of zfs pool. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + name: + description: Name of the zfs pool. + minLength: 1 + type: string + uuid: + description: UUID denotes a unique identity of a zfs pool. + minLength: 1 + type: string + required: + - free + - name + - uuid + type: object + type: array + required: + - pools + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfsrestore.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfsrestore.yaml new file mode 100644 index 000000000..e3fc43452 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfsrestore.yaml @@ -0,0 +1,238 @@ + + +############################################## +########### ############ +########### ZFSRestore CRD ############ +########### ############ +############################################## + +# ZFSRestores CRD is autogenerated via `make manifests` command. +# Do the modification in the code and run the `make manifests` command +# to generate the CRD definition + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: zfsrestores.zfs.openebs.io +spec: + group: zfs.openebs.io + names: + kind: ZFSRestore + listKind: ZFSRestoreList + plural: zfsrestores + singular: zfsrestore + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: ZFSRestore describes a cstor restore resource created as a custom + resource + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ZFSRestoreSpec is the spec for a ZFSRestore resource + properties: + ownerNodeID: + description: owner node name where restore volume is present + minLength: 1 + type: string + restoreSrc: + description: it can be ip:port in case of restore from remote or volumeName + in case of local restore + minLength: 1 + pattern: ^([0-9]+.[0-9]+.[0-9]+.[0-9]+:[0-9]+)$ + type: string + volumeName: + description: volume name to where restore has to be performed + minLength: 1 + type: string + required: + - ownerNodeID + - restoreSrc + - volumeName + type: object + status: + description: ZFSRestoreStatus is to hold result of action. + enum: + - Init + - Done + - Failed + - Pending + - InProgress + - Invalid + type: string + volSpec: + description: VolumeInfo defines ZFS volume parameters for all modes in + which ZFS volumes can be created like - ZFS volume with filesystem, + ZFS Volume exposed as zfs or ZFS volume exposed as raw block device. + Some of the parameters can be only set during creation time (as specified + in the details of the parameter), and a few are editable. In case of + Cloned volumes, the parameters are assigned the same values as the source + volume. + properties: + capacity: + description: Capacity of the volume + minLength: 1 + type: string + compression: + description: 'Compression specifies the block-level compression algorithm + to be applied to the ZFS Volume. The value "on" indicates ZFS to + use the default compression algorithm. The default compression algorithm + used by ZFS will be either lzjb or, if the lz4_compress feature + is enabled, lz4. Compression property can be edited after the volume + has been created. The change will only be applied to the newly-written + data. For instance, if the Volume was created with "off" and the + next day the compression was modified to "on", the data written + prior to setting "on" will not be compressed. Default Value: off.' + pattern: ^(on|off|lzjb|gzip|gzip-[1-9]|zle|lz4)$ + type: string + dedup: + description: 'Deduplication is the process for removing redundant + data at the block level, reducing the total amount of data stored. + If a file system has the dedup property enabled, duplicate data + blocks are removed synchronously. The result is that only unique + data is stored and common components are shared among files. Deduplication + can consume significant processing power (CPU) and memory as well + as generate additional disk IO. Before creating a pool with deduplication + enabled, ensure that you have planned your hardware requirements + appropriately and implemented appropriate recovery practices, such + as regular backups. As an alternative to deduplication consider + using compression=lz4, as a less resource-intensive alternative. + should be enabled on the zvol. Dedup property can be edited after + the volume has been created. Default Value: off.' + enum: + - "on" + - "off" + type: string + encryption: + description: 'Enabling the encryption feature allows for the creation + of encrypted filesystems and volumes. ZFS will encrypt file and + zvol data, file attributes, ACLs, permission bits, directory listings, + FUID mappings, and userused / groupused data. ZFS will not encrypt + metadata related to the pool structure, including dataset and snapshot + names, dataset hierarchy, properties, file size, file holes, and + deduplication tables (though the deduplicated data itself is encrypted). + Default Value: off.' + pattern: ^(on|off|aes-128-[c,g]cm|aes-192-[c,g]cm|aes-256-[c,g]cm)$ + type: string + fsType: + description: 'FsType specifies filesystem type for the zfs volume/dataset. + If FsType is provided as "zfs", then the driver will create a ZFS + dataset, formatting is not required as underlying filesystem is + ZFS anyway. If FsType is ext2, ext3, ext4 or xfs, then the driver + will create a ZVOL and format the volume accordingly. FsType can + not be modified once volume has been provisioned. Default Value: + ext4.' + type: string + keyformat: + description: KeyFormat specifies format of the encryption key The + supported KeyFormats are passphrase, raw, hex. + enum: + - passphrase + - raw + - hex + type: string + keylocation: + description: KeyLocation is the location of key for the encryption + type: string + ownerNodeID: + description: OwnerNodeID is the Node ID where the ZPOOL is running + which is where the volume has been provisioned. OwnerNodeID can + not be edited after the volume has been provisioned. + minLength: 1 + type: string + poolName: + description: poolName specifies the name of the pool where the volume + has been created. PoolName can not be edited after the volume has + been provisioned. + minLength: 1 + type: string + recordsize: + description: 'Specifies a suggested block size for files in the file + system. The size specified must be a power of two greater than or + equal to 512 and less than or equal to 128 Kbytes. RecordSize property + can be edited after the volume has been created. Changing the file + system''s recordsize affects only files created afterward; existing + files are unaffected. Default Value: 128k.' + minLength: 1 + type: string + shared: + description: Shared specifies whether the volume can be shared among + multiple pods. If it is not set to "yes", then the ZFS-LocalPV Driver + will not allow the volumes to be mounted by more than one pods. + enum: + - "yes" + - "no" + type: string + snapname: + description: SnapName specifies the name of the snapshot where the + volume has been cloned from. Snapname can not be edited after the + volume has been provisioned. + type: string + thinProvision: + description: 'ThinProvision describes whether space reservation for + the source volume is required or not. The value "yes" indicates + that volume should be thin provisioned and "no" means thick provisioning + of the volume. If thinProvision is set to "yes" then volume can + be provisioned even if the ZPOOL does not have the enough capacity. + If thinProvision is set to "no" then volume can be provisioned only + if the ZPOOL has enough capacity and capacity required by volume + can be reserved. ThinProvision can not be modified once volume has + been provisioned. Default Value: no.' + enum: + - "yes" + - "no" + type: string + volblocksize: + description: 'VolBlockSize specifies the block size for the zvol. + The volsize can only be set to a multiple of volblocksize, and cannot + be zero. VolBlockSize can not be edited after the volume has been + provisioned. Default Value: 8k.' + minLength: 1 + type: string + volumeType: + description: volumeType determines whether the volume is of type "DATASET" + or "ZVOL". If fstype provided in the storageclass is "zfs", a volume + of type dataset will be created. If "ext4", "ext3", "ext2" or "xfs" + is mentioned as fstype in the storageclass, then a volume of type + zvol will be created, which will be further formatted as the fstype + provided in the storageclass. VolumeType can not be modified once + volume has been provisioned. + enum: + - ZVOL + - DATASET + type: string + required: + - capacity + - ownerNodeID + - poolName + - volumeType + type: object + required: + - spec + - status + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfssnapshot.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfssnapshot.yaml new file mode 100644 index 000000000..6bb076080 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfssnapshot.yaml @@ -0,0 +1,383 @@ + + +############################################## +########### ############ +########### ZFSSnapshot CRD ############ +########### ############ +############################################## + +# ZFSSnapshot CRD is autogenerated via `make manifests` command. +# Do the modification in the code and run the `make manifests` command +# to generate the CRD definition + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: zfssnapshots.zfs.openebs.io +spec: + group: zfs.openebs.io + names: + kind: ZFSSnapshot + listKind: ZFSSnapshotList + plural: zfssnapshots + shortNames: + - zfssnap + singular: zfssnapshot + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: ZFSSnapshot represents a ZFS Snapshot of the zfsvolume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VolumeInfo defines ZFS volume parameters for all modes in + which ZFS volumes can be created like - ZFS volume with filesystem, + ZFS Volume exposed as zfs or ZFS volume exposed as raw block device. + Some of the parameters can be only set during creation time (as specified + in the details of the parameter), and a few are editable. In case of + Cloned volumes, the parameters are assigned the same values as the source + volume. + properties: + capacity: + description: Capacity of the volume + minLength: 1 + type: string + compression: + description: 'Compression specifies the block-level compression algorithm + to be applied to the ZFS Volume. The value "on" indicates ZFS to + use the default compression algorithm. The default compression algorithm + used by ZFS will be either lzjb or, if the lz4_compress feature + is enabled, lz4. Compression property can be edited after the volume + has been created. The change will only be applied to the newly-written + data. For instance, if the Volume was created with "off" and the + next day the compression was modified to "on", the data written + prior to setting "on" will not be compressed. Default Value: off.' + pattern: ^(on|off|lzjb|gzip|gzip-[1-9]|zle|lz4)$ + type: string + dedup: + description: 'Deduplication is the process for removing redundant + data at the block level, reducing the total amount of data stored. + If a file system has the dedup property enabled, duplicate data + blocks are removed synchronously. The result is that only unique + data is stored and common components are shared among files. Deduplication + can consume significant processing power (CPU) and memory as well + as generate additional disk IO. Before creating a pool with deduplication + enabled, ensure that you have planned your hardware requirements + appropriately and implemented appropriate recovery practices, such + as regular backups. As an alternative to deduplication consider + using compression=lz4, as a less resource-intensive alternative. + should be enabled on the zvol. Dedup property can be edited after + the volume has been created. Default Value: off.' + enum: + - "on" + - "off" + type: string + encryption: + description: 'Enabling the encryption feature allows for the creation + of encrypted filesystems and volumes. ZFS will encrypt file and + zvol data, file attributes, ACLs, permission bits, directory listings, + FUID mappings, and userused / groupused data. ZFS will not encrypt + metadata related to the pool structure, including dataset and snapshot + names, dataset hierarchy, properties, file size, file holes, and + deduplication tables (though the deduplicated data itself is encrypted). + Default Value: off.' + pattern: ^(on|off|aes-128-[c,g]cm|aes-192-[c,g]cm|aes-256-[c,g]cm)$ + type: string + fsType: + description: 'FsType specifies filesystem type for the zfs volume/dataset. + If FsType is provided as "zfs", then the driver will create a ZFS + dataset, formatting is not required as underlying filesystem is + ZFS anyway. If FsType is ext2, ext3, ext4 or xfs, then the driver + will create a ZVOL and format the volume accordingly. FsType can + not be modified once volume has been provisioned. Default Value: + ext4.' + type: string + keyformat: + description: KeyFormat specifies format of the encryption key The + supported KeyFormats are passphrase, raw, hex. + enum: + - passphrase + - raw + - hex + type: string + keylocation: + description: KeyLocation is the location of key for the encryption + type: string + ownerNodeID: + description: OwnerNodeID is the Node ID where the ZPOOL is running + which is where the volume has been provisioned. OwnerNodeID can + not be edited after the volume has been provisioned. + minLength: 1 + type: string + poolName: + description: poolName specifies the name of the pool where the volume + has been created. PoolName can not be edited after the volume has + been provisioned. + minLength: 1 + type: string + recordsize: + description: 'Specifies a suggested block size for files in the file + system. The size specified must be a power of two greater than or + equal to 512 and less than or equal to 128 Kbytes. RecordSize property + can be edited after the volume has been created. Changing the file + system''s recordsize affects only files created afterward; existing + files are unaffected. Default Value: 128k.' + minLength: 1 + type: string + shared: + description: Shared specifies whether the volume can be shared among + multiple pods. If it is not set to "yes", then the ZFS-LocalPV Driver + will not allow the volumes to be mounted by more than one pods. + enum: + - "yes" + - "no" + type: string + snapname: + description: SnapName specifies the name of the snapshot where the + volume has been cloned from. Snapname can not be edited after the + volume has been provisioned. + type: string + thinProvision: + description: 'ThinProvision describes whether space reservation for + the source volume is required or not. The value "yes" indicates + that volume should be thin provisioned and "no" means thick provisioning + of the volume. If thinProvision is set to "yes" then volume can + be provisioned even if the ZPOOL does not have the enough capacity. + If thinProvision is set to "no" then volume can be provisioned only + if the ZPOOL has enough capacity and capacity required by volume + can be reserved. ThinProvision can not be modified once volume has + been provisioned. Default Value: no.' + enum: + - "yes" + - "no" + type: string + volblocksize: + description: 'VolBlockSize specifies the block size for the zvol. + The volsize can only be set to a multiple of volblocksize, and cannot + be zero. VolBlockSize can not be edited after the volume has been + provisioned. Default Value: 8k.' + minLength: 1 + type: string + volumeType: + description: volumeType determines whether the volume is of type "DATASET" + or "ZVOL". If fstype provided in the storageclass is "zfs", a volume + of type dataset will be created. If "ext4", "ext3", "ext2" or "xfs" + is mentioned as fstype in the storageclass, then a volume of type + zvol will be created, which will be further formatted as the fstype + provided in the storageclass. VolumeType can not be modified once + volume has been provisioned. + enum: + - ZVOL + - DATASET + type: string + required: + - capacity + - ownerNodeID + - poolName + - volumeType + type: object + status: + description: SnapStatus string that reflects if the snapshot was created + successfully + properties: + state: + type: string + type: object + required: + - spec + - status + type: object + served: true + storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ZFSSnapshot represents a ZFS Snapshot of the zfsvolume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VolumeInfo defines ZFS volume parameters for all modes in + which ZFS volumes can be created like - ZFS volume with filesystem, + ZFS Volume exposed as zfs or ZFS volume exposed as raw block device. + Some of the parameters can be only set during creation time (as specified + in the details of the parameter), and a few are editable. In case of + Cloned volumes, the parameters are assigned the same values as the source + volume. + properties: + capacity: + description: Capacity of the volume + minLength: 1 + type: string + compression: + description: 'Compression specifies the block-level compression algorithm + to be applied to the ZFS Volume. The value "on" indicates ZFS to + use the default compression algorithm. The default compression algorithm + used by ZFS will be either lzjb or, if the lz4_compress feature + is enabled, lz4. Compression property can be edited after the volume + has been created. The change will only be applied to the newly-written + data. For instance, if the Volume was created with "off" and the + next day the compression was modified to "on", the data written + prior to setting "on" will not be compressed. Default Value: off.' + pattern: ^(on|off|lzjb|gzip|gzip-[1-9]|zle|lz4)$ + type: string + dedup: + description: 'Deduplication is the process for removing redundant + data at the block level, reducing the total amount of data stored. + If a file system has the dedup property enabled, duplicate data + blocks are removed synchronously. The result is that only unique + data is stored and common components are shared among files. Deduplication + can consume significant processing power (CPU) and memory as well + as generate additional disk IO. Before creating a pool with deduplication + enabled, ensure that you have planned your hardware requirements + appropriately and implemented appropriate recovery practices, such + as regular backups. As an alternative to deduplication consider + using compression=lz4, as a less resource-intensive alternative. + should be enabled on the zvol. Dedup property can be edited after + the volume has been created. Default Value: off.' + enum: + - "on" + - "off" + type: string + encryption: + description: 'Enabling the encryption feature allows for the creation + of encrypted filesystems and volumes. ZFS will encrypt file and + zvol data, file attributes, ACLs, permission bits, directory listings, + FUID mappings, and userused / groupused data. ZFS will not encrypt + metadata related to the pool structure, including dataset and snapshot + names, dataset hierarchy, properties, file size, file holes, and + deduplication tables (though the deduplicated data itself is encrypted). + Default Value: off.' + pattern: ^(on|off|aes-128-[c,g]cm|aes-192-[c,g]cm|aes-256-[c,g]cm)$ + type: string + fsType: + description: 'FsType specifies filesystem type for the zfs volume/dataset. + If FsType is provided as "zfs", then the driver will create a ZFS + dataset, formatting is not required as underlying filesystem is + ZFS anyway. If FsType is ext2, ext3, ext4 or xfs, then the driver + will create a ZVOL and format the volume accordingly. FsType can + not be modified once volume has been provisioned. Default Value: + ext4.' + type: string + keyformat: + description: KeyFormat specifies format of the encryption key The + supported KeyFormats are passphrase, raw, hex. + enum: + - passphrase + - raw + - hex + type: string + keylocation: + description: KeyLocation is the location of key for the encryption + type: string + ownerNodeID: + description: OwnerNodeID is the Node ID where the ZPOOL is running + which is where the volume has been provisioned. OwnerNodeID can + not be edited after the volume has been provisioned. + minLength: 1 + type: string + poolName: + description: poolName specifies the name of the pool where the volume + has been created. PoolName can not be edited after the volume has + been provisioned. + minLength: 1 + type: string + recordsize: + description: 'Specifies a suggested block size for files in the file + system. The size specified must be a power of two greater than or + equal to 512 and less than or equal to 128 Kbytes. RecordSize property + can be edited after the volume has been created. Changing the file + system''s recordsize affects only files created afterward; existing + files are unaffected. Default Value: 128k.' + minLength: 1 + type: string + snapname: + description: SnapName specifies the name of the snapshot where the + volume has been cloned from. Snapname can not be edited after the + volume has been provisioned. + type: string + thinProvision: + description: 'ThinProvision describes whether space reservation for + the source volume is required or not. The value "yes" indicates + that volume should be thin provisioned and "no" means thick provisioning + of the volume. If thinProvision is set to "yes" then volume can + be provisioned even if the ZPOOL does not have the enough capacity. + If thinProvision is set to "no" then volume can be provisioned only + if the ZPOOL has enough capacity and capacity required by volume + can be reserved. ThinProvision can not be modified once volume has + been provisioned. Default Value: no.' + enum: + - "yes" + - "no" + type: string + volblocksize: + description: 'VolBlockSize specifies the block size for the zvol. + The volsize can only be set to a multiple of volblocksize, and cannot + be zero. VolBlockSize can not be edited after the volume has been + provisioned. Default Value: 8k.' + minLength: 1 + type: string + volumeType: + description: volumeType determines whether the volume is of type "DATASET" + or "ZVOL". If fstype provided in the storageclass is "zfs", a volume + of type dataset will be created. If "ext4", "ext3", "ext2" or "xfs" + is mentioned as fstype in the storageclass, then a volume of type + zvol will be created, which will be further formatted as the fstype + provided in the storageclass. VolumeType can not be modified once + volume has been provisioned. + enum: + - ZVOL + - DATASET + type: string + required: + - capacity + - ownerNodeID + - poolName + - volumeType + type: object + status: + description: SnapStatus string that reflects if the snapshot was created + successfully + properties: + state: + type: string + type: object + required: + - spec + - status + type: object + served: true + storage: false +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfsvolume.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfsvolume.yaml new file mode 100644 index 000000000..4173e472a --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/crds/zfsvolume.yaml @@ -0,0 +1,449 @@ + + +############################################## +########### ############ +########### ZFSVolume CRD ############ +########### ############ +############################################## + +# ZFSVolume CRD is autogenerated via `make manifests` command. +# Do the modification in the code and run the `make manifests` command +# to generate the CRD definition + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: zfsvolumes.zfs.openebs.io +spec: + group: zfs.openebs.io + names: + kind: ZFSVolume + listKind: ZFSVolumeList + plural: zfsvolumes + shortNames: + - zfsvol + - zv + singular: zfsvolume + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: ZFS Pool where the volume is created + jsonPath: .spec.poolName + name: ZPool + type: string + - description: Node where the volume is created + jsonPath: .spec.ownerNodeID + name: NodeID + type: string + - description: Size of the volume + jsonPath: .spec.capacity + name: Size + type: string + - description: Status of the volume + jsonPath: .status.state + name: Status + type: string + - description: filesystem created on the volume + jsonPath: .spec.fsType + name: Filesystem + type: string + - description: Age of the volume + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: ZFSVolume represents a ZFS based volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VolumeInfo defines ZFS volume parameters for all modes in + which ZFS volumes can be created like - ZFS volume with filesystem, + ZFS Volume exposed as zfs or ZFS volume exposed as raw block device. + Some of the parameters can be only set during creation time (as specified + in the details of the parameter), and a few are editable. In case of + Cloned volumes, the parameters are assigned the same values as the source + volume. + properties: + capacity: + description: Capacity of the volume + minLength: 1 + type: string + compression: + description: 'Compression specifies the block-level compression algorithm + to be applied to the ZFS Volume. The value "on" indicates ZFS to + use the default compression algorithm. The default compression algorithm + used by ZFS will be either lzjb or, if the lz4_compress feature + is enabled, lz4. Compression property can be edited after the volume + has been created. The change will only be applied to the newly-written + data. For instance, if the Volume was created with "off" and the + next day the compression was modified to "on", the data written + prior to setting "on" will not be compressed. Default Value: off.' + pattern: ^(on|off|lzjb|gzip|gzip-[1-9]|zle|lz4)$ + type: string + dedup: + description: 'Deduplication is the process for removing redundant + data at the block level, reducing the total amount of data stored. + If a file system has the dedup property enabled, duplicate data + blocks are removed synchronously. The result is that only unique + data is stored and common components are shared among files. Deduplication + can consume significant processing power (CPU) and memory as well + as generate additional disk IO. Before creating a pool with deduplication + enabled, ensure that you have planned your hardware requirements + appropriately and implemented appropriate recovery practices, such + as regular backups. As an alternative to deduplication consider + using compression=lz4, as a less resource-intensive alternative. + should be enabled on the zvol. Dedup property can be edited after + the volume has been created. Default Value: off.' + enum: + - "on" + - "off" + type: string + encryption: + description: 'Enabling the encryption feature allows for the creation + of encrypted filesystems and volumes. ZFS will encrypt file and + zvol data, file attributes, ACLs, permission bits, directory listings, + FUID mappings, and userused / groupused data. ZFS will not encrypt + metadata related to the pool structure, including dataset and snapshot + names, dataset hierarchy, properties, file size, file holes, and + deduplication tables (though the deduplicated data itself is encrypted). + Default Value: off.' + pattern: ^(on|off|aes-128-[c,g]cm|aes-192-[c,g]cm|aes-256-[c,g]cm)$ + type: string + fsType: + description: 'FsType specifies filesystem type for the zfs volume/dataset. + If FsType is provided as "zfs", then the driver will create a ZFS + dataset, formatting is not required as underlying filesystem is + ZFS anyway. If FsType is ext2, ext3, ext4 or xfs, then the driver + will create a ZVOL and format the volume accordingly. FsType can + not be modified once volume has been provisioned. Default Value: + ext4.' + type: string + keyformat: + description: KeyFormat specifies format of the encryption key The + supported KeyFormats are passphrase, raw, hex. + enum: + - passphrase + - raw + - hex + type: string + keylocation: + description: KeyLocation is the location of key for the encryption + type: string + ownerNodeID: + description: OwnerNodeID is the Node ID where the ZPOOL is running + which is where the volume has been provisioned. OwnerNodeID can + not be edited after the volume has been provisioned. + minLength: 1 + type: string + poolName: + description: poolName specifies the name of the pool where the volume + has been created. PoolName can not be edited after the volume has + been provisioned. + minLength: 1 + type: string + recordsize: + description: 'Specifies a suggested block size for files in the file + system. The size specified must be a power of two greater than or + equal to 512 and less than or equal to 128 Kbytes. RecordSize property + can be edited after the volume has been created. Changing the file + system''s recordsize affects only files created afterward; existing + files are unaffected. Default Value: 128k.' + minLength: 1 + type: string + shared: + description: Shared specifies whether the volume can be shared among + multiple pods. If it is not set to "yes", then the ZFS-LocalPV Driver + will not allow the volumes to be mounted by more than one pods. + enum: + - "yes" + - "no" + type: string + snapname: + description: SnapName specifies the name of the snapshot where the + volume has been cloned from. Snapname can not be edited after the + volume has been provisioned. + type: string + thinProvision: + description: 'ThinProvision describes whether space reservation for + the source volume is required or not. The value "yes" indicates + that volume should be thin provisioned and "no" means thick provisioning + of the volume. If thinProvision is set to "yes" then volume can + be provisioned even if the ZPOOL does not have the enough capacity. + If thinProvision is set to "no" then volume can be provisioned only + if the ZPOOL has enough capacity and capacity required by volume + can be reserved. ThinProvision can not be modified once volume has + been provisioned. Default Value: no.' + enum: + - "yes" + - "no" + type: string + volblocksize: + description: 'VolBlockSize specifies the block size for the zvol. + The volsize can only be set to a multiple of volblocksize, and cannot + be zero. VolBlockSize can not be edited after the volume has been + provisioned. Default Value: 8k.' + minLength: 1 + type: string + volumeType: + description: volumeType determines whether the volume is of type "DATASET" + or "ZVOL". If fstype provided in the storageclass is "zfs", a volume + of type dataset will be created. If "ext4", "ext3", "ext2" or "xfs" + is mentioned as fstype in the storageclass, then a volume of type + zvol will be created, which will be further formatted as the fstype + provided in the storageclass. VolumeType can not be modified once + volume has been provisioned. + enum: + - ZVOL + - DATASET + type: string + required: + - capacity + - ownerNodeID + - poolName + - volumeType + type: object + status: + description: VolStatus string that specifies the current state of the + volume provisioning request. + properties: + state: + description: State specifies the current state of the volume provisioning + request. The state "Pending" means that the volume creation request + has not processed yet. The state "Ready" means that the volume has + been created and it is ready for the use. + enum: + - Pending + - Ready + - Failed + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: {} + - additionalPrinterColumns: + - description: ZFS Pool where the volume is created + jsonPath: .spec.poolName + name: ZPool + type: string + - description: Node where the volume is created + jsonPath: .spec.ownerNodeID + name: Node + type: string + - description: Size of the volume + jsonPath: .spec.capacity + name: Size + type: string + - description: Status of the volume + jsonPath: .status.state + name: Status + type: string + - description: filesystem created on the volume + jsonPath: .spec.fsType + name: Filesystem + type: string + - description: Age of the volume + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: ZFSVolume represents a ZFS based volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VolumeInfo defines ZFS volume parameters for all modes in + which ZFS volumes can be created like - ZFS volume with filesystem, + ZFS Volume exposed as zfs or ZFS volume exposed as raw block device. + Some of the parameters can be only set during creation time (as specified + in the details of the parameter), and a few are editable. In case of + Cloned volumes, the parameters are assigned the same values as the source + volume. + properties: + capacity: + description: Capacity of the volume + minLength: 1 + type: string + compression: + description: 'Compression specifies the block-level compression algorithm + to be applied to the ZFS Volume. The value "on" indicates ZFS to + use the default compression algorithm. The default compression algorithm + used by ZFS will be either lzjb or, if the lz4_compress feature + is enabled, lz4. Compression property can be edited after the volume + has been created. The change will only be applied to the newly-written + data. For instance, if the Volume was created with "off" and the + next day the compression was modified to "on", the data written + prior to setting "on" will not be compressed. Default Value: off.' + pattern: ^(on|off|lzjb|gzip|gzip-[1-9]|zle|lz4)$ + type: string + dedup: + description: 'Deduplication is the process for removing redundant + data at the block level, reducing the total amount of data stored. + If a file system has the dedup property enabled, duplicate data + blocks are removed synchronously. The result is that only unique + data is stored and common components are shared among files. Deduplication + can consume significant processing power (CPU) and memory as well + as generate additional disk IO. Before creating a pool with deduplication + enabled, ensure that you have planned your hardware requirements + appropriately and implemented appropriate recovery practices, such + as regular backups. As an alternative to deduplication consider + using compression=lz4, as a less resource-intensive alternative. + should be enabled on the zvol. Dedup property can be edited after + the volume has been created. Default Value: off.' + enum: + - "on" + - "off" + type: string + encryption: + description: 'Enabling the encryption feature allows for the creation + of encrypted filesystems and volumes. ZFS will encrypt file and + zvol data, file attributes, ACLs, permission bits, directory listings, + FUID mappings, and userused / groupused data. ZFS will not encrypt + metadata related to the pool structure, including dataset and snapshot + names, dataset hierarchy, properties, file size, file holes, and + deduplication tables (though the deduplicated data itself is encrypted). + Default Value: off.' + pattern: ^(on|off|aes-128-[c,g]cm|aes-192-[c,g]cm|aes-256-[c,g]cm)$ + type: string + fsType: + description: 'FsType specifies filesystem type for the zfs volume/dataset. + If FsType is provided as "zfs", then the driver will create a ZFS + dataset, formatting is not required as underlying filesystem is + ZFS anyway. If FsType is ext2, ext3, ext4 or xfs, then the driver + will create a ZVOL and format the volume accordingly. FsType can + not be modified once volume has been provisioned. Default Value: + ext4.' + type: string + keyformat: + description: KeyFormat specifies format of the encryption key The + supported KeyFormats are passphrase, raw, hex. + enum: + - passphrase + - raw + - hex + type: string + keylocation: + description: KeyLocation is the location of key for the encryption + type: string + ownerNodeID: + description: OwnerNodeID is the Node ID where the ZPOOL is running + which is where the volume has been provisioned. OwnerNodeID can + not be edited after the volume has been provisioned. + minLength: 1 + type: string + poolName: + description: poolName specifies the name of the pool where the volume + has been created. PoolName can not be edited after the volume has + been provisioned. + minLength: 1 + type: string + recordsize: + description: 'Specifies a suggested block size for files in the file + system. The size specified must be a power of two greater than or + equal to 512 and less than or equal to 128 Kbytes. RecordSize property + can be edited after the volume has been created. Changing the file + system''s recordsize affects only files created afterward; existing + files are unaffected. Default Value: 128k.' + minLength: 1 + type: string + snapname: + description: SnapName specifies the name of the snapshot where the + volume has been cloned from. Snapname can not be edited after the + volume has been provisioned. + type: string + thinProvision: + description: 'ThinProvision describes whether space reservation for + the source volume is required or not. The value "yes" indicates + that volume should be thin provisioned and "no" means thick provisioning + of the volume. If thinProvision is set to "yes" then volume can + be provisioned even if the ZPOOL does not have the enough capacity. + If thinProvision is set to "no" then volume can be provisioned only + if the ZPOOL has enough capacity and capacity required by volume + can be reserved. ThinProvision can not be modified once volume has + been provisioned. Default Value: no.' + enum: + - "yes" + - "no" + type: string + volblocksize: + description: 'VolBlockSize specifies the block size for the zvol. + The volsize can only be set to a multiple of volblocksize, and cannot + be zero. VolBlockSize can not be edited after the volume has been + provisioned. Default Value: 8k.' + minLength: 1 + type: string + volumeType: + description: volumeType determines whether the volume is of type "DATASET" + or "ZVOL". If fstype provided in the storageclass is "zfs", a volume + of type dataset will be created. If "ext4", "ext3", "ext2" or "xfs" + is mentioned as fstype in the storageclass, then a volume of type + zvol will be created, which will be further formatted as the fstype + provided in the storageclass. VolumeType can not be modified once + volume has been provisioned. + enum: + - ZVOL + - DATASET + type: string + required: + - capacity + - ownerNodeID + - poolName + - volumeType + type: object + status: + description: VolStatus string that specifies the current state of the + volume provisioning request. + properties: + state: + description: State specifies the current state of the volume provisioning + request. The state "Pending" means that the volume creation request + has not processed yet. The state "Ready" means that the volume has + been created and it is ready for the use. + enum: + - Pending + - Ready + type: string + type: object + required: + - spec + type: object + served: true + storage: false + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/NOTES.txt b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/NOTES.txt new file mode 100644 index 000000000..c0454bc57 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/NOTES.txt @@ -0,0 +1,5 @@ +The OpenEBS ZFS LocalPV has been installed. Check its status by running: +$ kubectl get pods -n {{ .Release.Namespace }} -l role=openebs-zfs + +For more information, visit our Slack at https://openebs.io/community or view +the documentation online at http://docs.openebs.io/. diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/_helpers.tpl b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/_helpers.tpl new file mode 100644 index 000000000..a611c8f4d --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/_helpers.tpl @@ -0,0 +1,116 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "zfslocalpv.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified localpv provisioner name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "zfslocalpv.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "zfslocalpv.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{/* +Create the name of the service account for controller +*/}} +{{- define "zfslocalpv.zfsController.serviceAccountName" -}} +{{- if .Values.serviceAccount.zfsController.create }} +{{- default (include "zfslocalpv.fullname" .) .Values.serviceAccount.zfsController.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.zfsController.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "zfslocalpv.zfsNode.serviceAccountName" -}} +{{- if .Values.serviceAccount.zfsNode.create }} +{{- default (include "zfslocalpv.fullname" .) .Values.serviceAccount.zfsNode.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.zfsNode.name }} +{{- end -}} +{{- end -}} + +{{/* +Define meta labels for openebs zfs-localpv components +*/}} +{{- define "zfslocalpv.common.metaLabels" -}} +chart: {{ template "zfslocalpv.chart" . }} +heritage: {{ .Release.Service }} +openebs.io/version: {{ .Values.release.version | quote }} +role: {{ .Values.role | quote }} +{{- end -}} + +{{/* +Create match labels for openebs zfs-localpv controller +*/}} +{{- define "zfslocalpv.zfsController.matchLabels" -}} +app: {{ .Values.zfsController.componentName | quote }} +release: {{ .Release.Name }} +component: {{ .Values.zfsController.componentName | quote }} +{{- end -}} + +{{/* +Create component labels for zfslocalpv controller +*/}} +{{- define "zfslocalpv.zfsController.componentLabels" -}} +openebs.io/component-name: {{ .Values.zfsController.componentName | quote }} +{{- end -}} + + +{{/* +Create labels for openebs zfs-localpv controller +*/}} +{{- define "zfslocalpv.zfsController.labels" -}} +{{ include "zfslocalpv.common.metaLabels" . }} +{{ include "zfslocalpv.zfsController.matchLabels" . }} +{{ include "zfslocalpv.zfsController.componentLabels" . }} +{{- end -}} + +{{/* +Create match labels for openebs zfs-localpv node daemon +*/}} +{{- define "zfslocalpv.zfsNode.matchLabels" -}} +name: {{ .Values.zfsNode.componentName | quote }} +release: {{ .Release.Name }} +{{- end -}} + +{{/* +Create component labels openebs zfs-localpv node daemon +*/}} +{{- define "zfslocalpv.zfsNode.componentLabels" -}} +openebs.io/component-name: {{ .Values.zfsNode.componentName | quote }} +{{- end -}} + + +{{/* +Create labels for openebs zfs-localpv node daemon +*/}} +{{- define "zfslocalpv.zfsNode.labels" -}} +{{ include "zfslocalpv.common.metaLabels" . }} +{{ include "zfslocalpv.zfsNode.matchLabels" . }} +{{ include "zfslocalpv.zfsNode.componentLabels" . }} +{{- end -}} diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/configmap.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/configmap.yaml new file mode 100644 index 000000000..2c3d62e9d --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/configmap.yaml @@ -0,0 +1,17 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: openebs-zfspv-bin + namespace: {{ .Release.Namespace }} # should be the same namespace where it is getting mounted + labels: + {{- include "zfslocalpv.zfsNode.labels" . | nindent 4 }} +data: + zfs: | + #!/bin/sh + if [ -x /host/sbin/zfs ]; then + chroot /host /sbin/zfs "$@" + elif [ -x /host/usr/sbin/zfs ]; then + chroot /host /usr/sbin/zfs "$@" + else + chroot /host zfs "$@" + fi diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/csidriver.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/csidriver.yaml new file mode 100644 index 000000000..a33cbb801 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/csidriver.yaml @@ -0,0 +1,9 @@ +# Create the CSI Driver object +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: zfs.csi.openebs.io +spec: + # do not require volumeattachment + attachRequired: false + podInfoOnMount: false diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/psp.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/psp.yaml new file mode 100644 index 000000000..33be4dc3d --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/psp.yaml @@ -0,0 +1,24 @@ +{{- if .Values.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: openebs-zfs-node-psp + labels: + {{- include "zfslocalpv.zfsNode.labels" . | nindent 4 }} +spec: + privileged: true + allowPrivilegeEscalation: true + allowedCapabilities: ['*'] + volumes: ['*'] + hostNetwork: true + hostIPC: true + hostPID: true + runAsUser: + rule: 'RunAsAny' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'RunAsAny' + fsGroup: + rule: 'RunAsAny' +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/rbac.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/rbac.yaml new file mode 100644 index 000000000..632ec42ce --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/rbac.yaml @@ -0,0 +1,200 @@ +{{- if .Values.serviceAccount.zfsController.create -}} +kind: ServiceAccount +apiVersion: v1 +metadata: + name: {{ .Values.serviceAccount.zfsController.name }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "zfslocalpv.zfsController.labels" . | nindent 4 }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-zfs-provisioner-role + labels: + {{- include "zfslocalpv.zfsController.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["*"] + - apiGroups: [""] + resources: ["persistentvolumes", "services"] + verbs: ["get", "list", "watch", "create", "delete", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses", "csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [ "storage.k8s.io" ] + resources: [ "csistoragecapacities"] + verbs: ["*"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["*"] + resources: ["zfsvolumes", "zfssnapshots", "zfsbackups", "zfsrestores", "zfsnodes"] + verbs: ["*"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-zfs-provisioner-binding + labels: + {{- include "zfslocalpv.zfsController.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.zfsController.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-zfs-provisioner-role + apiGroup: rbac.authorization.k8s.io +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-zfs-snapshotter-role + labels: + {{- include "zfslocalpv.zfsController.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["update"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots/status"] + verbs: ["update"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-zfs-snapshotter-binding + labels: + {{- include "zfslocalpv.zfsController.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.zfsController.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-zfs-snapshotter-role + apiGroup: rbac.authorization.k8s.io +--- +{{- end }} +{{- if .Values.serviceAccount.zfsNode.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.zfsNode.name }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "zfslocalpv.zfsNode.labels" . | nindent 4 }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-zfs-driver-registrar-role + labels: + {{- include "zfslocalpv.zfsNode.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumes", "nodes", "services"] + verbs: ["get", "list"] + - apiGroups: ["*"] + resources: ["zfsvolumes", "zfssnapshots", "zfsbackups", "zfsrestores", "zfsnodes"] + verbs: ["get", "list", "watch", "create", "update", "patch"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-zfs-driver-registrar-binding + labels: + {{- include "zfslocalpv.zfsNode.labels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.zfsNode.name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: openebs-zfs-driver-registrar-role + apiGroup: rbac.authorization.k8s.io + +{{- if .Values.rbac.pspEnabled }} +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: openebs-zfs-node-role + labels: + {{- include "zfslocalpv.zfsNode.labels" . | nindent 4 }} +rules: +- apiGroups: ['policy'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - openebs-zfs-node-psp +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: openebs-zfs-node-binding + labels: + {{- include "zfslocalpv.zfsNode.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: openebs-zfs-node-role +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount.zfsNode.name }} + namespace: {{ $.Release.Namespace }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/zfs-contoller.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/zfs-contoller.yaml new file mode 100644 index 000000000..4f4a72e92 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/zfs-contoller.yaml @@ -0,0 +1,128 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ template "zfslocalpv.fullname" . }}-controller + {{- with .Values.zfsController.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "zfslocalpv.zfsController.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "zfslocalpv.zfsController.matchLabels" . | nindent 6 }} + serviceName: "{{ .Values.zfsController.serviceName }}" + replicas: {{ .Values.zfsController.replicas }} + template: + metadata: + {{- with .Values.zfsController.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "zfslocalpv.zfsController.labels" . | nindent 8 }} + {{- with .Values.zfsController.podLabels}} + {{ toYaml . | nindent 8 }} + {{- end}} + spec: + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - openebs-zfs-controller + topologyKey: "kubernetes.io/hostname" + priorityClassName: system-cluster-critical + serviceAccount: {{ .Values.serviceAccount.zfsController.name }} + containers: + - name: {{ .Values.zfsController.resizer.name }} + image: "{{ .Values.zfsController.resizer.image.registry }}{{ .Values.zfsController.resizer.image.repository }}:{{ .Values.zfsController.resizer.image.tag }}" + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + imagePullPolicy: {{ .Values.zfsController.resizer.image.pullPolicy }} + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + - name: {{ .Values.zfsController.snapshotter.name }} + image: "{{ .Values.zfsController.snapshotter.image.registry }}{{ .Values.zfsController.snapshotter.image.repository }}:{{ .Values.zfsController.snapshotter.image.tag }}" + imagePullPolicy: {{ .Values.zfsController.snapshotter.image.pullPolicy }} + args: + - "--csi-address=$(ADDRESS)" + - "--leader-election" + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + - name: {{ .Values.zfsController.snapshotController.name }} + image: "{{ .Values.zfsController.snapshotController.image.registry }}{{ .Values.zfsController.snapshotController.image.repository }}:{{ .Values.zfsController.snapshotController.image.tag }}" + args: + - "--v=5" + - "--leader-election=true" + imagePullPolicy: {{ .Values.zfsController.snapshotController.image.pullPolicy }} + - name: {{ .Values.zfsController.provisioner.name }} + image: "{{ .Values.zfsController.provisioner.image.registry }}{{ .Values.zfsController.provisioner.image.repository }}:{{ .Values.zfsController.provisioner.image.tag }}" + imagePullPolicy: {{ .Values.zfsController.provisioner.image.pullPolicy }} + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--feature-gates=Topology=true" + - "--strict-topology" + - "--leader-election" + - "--extra-create-metadata=true" + - "--default-fstype=ext4" + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + - name: {{ .Values.zfsPlugin.name }} + image: "{{ .Values.zfsPlugin.image.registry }}{{ .Values.zfsPlugin.image.repository }}:{{ .Values.zfsPlugin.image.tag }}" + imagePullPolicy: {{ .Values.zfsPlugin.image.pullPolicy }} + env: + - name: OPENEBS_CONTROLLER_DRIVER + value: controller + - name: OPENEBS_CSI_ENDPOINT + value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPENEBS_IO_INSTALLER_TYPE + value: "zfs-localpv-helm" + - name: OPENEBS_IO_ENABLE_ANALYTICS + value: "{{ .Values.analytics.enabled }}" + args : + - "--endpoint=$(OPENEBS_CSI_ENDPOINT)" + - "--plugin=$(OPENEBS_CONTROLLER_DRIVER)" + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy/ + volumes: + - name: socket-dir + emptyDir: {} +{{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 2 }} +{{- end }} +{{- if .Values.zfsController.nodeSelector }} + nodeSelector: +{{ toYaml .Values.zfsController.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.zfsController.securityContext }} + securityContext: +{{ toYaml .Values.zfsController.securityContext | indent 8 }} +{{- end }} +{{- if .Values.zfsController.tolerations }} + tolerations: +{{ toYaml .Values.zfsController.tolerations | indent 8 }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/zfs-node.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/zfs-node.yaml new file mode 100644 index 000000000..5cc5c3cf3 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/templates/zfs-node.yaml @@ -0,0 +1,146 @@ +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: {{ template "zfslocalpv.fullname" . }}-node + {{- with .Values.zfsNode.annotations }} + annotations: {{ toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "zfslocalpv.zfsNode.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "zfslocalpv.zfsNode.matchLabels" . | nindent 6 }} + updateStrategy: + rollingUpdate: + maxUnavailable: 100% + type: RollingUpdate + template: + metadata: + {{- with .Values.zfsNode.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "zfslocalpv.zfsNode.labels" . | nindent 8 }} + {{- with .Values.zfsNode.podLabels}} + {{ toYaml . | nindent 8 }} + {{- end}} + spec: + priorityClassName: system-node-critical + serviceAccount: {{ .Values.serviceAccount.zfsNode.name }} + hostNetwork: true + containers: + - name: {{ .Values.zfsNode.driverRegistrar.name }} + image: "{{ .Values.zfsNode.driverRegistrar.image.registry }}{{ .Values.zfsNode.driverRegistrar.image.repository }}:{{ .Values.zfsNode.driverRegistrar.image.tag }}" + imagePullPolicy: {{ .Values.zfsNode.driverRegistrar.image.pullPolicy }} + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" + lifecycle: + preStop: + exec: + command: ["/bin/sh", "-c", "rm -rf /registration/zfs-localpv /registration/zfs-localpv-reg.sock"] + env: + - name: ADDRESS + value: /plugin/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: {{ .Values.zfsNode.kubeletDir }}plugins/zfs-localpv/csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: NODE_DRIVER + value: openebs-zfs + volumeMounts: + - name: plugin-dir + mountPath: /plugin + - name: registration-dir + mountPath: /registration + - name: {{ .Values.zfsPlugin.name }} + securityContext: + privileged: true + allowPrivilegeEscalation: true + image: "{{ .Values.zfsPlugin.image.registry }}{{ .Values.zfsPlugin.image.repository }}:{{ .Values.zfsPlugin.image.tag }}" + imagePullPolicy: {{ .Values.zfsPlugin.image.pullPolicy }} + args: + - "--nodename=$(OPENEBS_NODE_NAME)" + - "--endpoint=$(OPENEBS_CSI_ENDPOINT)" + - "--plugin=$(OPENEBS_NODE_DRIVER)" + env: + - name: OPENEBS_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: OPENEBS_CSI_ENDPOINT + value: unix:///plugin/csi.sock + - name: OPENEBS_NODE_DRIVER + value: agent + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + volumeMounts: + - name: plugin-dir + mountPath: /plugin + - name: device-dir + mountPath: /dev + - name: encr-keys + mountPath: /home/keys + - name: chroot-zfs + mountPath: /sbin/zfs + subPath: zfs + - name: host-root + mountPath: /host + mountPropagation: "HostToContainer" + readOnly: true + - name: pods-mount-dir + mountPath: {{ .Values.zfsNode.kubeletDir }} + # needed so that any mounts setup inside this container are + # propagated back to the host machine. + mountPropagation: "Bidirectional" + volumes: + - name: device-dir + hostPath: + path: /dev + type: Directory + - name: encr-keys + hostPath: + path: /home/keys + type: DirectoryOrCreate + - name: chroot-zfs + configMap: + defaultMode: 0555 + name: openebs-zfspv-bin + - name: host-root + hostPath: + path: / + type: Directory + - name: registration-dir + hostPath: + path: {{ .Values.zfsNode.kubeletDir }}plugins_registry/ + type: DirectoryOrCreate + - name: plugin-dir + hostPath: + path: {{ .Values.zfsNode.kubeletDir }}plugins/zfs-localpv/ + type: DirectoryOrCreate + - name: pods-mount-dir + hostPath: + path: {{ .Values.zfsNode.kubeletDir }} + type: Directory +{{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 2 }} +{{- end }} +{{- if .Values.zfsNode.nodeSelector }} + nodeSelector: +{{ toYaml .Values.zfsNode.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.zfsNode.securityContext }} + securityContext: +{{ toYaml .Values.zfsNode.securityContext | indent 8 }} +{{- end }} +{{- if .Values.zfsNode.tolerations }} + tolerations: +{{ toYaml .Values.zfsNode.tolerations | indent 8 }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/charts/zfs-localpv/values.yaml b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/values.yaml new file mode 100644 index 000000000..53004845f --- /dev/null +++ b/charts/openebs/openebs/3.0.0/charts/zfs-localpv/values.yaml @@ -0,0 +1,147 @@ +# Default values for openebs-zfslocalpv. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +release: + version: "1.9.0" + +imagePullSecrets: +# - name: "image-pull-secret" + + +rbac: + # rbac.pspEnabled: `true` if PodSecurityPolicy resources should be created + pspEnabled: false + +# zfsNode contains the configurables for +# the zfs node daemonset +zfsNode: + componentName: openebs-zfs-node + driverRegistrar: + name: "csi-node-driver-registrar" + image: + # Make sure that registry name end with a '/'. + # For example : k8s.gcr.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-node-driver-registrar + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v2.1.0 + updateStrategy: + type: RollingUpdate + annotations: {} + podAnnotations: {} + resources: {} + # This can be configured to run on various different k8s distributions like + # microk8s where kubelet dir is different + kubeletDir: "/var/lib/kubelet/" + # limits: + # cpu: 10m + # memory: 32Mi + # requests: + # cpu: 10m + # memory: 32Mi + ## Labels to be added to openebs-zfs node pods + podLabels: {} + nodeSelector: {} + tolerations: [] + securityContext: {} + labels: {} + +# zfsController contains the configurables for +# the zfs controller statefulset +zfsController: + componentName: openebs-zfs-controller + replicas: 1 + serviceName: openebs-zfs + resizer: + name: "csi-resizer" + image: + # Make sure that registry name end with a '/'. + # For example : k8s.gcr.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-resizer + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v1.1.0 + snapshotter: + name: "csi-snapshotter" + image: + # Make sure that registry name end with a '/'. + # For example : k8s.gcr.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-snapshotter + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v4.0.0 + snapshotController: + name: "snapshot-controller" + image: + # Make sure that registry name end with a '/'. + # For example : k8s.gcr.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/snapshot-controller + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v4.0.0 + provisioner: + name: "csi-provisioner" + image: + # Make sure that registry name end with a '/'. + # For example : k8s.gcr.io/ is a correct value here and quay.io is incorrect + registry: k8s.gcr.io/ + repository: sig-storage/csi-provisioner + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v2.1.0 + updateStrategy: + type: RollingUpdate + annotations: {} + podAnnotations: {} + resources: {} + # limits: + # cpu: 10m + # memory: 32Mi + # requests: + # cpu: 10m + # memory: 32Mi + ## Labels to be added to openebs-zfs controller pods + podLabels: + name: openebs-zfs-controller + nodeSelector: {} + tolerations: [] + securityContext: {} + +# zfsPlugin is the common csi container used by the +# controller statefulset and node daemonset +zfsPlugin: + name: "openebs-zfs-plugin" + image: + # Make sure that registry name end with a '/'. + # For example : k8s.gcr.io/ is a correct value here and quay.io is incorrect + registry: + repository: openebs/zfs-driver + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 1.9.0 + +role: openebs-zfs + +crd: + enableInstall: true + +serviceAccount: + zfsController: + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: openebs-zfs-controller-sa + zfsNode: + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: openebs-zfs-node-sa + +analytics: + enabled: true diff --git a/charts/openebs/openebs/3.0.0/crds/blockdevice.yaml b/charts/openebs/openebs/3.0.0/crds/blockdevice.yaml new file mode 100644 index 000000000..95f40703c --- /dev/null +++ b/charts/openebs/openebs/3.0.0/crds/blockdevice.yaml @@ -0,0 +1,241 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: blockdevices.openebs.io +spec: + group: openebs.io + names: + kind: BlockDevice + listKind: BlockDeviceList + plural: blockdevices + shortNames: + - bd + singular: blockdevice + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.nodeAttributes.nodeName + name: NodeName + type: string + - jsonPath: .spec.path + name: Path + priority: 1 + type: string + - jsonPath: .spec.filesystem.fsType + name: FSType + priority: 1 + type: string + - jsonPath: .spec.capacity.storage + name: Size + type: string + - jsonPath: .status.claimState + name: ClaimState + type: string + - jsonPath: .status.state + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: BlockDevice is the Schema for the blockdevices API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DeviceSpec defines the properties and runtime status of a BlockDevice + properties: + aggregateDevice: + description: AggregateDevice was intended to store the hierarchical information in cases of LVM. However this is currently not implemented and may need to be re-looked into for better design. To be deprecated + type: string + capacity: + description: Capacity + properties: + logicalSectorSize: + description: LogicalSectorSize is blockdevice logical-sector size in bytes + format: int32 + type: integer + physicalSectorSize: + description: PhysicalSectorSize is blockdevice physical-Sector size in bytes + format: int32 + type: integer + storage: + description: Storage is the blockdevice capacity in bytes + format: int64 + type: integer + required: + - storage + type: object + claimRef: + description: ClaimRef is the reference to the BDC which has claimed this BD + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + details: + description: Details contain static attributes of BD like model,serial, and so forth + properties: + compliance: + description: Compliance is standards/specifications version implemented by device firmware such as SPC-1, SPC-2, etc + type: string + deviceType: + description: DeviceType represents the type of device like sparse, disk, partition, lvm, crypt + enum: + - disk + - partition + - sparse + - loop + - lvm + - crypt + - dm + - mpath + type: string + driveType: + description: DriveType is the type of backing drive, HDD/SSD + enum: + - HDD + - SSD + - Unknown + - "" + type: string + firmwareRevision: + description: FirmwareRevision is the disk firmware revision + type: string + hardwareSectorSize: + description: HardwareSectorSize is the hardware sector size in bytes + format: int32 + type: integer + logicalBlockSize: + description: LogicalBlockSize is the logical block size in bytes reported by /sys/class/block/sda/queue/logical_block_size + format: int32 + type: integer + model: + description: Model is model of disk + type: string + physicalBlockSize: + description: PhysicalBlockSize is the physical block size in bytes reported by /sys/class/block/sda/queue/physical_block_size + format: int32 + type: integer + serial: + description: Serial is serial number of disk + type: string + vendor: + description: Vendor is vendor of disk + type: string + type: object + devlinks: + description: DevLinks contains soft links of a block device like /dev/by-id/... /dev/by-uuid/... + items: + description: DeviceDevLink holds the mapping between type and links like by-id type or by-path type link + properties: + kind: + description: Kind is the type of link like by-id or by-path. + enum: + - by-id + - by-path + type: string + links: + description: Links are the soft links + items: + type: string + type: array + type: object + type: array + filesystem: + description: FileSystem contains mountpoint and filesystem type + properties: + fsType: + description: Type represents the FileSystem type of the block device + type: string + mountPoint: + description: MountPoint represents the mountpoint of the block device. + type: string + type: object + nodeAttributes: + description: NodeAttributes has the details of the node on which BD is attached + properties: + nodeName: + description: NodeName is the name of the Kubernetes node resource on which the device is attached + type: string + type: object + parentDevice: + description: "ParentDevice was intended to store the UUID of the parent Block Device as is the case for partitioned block devices. \n For example: /dev/sda is the parent for /dev/sda1 To be deprecated" + type: string + partitioned: + description: Partitioned represents if BlockDevice has partitions or not (Yes/No) Currently always default to No. To be deprecated + enum: + - "Yes" + - "No" + type: string + path: + description: Path contain devpath (e.g. /dev/sdb) + type: string + required: + - capacity + - devlinks + - nodeAttributes + - path + type: object + status: + description: DeviceStatus defines the observed state of BlockDevice + properties: + claimState: + description: ClaimState represents the claim state of the block device + enum: + - Claimed + - Unclaimed + - Released + type: string + state: + description: State is the current state of the blockdevice (Active/Inactive/Unknown) + enum: + - Active + - Inactive + - Unknown + type: string + required: + - claimState + - state + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/crds/blockdeviceclaim.yaml b/charts/openebs/openebs/3.0.0/crds/blockdeviceclaim.yaml new file mode 100644 index 000000000..81b9a355e --- /dev/null +++ b/charts/openebs/openebs/3.0.0/crds/blockdeviceclaim.yaml @@ -0,0 +1,144 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.5.0 + creationTimestamp: null + name: blockdeviceclaims.openebs.io +spec: + group: openebs.io + names: + kind: BlockDeviceClaim + listKind: BlockDeviceClaimList + plural: blockdeviceclaims + shortNames: + - bdc + singular: blockdeviceclaim + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.blockDeviceName + name: BlockDeviceName + type: string + - jsonPath: .status.phase + name: Phase + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: BlockDeviceClaim is the Schema for the blockdeviceclaims API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DeviceClaimSpec defines the request details for a BlockDevice + properties: + blockDeviceName: + description: BlockDeviceName is the reference to the block-device backing this claim + type: string + blockDeviceNodeAttributes: + description: BlockDeviceNodeAttributes is the attributes on the node from which a BD should be selected for this claim. It can include nodename, failure domain etc. + properties: + hostName: + description: HostName represents the hostname of the Kubernetes node resource where the BD should be present + type: string + nodeName: + description: NodeName represents the name of the Kubernetes node resource where the BD should be present + type: string + type: object + deviceClaimDetails: + description: Details of the device to be claimed + properties: + allowPartition: + description: AllowPartition represents whether to claim a full block device or a device that is a partition + type: boolean + blockVolumeMode: + description: 'BlockVolumeMode represents whether to claim a device in Block mode or Filesystem mode. These are use cases of BlockVolumeMode: 1) Not specified: VolumeMode check will not be effective 2) VolumeModeBlock: BD should not have any filesystem or mountpoint 3) VolumeModeFileSystem: BD should have a filesystem and mountpoint. If DeviceFormat is specified then the format should match with the FSType in BD' + type: string + formatType: + description: Format of the device required, eg:ext4, xfs + type: string + type: object + deviceType: + description: DeviceType represents the type of drive like SSD, HDD etc., + nullable: true + type: string + hostName: + description: Node name from where blockdevice has to be claimed. To be deprecated. Use NodeAttributes.HostName instead + type: string + resources: + description: Resources will help with placing claims on Capacity, IOPS + properties: + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum resources required. eg: if storage resource of 10G is requested minimum capacity of 10G should be available TODO for validating' + type: object + required: + - requests + type: object + selector: + description: Selector is used to find block devices to be considered for claiming + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: object + status: + description: DeviceClaimStatus defines the observed state of BlockDeviceClaim + properties: + phase: + description: Phase represents the current phase of the claim + type: string + required: + - phase + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/openebs/openebs/3.0.0/questions.yml b/charts/openebs/openebs/3.0.0/questions.yml new file mode 100644 index 000000000..159fe959e --- /dev/null +++ b/charts/openebs/openebs/3.0.0/questions.yml @@ -0,0 +1,200 @@ +questions: +- variable: defaultImage + default: true + description: "Use default OpenEBS images" + label: Use Default Image + type: boolean + show_subquestion_if: false + group: "Container Images" + subquestions: + - variable: apiserver.image + default: "openebs/m-apiserver" + description: "Default API Server image for OpenEBS" + type: string + label: API Server Image + - variable: apiserver.imageTag + default: "3.0.0" + description: "The image tag of API Server image" + type: string + label: Image Tag For OpenEBS API Server Image + - variable: provisioner.image + default: "openebs/openebs-k8s-provisioner" + description: "Default K8s Provisioner image for OpenEBS" + type: string + label: Provisioner Image + - variable: provisioner.imageTag + default: "3.0.0" + description: "The image tag of Provisioner image" + type: string + label: Image Tag For Provisioner Image + - variable: snapshotOperator.controller.image + default: "openebs/snapshot-controller" + description: "Default Snapshot Controller image for OpenEBS" + type: string + label: Snapshot Controller Image + - variable: snapshotOperator.controller.imageTag + default: "3.0.0" + description: "The image tag of Snapshot Controller image" + type: string + label: Image Tag For OpenEBS Snapshot Controller Image + - variable: snapshotOperator.provisioner.image + default: "openebs/snapshot-provisioner" + description: "Default Snapshot Provisioner image for OpenEBS" + type: string + label: Snapshot Provisioner Image + - variable: snapshotOperator.provisioner.imageTag + default: "3.0.0" + description: "The image tag of Snapshot Provisioner image" + type: string + label: Image Tag For OpenEBS Snapshot Provisioner Image + - variable: ndm.image + default: "openebs/node-disk-manager" + description: "Default NDM image" + type: string + label: Node Disk Manager Image + - variable: ndm.imageTag + default: "0.7.0" + description: "The image tag of NDM image" + type: string + label: Image Tag For Node Disk Manager Image + - variable: ndmOperator.image + default: "openebs/node-disk-operator" + description: "Default NDO image" + type: string + label: Node Disk Operator Image + - variable: ndmOperator.imageTag + default: "0.7.0" + description: "The image tag of NDO image" + type: string + label: Image Tag For Node Disk Manager Image + - variable: jiva.image + default: "openebs/jiva" + description: "Default Jiva Storage Engine image for OpenEBS" + type: string + label: Jiva Storage Engine Image + - variable: jiva.imageTag + default: "3.0.0" + description: "The image tag of Jiva image" + type: string + label: Image Tag For OpenEBS Jiva Storage Engine Image + - variable: cstor.pool.image + default: "openebs/cstor-pool" + description: "Default cStor Storage Engine Pool image for OpenEBS" + type: string + label: cStor Storage Engine Pool Image + - variable: cstor.pool.imageTag + default: "3.0.0" + description: "The image tag of cStor Storage Engine Pool image" + type: string + label: Image Tag For OpenEBS cStor Storage Engine Pool Image + - variable: cstor.poolMgmt.image + default: "openebs/cstor-pool-mgmt" + description: "Default cStor Storage Engine Pool Management image for OpenEBS" + type: string + label: cStor Storage Engine Pool Management Image + - variable: cstor.poolMgmt.imageTag + default: "3.0.0" + description: "The image tag of cStor Storage Engine Pool Management image" + type: string + label: Image Tag For OpenEBS cStor Storage Engine Pool Management Image + - variable: cstor.target.image + default: "openebs/cstor-istgt" + description: "Default cStor Storage Engine Target image for OpenEBS" + type: string + label: cStor Storage Engine Target Image + - variable: cstor.target.imageTag + default: "3.0.0" + description: "The image tag of cStor Storage Engine Target image" + type: string + label: Image Tag For OpenEBS cStor Storage Engine Target Image + - variable: cstor.volumeMgmt.image + default: "openebs/cstor-volume-mgmt" + description: "Default cStor Storage Engine Target Management image for OpenEBS" + type: string + label: cStor Storage Engine Target Management Image + - variable: cstor.volumeMgmt.imageTag + default: "3.0.0" + description: "The image tag of cStor Storage Engine Target Management image" + type: string + label: Image Tag For OpenEBS cStor Storage Engine Target Management Image + - variable: policies.monitoring.image + default: "openebs/m-exporter" + description: "Default OpeneEBS Volume and pool Exporter image" + type: string + label: Monitoring Exporter Image + show_if: "policies.monitoring.enabled=true&&defaultImage=false" + - variable: policies.monitoring.imageTag + default: "3.0.0" + description: "The image tag of OpenEBS Exporter" + type: string + label: Image Tag For OpenEBS Exporter Image + show_if: "policies.monitoring.enabled=true&&defaultImage=false" +- variable: ndm.filters.excludeVendors + default: 'CLOUDBYT,OpenEBS' + type: string + description: "Configure NDM to filter disks from following vendors" + label: Filter Disks belonging to vendors + group: "NDM Disk Filter by Vendor " +- variable: ndm.filters.excludePaths + default: 'loop,fd0,sr0,/dev/ram,/dev/dm-,/dev/md' + type: string + description: "Configure NDM to filter disks from following paths" + label: Filter Disks belonging to paths + group: "NDM Disk Filter by Path" +- variable: ndm.sparse.enabled + default: true + description: "Create a cStor Pool on Sparse Disks" + label: Create cStor Pool on Sprase Disks + type: boolean + show_subquestion_if: true + group: "NDM Sparse Disk Settings" + subquestions: + - variable: ndm.sparse.size + default: "10737418240" + description: "Default Size of Sparse Disk" + type: string + label: Sparse Disk Size in bytes + - variable: ndm.sparse.count + default: "0" + description: "Number of Sparse Disks" + type: string + label: Number of Sparse Disks + - variable: ndm.sparse.path + default: "/var/openebs/sparse" + description: "Directory where Sparse Disks should be created" + type: string + label: Directory for Sparse Disks +- variable: defaultPorts + default: true + description: "Use default Communication Ports" + label: Use Default Ports + type: boolean + show_subquestion_if: false + group: "Communication Ports" + subquestions: + - variable: apiserver.ports.externalPort + default: 5656 + description: "Default External Port for OpenEBS API Server" + type: int + min: 0 + max: 9999 + label: OpenEBS API Server External Port + - variable: apiserver.ports.internalPort + default: 5656 + description: "Default Internal Port for OpenEBS API Server" + type: int + min: 0 + max: 9999 + label: OpenEBS API Server Internal Port +- variable: policies.monitoring.enabled + default: true + description: "Enable prometheus monitoring" + type: boolean + label: Enable Prometheus Monitoring + group: "Monitoring Settings" +- variable: analytics.enabled + default: true + description: "Enable sending anonymous statistics to OpenEBS Google Analytics" + type: boolean + label: Enable updating OpenEBS with usage details + group: "Anonymous Analytics" diff --git a/charts/openebs/openebs/3.0.0/templates/NOTES.txt b/charts/openebs/openebs/3.0.0/templates/NOTES.txt new file mode 100644 index 000000000..7b0f6a7da --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/NOTES.txt @@ -0,0 +1,33 @@ + +Successfully installed OpenEBS. + +Check the status by running: kubectl get pods -n {{ .Release.Namespace }} + +The default values will install NDM and enable OpenEBS hostpath and device +storage engines along with their default StorageClasses. Use `kubectl get sc` +to see the list of installed OpenEBS StorageClasses. + +**Note**: If you are upgrading from the older helm chart that was using cStor +and Jiva (non-csi) volumes, you will have to run the following command to include +the older provisioners: + +helm upgrade {{ .Release.Name }} openebs/openebs \ + --namespace {{ .Release.Namespace }} \ + --set legacy.enabled=true \ + --reuse-values + +For other engines, you will need to perform a few more additional steps to +enable the engine, configure the engines (e.g. creating pools) and create +StorageClasses. + +For example, cStor can be enabled using commands like: + +helm upgrade {{ .Release.Name }} openebs/openebs \ + --namespace {{ .Release.Namespace }} \ + --set cstor.enabled=true \ + --reuse-values + +For more information, +- view the online documentation at https://openebs.io/ or +- connect with an active community on Kubernetes slack #openebs channel. + diff --git a/charts/openebs/openebs/3.0.0/templates/_helpers.tpl b/charts/openebs/openebs/3.0.0/templates/_helpers.tpl new file mode 100644 index 000000000..09a9f4c52 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/_helpers.tpl @@ -0,0 +1,160 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "openebs.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "openebs.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "openebs.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "openebs.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "openebs.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + + +{{/* +Define meta labels for openebs components +*/}} +{{- define "openebs.common.metaLabels" -}} +chart: {{ template "openebs.chart" . }} +heritage: {{ .Release.Service }} +openebs.io/version: {{ .Values.release.version | quote }} +{{- end -}} + + +{{- define "openebs.ndm-cluster-exporter.name" -}} +{{- $ndmName := default .Chart.Name .Values.ndmExporter.clusterExporter.nameOverride | trunc 63 | trimSuffix "-" }} +{{- $componentName := .Values.ndmExporter.clusterExporter.name | trunc 63 | trimSuffix "-" }} +{{- printf "%s-%s" $ndmName $componentName | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified ndm cluster exporter name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "openebs.ndm-cluster-exporter.fullname" -}} +{{- if .Values.ndmExporter.clusterExporter.fullnameOverride }} +{{- .Values.ndmExporter.clusterExporter.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $ndmClusterExporterName := include "openebs.ndm-cluster-exporter.name" .}} + +{{- $name := default $ndmClusterExporterName .Values.ndmExporter.clusterExporter.nameOverride }} +{{- if contains .Release.Name $name }} +{{- $name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{- define "openebs.ndm-node-exporter.name" -}} +{{- $ndmName := default .Chart.Name .Values.ndmExporter.nodeExporter.nameOverride | trunc 63 | trimSuffix "-" }} +{{- $componentName := .Values.ndmExporter.nodeExporter.name | trunc 63 | trimSuffix "-" }} +{{- printf "%s-%s" $ndmName $componentName | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified ndm node exporter name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "openebs.ndm-node-exporter.fullname" -}} +{{- if .Values.ndmExporter.nodeExporter.fullnameOverride }} +{{- .Values.ndmExporter.nodeExporter.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $ndmNodeExporterName := include "openebs.ndm-node-exporter.name" .}} + +{{- $name := default $ndmNodeExporterName .Values.ndmExporter.nodeExporter.nameOverride }} +{{- if contains .Release.Name $name }} +{{- $name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create match labels for ndm cluster exporter deployment +*/}} +{{- define "openebs.ndm-cluster-exporter.matchLabels" -}} +app: {{ template "openebs.ndm-cluster-exporter.name" . }} +release: {{ .Release.Name }} +component: {{ default (include "openebs.ndm-cluster-exporter.name" .) .Values.ndmExporter.clusterExporter.componentName }} +{{- end -}} + +{{/* +Create component labels for ndm cluster exporter component +*/}} +{{- define "openebs.ndm-cluster-exporter.componentLabels" -}} +name: {{ template "openebs.ndm-node-exporter.name" . }} +openebs.io/component-name: {{ default (include "openebs.ndm-cluster-exporter.name" .) .Values.ndmExporter.clusterExporter.componentName }} +{{- end -}} + + +{{/* +Create labels for ndm cluster exporter component +*/}} +{{- define "openebs.ndm-cluster-exporter.labels" -}} +{{ include "openebs.common.metaLabels" . }} +{{ include "openebs.ndm-cluster-exporter.matchLabels" . }} +{{ include "openebs.ndm-cluster-exporter.componentLabels" . }} +{{- end -}} + +{{/* +Create match labels for ndm node exporter deployment +*/}} +{{- define "openebs.ndm-node-exporter.matchLabels" -}} +app: {{ template "openebs.ndm-node-exporter.name" . }} +release: {{ .Release.Name }} +component: {{ default (include "openebs.ndm-node-exporter.name" .) .Values.ndmExporter.nodeExporter.componentName }} +{{- end -}} + +{{/* +Create component labels for ndm node exporter component +*/}} +{{- define "openebs.ndm-node-exporter.componentLabels" -}} +name: {{ template "openebs.ndm-node-exporter.name" . }} +openebs.io/component-name: {{ default (include "openebs.ndm-node-exporter.name" .) .Values.ndmExporter.nodeExporter.componentName }} +{{- end -}} + + +{{/* +Create labels for ndm cluster node component +*/}} +{{- define "openebs.ndm-node-exporter.labels" -}} +{{ include "openebs.common.metaLabels" . }} +{{ include "openebs.ndm-node-exporter.matchLabels" . }} +{{ include "openebs.ndm-node-exporter.componentLabels" . }} +{{- end -}} diff --git a/charts/openebs/openebs/3.0.0/templates/clusterrole.yaml b/charts/openebs/openebs/3.0.0/templates/clusterrole.yaml new file mode 100644 index 000000000..3a8d3ced8 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/clusterrole.yaml @@ -0,0 +1,50 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "openebs.fullname" . }} + labels: + app: {{ template "openebs.name" . }} + chart: {{ template "openebs.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +rules: +- apiGroups: ["*"] + resources: ["nodes", "nodes/proxy"] + verbs: ["*"] +- apiGroups: ["*"] + resources: ["namespaces", "services", "pods", "pods/exec", "deployments", "deployments/finalizers", "replicationcontrollers", "replicasets", "events", "endpoints", "configmaps", "secrets", "jobs", "cronjobs" ] + verbs: ["*"] +- apiGroups: ["*"] + resources: ["statefulsets", "daemonsets"] + verbs: ["*"] +- apiGroups: ["*"] + resources: ["resourcequotas", "limitranges"] + verbs: ["list", "watch"] +- apiGroups: ["*"] + resources: ["ingresses", "horizontalpodautoscalers", "verticalpodautoscalers", "poddisruptionbudgets", "certificatesigningrequests"] + verbs: ["list", "watch"] +- apiGroups: ["*"] + resources: ["storageclasses", "persistentvolumeclaims", "persistentvolumes"] + verbs: ["*"] +- apiGroups: ["volumesnapshot.external-storage.k8s.io"] + resources: ["volumesnapshots", "volumesnapshotdatas"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] +- apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: [ "get", "list", "create", "update", "delete", "patch"] +- apiGroups: ["openebs.io"] + resources: [ "*"] + verbs: ["*" ] +- apiGroups: ["cstor.openebs.io"] + resources: [ "*"] + verbs: ["*" ] +- apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] +- apiGroups: ["admissionregistration.k8s.io"] + resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + verbs: ["get", "create", "list", "delete", "update", "patch"] +- nonResourceURLs: ["/metrics"] + verbs: ["get"] +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/clusterrolebinding.yaml b/charts/openebs/openebs/3.0.0/templates/clusterrolebinding.yaml new file mode 100644 index 000000000..0ada25cd6 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/clusterrolebinding.yaml @@ -0,0 +1,19 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "openebs.fullname" . }} + labels: + app: {{ template "openebs.name" . }} + chart: {{ template "openebs.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "openebs.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ template "openebs.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/kyverno/allow-capabilities.yaml b/charts/openebs/openebs/3.0.0/templates/kyverno/allow-capabilities.yaml new file mode 100644 index 000000000..75be5d9d1 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/kyverno/allow-capabilities.yaml @@ -0,0 +1,30 @@ +{{- if .Values.rbac.kyvernoEnabled }} +apiVersion: kyverno.io/v1 +kind: Policy +metadata: + name: allow-add-capabilities + annotations: + policies.kyverno.io/category: Pod Security Standards + policies.kyverno.io/severity: medium + policies.kyverno.io/subject: Pod + policies.kyverno.io/description: >- + Provides a list of capabilities that are allowed to be added to a container. +spec: + validationFailureAction: enforce + background: true + rules: + - name: capabilities + match: + resources: + kinds: + - Pod + validate: + message: >- + Default set of capabilities are allowed. + pattern: + spec: + containers: + - =(securityContext): + =(capabilities): + =(add): "*" +{{- end }} \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/templates/kyverno/allow-host-namespaces.yaml b/charts/openebs/openebs/3.0.0/templates/kyverno/allow-host-namespaces.yaml new file mode 100644 index 000000000..527178d00 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/kyverno/allow-host-namespaces.yaml @@ -0,0 +1,32 @@ +{{- if .Values.rbac.kyvernoEnabled }} +apiVersion: kyverno.io/v1 +kind: Policy +metadata: + name: allow-host-namespaces + annotations: + policies.kyverno.io/category: Pod Security Standards + policies.kyverno.io/severity: medium + policies.kyverno.io/subject: Pod + policies.kyverno.io/description: >- + Host namespaces (Process ID namespace, Inter-Process Communication namespace, and + network namespace) allow access to shared information and can be used to elevate + privileges. Pods should allowed access to host namespaces. +spec: + validationFailureAction: enforce + background: true + rules: + - name: host-namespaces + match: + resources: + kinds: + - Pod + validate: + message: >- + Sharing the host namespaces is allowed. The fields spec.hostNetwork, + spec.hostIPC, and spec.hostPID must be set to true. + pattern: + spec: + =(hostPID): "true" + =(hostIPC): "true" + =(hostNetwork): "true" +{{- end }} \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/templates/kyverno/allow-host-ports.yaml b/charts/openebs/openebs/3.0.0/templates/kyverno/allow-host-ports.yaml new file mode 100644 index 000000000..1274c62bb --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/kyverno/allow-host-ports.yaml @@ -0,0 +1,31 @@ +{{- if .Values.rbac.kyvernoEnabled }} +apiVersion: kyverno.io/v1 +kind: Policy +metadata: + name: allow-host-ports + annotations: + policies.kyverno.io/category: Pod Security Standards (Privileged) + policies.kyverno.io/severity: medium + policies.kyverno.io/subject: Pod + policies.kyverno.io/description: >- + Access to host ports allows potential snooping of network traffic and should be + allowed, or at minimum restricted to a known list. +spec: + validationFailureAction: enforce + background: true + rules: + - name: host-ports + match: + resources: + kinds: + - Pod + validate: + message: >- + Use of host ports is allowed. The fields spec.containers[*].ports[*].hostPort + and spec.initContainers[*].ports[*].hostPort must be empty. + pattern: + spec: + =(hostPort): + =(min): ">0" + =(max): "<65535" +{{- end }} \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/templates/kyverno/allow-privilege-escalation.yaml b/charts/openebs/openebs/3.0.0/templates/kyverno/allow-privilege-escalation.yaml new file mode 100644 index 000000000..e695af269 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/kyverno/allow-privilege-escalation.yaml @@ -0,0 +1,30 @@ +{{- if .Values.rbac.kyvernoEnabled }} +apiVersion: kyverno.io/v1 +kind: Policy +metadata: + name: allow-privileged-escalation + annotations: + policies.kyverno.io/category: Pod Security Standards (Privileged) + policies.kyverno.io/severity: medium + policies.kyverno.io/subject: Pod + policies.kyverno.io/description: >- + Privilege escalation, such as via set-user-ID or set-group-ID file mode, should be allowed. +spec: + validationFailureAction: enforce + background: true + rules: + - name: priviledged-escalation + match: + resources: + kinds: + - Pod + validate: + message: >- + Privilege escalation is allowed. The fields spec.containers[*].securityContext.allowPrivilegeEscalation, + and spec.initContainers[*].securityContext.allowPrivilegeEscalation must be defined or set to `true`. + pattern: + spec: + containers: + - =(securityContext): + =(allowPrivilegeEscalation): "true" +{{- end }} \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/templates/kyverno/allow-privileged-containers.yaml b/charts/openebs/openebs/3.0.0/templates/kyverno/allow-privileged-containers.yaml new file mode 100644 index 000000000..6e7898336 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/kyverno/allow-privileged-containers.yaml @@ -0,0 +1,30 @@ +{{- if .Values.rbac.kyvernoEnabled }} +apiVersion: kyverno.io/v1 +kind: Policy +metadata: + name: allow-privileged-containers + annotations: + policies.kyverno.io/category: Pod Security Standards (Privileged) + policies.kyverno.io/severity: medium + policies.kyverno.io/subject: Pod + policies.kyverno.io/description: >- + Privileged policies only allow the OpenEBS containers to use privileged mode. +spec: + validationFailureAction: enforce + background: true + rules: + - name: priviledged-containers + match: + resources: + kinds: + - Pod + validate: + message: >- + Privileged mode is allowed. The fields spec.containers[*].securityContext.privileged + and spec.initContainers[*].securityContext.privileged must not set to be false. + pattern: + spec: + containers: + - =(securityContext): + =(privileged): "true" +{{- end }} \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/templates/kyverno/allow-proc-mount.yaml b/charts/openebs/openebs/3.0.0/templates/kyverno/allow-proc-mount.yaml new file mode 100644 index 000000000..ec12c7d0e --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/kyverno/allow-proc-mount.yaml @@ -0,0 +1,32 @@ +{{- if .Values.rbac.kyvernoEnabled }} +apiVersion: kyverno.io/v1 +kind: Policy +metadata: + name: require-default-proc-mount + annotations: + policies.kyverno.io/category: Pod Security Standards (Baseline) + policies.kyverno.io/severity: medium + policies.kyverno.io/subject: Pod + policies.kyverno.io/description: >- + The default /proc masks are set up to reduce attack surface and should be required. +spec: + validationFailureAction: enforce + background: true + rules: + - name: check-proc-mount + match: + resources: + kinds: + - Pod + validate: + message: >- + Changing the proc mount from the default is not allowed. The fields + spec.containers[*].securityContext.procMount and + spec.initContainers[*].securityContext.procMount must not be changed + from `Default`. + pattern: + spec: + containers: + - =(securityContext): + =(procMount): "Default" +{{- end }} \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/templates/kyverno/allow-selinux.yaml b/charts/openebs/openebs/3.0.0/templates/kyverno/allow-selinux.yaml new file mode 100644 index 000000000..bbf6c30fc --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/kyverno/allow-selinux.yaml @@ -0,0 +1,34 @@ +{{- if .Values.rbac.kyvernoEnabled }} +apiVersion: kyverno.io/v1 +kind: Policy +metadata: + name: allow-selinux + annotations: + policies.kyverno.io/title: Allow SELinux + policies.kyverno.io/category: Pod Security Standards (Baseline) + policies.kyverno.io/severity: medium + policies.kyverno.io/subject: Pod + policies.kyverno.io/description: >- + SELinux options can be used to escalate privileges and should be allowed. +spec: + validationFailureAction: enforce + background: true + rules: + - name: seLinux + match: + resources: + kinds: + - Pod + validate: + message: >- + Setting custom SELinux options is allowed. The fields + spec.securityContext.seLinuxOptions, spec.containers[*].securityContext.seLinuxOptions, + and spec.initContainers[*].securityContext.seLinuxOptions must be empty. + pattern: + spec: + =(securityContext): + =(seLinuxOptions): "on" + containers: + - =(securityContext): + =(seLinuxOptions): "on" +{{- end }} \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/templates/kyverno/require-user-groups.yaml b/charts/openebs/openebs/3.0.0/templates/kyverno/require-user-groups.yaml new file mode 100644 index 000000000..0fda14ea2 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/kyverno/require-user-groups.yaml @@ -0,0 +1,59 @@ +{{- if .Values.rbac.kyvernoEnabled }} +apiVersion: kyverno.io/v1 +kind: Policy +metadata: + name: require-user-groups + annotations: + policies.kyverno.io/category: Pod Security Standards (Privileged) + policies.kyverno.io/severity: medium + policies.kyverno.io/subject: Pod + policies.kyverno.io/description: >- + Containers should allow to run with a root primary or supplementary GID. +spec: + validationFailureAction: enforce + background: true + rules: + - name: user-groups + match: + resources: + name: check-runasuser + kinds: + - Pod + validate: + message: >- + Running the user IDs are allowed. + pattern: + spec: + =(securityContext): + =(runAsUser): 'RunAsAny' + containers: + - =(securityContext): + =(runAsUser): 'RunAsAny' + + match: + resources: + name: check-supplementalGroups + kinds: + - Pod + validate: + message: >- + Adding of supplemental group IDs is allowed. + pattern: + spec: + =(securityContext): + =(supplementalGroups): + - 'RunAsAny' + + match: + resources: + name: check-fsGroup + kinds: + - Pod + validate: + message: >- + Changing to root group ID is allowed. + pattern: + spec: + =(securityContext): + =(fsGroup): 'RunAsAny' +{{- end }} \ No newline at end of file diff --git a/charts/openebs/openebs/3.0.0/templates/legacy/cleanup-webhook.yaml b/charts/openebs/openebs/3.0.0/templates/legacy/cleanup-webhook.yaml new file mode 100644 index 000000000..911ee7a94 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/legacy/cleanup-webhook.yaml @@ -0,0 +1,49 @@ +{{- if and (.Values.webhook.enabled) (.Values.legacy.enabled) }} +# HELM first deletes RBAC, then it tries to delete other resources like SPC and PVC. +# We've got validating webhook on SPC and PVC. +# But even that the policy of this webhook is Ignore, it fails because the ServiceAccount +# does not have permission to access resources like BDC anymore which are used for validation. +# Therefore we first need to delete webhook so we can delete the rest of the deployments. +{{- $kubeMinor := .Capabilities.KubeVersion.Minor | replace "+" "" }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "openebs.fullname" . }}-webhook-cleanup + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded + labels: + app: {{ template "openebs.name" . }} +spec: + template: + metadata: + name: {{ template "openebs.fullname" . }}-webhook-cleanup + labels: + app: {{ template "openebs.name" . }} + spec: + {{- if .Values.cleanup.image.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.cleanup.image.imagePullSecrets | indent 8 }} + {{- end }} + serviceAccountName: {{ template "openebs.serviceAccountName" . }} + {{- if .Values.webhook.tolerations }} + tolerations: +{{ toYaml .Values.webhook.tolerations | indent 8 }} + {{- end }} + containers: + - name: kubectl + {{- /* bitnami maintains an image for all k8s versions */}} + {{- /* see: https://hub.docker.com/r/bitnami/kubectl */}} + {{- if .Values.cleanup.image.tag }} + image: "{{ .Values.cleanup.image.registry }}{{ .Values.cleanup.image.repository }}:{{ .Values.cleanup.image.tag }}" + {{- else }} + image: "{{ .Values.cleanup.image.registry }}{{ .Values.cleanup.image.repository }}:{{ .Capabilities.KubeVersion.Major }}.{{ $kubeMinor }}" + {{- end }} + command: + - /bin/sh + - -c + - > + kubectl delete validatingWebhookConfiguration openebs-validation-webhook-cfg || true; + restartPolicy: OnFailure +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/legacy/deployment-admission-server.yaml b/charts/openebs/openebs/3.0.0/templates/legacy/deployment-admission-server.yaml new file mode 100644 index 000000000..c0bb57040 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/legacy/deployment-admission-server.yaml @@ -0,0 +1,84 @@ +{{- if and (.Values.webhook.enabled) (.Values.legacy.enabled) }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "openebs.fullname" . }}-admission-server + labels: + app: admission-webhook + chart: {{ template "openebs.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: admission-webhook + openebs.io/component-name: admission-webhook + openebs.io/version: {{ .Values.release.version }} +spec: + replicas: {{ .Values.webhook.replicas }} + strategy: + type: "Recreate" + rollingUpdate: null + selector: + matchLabels: + app: admission-webhook + template: + metadata: + labels: + app: admission-webhook + name: admission-webhook + release: {{ .Release.Name }} + openebs.io/version: {{ .Values.release.version }} + openebs.io/component-name: admission-webhook + spec: +{{- if .Values.webhook.hostNetwork }} + hostNetwork: true +{{- end }} +{{- if .Values.webhook.nodeSelector }} + nodeSelector: +{{ toYaml .Values.webhook.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.webhook.tolerations }} + tolerations: +{{ toYaml .Values.webhook.tolerations | indent 8 }} +{{- end }} +{{- if .Values.webhook.affinity }} + affinity: +{{ toYaml .Values.webhook.affinity | indent 8 }} +{{- end }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "openebs.serviceAccountName" . }} + containers: + - name: admission-webhook + image: "{{ .Values.image.repository }}{{ .Values.webhook.image }}:{{ .Values.webhook.imageTag }}" +{{- if .Values.webhook.resources }} + resources: +{{ toYaml .Values.webhook.resources | trimSuffix "\n" | indent 12 }} +{{- end }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: + - -alsologtostderr + - -v=2 + - 2>&1 + env: + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: ADMISSION_WEBHOOK_FAILURE_POLICY + value: "{{ .Values.webhook.failurePolicy }}" + # Process name used for matching is limited to the 15 characters + # present in the pgrep output. + # So fullname can't be used here with pgrep (>15 chars).A regular expression + # Anchor `^` : matches any string that starts with `admission-serve` + # `.*`: matche any string that has `admission-serve` followed by zero or more char + # that matches the entire command name has to specified. + livenessProbe: + exec: + command: + - sh + - -c + - test `pgrep -c "^admission-serve.*"` = 1 + initialDelaySeconds: {{ .Values.webhook.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.webhook.healthCheck.periodSeconds }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/legacy/deployment-maya-apiserver.yaml b/charts/openebs/openebs/3.0.0/templates/legacy/deployment-maya-apiserver.yaml new file mode 100644 index 000000000..26419c9d6 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/legacy/deployment-maya-apiserver.yaml @@ -0,0 +1,178 @@ +{{- if and (.Values.apiserver.enabled) (.Values.legacy.enabled) }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "openebs.fullname" . }}-apiserver + labels: + app: {{ template "openebs.name" . }} + chart: {{ template "openebs.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: apiserver + name: maya-apiserver + openebs.io/component-name: maya-apiserver + openebs.io/version: {{ .Values.release.version }} +spec: + replicas: {{ .Values.apiserver.replicas }} + strategy: + type: "Recreate" + rollingUpdate: null + selector: + matchLabels: + app: {{ template "openebs.name" . }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "openebs.name" . }} + release: {{ .Release.Name }} + component: apiserver + name: maya-apiserver + openebs.io/component-name: maya-apiserver + openebs.io/version: {{ .Values.release.version }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "openebs.serviceAccountName" . }} + containers: + - name: {{ template "openebs.name" . }}-apiserver + image: "{{ .Values.image.repository }}{{ .Values.apiserver.image }}:{{ .Values.apiserver.imageTag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} +{{- if .Values.apiserver.resources }} + resources: +{{ toYaml .Values.apiserver.resources | trimSuffix "\n" | indent 10 }} +{{- end }} + ports: + - containerPort: {{ .Values.apiserver.ports.internalPort }} + env: + # OPENEBS_IO_KUBE_CONFIG enables maya api service to connect to K8s + # based on this config. This is ignored if empty. + # This is supported for maya api server version 0.5.2 onwards + #- name: OPENEBS_IO_KUBE_CONFIG + # value: "/home/ubuntu/.kube/config" + # OPENEBS_IO_K8S_MASTER enables maya api service to connect to K8s + # based on this address. This is ignored if empty. + # This is supported for maya api server version 0.5.2 onwards + #- name: OPENEBS_IO_K8S_MASTER + # value: "http://172.28.128.3:8080" + # OPENEBS_NAMESPACE provides the namespace of this deployment as an + # environment variable + - name: OPENEBS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # OPENEBS_SERVICE_ACCOUNT provides the service account of this pod as + # environment variable + - name: OPENEBS_SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + # OPENEBS_MAYA_POD_NAME provides the name of this pod as + # environment variable + - name: OPENEBS_MAYA_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + # If OPENEBS_IO_CREATE_DEFAULT_STORAGE_CONFIG is false then OpenEBS default + # storageclass and storagepool will not be created. + - name: OPENEBS_IO_CREATE_DEFAULT_STORAGE_CONFIG + value: "{{ .Values.defaultStorageConfig.enabled }}" + # OPENEBS_IO_INSTALL_DEFAULT_CSTOR_SPARSE_POOL decides whether default cstor sparse pool should be + # configured as a part of openebs installation. + # If "true" a default cstor sparse pool will be configured, if "false" it will not be configured. + # This value takes effect only if OPENEBS_IO_CREATE_DEFAULT_STORAGE_CONFIG + # is set to true + - name: OPENEBS_IO_INSTALL_DEFAULT_CSTOR_SPARSE_POOL + value: "{{ .Values.apiserver.sparse.enabled }}" + # OPENEBS_IO_CSTOR_TARGET_DIR can be used to specify the hostpath + # to be used for saving the shared content between the side cars + # of cstor volume pod. + # The default path used is /var/openebs/sparse + - name: OPENEBS_IO_CSTOR_TARGET_DIR + value: "{{ .Values.ndm.sparse.path }}" + # OPENEBS_IO_CSTOR_POOL_SPARSE_DIR can be used to specify the hostpath + # to be used for saving the shared content between the side cars + # of cstor pool pod. This ENV is also used to indicate the location + # of the sparse devices. + # The default path used is /var/openebs/sparse + - name: OPENEBS_IO_CSTOR_POOL_SPARSE_DIR + value: "{{ .Values.ndm.sparse.path }}" + # OPENEBS_IO_JIVA_POOL_DIR can be used to specify the hostpath + # to be used for default Jiva StoragePool loaded by OpenEBS + # The default path used is /var/openebs + # This value takes effect only if OPENEBS_IO_CREATE_DEFAULT_STORAGE_CONFIG + # is set to true + - name: OPENEBS_IO_JIVA_POOL_DIR + value: "{{ .Values.jiva.defaultStoragePath }}" + # OPENEBS_IO_LOCALPV_HOSTPATH_DIR can be used to specify the hostpath + # to be used for default openebs-hostpath storageclass loaded by OpenEBS + # The default path used is /var/openebs/local + # This value takes effect only if OPENEBS_IO_CREATE_DEFAULT_STORAGE_CONFIG + # is set to true + - name: OPENEBS_IO_LOCALPV_HOSTPATH_DIR + value: "{{ .Values.localprovisioner.basePath }}" + # OPENEBS_IO_BASE_DIR used by the OpenEBS to store debug information and + # so forth that are generated in the course of running OpenEBS containers. + - name: OPENEBS_IO_BASE_DIR + value: "{{ .Values.varDirectoryPath.baseDir }}" + - name: OPENEBS_IO_JIVA_CONTROLLER_IMAGE + value: "{{ .Values.image.repository }}{{ .Values.jiva.image }}:{{ .Values.jiva.imageTag }}" + - name: OPENEBS_IO_JIVA_REPLICA_IMAGE + value: "{{ .Values.image.repository }}{{ .Values.jiva.image }}:{{ .Values.jiva.imageTag }}" + - name: OPENEBS_IO_JIVA_REPLICA_COUNT + value: "{{ .Values.jiva.replicas }}" + - name: OPENEBS_IO_CSTOR_TARGET_IMAGE + value: "{{ .Values.image.repository }}{{ .Values.cstor.target.image }}:{{ .Values.cstor.target.imageTag }}" + - name: OPENEBS_IO_CSTOR_POOL_IMAGE + value: "{{ .Values.image.repository }}{{ .Values.cstor.pool.image }}:{{ .Values.cstor.pool.imageTag }}" + - name: OPENEBS_IO_CSTOR_POOL_MGMT_IMAGE + value: "{{ .Values.image.repository }}{{ .Values.cstor.poolMgmt.image }}:{{ .Values.cstor.poolMgmt.imageTag }}" + - name: OPENEBS_IO_CSTOR_VOLUME_MGMT_IMAGE + value: "{{ .Values.image.repository }}{{ .Values.cstor.volumeMgmt.image }}:{{ .Values.cstor.volumeMgmt.imageTag }}" + - name: OPENEBS_IO_VOLUME_MONITOR_IMAGE + value: "{{ .Values.image.repository }}{{ .Values.policies.monitoring.image }}:{{ .Values.policies.monitoring.imageTag }}" + - name: OPENEBS_IO_CSTOR_POOL_EXPORTER_IMAGE + value: "{{ .Values.image.repository }}{{ .Values.policies.monitoring.image }}:{{ .Values.policies.monitoring.imageTag }}" + - name: OPENEBS_IO_HELPER_IMAGE + value: "{{ .Values.image.repository }}{{ .Values.helper.image }}:{{ .Values.helper.imageTag }}" + # OPENEBS_IO_ENABLE_ANALYTICS if set to true sends anonymous usage + # events to Google Analytics + - name: OPENEBS_IO_ENABLE_ANALYTICS + value: "{{ .Values.analytics.enabled }}" + # OPENEBS_IO_ANALYTICS_PING_INTERVAL can be used to specify the duration (in hours) + # for periodic ping events sent to Google Analytics. Default is 24 hours. + - name: OPENEBS_IO_ANALYTICS_PING_INTERVAL + value: "{{ .Values.analytics.pingInterval }}" + - name: OPENEBS_IO_INSTALLER_TYPE + value: "charts-helm" + # OPENEBS_IO_INSTALL_CRD environment variable is used to enable/disable CRD installation + # from Maya API server. By default the CRDs will be installed + - name: OPENEBS_IO_INSTALL_CRD + value: "{{ .Values.crd.enableInstall }}" + livenessProbe: + exec: + command: + - /usr/local/bin/mayactl + - -m $MY_POD_IP + - version + initialDelaySeconds: {{ .Values.apiserver.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.apiserver.healthCheck.periodSeconds }} +{{- if .Values.apiserver.nodeSelector }} + nodeSelector: +{{ toYaml .Values.apiserver.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.apiserver.tolerations }} + tolerations: +{{ toYaml .Values.apiserver.tolerations | indent 8 }} +{{- end }} +{{- if .Values.apiserver.affinity }} + affinity: +{{ toYaml .Values.apiserver.affinity | indent 8 }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/legacy/deployment-maya-provisioner.yaml b/charts/openebs/openebs/3.0.0/templates/legacy/deployment-maya-provisioner.yaml new file mode 100644 index 000000000..1007b39c7 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/legacy/deployment-maya-provisioner.yaml @@ -0,0 +1,115 @@ +{{- if and (.Values.provisioner.enabled) (.Values.legacy.enabled) }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "openebs.fullname" . }}-provisioner + labels: + app: {{ template "openebs.name" . }} + chart: {{ template "openebs.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: provisioner + name: openebs-provisioner + openebs.io/component-name: openebs-provisioner + openebs.io/version: {{ .Values.release.version }} +spec: + replicas: {{ .Values.provisioner.replicas }} + strategy: + type: "Recreate" + rollingUpdate: null + selector: + matchLabels: + app: {{ template "openebs.name" . }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "openebs.name" . }} + release: {{ .Release.Name }} + component: provisioner + name: openebs-provisioner + openebs.io/component-name: openebs-provisioner + openebs.io/version: {{ .Values.release.version }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "openebs.serviceAccountName" . }} + containers: + - name: {{ template "openebs.name" . }}-provisioner + image: "{{ .Values.image.repository }}{{ .Values.provisioner.image }}:{{ .Values.provisioner.imageTag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} +{{- if .Values.provisioner.resources }} + resources: +{{ toYaml .Values.provisioner.resources | trimSuffix "\n" | indent 10 }} +{{- end }} + env: + # OPENEBS_IO_K8S_MASTER enables openebs provisioner to connect to K8s + # based on this address. This is ignored if empty. + # This is supported for openebs provisioner version 0.5.2 onwards + #- name: OPENEBS_IO_K8S_MASTER + # value: "http://10.128.0.12:8080" + # OPENEBS_IO_KUBE_CONFIG enables openebs provisioner to connect to K8s + # based on this config. This is ignored if empty. + # This is supported for openebs provisioner version 0.5.2 onwards + #- name: OPENEBS_IO_KUBE_CONFIG + # value: "/home/ubuntu/.kube/config" + # OPENEBS_NAMESPACE is the namespace that this provisioner will + # lookup to find maya api service + - name: OPENEBS_NAMESPACE + value: "{{ .Release.Namespace }}" + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + # OPENEBS_MAYA_SERVICE_NAME provides the maya-apiserver K8s service name, + # that provisioner should forward the volume create/delete requests. + # If not present, "maya-apiserver-service" will be used for lookup. + # This is supported for openebs provisioner version 0.5.3-RC1 onwards + - name: OPENEBS_MAYA_SERVICE_NAME + value: "{{ template "openebs.fullname" . }}-apiservice" + # LEADER_ELECTION_ENABLED is used to enable/disable leader election. By default + # leader election is enabled. + - name: LEADER_ELECTION_ENABLED + value: "{{ .Values.provisioner.enableLeaderElection }}" + # OPENEBS_IO_JIVA_PATCH_NODE_AFFINITY is used to enable/disable setting node affinity + # to the jiva replica deployments. Default is `enabled`. The valid values are + # `enabled` and `disabled`. + - name: OPENEBS_IO_JIVA_PATCH_NODE_AFFINITY + value: "{{ .Values.provisioner.patchJivaNodeAffinity }}" + # The following values will be set as annotations to the PV object. + # Refer : https://github.com/openebs/external-storage/pull/15 + #- name: OPENEBS_MONITOR_URL + # value: "{{ .Values.provisioner.monitorUrl }}" + #- name: OPENEBS_MONITOR_VOLKEY + # value: "{{ .Values.provisioner.monitorVolumeKey }}" + #- name: MAYA_PORTAL_URL + # value: "{{ .Values.provisioner.mayaPortalUrl }}" + # Process name used for matching is limited to the 15 characters + # present in the pgrep output. + # So fullname can't be used here with pgrep (>15 chars).A regular expression + # that matches the entire command name has to specified. + # Anchor `^` : matches any string that starts with `openebs-provis` + # `.*`: matches any string that has `openebs-provis` followed by zero or more char + livenessProbe: + exec: + command: + - sh + - -c + - test `pgrep "^openebs-provisi.*"` = 1 + initialDelaySeconds: {{ .Values.provisioner.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.provisioner.healthCheck.periodSeconds }} +{{- if .Values.provisioner.nodeSelector }} + nodeSelector: +{{ toYaml .Values.provisioner.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.provisioner.tolerations }} + tolerations: +{{ toYaml .Values.provisioner.tolerations | indent 8 }} +{{- end }} +{{- if .Values.provisioner.affinity }} + affinity: +{{ toYaml .Values.provisioner.affinity | indent 8 }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/legacy/deployment-maya-snapshot-operator.yaml b/charts/openebs/openebs/3.0.0/templates/legacy/deployment-maya-snapshot-operator.yaml new file mode 100644 index 000000000..92959fd2a --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/legacy/deployment-maya-snapshot-operator.yaml @@ -0,0 +1,147 @@ +{{- if and (.Values.snapshotOperator.enabled) (.Values.legacy.enabled) }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "openebs.fullname" . }}-snapshot-operator + labels: + app: {{ template "openebs.name" . }} + chart: {{ template "openebs.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: snapshot-operator + openebs.io/component-name: openebs-snapshot-operator + openebs.io/version: {{ .Values.release.version }} +spec: + replicas: {{ .Values.snapshotOperator.replicas }} + selector: + matchLabels: + app: {{ template "openebs.name" . }} + release: {{ .Release.Name }} + strategy: + type: "Recreate" + rollingUpdate: null + template: + metadata: + labels: + app: {{ template "openebs.name" . }} + release: {{ .Release.Name }} + component: snapshot-operator + name: openebs-snapshot-operator + openebs.io/version: {{ .Values.release.version }} + openebs.io/component-name: openebs-snapshot-operator + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "openebs.serviceAccountName" . }} + containers: + - name: {{ template "openebs.name" . }}-snapshot-controller + image: "{{ .Values.image.repository }}{{ .Values.snapshotOperator.controller.image }}:{{ .Values.snapshotOperator.controller.imageTag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} +{{- if .Values.snapshotOperator.controller.resources }} + resources: +{{ toYaml .Values.snapshotOperator.controller.resources | trimSuffix "\n" | indent 10 }} +{{- end }} + env: + # OPENEBS_IO_K8S_MASTER enables openebs snapshot controller to connect to K8s + # based on this address. This is ignored if empty. + # This is supported for openebs snapshot controller version 0.6-RC1 onwards + #- name: OPENEBS_IO_K8S_MASTER + # value: "http://10.128.0.12:8080" + # OPENEBS_IO_KUBE_CONFIG enables openebs snapshot controller to connect to K8s + # based on this config. This is ignored if empty. + # This is supported for openebs snapshot controller version 0.6-RC1 onwards + #- name: OPENEBS_IO_KUBE_CONFIG + # value: "/home/ubuntu/.kube/config" + # OPENEBS_NAMESPACE is the namespace that this snapshot controller will + # lookup to find maya api service + - name: OPENEBS_NAMESPACE + value: "{{ .Release.Namespace }}" + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + # OPENEBS_MAYA_SERVICE_NAME provides the maya-apiserver K8s service name, + # that snapshot controller should forward the volume snapshot requests. + # If not present, "maya-apiserver-service" will be used for lookup. + # This is supported for openebs snapshot controller version 0.6-RC1 onwards + - name: OPENEBS_MAYA_SERVICE_NAME + value: "{{ template "openebs.fullname" . }}-apiservice" + # Process name used for matching is limited to the 15 characters + # present in the pgrep output. + # So fullname can't be used here with pgrep (>15 chars).A regular expression + # that matches the entire command name has to specified. + # Anchor `^` : matches any string that starts with `snapshot-contro` + # `.*`: matches any string that has `snapshot-contro` followed by zero or more char + livenessProbe: + exec: + command: + - sh + - -c + - test `pgrep -c "^snapshot-contro.*"` = 1 + initialDelaySeconds: {{ .Values.snapshotOperator.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.snapshotOperator.healthCheck.periodSeconds }} + - name: {{ template "openebs.name" . }}-snapshot-provisioner + image: "{{ .Values.image.repository }}{{ .Values.snapshotOperator.provisioner.image }}:{{ .Values.snapshotOperator.provisioner.imageTag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} +{{- if .Values.snapshotOperator.provisioner.resources }} + resources: +{{ toYaml .Values.snapshotOperator.provisioner.resources | trimSuffix "\n" | indent 10 }} +{{- end }} + env: + # OPENEBS_IO_K8S_MASTER enables openebs snapshot provisioner to connect to K8s + # based on this address. This is ignored if empty. + # This is supported for openebs snapshot provisioner version 0.6-RC1 onwards + #- name: OPENEBS_IO_K8S_MASTER + # value: "http://10.128.0.12:8080" + # OPENEBS_IO_KUBE_CONFIG enables openebs snapshot provisioner to connect to K8s + # based on this config. This is ignored if empty. + # This is supported for openebs snapshot provisioner version 0.6-RC1 onwards + #- name: OPENEBS_IO_KUBE_CONFIG + # value: "/home/ubuntu/.kube/config" + # OPENEBS_NAMESPACE is the namespace that this snapshot provisioner will + # lookup to find maya api service + - name: OPENEBS_NAMESPACE + value: "{{ .Release.Namespace }}" + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + # OPENEBS_MAYA_SERVICE_NAME provides the maya-apiserver K8s service name, + # that snapshot provisioner should forward the volume snapshot PV requests. + # If not present, "maya-apiserver-service" will be used for lookup. + # This is supported for openebs snapshot provisioner version 0.6-RC1 onwards + - name: OPENEBS_MAYA_SERVICE_NAME + value: "{{ template "openebs.fullname" . }}-apiservice" + # LEADER_ELECTION_ENABLED is used to enable/disable leader election. By default + # leader election is enabled. + - name: LEADER_ELECTION_ENABLED + value: "{{ .Values.snapshotOperator.enableLeaderElection }}" + # Process name used for matching is limited to the 15 characters + # present in the pgrep output. + # So fullname can't be used here with pgrep (>15 chars).A regular expression + # that matches the entire command name has to specified. + # Anchor `^` : matches any string that starts with `snapshot-provis` + # `.*`: matches any string that has `snapshot-provis` followed by zero or more char + livenessProbe: + exec: + command: + - sh + - -c + - test `pgrep -c "^snapshot-provis.*"` = 1 + initialDelaySeconds: {{ .Values.snapshotOperator.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.snapshotOperator.healthCheck.periodSeconds }} +{{- if .Values.snapshotOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.snapshotOperator.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.snapshotOperator.tolerations }} + tolerations: +{{ toYaml .Values.snapshotOperator.tolerations | indent 8 }} +{{- end }} +{{- if .Values.snapshotOperator.affinity }} + affinity: +{{ toYaml .Values.snapshotOperator.affinity | indent 8 }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/legacy/service-maya-apiserver.yaml b/charts/openebs/openebs/3.0.0/templates/legacy/service-maya-apiserver.yaml new file mode 100644 index 000000000..425a0d871 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/legacy/service-maya-apiserver.yaml @@ -0,0 +1,23 @@ +{{- if and (.Values.apiserver.enabled) (.Values.legacy.enabled) }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "openebs.fullname" . }}-apiservice + labels: + app: {{ template "openebs.name" . }} + chart: {{ template "openebs.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + openebs.io/component-name: maya-apiserver-svc +spec: + ports: + - name: api + port: {{ .Values.apiserver.ports.externalPort }} + targetPort: {{ .Values.apiserver.ports.internalPort }} + protocol: TCP + selector: + app: {{ template "openebs.name" . }} + release: {{ .Release.Name }} + component: apiserver + sessionAffinity: None +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/localprovisioner/deployment-local-provisioner.yaml b/charts/openebs/openebs/3.0.0/templates/localprovisioner/deployment-local-provisioner.yaml new file mode 100644 index 000000000..abe843eb6 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/localprovisioner/deployment-local-provisioner.yaml @@ -0,0 +1,126 @@ +{{- if .Values.localprovisioner.enabled }} +{{- $localpvprovisionerValues := index .Values "localpv-provisioner" }} +{{- if not $localpvprovisionerValues.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "openebs.fullname" . }}-localpv-provisioner + labels: + app: {{ template "openebs.name" . }} + chart: {{ template "openebs.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: localpv-provisioner + openebs.io/component-name: openebs-localpv-provisioner + openebs.io/version: {{ .Values.release.version }} +spec: + replicas: {{ .Values.localprovisioner.replicas }} + strategy: + type: "Recreate" + rollingUpdate: null + selector: + matchLabels: + app: {{ template "openebs.name" . }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "openebs.name" . }} + release: {{ .Release.Name }} + component: localpv-provisioner + name: openebs-localpv-provisioner + openebs.io/component-name: openebs-localpv-provisioner + openebs.io/version: {{ .Values.release.version }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "openebs.serviceAccountName" . }} + containers: + - name: {{ template "openebs.name" . }}-localpv-provisioner + image: "{{ .Values.image.repository }}{{ .Values.localprovisioner.image }}:{{ .Values.localprovisioner.imageTag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} +{{- if .Values.localprovisioner.resources }} + resources: +{{ toYaml .Values.localprovisioner.resources | trimSuffix "\n" | indent 10 }} +{{- end }} + args: + - "--bd-time-out=$(BDC_BD_BIND_RETRIES)" + env: + # OPENEBS_IO_K8S_MASTER enables openebs provisioner to connect to K8s + # based on this address. This is ignored if empty. + # This is supported for openebs provisioner version 0.5.2 onwards + #- name: OPENEBS_IO_K8S_MASTER + # value: "http://10.128.0.12:8080" + # OPENEBS_IO_KUBE_CONFIG enables openebs provisioner to connect to K8s + # based on this config. This is ignored if empty. + # This is supported for openebs provisioner version 0.5.2 onwards + #- name: OPENEBS_IO_KUBE_CONFIG + # value: "/home/ubuntu/.kube/config" + # This sets the number of times the provisioner should try + # with a polling interval of 5 seconds, to get the Blockdevice + # Name from a BlockDeviceClaim, before the BlockDeviceClaim + # is deleted. E.g. 12 * 5 seconds = 60 seconds timeout + - name: BDC_BD_BIND_RETRIES + value: "{{ .Values.localprovisioner.waitForBDBindTimeoutRetryCount }}" + # OPENEBS_NAMESPACE is the namespace that this provisioner will + # lookup to find maya api service + - name: OPENEBS_NAMESPACE + value: "{{ .Release.Namespace }}" + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + # OPENEBS_SERVICE_ACCOUNT provides the service account of this pod as + # environment variable + - name: OPENEBS_SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + # OPENEBS_IO_BASE_PATH is the environment variable that provides the + # default base path on the node where host-path PVs will be provisioned. + - name: OPENEBS_IO_ENABLE_ANALYTICS + value: "{{ .Values.analytics.enabled }}" + - name: OPENEBS_IO_BASE_PATH + value: "{{ .Values.localprovisioner.basePath }}" + - name: OPENEBS_IO_HELPER_IMAGE + value: "{{ .Values.image.repository }}{{ .Values.helper.image }}:{{ .Values.helper.imageTag }}" + - name: OPENEBS_IO_INSTALLER_TYPE + value: "charts-helm" + # LEADER_ELECTION_ENABLED is used to enable/disable leader election. By default + # leader election is enabled. + - name: LEADER_ELECTION_ENABLED + value: "{{ .Values.localprovisioner.enableLeaderElection }}" +{{- if .Values.imagePullSecrets }} + - name: OPENEBS_IO_IMAGE_PULL_SECRETS + value: "{{- range $.Values.imagePullSecrets }}{{ .name }},{{- end }}" +{{- end }} + # Process name used for matching is limited to the 15 characters + # present in the pgrep output. + # So fullname can't be used here with pgrep (>15 chars).A regular expression + # that matches the entire command name has to specified. + # Anchor `^` : matches any string that starts with `provisioner-loc` + # `.*`: matches any string that has `provisioner-loc` followed by zero or more char + livenessProbe: + exec: + command: + - sh + - -c + - test `pgrep -c "^provisioner-loc.*"` = 1 + initialDelaySeconds: {{ .Values.localprovisioner.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.localprovisioner.healthCheck.periodSeconds }} +{{- if .Values.localprovisioner.nodeSelector }} + nodeSelector: +{{ toYaml .Values.localprovisioner.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.localprovisioner.tolerations }} + tolerations: +{{ toYaml .Values.localprovisioner.tolerations | indent 8 }} +{{- end }} +{{- if .Values.localprovisioner.affinity }} + affinity: +{{ toYaml .Values.localprovisioner.affinity | indent 8 }} +{{ end }} +{{ end }} +{{ end }} diff --git a/charts/openebs/openebs/3.0.0/templates/localprovisioner/device-class.yaml b/charts/openebs/openebs/3.0.0/templates/localprovisioner/device-class.yaml new file mode 100644 index 000000000..c3c129cba --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/localprovisioner/device-class.yaml @@ -0,0 +1,19 @@ +{{- if .Values.localprovisioner.enabled }} +{{- $localpvprovisionerValues := index .Values "localpv-provisioner" }} +{{- if not $localpvprovisionerValues.enabled }} +{{- if .Values.localprovisioner.enableDeviceClass }} +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: openebs-device + annotations: + openebs.io/cas-type: local + cas.openebs.io/config: | + - name: StorageType + value: "device" +provisioner: openebs.io/local +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/localprovisioner/hostpath-class.yaml b/charts/openebs/openebs/3.0.0/templates/localprovisioner/hostpath-class.yaml new file mode 100644 index 000000000..86b535009 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/localprovisioner/hostpath-class.yaml @@ -0,0 +1,23 @@ +{{- if .Values.localprovisioner.enabled }} +{{- $localpvprovisionerValues := index .Values "localpv-provisioner" }} +{{- if not $localpvprovisionerValues.enabled }} +{{- if .Values.localprovisioner.enableHostpathClass }} +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: openebs-hostpath + annotations: + openebs.io/cas-type: local + cas.openebs.io/config: | + - name: StorageType + value: "hostpath" +{{- if .Values.localprovisioner.basePath }} + - name: BasePath + value: "{{ .Values.localprovisioner.basePath }}" +{{- end }} +provisioner: openebs.io/local +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/ndm/cluster-exporter-service.yaml b/charts/openebs/openebs/3.0.0/templates/ndm/cluster-exporter-service.yaml new file mode 100644 index 000000000..afb223fb1 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/ndm/cluster-exporter-service.yaml @@ -0,0 +1,23 @@ +{{- if .Values.ndm.enabled }} +{{- if and .Values.ndmExporter.enabled .Values.ndmExporter.clusterExporter.metricsPort }} +{{- $ndmValues := index .Values "openebs-ndm" }} +{{- if not $ndmValues.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "openebs.ndm-cluster-exporter.fullname" . }}-service + labels: + {{- include "openebs.ndm-cluster-exporter.labels" . | nindent 4 }} +spec: + clusterIP: None + ports: + - name: metrics + port: {{ .Values.ndmExporter.clusterExporter.metricsPort }} + targetPort: {{ .Values.ndmExporter.clusterExporter.metricsPort }} + selector: + {{- with .Values.ndmExporter.clusterExporter.podLabels }} + {{ toYaml . }} + {{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/ndm/cluster-exporter.yaml b/charts/openebs/openebs/3.0.0/templates/ndm/cluster-exporter.yaml new file mode 100644 index 000000000..bffcfa8c0 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/ndm/cluster-exporter.yaml @@ -0,0 +1,51 @@ +{{- if and (.Values.ndm.enabled) (.Values.ndmExporter.enabled) }} +{{- $ndmValues := index .Values "openebs-ndm" }} +{{- if not $ndmValues.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "openebs.ndm-cluster-exporter.fullname" . }} + labels: + {{- include "openebs.ndm-cluster-exporter.labels" . | nindent 4 }} +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + {{- include "openebs.ndm-cluster-exporter.matchLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "openebs.ndm-cluster-exporter.labels" . | nindent 8 }} + {{- with .Values.ndmExporter.clusterExporter.podLabels }} + {{ toYaml . | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ template "openebs.serviceAccountName" . }} + containers: + - name: {{ template "openebs.ndm-cluster-exporter.fullname" . }} + image: "{{ .Values.ndmExporter.image.registry }}{{ .Values.ndmExporter.image.repository }}:{{ .Values.ndmExporter.image.tag }}" + command: + - /usr/local/bin/exporter + args: + - "start" + - "--mode=cluster" + - "--port=$(METRICS_LISTEN_PORT)" + - "--metrics=/metrics" + ports: + - containerPort: {{ .Values.ndmExporter.clusterExporter.metricsPort }} + protocol: TCP + name: metrics + imagePullPolicy: {{ .Values.ndmExporter.image.pullPolicy }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- if .Values.ndmExporter.clusterExporter.metricsPort }} + - name: METRICS_LISTEN_PORT + value: :{{ .Values.ndmExporter.clusterExporter.metricsPort }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/ndm/cm-node-disk-manager.yaml b/charts/openebs/openebs/3.0.0/templates/ndm/cm-node-disk-manager.yaml new file mode 100644 index 000000000..e093e5c37 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/ndm/cm-node-disk-manager.yaml @@ -0,0 +1,48 @@ +{{- if .Values.ndm.enabled }} +{{- $ndmValues := index .Values "openebs-ndm" }} +{{- if not $ndmValues.enabled }} +# This is the node-disk-manager related config. +# It can be used to customize the disks probes and filters +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "openebs.fullname" . }}-ndm-config + labels: + app: {{ template "openebs.name" . }} + chart: {{ template "openebs.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: ndm-config + openebs.io/component-name: ndm-config +data: + # udev-probe is default or primary probe which should be enabled to run ndm + # filterconfigs contains configs of filters - in the form of include + # and exclude comma separated strings + node-disk-manager.config: | + probeconfigs: + - key: udev-probe + name: udev probe + state: true + - key: seachest-probe + name: seachest probe + state: {{ .Values.ndm.probes.enableSeachest }} + - key: smart-probe + name: smart probe + state: true + filterconfigs: + - key: os-disk-exclude-filter + name: os disk exclude filter + state: {{ .Values.ndm.filters.enableOsDiskExcludeFilter }} + exclude: "{{ .Values.ndm.filters.osDiskExcludePaths }}" + - key: vendor-filter + name: vendor filter + state: {{ .Values.ndm.filters.enableVendorFilter }} + include: "" + exclude: "{{ .Values.ndm.filters.excludeVendors }}" + - key: path-filter + name: path filter + state: {{ .Values.ndm.filters.enablePathFilter }} + include: "{{ .Values.ndm.filters.includePaths }}" + exclude: "{{ .Values.ndm.filters.excludePaths }}" +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/ndm/daemonset-ndm.yaml b/charts/openebs/openebs/3.0.0/templates/ndm/daemonset-ndm.yaml new file mode 100644 index 000000000..e89ce6ad0 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/ndm/daemonset-ndm.yaml @@ -0,0 +1,183 @@ +{{- if .Values.ndm.enabled }} +{{- $ndmValues := index .Values "openebs-ndm" }} +{{- if not $ndmValues.enabled }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ template "openebs.fullname" . }}-ndm + labels: + app: {{ template "openebs.name" . }} + chart: {{ template "openebs.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: ndm + openebs.io/component-name: ndm + openebs.io/version: {{ .Values.release.version }} +spec: + updateStrategy: + type: "RollingUpdate" + selector: + matchLabels: + app: {{ template "openebs.name" . }} + release: {{ .Release.Name }} + component: ndm + template: + metadata: + labels: + app: {{ template "openebs.name" . }} + release: {{ .Release.Name }} + component: ndm + openebs.io/component-name: ndm + name: openebs-ndm + openebs.io/version: {{ .Values.release.version }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "openebs.serviceAccountName" . }} + hostNetwork: true + # host PID is used to check status of iSCSI Service when the NDM + # API service is enabled +{{- if .Values.featureGates.enabled }} +{{- if .Values.featureGates.APIService.enabled }} + hostPID: true +{{- end}} +{{- end}} + containers: + - name: {{ template "openebs.name" . }}-ndm + image: "{{ .Values.image.repository }}{{ .Values.ndm.image }}:{{ .Values.ndm.imageTag }}" + args: + - -v=4 +{{- if .Values.featureGates.enabled }} +{{- if .Values.featureGates.GPTBasedUUID.enabled }} + - --feature-gates={{ .Values.featureGates.GPTBasedUUID.featureGateFlag }} +{{- end}} +{{- if .Values.featureGates.APIService.enabled }} + - --feature-gates={{ .Values.featureGates.APIService.featureGateFlag }} + - --api-service-address={{ .Values.featureGates.APIService.address }} +{{- end}} +{{- if .Values.featureGates.UseOSDisk.enabled }} + - --feature-gates={{ .Values.featureGates.UseOSDisk.featureGateFlag }} +{{- end}} +{{- if .Values.featureGates.ChangeDetection.enabled }} + - --feature-gates={{ .Values.featureGates.ChangeDetection.featureGateFlag }} +{{- end}} +{{- end}} + imagePullPolicy: {{ .Values.image.pullPolicy }} +{{- if .Values.ndm.resources }} + resources: +{{ toYaml .Values.ndm.resources | trimSuffix "\n" | indent 10 }} +{{- end }} + securityContext: + privileged: true + env: + # namespace in which NDM is installed will be passed to NDM Daemonset + # as environment variable + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # pass hostname as env variable using downward API to the NDM container + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + # specify the directory where the sparse files need to be created. + # if not specified, then sparse files will not be created. + - name: SPARSE_FILE_DIR + value: "{{ .Values.ndm.sparse.path }}" +{{- end }} +{{- if .Values.ndm.sparse.size }} + # Size(bytes) of the sparse file to be created. + - name: SPARSE_FILE_SIZE + value: "{{ .Values.ndm.sparse.size }}" +{{- end }} +{{- if .Values.ndm.sparse.count }} + # Specify the number of sparse files to be created + - name: SPARSE_FILE_COUNT + value: "{{ .Values.ndm.sparse.count }}" +{{- end }} +{{- end }} + # Process name used for matching is limited to the 15 characters + # present in the pgrep output. + # So fullname can be used here with pgrep (cmd is < 15 chars). + livenessProbe: + exec: + command: + - pgrep + - "ndm" + initialDelaySeconds: {{ .Values.ndm.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndm.healthCheck.periodSeconds }} + volumeMounts: + - name: config + mountPath: /host/node-disk-manager.config + subPath: node-disk-manager.config + readOnly: true + - name: udev + mountPath: /run/udev + - name: procmount + mountPath: /host/proc + readOnly: true + - name: devmount + mountPath: /dev + - name: basepath + mountPath: /var/openebs/ndm +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + - name: sparsepath + mountPath: {{ .Values.ndm.sparse.path }} +{{- end }} +{{- end }} + volumes: + - name: config + configMap: + name: {{ template "openebs.fullname" . }}-ndm-config + - name: udev + hostPath: + path: /run/udev + type: Directory + # mount /proc (to access mount file of process 1 of host) inside container + # to read mount-point of disks and partitions + - name: procmount + hostPath: + path: /proc + type: Directory + # the /dev directory is mounted so that we have access to the devices that + # are connected at runtime of the pod. + - name: devmount + hostPath: + path: /dev + type: Directory + - name: basepath + hostPath: + path: "{{ .Values.varDirectoryPath.baseDir }}/ndm" + type: DirectoryOrCreate +{{- if .Values.ndm.sparse }} +{{- if .Values.ndm.sparse.path }} + - name: sparsepath + hostPath: + path: {{ .Values.ndm.sparse.path }} +{{- end }} +{{- end }} + # By default the node-disk-manager will be run on all kubernetes nodes + # If you would like to limit this to only some nodes, say the nodes + # that have storage attached, you could label those node and use + # nodeSelector. + # + # e.g. label the storage nodes with - "openebs.io/nodegroup"="storage-node" + # kubectl label node "openebs.io/nodegroup"="storage-node" + #nodeSelector: + # "openebs.io/nodegroup": "storage-node" +{{- if .Values.ndm.nodeSelector }} + nodeSelector: +{{ toYaml .Values.ndm.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.ndm.tolerations }} + tolerations: +{{ toYaml .Values.ndm.tolerations | indent 8 }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/ndm/deployment-ndm-operator.yaml b/charts/openebs/openebs/3.0.0/templates/ndm/deployment-ndm-operator.yaml new file mode 100644 index 000000000..e2c63d083 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/ndm/deployment-ndm-operator.yaml @@ -0,0 +1,91 @@ +{{- if .Values.ndmOperator.enabled }} +{{- $ndmValues := index .Values "openebs-ndm" }} +{{- if not $ndmValues.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "openebs.fullname" . }}-ndm-operator + labels: + app: {{ template "openebs.name" . }} + chart: {{ template "openebs.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: ndm-operator + openebs.io/component-name: ndm-operator + openebs.io/version: {{ .Values.release.version }} + name: ndm-operator +spec: + replicas: {{ .Values.ndmOperator.replicas }} + strategy: + type: "Recreate" + rollingUpdate: null + selector: + matchLabels: + app: {{ template "openebs.name" . }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "openebs.name" . }} + release: {{ .Release.Name }} + component: ndm-operator + name: ndm-operator + openebs.io/component-name: ndm-operator + openebs.io/version: {{ .Values.release.version }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "openebs.serviceAccountName" . }} + containers: + - name: {{ template "openebs.fullname" . }}-ndm-operator + image: "{{ .Values.image.repository }}{{ .Values.ndmOperator.image }}:{{ .Values.ndmOperator.imageTag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} +{{- if .Values.ndmOperator.resources }} + resources: +{{ toYaml .Values.ndmOperator.resources | trimSuffix "\n" | indent 10 }} +{{- end }} + livenessProbe: + httpGet: + path: /healthz + port: 8585 + initialDelaySeconds: {{ .Values.ndmOperator.healthCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndmOperator.healthCheck.periodSeconds }} + readinessProbe: + httpGet: + path: /readyz + port: 8585 + initialDelaySeconds: {{ .Values.ndmOperator.readinessCheck.initialDelaySeconds }} + periodSeconds: {{ .Values.ndmOperator.readinessCheck.periodSeconds }} + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + - name: OPERATOR_NAME + value: "node-disk-operator" + - name: CLEANUP_JOB_IMAGE + value: "{{ .Values.image.repository }}{{ .Values.helper.image }}:{{ .Values.helper.imageTag }}" +{{- if .Values.imagePullSecrets }} + - name: OPENEBS_IO_IMAGE_PULL_SECRETS + value: "{{- range $index, $secret := .Values.imagePullSecrets}}{{if $index}},{{end}}{{ $secret.name }}{{- end}}" +{{- end }} +{{- if .Values.ndmOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.ndmOperator.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.ndmOperator.tolerations }} + tolerations: +{{ toYaml .Values.ndmOperator.tolerations | indent 8 }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/ndm/node-exporter-service.yaml b/charts/openebs/openebs/3.0.0/templates/ndm/node-exporter-service.yaml new file mode 100644 index 000000000..cdc8688fe --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/ndm/node-exporter-service.yaml @@ -0,0 +1,23 @@ +{{- if .Values.ndm.enabled }} +{{- if and .Values.ndmExporter.enabled .Values.ndmExporter.nodeExporter.metricsPort }} +{{- $ndmValues := index .Values "openebs-ndm" }} +{{- if not $ndmValues.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "openebs.ndm-node-exporter.fullname" . }}-service + labels: + {{- include "openebs.ndm-node-exporter.labels" . | nindent 4 }} +spec: + clusterIP: None + ports: + - name: metrics + port: {{ .Values.ndmExporter.nodeExporter.metricsPort }} + targetPort: {{ .Values.ndmExporter.nodeExporter.metricsPort }} + selector: + {{- with .Values.ndmExporter.nodeExporter.podLabels }} + {{ toYaml . }} + {{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/ndm/node-exporter.yaml b/charts/openebs/openebs/3.0.0/templates/ndm/node-exporter.yaml new file mode 100644 index 000000000..4d0217dcd --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/ndm/node-exporter.yaml @@ -0,0 +1,52 @@ +{{- if and .Values.ndm.enabled .Values.ndmExporter.enabled }} +{{- $ndmValues := index .Values "openebs-ndm" }} +{{- if not $ndmValues.enabled }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ template "openebs.ndm-node-exporter.fullname" . }} + labels: + {{- include "openebs.ndm-node-exporter.labels" . | nindent 4 }} +spec: + updateStrategy: + type: RollingUpdate + selector: + matchLabels: + {{- include "openebs.ndm-node-exporter.matchLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "openebs.ndm-node-exporter.labels" . | nindent 8 }} + {{- with .Values.ndmExporter.nodeExporter.podLabels }} + {{ toYaml . | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ template "openebs.serviceAccountName" . }} + containers: + - name: {{ template "openebs.ndm-node-exporter.fullname" . }} + image: "{{ .Values.ndmExporter.image.registry }}{{ .Values.ndmExporter.image.repository }}:{{ .Values.ndmExporter.image.tag }}" + command: + - /usr/local/bin/exporter + args: + - "start" + - "--mode=node" + - "--port=$(METRICS_LISTEN_PORT)" + - "--metrics=/metrics" + ports: + - containerPort: {{ .Values.ndmExporter.nodeExporter.metricsPort }} + protocol: TCP + name: metrics + imagePullPolicy: {{ .Values.ndmExporter.image.pullPolicy }} + securityContext: + privileged: true + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- if .Values.ndmExporter.nodeExporter.metricsPort }} + - name: METRICS_LISTEN_PORT + value: :{{ .Values.ndmExporter.nodeExporter.metricsPort }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/psp-clusterrole.yaml b/charts/openebs/openebs/3.0.0/templates/psp-clusterrole.yaml new file mode 100644 index 000000000..a6c4807dd --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/psp-clusterrole.yaml @@ -0,0 +1,14 @@ +{{- if and .Values.rbac.create .Values.rbac.pspEnabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "openebs.fullname" . }}-psp + labels: + app: {{ template "openebs.name" . }} +rules: +- apiGroups: ['extensions'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ template "openebs.fullname" . }}-psp +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/psp-clusterrolebinding.yaml b/charts/openebs/openebs/3.0.0/templates/psp-clusterrolebinding.yaml new file mode 100644 index 000000000..5a4205877 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/psp-clusterrolebinding.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.rbac.create .Values.rbac.pspEnabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "openebs.fullname" . }}-psp + labels: + app: {{ template "openebs.name" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "openebs.fullname" . }}-psp +subjects: + - kind: ServiceAccount + name: {{ template "openebs.serviceAccountName" . }} + namespace: {{ $.Release.Namespace }} +{{- end }} + diff --git a/charts/openebs/openebs/3.0.0/templates/psp.yaml b/charts/openebs/openebs/3.0.0/templates/psp.yaml new file mode 100644 index 000000000..0442f0e5d --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/psp.yaml @@ -0,0 +1,28 @@ +{{- if and .Values.rbac.create .Values.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "openebs.fullname" . }}-psp + namespace: {{ $.Release.Namespace }} + labels: + app: {{ template "openebs.name" . }} +spec: + privileged: true + allowPrivilegeEscalation: true + allowedCapabilities: ['*'] + volumes: ['*'] + hostNetwork: true + hostPorts: + - min: 0 + max: 65535 + hostIPC: true + hostPID: true + runAsUser: + rule: 'RunAsAny' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'RunAsAny' + fsGroup: + rule: 'RunAsAny' +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/templates/serviceaccount.yaml b/charts/openebs/openebs/3.0.0/templates/serviceaccount.yaml new file mode 100644 index 000000000..31a500455 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/templates/serviceaccount.yaml @@ -0,0 +1,11 @@ +{{- if .Values.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "openebs.serviceAccountName" . }} + labels: + app: {{ template "openebs.name" . }} + chart: {{ template "openebs.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- end }} diff --git a/charts/openebs/openebs/3.0.0/values.yaml b/charts/openebs/openebs/3.0.0/values.yaml new file mode 100644 index 000000000..da6673330 --- /dev/null +++ b/charts/openebs/openebs/3.0.0/values.yaml @@ -0,0 +1,675 @@ +# Default values for openebs. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +rbac: + # Specifies whether RBAC resources should be created + create: true + pspEnabled: false + # rbac.kyvernoEnabled: `true` if Kyverno Policy resources should be created + kyvernoEnabled: false + +serviceAccount: + create: true + name: + +imagePullSecrets: [] + # - name: image-pull-secret + +release: + # "openebs.io/version" label for control plane components + version: "3.0.0" + +# Legacy components will be installed if it is enabled. +# Legacy components are - admission-server, maya api-server, snapshot-operator +# and k8s-provisioner +legacy: + enabled: false + +image: + pullPolicy: IfNotPresent + repository: "" + +apiserver: + enabled: true + image: "openebs/m-apiserver" + imageTag: "2.12.2" + replicas: 1 + ports: + externalPort: 5656 + internalPort: 5656 + sparse: + enabled: "false" + nodeSelector: {} + tolerations: [] + affinity: {} + healthCheck: + initialDelaySeconds: 30 + periodSeconds: 60 + ## apiserver resource requests and limits + ## Reference: http://kubernetes.io/docs/user-guide/compute-resources/ + resources: {} + # limits: + # cpu: 1000m + # memory: 2Gi + # requests: + # cpu: 500m + # memory: 1Gi + + +defaultStorageConfig: + enabled: "true" + +# Directory used by the OpenEBS to store debug information and so forth +# that are generated in the course of running OpenEBS containers. +varDirectoryPath: + baseDir: "/var/openebs" + +provisioner: + enabled: true + image: "openebs/openebs-k8s-provisioner" + imageTag: "2.12.2" + replicas: 1 + enableLeaderElection: true + patchJivaNodeAffinity: enabled + nodeSelector: {} + tolerations: [] + affinity: {} + healthCheck: + initialDelaySeconds: 30 + periodSeconds: 60 + ## provisioner resource requests and limits + ## Reference: http://kubernetes.io/docs/user-guide/compute-resources/ + resources: {} + # limits: + # cpu: 1000m + # memory: 2Gi + # requests: + # cpu: 500m + # memory: 1Gi + +# If you want to enable local pv as a dependency chart then set +# `localprovisioner.enabled: false` and enable it as dependency chart. +# If you are using custom configuration then update those configuration +# under `localpv-provisioner` key. +localprovisioner: + enabled: true + image: "openebs/provisioner-localpv" + imageTag: "3.0.0" + replicas: 1 + enableLeaderElection: true + enableDeviceClass: true + enableHostpathClass: true + basePath: "/var/openebs/local" + # This sets the number of times the provisioner should try + # with a polling interval of 5 seconds, to get the Blockdevice + # Name from a BlockDeviceClaim, before the BlockDeviceClaim + # is deleted. E.g. 12 * 5 seconds = 60 seconds timeout + waitForBDBindTimeoutRetryCount: "12" + nodeSelector: {} + tolerations: [] + affinity: {} + healthCheck: + initialDelaySeconds: 30 + periodSeconds: 60 + ## localprovisioner resource requests and limits + ## Reference: http://kubernetes.io/docs/user-guide/compute-resources/ + resources: {} + # limits: + # cpu: 1000m + # memory: 2Gi + # requests: + # cpu: 500m + # memory: 1Gi + +snapshotOperator: + enabled: true + controller: + image: "openebs/snapshot-controller" + imageTag: "2.12.2" + ## snapshot controller resource requests and limits + ## Reference: http://kubernetes.io/docs/user-guide/compute-resources/ + resources: {} + # limits: + # cpu: 1000m + # memory: 2Gi + # requests: + # cpu: 500m + # memory: 1Gi + provisioner: + image: "openebs/snapshot-provisioner" + imageTag: "2.12.2" + ## snapshot provisioner resource requests and limits + ## Reference: http://kubernetes.io/docs/user-guide/compute-resources/ + resources: {} + # limits: + # cpu: 1000m + # memory: 2Gi + # requests: + # cpu: 500m + # memory: 1Gi + replicas: 1 + enableLeaderElection: true + upgradeStrategy: "Recreate" + nodeSelector: {} + tolerations: [] + affinity: {} + healthCheck: + initialDelaySeconds: 30 + periodSeconds: 60 + +# If you want to enable openebs as a dependency chart then set `ndm.enabled: false`, +# `ndmOperator.enabled: false` and enable it as dependency chart. If you are using +# custom configuration then update those configuration under `openebs-ndm` key. +ndm: + enabled: true + image: "openebs/node-disk-manager" + imageTag: "1.7.0" + sparse: + path: "/var/openebs/sparse" + size: "10737418240" + count: "0" + filters: + enableOsDiskExcludeFilter: true + osDiskExcludePaths: "/,/etc/hosts,/boot" + enableVendorFilter: true + excludeVendors: "CLOUDBYT,OpenEBS" + enablePathFilter: true + includePaths: "" + excludePaths: "/dev/loop,/dev/fd0,/dev/sr0,/dev/ram,/dev/dm-,/dev/md,/dev/rbd,/dev/zd" + probes: + enableSeachest: false + nodeSelector: {} + tolerations: [] + healthCheck: + initialDelaySeconds: 30 + periodSeconds: 60 + ## ndm resource requests and limits + ## Reference: http://kubernetes.io/docs/user-guide/compute-resources/ + resources: {} + # limits: + # cpu: 1000m + # memory: 2Gi + # requests: + # cpu: 500m + # memory: 1Gi + +# If you want to enable openebs as a dependency chart then set `ndm.enabled: false`, +# `ndmOperator.enabled: false` and enable it as dependency chart. If you are using +# custom configuration then update those configuration under `openebs-ndm` key. +ndmOperator: + enabled: true + image: "openebs/node-disk-operator" + imageTag: "1.7.0" + replicas: 1 + upgradeStrategy: Recreate + nodeSelector: {} + tolerations: [] + healthCheck: + initialDelaySeconds: 15 + periodSeconds: 20 + readinessCheck: + initialDelaySeconds: 5 + periodSeconds: 10 + ## ndmOperator resource requests and limits + ## Reference: http://kubernetes.io/docs/user-guide/compute-resources/ + resources: {} + # limits: + # cpu: 1000m + # memory: 2Gi + # requests: + # cpu: 500m + # memory: 1Gi + +ndmExporter: + enabled: false + image: + registry: + repository: openebs/node-disk-exporter + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: 1.7.0 + nodeExporter: + name: ndm-node-exporter + podLabels: + name: openebs-ndm-node-exporter + # The TCP port number used for exposing ndm-node-exporter metrics. + # If not set, service will not be created to expose metrics endpoint to serviceMonitor + # and listen-port flag will not be set and container port will be empty. + metricsPort: 9101 + clusterExporter: + name: ndm-cluster-exporter + podLabels: + name: openebs-ndm-cluster-exporter + # The TCP port number used for exposing ndm-cluster-exporter metrics. + # If not set, service will not be created to expose metrics endpoint to serviceMonitor + # and listen-port flag will not be set and container port will be empty. + metricsPort: 9100 + +webhook: + enabled: true + image: "openebs/admission-server" + imageTag: "2.12.2" + failurePolicy: "Fail" + replicas: 1 + healthCheck: + initialDelaySeconds: 30 + periodSeconds: 60 + nodeSelector: {} + tolerations: [] + affinity: {} + hostNetwork: false + ## admission-server resource requests and limits + ## Reference: http://kubernetes.io/docs/user-guide/compute-resources/ + resources: {} + # limits: + # cpu: 500m + # memory: 1Gi + # requests: + # cpu: 250m + # memory: 500Mi + +# If you are migrating from 2.x to 3.x and if you are using custom values +# then put this configuration under `localpv-provisioner` and `openebs-ndm` key. +helper: + image: "openebs/linux-utils" + imageTag: "3.0.0" + +# These are ndm related configuration. If you want to enable openebs as a dependency +# chart then set `ndm.enabled: false`, `ndmOperator.enabled: false` and enable it as +# dependency chart. If you are using custom configuration then update those configuration +# under `openebs-ndm` key. +featureGates: + enabled: true + GPTBasedUUID: + enabled: true + featureGateFlag: "GPTBasedUUID" + APIService: + enabled: false + featureGateFlag: "APIService" + address: "0.0.0.0:9115" + UseOSDisk: + enabled: false + featureGateFlag: "UseOSDisk" + ChangeDetection: + enabled: false + featureGateFlag: "ChangeDetection" + +crd: + enableInstall: true + +# If you are migrating from 2.x to 3.x and if you are using custom values +# then put these configuration under `cstor` key. +policies: + monitoring: + enabled: true + image: "openebs/m-exporter" + imageTag: "2.12.2" + +analytics: + enabled: true + # Specify in hours the duration after which a ping event needs to be sent. + pingInterval: "24h" + +jiva: + + # non csi configuration + image: "openebs/jiva" + imageTag: "2.12.2" + replicas: 3 + defaultStoragePath: "/var/openebs" + + # jiva csi driver configuration + # do not enable or configure any sub dependency here + # only jiva csi related settings can be added here + # ref - https://openebs.github.io/jiva-operator + + # jiva chart dependency tree is here - + # jiva + # | - localpv-provisioner + # | | - openebs-ndm + + # Enable localpv-provisioner and openebs-ndm as root dependency not as + # sub dependency. + # openebs + # | - jiva(enable) + # | | - localpv-provisioner(disable) + # | | | - openebs-ndm(disable) + # | - localpv-provisioner(enable) + # | - openebs-ndm(enable) + + enabled: false + openebsLocalpv: + enabled: false + localpv-provisioner: + openebsNDM: + enabled: false + + # Sample configuration if you want to configure jiva csi driver with custom values. + # This is a small part of the full configuration. Full configuration available + # here - https://openebs.github.io/jiva-operator + +# rbac: +# create: true +# pspEnabled: false +# +# jivaOperator: +# controller: +# image: +# registry: quay.io/ +# repository: openebs/jiva +# tag: 3.0.0 +# replica: +# image: +# registry: quay.io/ +# repository: openebs/jiva +# tag: 3.0.0 +# image: +# registry: quay.io/ +# repository: openebs/jiva-operator +# pullPolicy: IfNotPresent +# tag: 3.0.0 +# +# jivaCSIPlugin: +# remount: "true" +# image: +# registry: quay.io/ +# repository: openebs/jiva-csi +# pullPolicy: IfNotPresent +# tag: 3.0.0 + +cstor: + + # non csi configuration + pool: + image: "openebs/cstor-pool" + imageTag: "2.12.2" + poolMgmt: + image: "openebs/cstor-pool-mgmt" + imageTag: "2.12.2" + target: + image: "openebs/cstor-istgt" + imageTag: "2.12.2" + volumeMgmt: + image: "openebs/cstor-volume-mgmt" + imageTag: "2.12.2" + + # cstor csi driver configuration + # do not enable or configure any sub dependency here + # only cstor csi related settings can be added here + # ref - https://openebs.github.io/cstor-operators + + # cstor chart dependency tree is here - + # cstor + # | - openebs-ndm + + # Enable openebs-ndm as root dependency not as sub dependency. + # openebs + # | - cstor(enable) + # | | - openebs-ndm(disable) + # | - openebs-ndm(enable) + enabled: false + openebsNDM: + enabled: false + + # Sample configuration if you want to configure cstor csi driver with custom values. + # This is a small part of the full configuration. Full configuration available + # here - https://openebs.github.io/cstor-operators + +# imagePullSecrets: [] +# +# rbac: +# create: true +# pspEnabled: false +# +# cspcOperator: +# poolManager: +# image: +# registry: quay.io/ +# repository: openebs/cstor-pool-manager +# tag: 3.0.0 +# cstorPool: +# image: +# registry: quay.io/ +# repository: openebs/cstor-pool +# tag: 3.0.0 +# cstorPoolExporter: +# image: +# registry: quay.io/ +# repository: openebs/m-exporter +# tag: 3.0.0 +# image: +# registry: quay.io/ +# repository: openebs/cspc-operator +# pullPolicy: IfNotPresent +# tag: 3.0.0 +# +# cvcOperator: +# target: +# image: +# registry: quay.io/ +# repository: openebs/cstor-istgt +# tag: 3.0.0 +# volumeMgmt: +# image: +# registry: quay.io/ +# repository: openebs/cstor-volume-manager +# tag: 3.0.0 +# volumeExporter: +# image: +# registry: quay.io/ +# repository: openebs/m-exporter +# tag: 3.0.0 +# image: +# registry: quay.io/ +# repository: openebs/cvc-operator +# pullPolicy: IfNotPresent +# tag: 3.0.0 +# +# cstorCSIPlugin: +# image: +# registry: quay.io/ +# repository: openebs/cstor-csi-driver +# pullPolicy: IfNotPresent +# tag: 3.0.0 +# +# admissionServer: +# componentName: cstor-admission-webhook +# image: +# registry: quay.io/ +# repository: openebs/cstor-webhook +# pullPolicy: IfNotPresent +# tag: 3.0.0 + +# ndm configuration goes here +# https://openebs.github.io/node-disk-manager +openebs-ndm: + enabled: false + + # Sample configuration if you want to configure openebs ndm with custom values. + # This is a small part of the full configuration. Full configuration available + # here - https://openebs.github.io/node-disk-manager + +# imagePullSecrets: [] +# +# ndm: +# image: +# registry: quay.io/ +# repository: openebs/node-disk-manager +# pullPolicy: IfNotPresent +# tag: 1.7.0 +# sparse: +# path: "/var/openebs/sparse" +# size: "10737418240" +# count: "0" +# filters: +# enableOsDiskExcludeFilter: true +# osDiskExcludePaths: "/,/etc/hosts,/boot" +# enableVendorFilter: true +# excludeVendors: "CLOUDBYT,OpenEBS" +# enablePathFilter: true +# includePaths: "" +# excludePaths: "loop,fd0,sr0,/dev/ram,/dev/dm-,/dev/md,/dev/rbd,/dev/zd" +# probes: +# enableSeachest: false +# enableUdevProbe: true +# enableSmartProbe: true +# +# ndmOperator: +# image: +# registry: quay.io/ +# repository: openebs/node-disk-operator +# pullPolicy: IfNotPresent +# tag: 1.7.0 +# +# helperPod: +# image: +# registry: quay.io/ +# repository: openebs/linux-utils +# pullPolicy: IfNotPresent +# tag: 3.0.0 +# +# featureGates: +# enabled: true +# GPTBasedUUID: +# enabled: true +# featureGateFlag: "GPTBasedUUID" +# APIService: +# enabled: false +# featureGateFlag: "APIService" +# address: "0.0.0.0:9115" +# UseOSDisk: +# enabled: false +# featureGateFlag: "UseOSDisk" +# ChangeDetection: +# enabled: false +# featureGateFlag: "ChangeDetection" +# +# varDirectoryPath: +# baseDir: "/var/openebs" + + # local pv provisioner configuration goes here + # do not enable or configure any sub dependency here + # ref - https://openebs.github.io/dynamic-localpv-provisioner + + # local pv chart dependency tree is here - + # localpv-provisioner + # | - openebs-ndm + + # Enable openebs-ndm as root dependency not as sub dependency. + # openebs + # | - localpv-provisioner(enable) + # | | - openebs-ndm(disable) + # | - openebs-ndm(enable) +localpv-provisioner: + enabled: false + openebsNDM: + enabled: false + + # Sample configuration if you want to configure openebs locapv with custom values. + # This is a small part of the full configuration. Full configuration available + # here - https://openebs.github.io/dynamic-localpv-provisioner + +# imagePullSecrets: [] +# +# rbac: +# create: true +# pspEnabled: false +# +# localpv: +# image: +# registry: quay.io/ +# repository: openebs/provisioner-localpv +# tag: 3.0.0 +# pullPolicy: IfNotPresent +# healthCheck: +# initialDelaySeconds: 30 +# periodSeconds: 60 +# replicas: 1 +# enableLeaderElection: true +# basePath: "/var/openebs/local" +# +# helperPod: +# image: +# registry: quay.io/ +# repository: openebs/linux-utils +# pullPolicy: IfNotPresent +# tag: 3.0.0 + +# zfs local pv configuration goes here +# ref - https://openebs.github.io/zfs-localpv +zfs-localpv: + enabled: false + + # Sample configuration if you want to configure zfs locapv with custom values. + # This is a small part of the full configuration. Full configuration available + # here - https://openebs.github.io/zfs-localpv + +# imagePullSecrets: [] +# +# rbac: +# pspEnabled: false +# +# zfsPlugin: +# image: +# registry: quay.io/ +# repository: openebs/zfs-driver +# pullPolicy: IfNotPresent +# tag: 1.9.3 + +# lvm local pv configuration goes here +# ref - https://openebs.github.io/lvm-localpv +lvm-localpv: + enabled: false + + # Sample configuration if you want to configure lvm localpv with custom values. + # This is a small part of the full configuration. Full configuration available + # here - https://openebs.github.io/lvm-localpv + +# imagePullSecrets: [] +# +# rbac: +# pspEnabled: false +# +# lvmPlugin: +# image: +# registry: quay.io/ +# repository: openebs/lvm-driver +# pullPolicy: IfNotPresent +# tag: 0.8.2 + +# openebs nfs provisioner configuration goes here +# ref - https://openebs.github.io/dynamic-nfs-provisioner +nfs-provisioner: + enabled: false + + # Sample configuration if you want to configure lvm localpv with custom values. + # This is a small part of the full configuration. Full configuration available + # here - https://openebs.github.io/dynamic-nfs-provisioner + +# imagePullSecrets: [] +# +# rbac: +# pspEnabled: false +# +# nfsProvisioner: +# image: +# registry: +# repository: openebs/provisioner-nfs +# tag: 0.7.1 +# pullPolicy: IfNotPresent +# enableLeaderElection: "true" +# nfsServerAlpineImage: +# registry: +# repository: openebs/nfs-server-alpine +# tag: 0.7.1 + +cleanup: + image: + # Make sure that registry name end with a '/'. + # For example : quay.io/ is a correct value here and quay.io is incorrect + registry: + repository: bitnami/kubectl + tag: + imagePullSecrets: [] + # - name: image-pull-secret diff --git a/index.yaml b/index.yaml index 48ae454ad..eea02b186 100755 --- a/index.yaml +++ b/index.yaml @@ -1534,6 +1534,61 @@ entries: - assets/nutanix-csi-storage/nutanix-csi-storage-2.3.100.tgz version: 2.3.100 openebs: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: OpenEBS + catalog.cattle.io/release-name: openebs + apiVersion: v2 + appVersion: 3.0.0 + created: "2021-10-18T12:21:03.930751491+05:30" + dependencies: + - condition: cstor.enabled + name: cstor + repository: file://./charts/cstor + - condition: jiva.enabled + name: jiva + repository: file://./charts/jiva + - condition: localpv-provisioner.enabled + name: localpv-provisioner + repository: file://./charts/localpv-provisioner + - condition: lvm-localpv.enabled + name: lvm-localpv + repository: file://./charts/lvm-localpv + - condition: nfs-provisioner.enabled + name: nfs-provisioner + repository: file://./charts/nfs-provisioner + - condition: openebs-ndm.enabled + name: openebs-ndm + repository: file://./charts/openebs-ndm + - condition: zfs-localpv.enabled + name: zfs-localpv + repository: file://./charts/zfs-localpv + description: Containerized Attached Storage for Kubernetes + digest: 24dbaafd6403d1df7215dbe22531bc7ae687cd4bf2d7ae3aabee29ff26a1b92b + home: http://www.openebs.io/ + icon: https://raw.githubusercontent.com/cncf/artwork/HEAD/projects/openebs/icon/color/openebs-icon-color.png + keywords: + - cloud-native-storage + - block-storage + - local-storage + - iSCSI + - NVMe + - storage + - kubernetes + kubeVersion: '>=1.13.0-0' + maintainers: + - email: kiran.mova@mayadata.io + name: kmova + - email: prateek.pandey@mayadata.io + name: prateekpandey14 + - email: shovan.maity@mayadata.io + name: shovanmaity + name: openebs + sources: + - https://github.com/openebs/openebs + urls: + - assets/openebs/openebs-3.0.0.tgz + version: 3.0.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: OpenEBS