Skip to content

Instantly share code, notes, and snippets.

@liupeng0518

liupeng0518/manila csi test

Last active July 24, 2020 02:34
Show Gist options
  • Save liupeng0518/c074c34e845d6dcdf065db35a811dc8b to your computer and use it in GitHub Desktop.
Save liupeng0518/c074c34e845d6dcdf065db35a811dc8b to your computer and use it in GitHub Desktop.
Download ZIP
Raw
manila csi test
---
# Source: openstack-manila-csi/templates/controllerplugin-serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: openstack-manila-csi-controllerplugin
labels:
app: openstack-manila-csi
component: controllerplugin
---
# Source: openstack-manila-csi/templates/nodeplugin-serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: openstack-manila-csi-nodeplugin
labels:
app: openstack-manila-csi
component: nodeplugin
---
# Source: openstack-manila-csi/templates/controllerplugin-clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: openstack-manila-csi-controllerplugin
labels:
app: openstack-manila-csi
component: controllerplugin
aggregationRule:
clusterRoleSelectors:
- matchLabels:
rbac.manila.csi.openstack.org/aggregate-to-openstack-manila-csi-controllerplugin: "true"
rules: []
---
# Source: openstack-manila-csi/templates/controllerplugin-rules-clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: openstack-manila-csi-controllerplugin-rules
labels:
app: openstack-manila-csi
component: controllerplugin
rbac.manila.csi.openstack.org/aggregate-to-openstack-manila-csi-controllerplugin: "true"
rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: [""]
resources: ["events"]
verbs: ["list", "watch", "create", "update", "patch"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources: ["csinodes"]
verbs: ["get", "list", "watch"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshotclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshotcontents"]
verbs: ["create", "get", "list", "watch", "update", "delete"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshots"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshots/status"]
verbs: ["update"]
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
verbs: ["create", "list", "watch", "delete", "get", "update"]
---
# Source: openstack-manila-csi/templates/nodeplugin-clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: openstack-manila-csi-nodeplugin
labels:
app: openstack-manila-csi
component: nodeplugin
aggregationRule:
clusterRoleSelectors:
- matchLabels:
rbac.manila.csi.openstack.org/aggregate-to-openstack-manila-csi-nodeplugin: "true"
rules: []
---
# Source: openstack-manila-csi/templates/nodeplugin-rules-clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: openstack-manila-csi-nodeplugin-rules
labels:
app: openstack-manila-csi
component: nodeplugin
rbac.manila.csi.openstack.org/aggregate-to-openstack-manila-csi-nodeplugin: "true"
rules:
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "update"]
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "update"]
---
# Source: openstack-manila-csi/templates/controllerplugin-clusterrolebinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: openstack-manila-csi-controllerplugin
labels:
app: openstack-manila-csi
component: controllerplugin
subjects:
- kind: ServiceAccount
name: openstack-manila-csi-controllerplugin
namespace: kube-system
roleRef:
kind: ClusterRole
name: openstack-manila-csi-controllerplugin
apiGroup: rbac.authorization.k8s.io
---
# Source: openstack-manila-csi/templates/nodeplugin-clusterrolebinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: openstack-manila-csi-nodeplugin
labels:
app: openstack-manila-csi
component: nodeplugin
subjects:
- kind: ServiceAccount
name: openstack-manila-csi-nodeplugin
namespace: kube-system
roleRef:
kind: ClusterRole
name: openstack-manila-csi-nodeplugin
apiGroup: rbac.authorization.k8s.io
---
# Source: openstack-manila-csi/templates/controllerplugin-role.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: openstack-manila-csi-controllerplugin
labels:
app: openstack-manila-csi
component: controllerplugin
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "watch", "list", "delete", "update", "create"]
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["get", "list", "watch", "create", "delete"]
---
# Source: openstack-manila-csi/templates/controllerplugin-rolebinding.yaml
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: openstack-manila-csi-controllerplugin
labels:
app: openstack-manila-csi
component: controllerplugin
subjects:
- kind: ServiceAccount
name: openstack-manila-csi-controllerplugin
namespace: kube-system
roleRef:
kind: Role
name: openstack-manila-csi-controllerplugin
apiGroup: rbac.authorization.k8s.io
---
# Source: openstack-manila-csi/templates/controllerplugin-service.yaml
kind: Service
apiVersion: v1
metadata:
name: openstack-manila-csi-controllerplugin
labels:
app: openstack-manila-csi
component: controllerplugin
spec:
selector:
app: openstack-manila-csi
component: controllerplugin
ports:
- name: dummy
port: 12345
---
# Source: openstack-manila-csi/templates/nodeplugin-daemonset.yaml
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: openstack-manila-csi-nodeplugin
labels:
app: openstack-manila-csi
component: nodeplugin
spec:
selector:
matchLabels:
app: openstack-manila-csi
component: nodeplugin
template:
metadata:
labels:
app: openstack-manila-csi
component: nodeplugin
spec:
serviceAccountName: openstack-manila-csi-nodeplugin
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: nfs-registrar
image: "192.168.190.30:5000/com.test/k8scsi/csi-node-driver-registrar:v1.3.0"
args:
- "--v=5"
- "--csi-address=/csi/csi.sock"
- "--kubelet-registration-path=/var/lib/kubelet/plugins/nfs.manila.csi.openstack.org/csi.sock"
lifecycle:
preStop:
exec:
command: [
"/bin/sh",
"-c",
"rm -rf /registration/nfs.manila.csi.openstack.org
/registration/nfs.manila.csi.openstack.org-reg.sock",
]
env:
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
imagePullPolicy: IfNotPresent
volumeMounts:
- name: nfs-plugin-dir
mountPath: /csi
- name: registration-dir
mountPath: /registration
resources: {}
- name: nfs-nodeplugin
securityContext:
privileged: true
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
image: "k8scloudprovider/manila-csi-plugin:v1.18.0"
command: [
"/bin/sh",
"-c",
"/bin/manila-csi-plugin
--v=5
--nodeid=$(NODE_ID)
--endpoint=$(CSI_ENDPOINT)
--drivername=$(DRIVER_NAME)
--share-protocol-selector=$(MANILA_SHARE_PROTO)
--fwdendpoint=$(FWD_CSI_ENDPOINT)",
]
env:
- name: DRIVER_NAME
value: nfs.manila.csi.openstack.org
- name: NODE_ID
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: CSI_ENDPOINT
value: "unix:///var/lib/kubelet/plugins/nfs.manila.csi.openstack.org/csi.sock"
- name: FWD_CSI_ENDPOINT
value: "unix:///var/lib/kubelet/plugins/csi-nfsplugin/csi.sock"
- name: MANILA_SHARE_PROTO
value: "NFS"
imagePullPolicy: IfNotPresent
volumeMounts:
- name: nfs-plugin-dir
mountPath: /var/lib/kubelet/plugins/nfs.manila.csi.openstack.org
- name: nfs-fwd-plugin-dir
mountPath: /var/lib/kubelet/plugins/csi-nfsplugin
resources: {}
volumes:
- name: registration-dir
hostPath:
path: /var/lib/kubelet/plugins_registry
type: Directory
- name: nfs-plugin-dir
hostPath:
path: /var/lib/kubelet/plugins/nfs.manila.csi.openstack.org
type: DirectoryOrCreate
- name: nfs-fwd-plugin-dir
hostPath:
path: /var/lib/kubelet/plugins/csi-nfsplugin
type: Directory
---
# Source: openstack-manila-csi/templates/controllerplugin-statefulset.yaml
kind: StatefulSet
apiVersion: apps/v1
metadata:
name: openstack-manila-csi-controllerplugin
labels:
app: openstack-manila-csi
component: controllerplugin
spec:
serviceName: openstack-manila-csi-controllerplugin
replicas: 1
selector:
matchLabels:
app: openstack-manila-csi
component: controllerplugin
template:
metadata:
labels:
app: openstack-manila-csi
component: controllerplugin
spec:
serviceAccountName: openstack-manila-csi-controllerplugin
containers:
- name: nfs-provisioner
image: "192.168.190.30:5000/com.test/k8scsi/csi-provisioner:v1.4.0"
args:
- "--v=5"
- "--csi-address=$(ADDRESS)"
- "--timeout=3m"
env:
- name: ADDRESS
value: "unix:///var/lib/kubelet/plugins/nfs.manila.csi.openstack.org/csi-controllerplugin.sock"
imagePullPolicy: IfNotPresent
volumeMounts:
- name: nfs-plugin-dir
mountPath: /var/lib/kubelet/plugins/nfs.manila.csi.openstack.org
resources: {}
- name: nfs-snapshotter
image: "192.168.190.30:5000/com.test/k8scsi/csi-snapshotter:v1.2.2"
args:
- "--v=5"
- "--csi-address=$(ADDRESS)"
env:
- name: ADDRESS
value: "unix:///var/lib/kubelet/plugins/nfs.manila.csi.openstack.org/csi-controllerplugin.sock"
imagePullPolicy: IfNotPresent
volumeMounts:
- name: nfs-plugin-dir
mountPath: /var/lib/kubelet/plugins/nfs.manila.csi.openstack.org
resources: {}
- name: nfs-nodeplugin
securityContext:
privileged: true
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
image: "k8scloudprovider/manila-csi-plugin:v1.18.0"
command: [
"/bin/sh",
"-c",
"/bin/manila-csi-plugin
--v=5
--nodeid=$(NODE_ID)
--endpoint=$(CSI_ENDPOINT)
--drivername=$(DRIVER_NAME)
--share-protocol-selector=$(MANILA_SHARE_PROTO)
--fwdendpoint=$(FWD_CSI_ENDPOINT)",
]
env:
- name: DRIVER_NAME
value: nfs.manila.csi.openstack.org
- name: NODE_ID
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: CSI_ENDPOINT
value: "unix:///var/lib/kubelet/plugins/nfs.manila.csi.openstack.org/csi-controllerplugin.sock"
- name: FWD_CSI_ENDPOINT
value: "unix:///var/lib/kubelet/plugins/csi-nfsplugin/csi.sock"
- name: MANILA_SHARE_PROTO
value: "NFS"
imagePullPolicy: IfNotPresent
volumeMounts:
- name: nfs-plugin-dir
mountPath: /var/lib/kubelet/plugins/nfs.manila.csi.openstack.org
- name: nfs-fwd-plugin-dir
mountPath: /var/lib/kubelet/plugins/csi-nfsplugin
- name: pod-mounts
mountPath: /var/lib/kubelet/pods
mountPropagation: Bidirectional
resources: {}
volumes:
- name: nfs-plugin-dir
hostPath:
path: /var/lib/kubelet/plugins/nfs.manila.csi.openstack.org
type: DirectoryOrCreate
- name: nfs-fwd-plugin-dir
hostPath:
path: /var/lib/kubelet/plugins/csi-nfsplugin
type: Directory
- name: pod-mounts
hostPath:
path: /var/lib/kubelet/pods
type: Directory
---
# Source: openstack-manila-csi/templates/csidriver.yaml
apiVersion: storage.k8s.io/v1beta1
kind: CSIDriver
metadata:
name: nfs.manila.csi.openstack.org
spec:
attachRequired: false
podInfoOnMount: false
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment