Improves ceph-provisioner storageclasses

Currently configuring storage classes is static. If
we want to add another storageclass for an exmaple
for harddisk then we have to create another yaml
along with update in .Values.yaml. Using this change
we can create as many storageclasses we want. Change
will basically iterate in loop and apply the values
present in .Values

At the same time we have to update the changes in
.Values.storageclass.rbd paramert values in all
applicable places

Change-Id: I3207f047c3f8b1a33dfb97c87b9ea7120b54c4b4
Story: ceph-provisioners-improvement
Signed-off-by: Kranthi Guttikonda <kranthi.guttikonda@b-yond.com>
Signed-off-by: kranthikirang <kranthi.guttikonda@b-yond.com>
This commit is contained in:
kranthikirang 2019-02-13 22:12:06 +00:00 committed by Tin Lam
parent 8673bdda53
commit 361f0bebb7
8 changed files with 163 additions and 93 deletions

View File

@ -54,7 +54,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role kind: Role
metadata: metadata:
name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }} name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }}
namespace: {{ .Values.storageclass.rbd.admin_secret_namespace }} namespace: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
rules: rules:
- apiGroups: - apiGroups:
- "" - ""
@ -68,7 +68,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }} name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }}
namespace: {{ .Values.storageclass.rbd.admin_secret_namespace }} namespace: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
kind: Role kind: Role
@ -106,11 +106,11 @@ spec:
fieldRef: fieldRef:
fieldPath: metadata.namespace fieldPath: metadata.namespace
- name: PVC_CEPH_CEPHFS_STORAGECLASS_USER_SECRET_NAME - name: PVC_CEPH_CEPHFS_STORAGECLASS_USER_SECRET_NAME
value: {{ .Values.storageclass.cephfs.user_secret_name }} value: {{ .Values.storageclass.cephfs.parameters.userSecretName }}
- name: PVC_CEPH_CEPHFS_STORAGECLASS_ADMIN_SECRET_NAME - name: PVC_CEPH_CEPHFS_STORAGECLASS_ADMIN_SECRET_NAME
value: {{ .Values.storageclass.cephfs.admin_secret_name }} value: {{ .Values.storageclass.cephfs.parameters.adminSecretName }}
- name: PVC_CEPH_CEPHFS_STORAGECLASS_DEPLOYED_NAMESPACE - name: PVC_CEPH_CEPHFS_STORAGECLASS_DEPLOYED_NAMESPACE
value: {{ .Values.storageclass.cephfs.admin_secret_namespace }} value: {{ .Values.storageclass.cephfs.parameters.adminSecretNamespace }}
command: command:
- /tmp/provisioner-cephfs-client-key-manager.sh - /tmp/provisioner-cephfs-client-key-manager.sh
volumeMounts: volumeMounts:

View File

@ -77,7 +77,7 @@ spec:
fieldRef: fieldRef:
fieldPath: metadata.namespace fieldPath: metadata.namespace
- name: PVC_CEPH_RBD_STORAGECLASS_USER_SECRET_NAME - name: PVC_CEPH_RBD_STORAGECLASS_USER_SECRET_NAME
value: {{ .Values.storageclass.rbd.user_secret_name }} value: {{ .Values.storageclass.rbd.parameters.userSecretName }}
command: command:
- /tmp/provisioner-rbd-namespace-client-key-cleaner.sh - /tmp/provisioner-rbd-namespace-client-key-cleaner.sh
volumeMounts: volumeMounts:

View File

@ -54,7 +54,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role kind: Role
metadata: metadata:
name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }} name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }}
namespace: {{ .Values.storageclass.rbd.admin_secret_namespace }} namespace: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
rules: rules:
- apiGroups: - apiGroups:
- "" - ""
@ -68,7 +68,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }} name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }}
namespace: {{ .Values.storageclass.rbd.admin_secret_namespace }} namespace: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
kind: Role kind: Role
@ -104,11 +104,11 @@ spec:
fieldRef: fieldRef:
fieldPath: metadata.namespace fieldPath: metadata.namespace
- name: PVC_CEPH_RBD_STORAGECLASS_USER_SECRET_NAME - name: PVC_CEPH_RBD_STORAGECLASS_USER_SECRET_NAME
value: {{ .Values.storageclass.rbd.user_secret_name }} value: {{ .Values.storageclass.rbd.parameters.userSecretName }}
- name: PVC_CEPH_RBD_STORAGECLASS_ADMIN_SECRET_NAME - name: PVC_CEPH_RBD_STORAGECLASS_ADMIN_SECRET_NAME
value: {{ .Values.storageclass.rbd.admin_secret_name }} value: {{ .Values.storageclass.rbd.parameters.adminSecretName }}
- name: PVC_CEPH_RBD_STORAGECLASS_DEPLOYED_NAMESPACE - name: PVC_CEPH_RBD_STORAGECLASS_DEPLOYED_NAMESPACE
value: {{ .Values.storageclass.rbd.admin_secret_namespace }} value: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
command: command:
- /tmp/provisioner-rbd-namespace-client-key-manager.sh - /tmp/provisioner-rbd-namespace-client-key-manager.sh
volumeMounts: volumeMounts:

View File

@ -1,30 +0,0 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.storageclass_cephfs ( and .Values.deployment.ceph .Values.storageclass.cephfs.provision_storage_class ) }}
{{- $envAll := . }}
---
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: {{ .Values.storageclass.cephfs.name }}
provisioner: {{ .Values.storageclass.cephfs.provisioner }}
parameters:
monitors: {{ tuple "ceph_mon" "internal" "mon" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
adminId: {{ .Values.storageclass.cephfs.admin_id | quote }}
adminSecretName: {{ .Values.storageclass.cephfs.user_secret_name | quote }}
adminSecretNamespace: {{ .Release.Namespace | quote }}
{{- end }}

View File

@ -1,35 +0,0 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.storageclass_rbd (and .Values.deployment.ceph .Values.storageclass.rbd.provision_storage_class) }}
{{- $envAll := . }}
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: {{ .Values.storageclass.rbd.name }}
provisioner: {{ .Values.storageclass.rbd.provisioner }}
parameters:
monitors: {{ tuple "ceph_mon" "internal" "mon" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
adminId: {{ .Values.storageclass.rbd.admin_id }}
adminSecretName: {{ .Values.storageclass.rbd.admin_secret_name }}
adminSecretNamespace: {{ .Values.storageclass.rbd.admin_secret_namespace }}
pool: {{ .Values.storageclass.rbd.pool }}
userId: {{ .Values.storageclass.rbd.user_id }}
userSecretName: {{ .Values.storageclass.rbd.user_secret_name }}
imageFormat: {{ .Values.storageclass.rbd.image_format | quote }}
imageFeatures: {{ .Values.storageclass.rbd.image_features }}
{{- end }}

View File

@ -0,0 +1,21 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.storageclass (.Values.deployment.ceph) }}
{{- range $storageclass, $val := .Values.storageclass }}
{{ dict "storageclass_data" $val "envAll" $ | include "helm-toolkit.manifests.ceph-storageclass" }}
{{- end }}
{{- end }}

View File

@ -171,29 +171,35 @@ bootstrap:
# if you change provision_storage_class to false # if you change provision_storage_class to false
# it is presumed you manage your own storage # it is presumed you manage your own storage
# class definition externally # class definition externally
#(kranthikirang):We iterate over each storageclass parameters
#and derive the manifest.
storageclass: storageclass:
rbd: rbd:
provision_storage_class: true provision_storage_class: true
provisioner: ceph.com/rbd provisioner: ceph.com/rbd
name: general
monitors: null
pool: rbd
admin_id: admin
ceph_configmap_name: ceph-etc ceph_configmap_name: ceph-etc
admin_secret_name: pvc-ceph-conf-combined-storageclass metadata:
admin_secret_namespace: ceph default_storage_class: true
user_id: admin name: general
user_secret_name: pvc-ceph-client-key parameters:
image_format: "2" pool: rbd
image_features: layering adminId: admin
adminSecretName: pvc-ceph-conf-combined-storageclass
adminSecretNamespace: ceph
userId: admin
userSecretName: pvc-ceph-client-key
imageFormat: "2"
imageFeatures: layering
cephfs: cephfs:
provision_storage_class: true provision_storage_class: true
provisioner: ceph.com/cephfs provisioner: ceph.com/cephfs
name: cephfs metadata:
admin_id: admin name: cephfs
user_secret_name: pvc-ceph-cephfs-client-key parameters:
admin_secret_name: pvc-ceph-conf-combined-storageclass adminId: admin
admin_secret_namespace: ceph userSecretName: pvc-ceph-cephfs-client-key
adminSecretName: pvc-ceph-conf-combined-storageclass
adminSecretNamespace: ceph
endpoints: endpoints:
cluster_domain_suffix: cluster.local cluster_domain_suffix: cluster.local
@ -231,5 +237,4 @@ manifests:
job_image_repo_sync: true job_image_repo_sync: true
job_namespace_client_key_cleaner: true job_namespace_client_key_cleaner: true
job_namespace_client_key: true job_namespace_client_key: true
storageclass_cephfs: true storageclass: true
storageclass_rbd: true

View File

@ -0,0 +1,109 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{/*
abstract: |
Creates a manifest for kubernete ceph storageclass
examples:
- values: |
manifests:
storageclass: true
storageclass:
rbd:
provision_storage_class: true
provisioner: "ceph.com/rbd"
metadata:
default_storage_class: true
name: general
parameters:
#We will grab the monitors value based on helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup
pool: rbd
admin_id: admin
ceph_configmap_name: "ceph-etc"
admin_secret_name: "pvc-ceph-conf-combined-storageclass"
admin_secret_namespace: ceph
user_id: admin
user_secret_name: "pvc-ceph-client-key"
image_format: "2"
image_features: layering
cephfs:
provision_storage_class: true
provisioner: "ceph.com/cephfs"
metadata:
name: cephfs
parameters:
admin_id: admin
user_secret_name: "pvc-ceph-cephfs-client-key"
admin_secret_name: "pvc-ceph-conf-combined-storageclass"
admin_secret_namespace: ceph
usage: |
{{- range $storageclass, $val := .Values.storageclass }}
{{ dict "storageclass_data" $val "envAll" $ | include "helm-toolkit.manifests.ceph-storageclass" }}
{{- end }}
return: |
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
annotations:
storageclass.kubernetes.io/is-default-class: "true"
name: general
provisioner: ceph.com/rbd
parameters:
monitors: ceph-mon.<ceph-namespace>.svc.<k8s-domain-name>:6789
adminId: admin
adminSecretName: pvc-ceph-conf-combined-storageclass
adminSecretNamespace: ceph
pool: rbd
userId: admin
userSecretName: pvc-ceph-client-key
image_format: "2"
image_features: layering
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: cephfs
provisioner: ceph.com/rbd
parameters:
monitors: ceph-mon.<ceph-namespace>.svc.<k8s-domain-name>:6789
adminId: admin
adminSecretName: pvc-ceph-conf-combined-storageclass
adminSecretNamespace: ceph
*/}}
{{- define "helm-toolkit.manifests.ceph-storageclass" -}}
{{- $envAll := index . "envAll" -}}
{{- $storageclassData := index . "storageclass_data" -}}
---
{{- if $storageclassData.provision_storage_class }}
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
{{- if $storageclassData.metadata.default_storage_class }}
annotations:
storageclass.kubernetes.io/is-default-class: "true"
{{- end }}
name: {{ $storageclassData.metadata.name }}
provisioner: {{ $storageclassData.provisioner }}
parameters:
monitors: {{ tuple "ceph_mon" "internal" "mon" $envAll | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
{{- range $attr, $value := $storageclassData.parameters }}
{{ $attr }}: {{ $value | quote }}
{{- end }}
{{- end }}
{{- end }}