Remove unnecessary ceph provisioners templates

Change-Id: Ia12a99e7c97f7af701b17e1f783d772ab44b5cd7

ceph-provisioners/Chart.yaml

@@ -15,6 +15,6 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Ceph Provisioner
 name: ceph-provisioners
-version: 0.1.22
+version: 0.1.23
 home: https://github.com/ceph/ceph
 ...

ceph-provisioners/templates/deployment-cephfs-provisioner.yaml

@@ -1,201 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-   http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if and .Values.manifests.deployment_cephfs_provisioner .Values.deployment.cephfs_provisioner  }}
-{{- $envAll := . }}
-
-{{- $serviceAccountName := printf "%s-%s" .Release.Name "ceph-cephfs-provisioner" }}
-{{ tuple $envAll "cephfs_provisioner" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: {{ $serviceAccountName }}
-rules:
-  - apiGroups:
-      - ''
-    resources:
-      - secrets
-    verbs:
-      - get
-      - list
-      - watch
-      - create
-      - delete
-  - apiGroups:
-      - ''
-    resources:
-      - persistentvolumes
-    verbs:
-      - get
-      - list
-      - watch
-      - create
-      - delete
-  - apiGroups:
-      - ''
-    resources:
-      - persistentvolumeclaims
-    verbs:
-      - get
-      - list
-      - watch
-      - update
-  - apiGroups:
-      - storage.k8s.io
-    resources:
-      - storageclasses
-    verbs:
-      - get
-      - list
-      - watch
-  - apiGroups:
-      - ''
-    resources:
-      - events
-    verbs:
-      - list
-      - watch
-      - create
-      - update
-      - patch
-  - apiGroups:
-      - ''
-    resources:
-      - services
-      - endpoints
-    verbs:
-      - get
-      - list
-      - watch
-      - create
-      - update
-      - patch
-  - apiGroups:
-      - extensions
-    resources:
-      - podsecuritypolicies
-    resourceNames:
-      - cephfs-provisioner
-    verbs:
-      - use
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: {{ $serviceAccountName }}-run-cephfs-provisioner
-subjects:
-  - kind: ServiceAccount
-    name: {{ $serviceAccountName }}
-    namespace: {{ $envAll.Release.Namespace }}
-roleRef:
-  kind: ClusterRole
-  name: {{ $serviceAccountName }}
-  apiGroup: rbac.authorization.k8s.io
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: {{ $serviceAccountName }}
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - secrets
-    verbs:
-      - get
-      - list
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: {{ $serviceAccountName }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: {{ $serviceAccountName }}
-subjects:
-  - kind: ServiceAccount
-    name: {{ $serviceAccountName }}
-    namespace: {{ $envAll.Release.Namespace }}
----
-kind: Deployment
-apiVersion: apps/v1
-metadata:
-  name: ceph-cephfs-provisioner
-  annotations:
-    {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
-  labels:
-{{ tuple $envAll "cephfs" "provisioner" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-spec:
-  replicas: {{ .Values.pod.replicas.cephfs_provisioner }}
-  selector:
-    matchLabels:
-{{ tuple $envAll "cephfs" "provisioner" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
-  template:
-    metadata:
-      labels:
-{{ tuple $envAll "cephfs" "provisioner" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-      annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
-{{ dict "envAll" $envAll "podName" "ceph-cephfs-provisioner" "containerNames" (list "ceph-cephfs-provisioner" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
-    spec:
-{{ dict "envAll" $envAll "application" "provisioner" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
-      serviceAccountName: {{ $serviceAccountName }}
-      affinity:
-{{ tuple $envAll "cephfs" "provisioner" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
-{{ tuple $envAll "cephfs_provisioner" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
-      nodeSelector:
-        {{ .Values.labels.provisioner.node_selector_key }}: {{ .Values.labels.provisioner.node_selector_value }}
-      initContainers:
-{{ tuple $envAll "cephfs_provisioner" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
-      containers:
-        - name: ceph-cephfs-provisioner
-{{ tuple $envAll "ceph_cephfs_provisioner" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ tuple $envAll $envAll.Values.pod.resources.cephfs_provisioner | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-{{ dict "envAll" $envAll "application" "provisioner" "container" "ceph_cephfs_provisioner" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-          env:
-            - name: PROVISIONER_NAME
-              value: {{ .Values.storageclass.cephfs.provisioner }}
-            - name: POD_NAME
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.name
-          command:
-            - /tmp/provisioner-cephfs-start.sh
-          volumeMounts:
-            - name: pod-tmp
-              mountPath: /tmp
-            - name: pod-run
-              mountPath: /run
-            - name: pod-etc-ceph
-              mountPath: /etc/ceph
-            - name: ceph-provisioners-bin
-              mountPath: /tmp/provisioner-cephfs-start.sh
-              subPath: provisioner-cephfs-start.sh
-              readOnly: true
-      volumes:
-        - name: pod-tmp
-          emptyDir: {}
-        - name: pod-run
-          emptyDir:
-            medium: "Memory"
-        - name: pod-etc-ceph
-          emptyDir: {}
-        - name: ceph-provisioners-bin
-          configMap:
-            name: {{ printf "%s-%s" $envAll.Release.Name "ceph-prov-bin" | quote }}
-            defaultMode: 0555
-{{- end }}

ceph-provisioners/templates/deployment-rbd-provisioner.yaml

@@ -1,191 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-   http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if and .Values.manifests.deployment_rbd_provisioner .Values.deployment.rbd_provisioner }}
-{{- $envAll := . }}
-
-{{- $serviceAccountName := printf "%s-%s" .Release.Name "ceph-rbd-provisioner" }}
-{{ tuple $envAll "rbd_provisioner" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: {{ $serviceAccountName }}
-rules:
-  - apiGroups:
-      - ''
-    resources:
-      - persistentvolumes
-    verbs:
-      - get
-      - list
-      - watch
-      - create
-      - delete
-  - apiGroups:
-      - ''
-    resources:
-      - persistentvolumeclaims
-    verbs:
-      - get
-      - list
-      - watch
-      - update
-  - apiGroups:
-      - storage.k8s.io
-    resources:
-      - storageclasses
-    verbs:
-      - get
-      - list
-      - watch
-  - apiGroups:
-      - ''
-    resources:
-      - events
-    verbs:
-      - list
-      - watch
-      - create
-      - update
-      - patch
-  - apiGroups:
-      - ''
-    resources:
-      - services
-      - endpoints
-    verbs:
-      - get
-      - list
-      - watch
-      - create
-      - update
-      - patch
-  - apiGroups:
-      - extensions
-    resources:
-      - podsecuritypolicies
-    resourceNames:
-      - rbd-provisioner
-    verbs:
-      - use
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: {{ $serviceAccountName }}-run-rbd-provisioner
-subjects:
-  - kind: ServiceAccount
-    name: {{ $serviceAccountName }}
-    namespace: {{ $envAll.Release.Namespace }}
-roleRef:
-  kind: ClusterRole
-  name: {{ $serviceAccountName }}
-  apiGroup: rbac.authorization.k8s.io
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: {{ $serviceAccountName }}
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - secrets
-    verbs:
-      - get
-      - list
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: {{ $serviceAccountName }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: {{ $serviceAccountName }}
-subjects:
-  - kind: ServiceAccount
-    name: {{ $serviceAccountName }}
-    namespace: {{ $envAll.Release.Namespace }}
----
-kind: Deployment
-apiVersion: apps/v1
-metadata:
-  name: ceph-rbd-provisioner
-  annotations:
-    {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
-  labels:
-{{ tuple $envAll "rbd" "provisioner" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
-spec:
-  replicas: {{ .Values.pod.replicas.rbd_provisioner }}
-  selector:
-    matchLabels:
-{{ tuple $envAll "rbd" "provisioner" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
-{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
-  template:
-    metadata:
-      labels:
-{{ tuple $envAll "rbd" "provisioner" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
-      annotations:
-{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
-{{ dict "envAll" $envAll "podName" "ceph-rbd-provisioner" "containerNames" (list "ceph-rbd-provisioner" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
-    spec:
-{{ dict "envAll" $envAll "application" "provisioner" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
-      serviceAccountName: {{ $serviceAccountName }}
-      affinity:
-{{ tuple $envAll "rbd" "provisioner" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
-{{ tuple $envAll "rbd_provisioner" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
-      nodeSelector:
-        {{ .Values.labels.provisioner.node_selector_key }}: {{ .Values.labels.provisioner.node_selector_value }}
-      initContainers:
-{{ tuple $envAll "rbd_provisioner" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
-      containers:
-        - name: ceph-rbd-provisioner
-{{ tuple $envAll "ceph_rbd_provisioner" | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ tuple $envAll $envAll.Values.pod.resources.rbd_provisioner | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-{{ dict "envAll" $envAll "application" "provisioner" "container" "ceph_rbd_provisioner" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-          env:
-            - name: PROVISIONER_NAME
-              value: {{ .Values.storageclass.rbd.provisioner }}
-            - name: POD_NAME
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.name
-          command:
-            - /tmp/provisioner-rbd-start.sh
-          volumeMounts:
-            - name: pod-tmp
-              mountPath: /tmp
-            - name: pod-run
-              mountPath: /run
-            - name: pod-etc-ceph
-              mountPath: /etc/ceph
-            - name: ceph-provisioners-bin
-              mountPath: /tmp/provisioner-rbd-start.sh
-              subPath: provisioner-rbd-start.sh
-              readOnly: true
-      volumes:
-        - name: pod-tmp
-          emptyDir: {}
-        - name: pod-run
-          emptyDir:
-            medium: "Memory"
-        - name: pod-etc-ceph
-          emptyDir: {}
-        - name: ceph-provisioners-bin
-          configMap:
-            name: {{ printf "%s-%s" $envAll.Release.Name "ceph-prov-bin" | quote }}
-            defaultMode: 0555
-{{- end }}

ceph-provisioners/values.yaml

@@ -23,8 +23,6 @@ deployment:
   # Original rbd_provisioner and cephfs_provisioner are now DEPRECATED. They
   # will be removed in the next release; CSI provisioners should be used
   # instead.
-  rbd_provisioner: false
-  cephfs_provisioner: false
 
 release_group: null
 
@@ -372,7 +370,7 @@ bootstrap:
 # and derive the manifest.
 storageclass:
   rbd:
-    provision_storage_class: true
+    provision_storage_class: false
     provisioner: ceph.com/rbd
     ceph_configmap_name: ceph-etc
     metadata:
@@ -411,7 +409,7 @@ storageclass:
       userId: admin
       userSecretName: pvc-ceph-client-key
   cephfs:
-    provision_storage_class: true
+    provision_storage_class: false
     provisioner: ceph.com/cephfs
     metadata:
       name: cephfs
@@ -467,11 +465,9 @@ manifests:
   configmap_bin: true
   configmap_bin_common: true
   configmap_etc: true
-  deployment_rbd_provisioner: true
   # Original rbd_provisioner is now DEPRECATED. It will be removed in the
   # next release; CSI RBD provisioner should be used instead.
   deployment_csi_rbd_provisioner: true
-  deployment_cephfs_provisioner: true
   job_bootstrap: false
   job_cephfs_client_key: true
   job_image_repo_sync: true

releasenotes/notes/ceph-provisioners.yaml

@@ -22,4 +22,5 @@ ceph-provisioners:
   - 0.1.20 Add missing CRDs for volume snapshots (classes, contents)
   - 0.1.21 Added OCI registry authentication
   - 0.1.22 Remove legacy Ceph provisioners
+  - 0.1.23 Remove unnecessary templates
 ...

tools/deployment/multinode/030-ceph.sh

@@ -55,9 +55,7 @@ network:
 deployment:
   storage_secrets: true
   ceph: true
-  rbd_provisioner: true
   csi_rbd_provisioner: true
-  cephfs_provisioner: false
   client_secrets: false
   rgw_keystone_user_and_endpoints: false
 bootstrap:
@@ -104,7 +102,6 @@ storageclass:
     provision_storage_class: false
 manifests:
   cronjob_defragosds: true
-  deployment_cephfs_provisioner: false
   job_cephfs_client_key: false
 EOF
 

tools/deployment/multinode/035-ceph-ns-activate.sh

@@ -27,9 +27,7 @@ network:
 deployment:
   storage_secrets: false
   ceph: false
-  rbd_provisioner: false
   csi_rbd_provisioner: false
-  cephfs_provisioner: false
   client_secrets: true
   rgw_keystone_user_and_endpoints: false
 storageclass:

tools/deployment/multinode/115-radosgw-osh-infra.sh

@@ -32,9 +32,7 @@ network:
 deployment:
   storage_secrets: false
   ceph: true
-  rbd_provisioner: false
   csi_rbd_provisioner: false
-  cephfs_provisioner: false
   client_secrets: false
   rgw_keystone_user_and_endpoints: false
 bootstrap:

tools/deployment/openstack-support/025-ceph-ns-activate.sh

@@ -29,9 +29,7 @@ network:
 deployment:
   storage_secrets: false
   ceph: false
-  rbd_provisioner: false
   csi_rbd_provisioner: false
-  cephfs_provisioner: false
   client_secrets: true
   rgw_keystone_user_and_endpoints: false
 bootstrap:

tools/deployment/osh-infra-logging-tls/020-ceph.sh

@@ -61,9 +61,7 @@ network:
 deployment:
   storage_secrets: true
   ceph: true
-  rbd_provisioner: true
   csi_rbd_provisioner: true
-  cephfs_provisioner: true
   client_secrets: false
   rgw_keystone_user_and_endpoints: false
 bootstrap:

tools/deployment/osh-infra-logging-tls/025-ceph-ns-activate.sh

@@ -29,9 +29,7 @@ network:
 deployment:
   storage_secrets: false
   ceph: false
-  rbd_provisioner: false
   csi_rbd_provisioner: false
-  cephfs_provisioner: false
   client_secrets: true
   rgw_keystone_user_and_endpoints: false
 bootstrap:

tools/deployment/osh-infra-logging-tls/030-radosgw-osh-infra.sh

@@ -33,9 +33,7 @@ network:
 deployment:
   storage_secrets: false
   ceph: true
-  rbd_provisioner: false
   csi_rbd_provisioner: false
-  cephfs_provisioner: false
   client_secrets: false
   rgw_keystone_user_and_endpoints: false
 bootstrap:

tools/deployment/osh-infra-logging/020-ceph.sh

@@ -61,9 +61,7 @@ network:
 deployment:
   storage_secrets: true
   ceph: true
-  rbd_provisioner: true
   csi_rbd_provisioner: true
-  cephfs_provisioner: true
   client_secrets: false
   rgw_keystone_user_and_endpoints: false
 bootstrap:

tools/deployment/osh-infra-logging/025-ceph-ns-activate.sh

@@ -29,9 +29,7 @@ network:
 deployment:
   storage_secrets: false
   ceph: false
-  rbd_provisioner: false
   csi_rbd_provisioner: false
-  cephfs_provisioner: false
   client_secrets: true
   rgw_keystone_user_and_endpoints: false
 bootstrap:

tools/deployment/osh-infra-logging/030-radosgw-osh-infra.sh

@@ -30,9 +30,7 @@ network:
 deployment:
   storage_secrets: false
   ceph: true
-  rbd_provisioner: false
   csi_rbd_provisioner: false
-  cephfs_provisioner: false
   client_secrets: false
   rgw_keystone_user_and_endpoints: false
 bootstrap:

tools/deployment/tenant-ceph/030-ceph.sh

@@ -56,9 +56,7 @@ network:
 deployment:
   storage_secrets: true
   ceph: true
-  rbd_provisioner: false
   csi_rbd_provisioner: true
-  cephfs_provisioner: false
   client_secrets: false
   rgw_keystone_user_and_endpoints: false
 jobs:
@@ -77,7 +75,6 @@ jobs:
 manifests:
   deployment_mds: false
   cronjob_defragosds: true
-  deployment_cephfs_provisioner: false
   job_cephfs_client_key: false
 bootstrap:
   enabled: true

tools/deployment/tenant-ceph/040-tenant-ceph.sh

@@ -64,9 +64,7 @@ network:
 deployment:
   storage_secrets: true
   ceph: true
-  rbd_provisioner: false
   csi_rbd_provisioner: false
-  cephfs_provisioner: false
   client_secrets: false
   rgw_keystone_user_and_endpoints: false
 labels:
@@ -116,7 +114,6 @@ jobs:
 manifests:
   deployment_mds: false
   cronjob_defragosds: true
-  deployment_cephfs_provisioner: false
   job_cephfs_client_key: false
 ceph_mgr_modules_config:
   prometheus:

tools/deployment/tenant-ceph/045-tenant-ceph-ns-activate.sh

@@ -34,9 +34,7 @@ network:
 deployment:
   storage_secrets: false
   ceph: false
-  rbd_provisioner: false
   csi_rbd_provisioner: false
-  cephfs_provisioner: false
   client_secrets: true
   rgw_keystone_user_and_endpoints: false
 bootstrap:
@@ -46,7 +44,7 @@ conf:
     enabled: true
 storageclass:
   rbd:
-    provision_storage_class: true
+    provision_storage_class: false
     metadata:
       name: tenant-rbd
     parameters:
@@ -63,7 +61,7 @@ storageclass:
       adminSecretNamespace: tenant-ceph
       userSecretName: pvc-tenant-ceph-client-key
   cephfs:
-    provision_storage_class: true
+    provision_storage_class: false
     metadata:
       name: cephfs
     parameters:

tools/deployment/tenant-ceph/060-radosgw-openstack.sh

@@ -37,9 +37,7 @@ network:
 deployment:
   storage_secrets: false
   ceph: true
-  rbd_provisioner: false
   csi_rbd_provisioner: false
-  cephfs_provisioner: false
   client_secrets: false
   rgw_keystone_user_and_endpoints: false
 bootstrap: