From 1ae9d4bb75417478e9007912227f04f5e24e942b Mon Sep 17 00:00:00 2001 From: caoyingjunz Date: Tue, 20 Jun 2023 23:21:22 +0800 Subject: [PATCH] Release localsotorage v1.0.1 (#202) 1. Add localstorage crds 2. Add webhook server 3. Add csi register logical --- README.md | 20 ++- deploy/v1.0.1/ls-controller.yaml | 47 +++++ deploy/v1.0.1/ls-driverinfo.yaml | 10 ++ deploy/v1.0.1/ls-node.yaml | 163 ++++++++++++++++++ deploy/v1.0.1/ls-rbac.yaml | 60 +++++++ deploy/v1.0.1/ls-secret.yaml | 10 ++ deploy/v1.0.1/ls-service.yaml | 14 ++ deploy/v1.0.1/ls-webhookconfiguration.yaml | 68 ++++++++ .../storage.caoyingjunz.io_localstorages.yaml | 123 +++++++++++++ 9 files changed, 511 insertions(+), 4 deletions(-) create mode 100644 deploy/v1.0.1/ls-controller.yaml create mode 100644 deploy/v1.0.1/ls-driverinfo.yaml create mode 100644 deploy/v1.0.1/ls-node.yaml create mode 100644 deploy/v1.0.1/ls-rbac.yaml create mode 100644 deploy/v1.0.1/ls-secret.yaml create mode 100644 deploy/v1.0.1/ls-service.yaml create mode 100644 deploy/v1.0.1/ls-webhookconfiguration.yaml create mode 100644 deploy/v1.0.1/storage.caoyingjunz.io_localstorages.yaml diff --git a/README.md b/README.md index 4bc77320..ba97104c 100644 --- a/README.md +++ b/README.md @@ -10,14 +10,26 @@ This driver allows Kubernetes to access LocalStorage on Linux node. ## Getting Started ### Installation +- 选择运行 `localstorage` 的 `kubernetes` 节点 + ```shell + kubectl label node storage.caoyingjunz.io/node= + ``` + +- 创建 `localstorage` 资源 + ```shell + # 修改 examples/ls.yaml + kubectl apply -f examples/ls.yaml + ``` + - 安装 `localstorage` 组件 ```shell - kubectl apply -f deploy/v1.0.0 + kubectl apply -f deploy/v1.0.1 # 验证 - kubectl get pod -l app=csi-ls-node -n kube-system - NAME READY STATUS RESTARTS AGE - pixiu-localstorage-node-7945j 3/3 Running 0 8m22s + root@pixiu01:~# kubectl get pod -n kube-system | grep pixiu-localstorage + pixiu-localstorage-controller-6d4d7f4684-h5ds9 1/1 Running 14 (3m32s ago) 24h + pixiu-localstorage-node-8k94w 4/4 Running 11 (48s ago) 24h + pixiu-localstorage-node-nkhvk 4/4 Running 24 (6m9s ago) 24h ``` - 安装 `storageclass` diff --git a/deploy/v1.0.1/ls-controller.yaml b/deploy/v1.0.1/ls-controller.yaml new file mode 100644 index 00000000..bea05287 --- /dev/null +++ b/deploy/v1.0.1/ls-controller.yaml @@ -0,0 +1,47 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: pixiu-localstorage-controller + namespace: kube-system +spec: + replicas: 1 + selector: + matchLabels: + app: pixiu-ls-controller + template: + metadata: + labels: + app: pixiu-ls-controller + spec: + serviceAccountName: csi-ls-node-sa + containers: + - args: + - -v=2 + # port's value equals 0 means health check func disabled + - --healthz-port=10258 + - --cert-dir=/tmp/cert + - --port=8443 + image: pixiuio/localstorage-controller:v1.0.1 + imagePullPolicy: IfNotPresent + name: ls-controller + volumeMounts: + - mountPath: /tmp/cert + name: cert + readOnly: true + livenessProbe: + httpGet: + path: /healthz + port: 10258 + failureThreshold: 5 + initialDelaySeconds: 30 + timeoutSeconds: 5 + periodSeconds: 5 + dnsPolicy: Default + nodeSelector: + kubernetes.io/os: linux + restartPolicy: Always + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: pixiu-localstorage-cert diff --git a/deploy/v1.0.1/ls-driverinfo.yaml b/deploy/v1.0.1/ls-driverinfo.yaml new file mode 100644 index 00000000..85a5d25c --- /dev/null +++ b/deploy/v1.0.1/ls-driverinfo.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: localstorage.caoyingjunz.io +spec: + attachRequired: false + volumeLifecycleModes: + - Persistent + fsGroupPolicy: File diff --git a/deploy/v1.0.1/ls-node.yaml b/deploy/v1.0.1/ls-node.yaml new file mode 100644 index 00000000..e8ddddf2 --- /dev/null +++ b/deploy/v1.0.1/ls-node.yaml @@ -0,0 +1,163 @@ +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: pixiu-localstorage-node + namespace: kube-system +spec: + updateStrategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate + selector: + matchLabels: + app: csi-ls-node + template: + metadata: + labels: + app: csi-ls-node + spec: +# hostNetwork: true + dnsPolicy: Default # available values: Default, ClusterFirstWithHostNet, ClusterFirst + serviceAccountName: csi-ls-node-sa + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: storage.caoyingjunz.io/node + operator: Exists + tolerations: + - operator: "Exists" + containers: + - name: liveness-probe + image: pixiuio/livenessprobe:v2.8.0 + args: + - --csi-address=/csi/csi.sock + - --probe-timeout=3s + - --health-port=29653 + - --v=2 + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + + - name: node-driver-registrar + image: pixiuio/csi-node-driver-registrar:v2.6.2 + args: + - --v=2 + - --csi-address=/csi/csi.sock + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + livenessProbe: + exec: + command: + - /csi-node-driver-registrar + - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) + - --mode=kubelet-registration-probe + initialDelaySeconds: 30 + timeoutSeconds: 15 + env: + - name: DRIVER_REG_SOCK_PATH + value: /var/lib/kubelet/plugins/csi-lsplugin/csi.sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + resources: + limits: + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + + - name: csi-provisioner + image: jacky06/csi-provisioner:v0.1 + args: + - -v=5 + - --csi-address=/csi/csi.sock + env: + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + securityContext: + # This is necessary only for systems with SELinux, where + # non-privileged sidecar containers cannot access unix domain socket + # created by privileged CSI driver container. + privileged: true + volumeMounts: + - mountPath: /csi + name: socket-dir + + - name: ls-plugin + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + image: pixiuio/localstorageplugin:v1.0.1 + args: + - "-v=5" + - "--endpoint=$(CSI_ENDPOINT)" + - "--volume-dir=/data" + env: + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + ports: + - containerPort: 29653 + name: healthz + protocol: TCP + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 30 + imagePullPolicy: IfNotPresent + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: pods-mount-dir + mountPath: /var/lib/kubelet/pods + mountPropagation: "Bidirectional" + - mountPath: /data + name: volume-dir + resources: + limits: + memory: 300Mi + requests: + cpu: 10m + memory: 20Mi + volumes: + - name: socket-dir + hostPath: + path: /var/lib/kubelet/plugins/csi-lsplugin + type: DirectoryOrCreate + - name: pods-mount-dir + hostPath: + path: /var/lib/kubelet/pods + type: Directory + - hostPath: + path: /var/lib/kubelet/plugins_registry + type: Directory + name: registration-dir + - hostPath: + path: /data + type: DirectoryOrCreate + name: volume-dir diff --git a/deploy/v1.0.1/ls-rbac.yaml b/deploy/v1.0.1/ls-rbac.yaml new file mode 100644 index 00000000..ce0bdb81 --- /dev/null +++ b/deploy/v1.0.1/ls-rbac.yaml @@ -0,0 +1,60 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-ls-node-sa + namespace: kube-system +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: ls-external-provisioner-role +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get"] + - apiGroups: [""] + resources: ["endpoints"] + verbs: [ "get", "list", "watch", "create", "update", "patch" ] + - apiGroups: ["storage.caoyingjunz.io"] + resources: ["localstorages"] + verbs: [ "get", "list", "watch", "create", "update", "patch" ] +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: ls-csi-provisioner-binding +subjects: + - kind: ServiceAccount + name: csi-ls-node-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: ls-external-provisioner-role + apiGroup: rbac.authorization.k8s.io diff --git a/deploy/v1.0.1/ls-secret.yaml b/deploy/v1.0.1/ls-secret.yaml new file mode 100644 index 00000000..15c1c47d --- /dev/null +++ b/deploy/v1.0.1/ls-secret.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +data: + ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR5akNDQXJLZ0F3SUJBZ0lVT3NCMUkxU2RvZExDZlhxcC9SaW9VbnBTQ2Fvd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0tERW1NQ1FHQTFVRUF3d2RjR2w0YVhVdGJHOWpZV3h6ZEc5eVlXZGxMWE5sY25acFkyVWdRMEV3SUJjTgpNak13TmpBM01EQXhOakkxV2hnUE1qRXlNekExTVRRd01ERTJNalZhTURVeE16QXhCZ05WQkFNTUtuQnBlR2wxCkxXeHZZMkZzYzNSdmNtRm5aUzF6WlhKMmFXTmxMbXQxWW1VdGMzbHpkR1Z0TG5OMll6Q0NBU0l3RFFZSktvWkkKaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFNbXVsVElkSGZndlgrUndJOFUwbE1ZbHYyeDFGeXhoeW4wUgpvODhpZ20zTmdMV2xwWE84TlVpczh3U09FYU1sRDgxa3JCcWZWR2lBc2w1SkhWT0NsZTJNU1E4YW5SSXV3d0R2ClFnWlgwcjl4N3dBaVU4LzROMkJCWFRwSnp5VnJBSHFERE14eUg5Kzh1cG5SN09SVFdEeXUrUXMvUjBsa1hvVjUKZ0tJUTN5aXFDdEJaRUVkbnlhYklZYXUwUW5ZL1YzWS9vaWJsQXRuU3hYUUR5TCthUTVZS015a1c4cE95OW1FQwo0d29IZUZlNjNaY3NRV01RQTVtanBZZ3hRMGVOdUFFZ2IzVmZGcXJrTVFFSytaaFFHWVAwWGlkS1hNZlBJellDCk1wdHExMDBQYWlXTWxkZk8xaWt6aUhDcFJERTVna0hoak53T01hRUhCNFJ0Y1N4LytSRUNBd0VBQWFPQjNEQ0IKMlRBSkJnTlZIUk1FQWpBQU1Bc0dBMVVkRHdRRUF3SUY0REIvQmdOVkhSRUVlREIyZ2hwd2FYaHBkUzFzYjJOaApiSE4wYjNKaFoyVXRjMlZ5ZG1salpZSW1jR2w0YVhVdGJHOWpZV3h6ZEc5eVlXZGxMWE5sY25acFkyVXVhM1ZpClpTMXplWE4wWlcyQ0tuQnBlR2wxTFd4dlkyRnNjM1J2Y21GblpTMXpaWEoyYVdObExtdDFZbVV0YzNsemRHVnQKTG5OMlk0Y0Vmd0FBQVRBZEJnTlZIUTRFRmdRVWVCc1FLK3IwUmRnOHBpVktTOU5RM21TRDE3VXdId1lEVlIwagpCQmd3Rm9BVVh3QjlmMjFyV21XVDY3MzgvL25VZ3BDM0lxQXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSGRWCkdhTnJRaDVkNGFUVE5uWUNxQ3ExS3VDdEFaVFJPSDFVUnVzd0VtREhtYi8xMHdDQ21PWUg3MDJqaUVaUW9RelAKdndVY2ZLUFhOWE5MdTlkaThBbXlEZnIzUkNtalAwRWpVMWR0STFYOTBFTENkYTdOSkJMamJ6QjFWem1HdEJuVApHMERuZ0twTzlraGViaFl3Ykt4dS9zM0JJVUtmTExDL3BBTkh5RnYxcU5aWlJJQUNSdW5nb2pBRzlpVEFjOExHCllmNWwyVFBxaUg5WHZmdDZReUNGZ0t5NnU2YmZobXR4REVxNFM3Qm12OEdYWWxLUnBpcVhXWCtZb1FEcFY5MGEKc1BMQU8rcXBRNlh3L1B5eU1Nd2JRSklKRVVjVjdPeXJmT3pta3RjNGRvSklIN2tVcnREYkxZc29MSkRpVGVZUApwU09uMnJDSHlOa1hiQUUvQW9VPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR5akNDQXJLZ0F3SUJBZ0lVT3NCMUkxU2RvZExDZlhxcC9SaW9VbnBTQ2Fvd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0tERW1NQ1FHQTFVRUF3d2RjR2w0YVhVdGJHOWpZV3h6ZEc5eVlXZGxMWE5sY25acFkyVWdRMEV3SUJjTgpNak13TmpBM01EQXhOakkxV2hnUE1qRXlNekExTVRRd01ERTJNalZhTURVeE16QXhCZ05WQkFNTUtuQnBlR2wxCkxXeHZZMkZzYzNSdmNtRm5aUzF6WlhKMmFXTmxMbXQxWW1VdGMzbHpkR1Z0TG5OMll6Q0NBU0l3RFFZSktvWkkKaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFNbXVsVElkSGZndlgrUndJOFUwbE1ZbHYyeDFGeXhoeW4wUgpvODhpZ20zTmdMV2xwWE84TlVpczh3U09FYU1sRDgxa3JCcWZWR2lBc2w1SkhWT0NsZTJNU1E4YW5SSXV3d0R2ClFnWlgwcjl4N3dBaVU4LzROMkJCWFRwSnp5VnJBSHFERE14eUg5Kzh1cG5SN09SVFdEeXUrUXMvUjBsa1hvVjUKZ0tJUTN5aXFDdEJaRUVkbnlhYklZYXUwUW5ZL1YzWS9vaWJsQXRuU3hYUUR5TCthUTVZS015a1c4cE95OW1FQwo0d29IZUZlNjNaY3NRV01RQTVtanBZZ3hRMGVOdUFFZ2IzVmZGcXJrTVFFSytaaFFHWVAwWGlkS1hNZlBJellDCk1wdHExMDBQYWlXTWxkZk8xaWt6aUhDcFJERTVna0hoak53T01hRUhCNFJ0Y1N4LytSRUNBd0VBQWFPQjNEQ0IKMlRBSkJnTlZIUk1FQWpBQU1Bc0dBMVVkRHdRRUF3SUY0REIvQmdOVkhSRUVlREIyZ2hwd2FYaHBkUzFzYjJOaApiSE4wYjNKaFoyVXRjMlZ5ZG1salpZSW1jR2w0YVhVdGJHOWpZV3h6ZEc5eVlXZGxMWE5sY25acFkyVXVhM1ZpClpTMXplWE4wWlcyQ0tuQnBlR2wxTFd4dlkyRnNjM1J2Y21GblpTMXpaWEoyYVdObExtdDFZbVV0YzNsemRHVnQKTG5OMlk0Y0Vmd0FBQVRBZEJnTlZIUTRFRmdRVWVCc1FLK3IwUmRnOHBpVktTOU5RM21TRDE3VXdId1lEVlIwagpCQmd3Rm9BVVh3QjlmMjFyV21XVDY3MzgvL25VZ3BDM0lxQXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSGRWCkdhTnJRaDVkNGFUVE5uWUNxQ3ExS3VDdEFaVFJPSDFVUnVzd0VtREhtYi8xMHdDQ21PWUg3MDJqaUVaUW9RelAKdndVY2ZLUFhOWE5MdTlkaThBbXlEZnIzUkNtalAwRWpVMWR0STFYOTBFTENkYTdOSkJMamJ6QjFWem1HdEJuVApHMERuZ0twTzlraGViaFl3Ykt4dS9zM0JJVUtmTExDL3BBTkh5RnYxcU5aWlJJQUNSdW5nb2pBRzlpVEFjOExHCllmNWwyVFBxaUg5WHZmdDZReUNGZ0t5NnU2YmZobXR4REVxNFM3Qm12OEdYWWxLUnBpcVhXWCtZb1FEcFY5MGEKc1BMQU8rcXBRNlh3L1B5eU1Nd2JRSklKRVVjVjdPeXJmT3pta3RjNGRvSklIN2tVcnREYkxZc29MSkRpVGVZUApwU09uMnJDSHlOa1hiQUUvQW9VPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + tls.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2d0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktrd2dnU2xBZ0VBQW9JQkFRREpycFV5SFIzNEwxL2sKY0NQRk5KVEdKYjlzZFJjc1ljcDlFYVBQSW9KdHpZQzFwYVZ6dkRWSXJQTUVqaEdqSlEvTlpLd2FuMVJvZ0xKZQpTUjFUZ3BYdGpFa1BHcDBTTHNNQTcwSUdWOUsvY2U4QUlsUFArRGRnUVYwNlNjOGxhd0I2Z3d6TWNoL2Z2THFaCjBlemtVMWc4cnZrTFAwZEpaRjZGZVlDaUVOOG9xZ3JRV1JCSFo4bW15R0dydEVKMlAxZDJQNkltNVFMWjBzVjAKQThpL21rT1dDak1wRnZLVHN2WmhBdU1LQjNoWHV0MlhMRUZqRUFPWm82V0lNVU5IamJnQklHOTFYeGFxNURFQgpDdm1ZVUJtRDlGNG5TbHpIenlNMkFqS2JhdGRORDJvbGpKWFh6dFlwTTRod3FVUXhPWUpCNFl6Y0RqR2hCd2VFCmJYRXNmL2tSQWdNQkFBRUNnZ0VBQ1U2Z2xUZFZoWmxuRlJkTk9VbXR4MjZneExnckZYbmVVckw4a3AraXNmOUMKcmk5S29UcUpZWFVVd213dGVYQkppRWFaOENFVDc3NG5yUlQxOE4rRS9IbEZ1bGdWc1V2OTVRWkZqMTRnYkVRTgpYZDNYclJCayt0RE5aUFlZeEg3cGZ0M2JHbmkyU3BpT3FuQk8vTEx4YnB4N0F2Yzh1cER5a1RtTUUzNlFrOU5mCkUwMS9FS1B6ZFdFL3B0V2lNODZNZXVFcDY5b0tjdHM1VFA1eTZpbTVUOXV5bjMyemhLQlI5dkVoSjcxUVM1VFMKeFA1aGxaV3l1U2lvRGhESXZHWXcwdjhFdjQwbjRNbmFLRzBpSllDdVgwV2dIMmtMRVFUY3hSaHJhYkU5MDRtcApjSkl6ejEyUUVGZmM0UTJpWXZxZW9tSjREN0JncFUrTUVVQVVONmlRZVFLQmdRRGprZ04wdGtDT2c5cjRWNzVoCjlnWDNyUlgyMlBVcUNYck5LVVBuNXJtaWR3ajhDbW1ieEF3WjZPcmdaRGJqRVRaZ3RLY3E4RlQ1N2F6WFh0Nm8KSkJGREgwNjkzZStEVTJOZHFDbndxQjlWbGN3VCtid25pYjlxekI2SjdNczRjcU5rQWZBUkJYaC9aSFhpbnFHWgpPV3pESkdYdEJpR0JhQ2VqMlkyNkdVNHcrUUtCZ1FEaTRLQXJwTFI4UzgzampKWGFuNEFsTk45bzFjNk9TQklmCnZWUHp6RjZ6VllsdXpQZDNlaytkbTdDYmgxc0hVcmUyQm9qT05MOEMzckFEVDRXa2w4Ti9aT0tNbXlobEEzNkEKbW96SkJQRjR2THd5Rjk5SGZTWkpJOWJ3c2duaGdsYXgrSmx6TFloUlM3RjR3UFpQWEh3MURzOHZTVFRhSmVxMQozV3FEOWUrbTJRS0JnUUNYdXRMekRsRWN0RzFiQjZXNFN3RFBrbWdDbmNWWXNkbGUwUlNsbWdCTGduSkxHZVl3CkpSYXNiOCtxclNhclh0NlN1K0I1a0tRWHY1QnVTS0xNR01BcHNNWWZjY293RlhrN0NOUnQwS3FUdGJ6TDFNYk8KMWRqNnEvM3dtQ0VuRWNnKzljdktqWXM1NVJGMGQ2L25LWktLeWNucnJ4ckgzVm9RdFF6NTk4VmFnUUtCZ1FDUgpvY2F1dlNidHNtc1M2YWMza3JMYkx6bEpQaFU4MTU1cXFVaytjYTFJU0Z2VHQ5WVI1MzA3bWppZlhSOWRjQWRrCjNJVHNlSWN6L0dYWGVqQTdHdi91d245NTZnN2Y2SUpIWXUyRUM1eEUrRUdGbGpWSTJsaTlFamhpZ0tZL0R6OC8KTm1pcHVreUtncUFFOXpna2NTVjVtV3Y4Mm0wR3F0Z2lyV0kyR3FRZTRRS0JnUURCV2NLYjNuTG8ya3dPL2t2ZQovRHdkcVJGVmo3dVBTeTdtSUdZYXlKZ2JzRlNLTzV4ZjkrZFFGZkM3OEFldnhla1VIT25kYXVqUW5Yb3JPcDhKClZMQ0YzdXFnVElXbnllSTlXb2svbWtSL01GbWFHanhtMTQzencxMEhqRzkvWTJDK0I1TEJwZG8vRk5ucGpmZHUKMTROeWQveDN1UEdWSllibzA4STQ4VEZ1K3c9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg== +kind: Secret +metadata: + name: pixiu-localstorage-cert + namespace: kube-system +type: kubernetes.io/tls diff --git a/deploy/v1.0.1/ls-service.yaml b/deploy/v1.0.1/ls-service.yaml new file mode 100644 index 00000000..5d671a3c --- /dev/null +++ b/deploy/v1.0.1/ls-service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: pixiu-localstorage-service + namespace: kube-system +spec: + ports: + - name: tcp-8443 + port: 443 + protocol: TCP + targetPort: 8443 + selector: + app: pixiu-ls-controller + type: ClusterIP diff --git a/deploy/v1.0.1/ls-webhookconfiguration.yaml b/deploy/v1.0.1/ls-webhookconfiguration.yaml new file mode 100644 index 00000000..eb872e4e --- /dev/null +++ b/deploy/v1.0.1/ls-webhookconfiguration.yaml @@ -0,0 +1,68 @@ +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: pixiu-ls-mutating-configuration +webhooks: + - admissionReviewVersions: + - v1 + clientConfig: + caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR5akNDQXJLZ0F3SUJBZ0lVT3NCMUkxU2RvZExDZlhxcC9SaW9VbnBTQ2Fvd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0tERW1NQ1FHQTFVRUF3d2RjR2w0YVhVdGJHOWpZV3h6ZEc5eVlXZGxMWE5sY25acFkyVWdRMEV3SUJjTgpNak13TmpBM01EQXhOakkxV2hnUE1qRXlNekExTVRRd01ERTJNalZhTURVeE16QXhCZ05WQkFNTUtuQnBlR2wxCkxXeHZZMkZzYzNSdmNtRm5aUzF6WlhKMmFXTmxMbXQxWW1VdGMzbHpkR1Z0TG5OMll6Q0NBU0l3RFFZSktvWkkKaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFNbXVsVElkSGZndlgrUndJOFUwbE1ZbHYyeDFGeXhoeW4wUgpvODhpZ20zTmdMV2xwWE84TlVpczh3U09FYU1sRDgxa3JCcWZWR2lBc2w1SkhWT0NsZTJNU1E4YW5SSXV3d0R2ClFnWlgwcjl4N3dBaVU4LzROMkJCWFRwSnp5VnJBSHFERE14eUg5Kzh1cG5SN09SVFdEeXUrUXMvUjBsa1hvVjUKZ0tJUTN5aXFDdEJaRUVkbnlhYklZYXUwUW5ZL1YzWS9vaWJsQXRuU3hYUUR5TCthUTVZS015a1c4cE95OW1FQwo0d29IZUZlNjNaY3NRV01RQTVtanBZZ3hRMGVOdUFFZ2IzVmZGcXJrTVFFSytaaFFHWVAwWGlkS1hNZlBJellDCk1wdHExMDBQYWlXTWxkZk8xaWt6aUhDcFJERTVna0hoak53T01hRUhCNFJ0Y1N4LytSRUNBd0VBQWFPQjNEQ0IKMlRBSkJnTlZIUk1FQWpBQU1Bc0dBMVVkRHdRRUF3SUY0REIvQmdOVkhSRUVlREIyZ2hwd2FYaHBkUzFzYjJOaApiSE4wYjNKaFoyVXRjMlZ5ZG1salpZSW1jR2w0YVhVdGJHOWpZV3h6ZEc5eVlXZGxMWE5sY25acFkyVXVhM1ZpClpTMXplWE4wWlcyQ0tuQnBlR2wxTFd4dlkyRnNjM1J2Y21GblpTMXpaWEoyYVdObExtdDFZbVV0YzNsemRHVnQKTG5OMlk0Y0Vmd0FBQVRBZEJnTlZIUTRFRmdRVWVCc1FLK3IwUmRnOHBpVktTOU5RM21TRDE3VXdId1lEVlIwagpCQmd3Rm9BVVh3QjlmMjFyV21XVDY3MzgvL25VZ3BDM0lxQXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSGRWCkdhTnJRaDVkNGFUVE5uWUNxQ3ExS3VDdEFaVFJPSDFVUnVzd0VtREhtYi8xMHdDQ21PWUg3MDJqaUVaUW9RelAKdndVY2ZLUFhOWE5MdTlkaThBbXlEZnIzUkNtalAwRWpVMWR0STFYOTBFTENkYTdOSkJMamJ6QjFWem1HdEJuVApHMERuZ0twTzlraGViaFl3Ykt4dS9zM0JJVUtmTExDL3BBTkh5RnYxcU5aWlJJQUNSdW5nb2pBRzlpVEFjOExHCllmNWwyVFBxaUg5WHZmdDZReUNGZ0t5NnU2YmZobXR4REVxNFM3Qm12OEdYWWxLUnBpcVhXWCtZb1FEcFY5MGEKc1BMQU8rcXBRNlh3L1B5eU1Nd2JRSklKRVVjVjdPeXJmT3pta3RjNGRvSklIN2tVcnREYkxZc29MSkRpVGVZUApwU09uMnJDSHlOa1hiQUUvQW9VPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + service: + name: pixiu-localstorage-service + namespace: kube-system + path: /mutate-v1-localstorage + port: 443 + failurePolicy: Fail + matchPolicy: Equivalent + name: webhook.pixiu.io + namespaceSelector: {} + objectSelector: {} + reinvocationPolicy: Never + rules: + - apiGroups: + - storage.caoyingjunz.io + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - localstorages + scope: '*' + sideEffects: None + timeoutSeconds: 10 + +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: pixiu-ls-validating-configuration +webhooks: + - admissionReviewVersions: + - v1 + clientConfig: + caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR5akNDQXJLZ0F3SUJBZ0lVT3NCMUkxU2RvZExDZlhxcC9SaW9VbnBTQ2Fvd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0tERW1NQ1FHQTFVRUF3d2RjR2w0YVhVdGJHOWpZV3h6ZEc5eVlXZGxMWE5sY25acFkyVWdRMEV3SUJjTgpNak13TmpBM01EQXhOakkxV2hnUE1qRXlNekExTVRRd01ERTJNalZhTURVeE16QXhCZ05WQkFNTUtuQnBlR2wxCkxXeHZZMkZzYzNSdmNtRm5aUzF6WlhKMmFXTmxMbXQxWW1VdGMzbHpkR1Z0TG5OMll6Q0NBU0l3RFFZSktvWkkKaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFNbXVsVElkSGZndlgrUndJOFUwbE1ZbHYyeDFGeXhoeW4wUgpvODhpZ20zTmdMV2xwWE84TlVpczh3U09FYU1sRDgxa3JCcWZWR2lBc2w1SkhWT0NsZTJNU1E4YW5SSXV3d0R2ClFnWlgwcjl4N3dBaVU4LzROMkJCWFRwSnp5VnJBSHFERE14eUg5Kzh1cG5SN09SVFdEeXUrUXMvUjBsa1hvVjUKZ0tJUTN5aXFDdEJaRUVkbnlhYklZYXUwUW5ZL1YzWS9vaWJsQXRuU3hYUUR5TCthUTVZS015a1c4cE95OW1FQwo0d29IZUZlNjNaY3NRV01RQTVtanBZZ3hRMGVOdUFFZ2IzVmZGcXJrTVFFSytaaFFHWVAwWGlkS1hNZlBJellDCk1wdHExMDBQYWlXTWxkZk8xaWt6aUhDcFJERTVna0hoak53T01hRUhCNFJ0Y1N4LytSRUNBd0VBQWFPQjNEQ0IKMlRBSkJnTlZIUk1FQWpBQU1Bc0dBMVVkRHdRRUF3SUY0REIvQmdOVkhSRUVlREIyZ2hwd2FYaHBkUzFzYjJOaApiSE4wYjNKaFoyVXRjMlZ5ZG1salpZSW1jR2w0YVhVdGJHOWpZV3h6ZEc5eVlXZGxMWE5sY25acFkyVXVhM1ZpClpTMXplWE4wWlcyQ0tuQnBlR2wxTFd4dlkyRnNjM1J2Y21GblpTMXpaWEoyYVdObExtdDFZbVV0YzNsemRHVnQKTG5OMlk0Y0Vmd0FBQVRBZEJnTlZIUTRFRmdRVWVCc1FLK3IwUmRnOHBpVktTOU5RM21TRDE3VXdId1lEVlIwagpCQmd3Rm9BVVh3QjlmMjFyV21XVDY3MzgvL25VZ3BDM0lxQXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSGRWCkdhTnJRaDVkNGFUVE5uWUNxQ3ExS3VDdEFaVFJPSDFVUnVzd0VtREhtYi8xMHdDQ21PWUg3MDJqaUVaUW9RelAKdndVY2ZLUFhOWE5MdTlkaThBbXlEZnIzUkNtalAwRWpVMWR0STFYOTBFTENkYTdOSkJMamJ6QjFWem1HdEJuVApHMERuZ0twTzlraGViaFl3Ykt4dS9zM0JJVUtmTExDL3BBTkh5RnYxcU5aWlJJQUNSdW5nb2pBRzlpVEFjOExHCllmNWwyVFBxaUg5WHZmdDZReUNGZ0t5NnU2YmZobXR4REVxNFM3Qm12OEdYWWxLUnBpcVhXWCtZb1FEcFY5MGEKc1BMQU8rcXBRNlh3L1B5eU1Nd2JRSklKRVVjVjdPeXJmT3pta3RjNGRvSklIN2tVcnREYkxZc29MSkRpVGVZUApwU09uMnJDSHlOa1hiQUUvQW9VPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + service: + name: pixiu-localstorage-service + namespace: kube-system + path: /validate-v1-localstorage + port: 443 + failurePolicy: Fail + matchPolicy: Equivalent + name: webhook.pixiu.io + namespaceSelector: {} + objectSelector: {} + rules: + - apiGroups: + - storage.caoyingjunz.io + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - localstorages + scope: '*' + sideEffects: None + timeoutSeconds: 10 diff --git a/deploy/v1.0.1/storage.caoyingjunz.io_localstorages.yaml b/deploy/v1.0.1/storage.caoyingjunz.io_localstorages.yaml new file mode 100644 index 00000000..8ae16e41 --- /dev/null +++ b/deploy/v1.0.1/storage.caoyingjunz.io_localstorages.yaml @@ -0,0 +1,123 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: localstorages.storage.caoyingjunz.io +spec: + group: storage.caoyingjunz.io + names: + kind: LocalStorage + listKind: LocalStorageList + plural: localstorages + shortNames: + - pls + - ls + singular: localstorage + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.phase + name: Status + type: string + - jsonPath: .spec.node + name: kubeNode + type: string + - jsonPath: .status.allocatable + name: Allocatable + type: string + - jsonPath: .status.capacity + name: Capacity + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + - jsonPath: .spec.volumeGroup + name: VolumeGroup + priority: 1 + type: string + name: v1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + disks: + items: + properties: + identifier: + description: disk identifier, plugin will fill it + type: string + name: + type: string + type: object + type: array + node: + description: Node kubernetes node name + minLength: 1 + type: string + volumeGroup: + type: string + type: object + status: + properties: + allocatable: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + capacity: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + conditions: + type: string + phase: + type: string + volumes: + description: List of mount volumes on this node + items: + properties: + attached: + type: boolean + nodeId: + type: string + volId: + type: string + volName: + type: string + volPath: + type: string + volSize: + format: int64 + type: integer + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: []