-
Notifications
You must be signed in to change notification settings - Fork 45
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Tarun Gupta Akirala <[email protected]>
- Loading branch information
Showing
14 changed files
with
761 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
apiVersion: v2 | ||
name: cosi | ||
version: 0.0.1-alpha.1 | ||
appVersion: 0.0.1-alpha.1 | ||
description: Container Object Storage Interface (COSI) provisioner for Kubernetes | ||
keywords: | ||
- cosi | ||
icon: https://raw.githubusercontent.com/container-object-storage-interface/container-object-storage-interface.github.io/refs/heads/master/static/img/logo-15.svg | ||
home: https://container-object-storage-interface.github.io/ | ||
sources: | ||
- https://github.com/kubernetes-sigs/container-object-storage-interface | ||
maintainers: | ||
- name: takirala |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
# Container Object Storage Interface (COSI) Helm Chart | ||
|
||
This Helm chart deploys the Kubernetes SIGs [Container Object Storage Interface (COSI)](https://github.com/kubernetes-sigs/container-object-storage-interface) components onto a Kubernetes cluster. | ||
|
||
## Overview | ||
|
||
COSI provides a standardized interface for object storage in Kubernetes, enabling dynamic provisioning and management of object storage buckets and access credentials. | ||
|
||
This chart includes: | ||
- COSI Controller | ||
- Sidecar containers | ||
- CRDs required for COSI | ||
|
||
## Prerequisites | ||
|
||
- Kubernetes 1.21 or newer | ||
- Helm 3.5.0 or newer | ||
- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) installed and configured | ||
- Permissions to install Custom Resource Definitions (CRDs) | ||
|
||
## Installation | ||
|
||
### Add the Helm Repository | ||
|
||
```bash | ||
helm repo add mesosphere-stable https://mesosphere.github.io/charts/stable | ||
helm repo update | ||
helm install cosi-release mesosphere-stable/cosi --create-namespace | ||
``` |
65 changes: 65 additions & 0 deletions
65
...tensions.k8s.io_v1_customresourcedefinition_bucketaccessclasses.objectstorage.k8s.io.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,65 @@ | ||
apiVersion: apiextensions.k8s.io/v1 | ||
kind: CustomResourceDefinition | ||
metadata: | ||
annotations: | ||
api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1979-object-storage-support | ||
controller-gen.kubebuilder.io/version: v0.16.4 | ||
objectstorage.k8s.io/authors: Kubernetes Authors | ||
objectstorage.k8s.io/license: Apache V2 | ||
objectstorage.k8s.io/support: https://github.com/kubernetes-sigs/container-object-storage-api | ||
name: bucketaccessclasses.objectstorage.k8s.io | ||
spec: | ||
group: objectstorage.k8s.io | ||
names: | ||
kind: BucketAccessClass | ||
listKind: BucketAccessClassList | ||
plural: bucketaccessclasses | ||
singular: bucketaccessclass | ||
scope: Cluster | ||
versions: | ||
- name: v1alpha1 | ||
schema: | ||
openAPIV3Schema: | ||
properties: | ||
apiVersion: | ||
description: |- | ||
APIVersion defines the versioned schema of this representation of an object. | ||
Servers should convert recognized schemas to the latest internal value, and | ||
may reject unrecognized values. | ||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources | ||
type: string | ||
authenticationType: | ||
description: |- | ||
AuthenticationType denotes the style of authentication | ||
It can be one of | ||
Key - access, secret tokens based authentication | ||
IAM - implicit authentication of pods to the OSP based on service account mappings | ||
type: string | ||
driverName: | ||
description: |- | ||
DriverName is the name of driver associated with | ||
this BucketAccess | ||
type: string | ||
kind: | ||
description: |- | ||
Kind is a string value representing the REST resource this object represents. | ||
Servers may infer this from the endpoint the client submits requests to. | ||
Cannot be updated. | ||
In CamelCase. | ||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | ||
type: string | ||
metadata: | ||
type: object | ||
parameters: | ||
additionalProperties: | ||
type: string | ||
description: |- | ||
Parameters is an opaque map for passing in configuration to a driver | ||
for granting access to a bucket | ||
type: object | ||
required: | ||
- authenticationType | ||
- driverName | ||
type: object | ||
served: true | ||
storage: true |
90 changes: 90 additions & 0 deletions
90
...apiextensions.k8s.io_v1_customresourcedefinition_bucketaccesses.objectstorage.k8s.io.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
apiVersion: apiextensions.k8s.io/v1 | ||
kind: CustomResourceDefinition | ||
metadata: | ||
annotations: | ||
api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1979-object-storage-support | ||
controller-gen.kubebuilder.io/version: v0.16.4 | ||
objectstorage.k8s.io/authors: Kubernetes Authors | ||
objectstorage.k8s.io/license: Apache V2 | ||
objectstorage.k8s.io/support: https://github.com/kubernetes-sigs/container-object-storage-api | ||
name: bucketaccesses.objectstorage.k8s.io | ||
spec: | ||
group: objectstorage.k8s.io | ||
names: | ||
kind: BucketAccess | ||
listKind: BucketAccessList | ||
plural: bucketaccesses | ||
singular: bucketaccess | ||
scope: Namespaced | ||
versions: | ||
- name: v1alpha1 | ||
schema: | ||
openAPIV3Schema: | ||
properties: | ||
apiVersion: | ||
description: |- | ||
APIVersion defines the versioned schema of this representation of an object. | ||
Servers should convert recognized schemas to the latest internal value, and | ||
may reject unrecognized values. | ||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources | ||
type: string | ||
kind: | ||
description: |- | ||
Kind is a string value representing the REST resource this object represents. | ||
Servers may infer this from the endpoint the client submits requests to. | ||
Cannot be updated. | ||
In CamelCase. | ||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | ||
type: string | ||
metadata: | ||
type: object | ||
spec: | ||
properties: | ||
bucketAccessClassName: | ||
description: BucketAccessClassName is the name of the BucketAccessClass | ||
type: string | ||
bucketClaimName: | ||
description: BucketClaimName is the name of the BucketClaim. | ||
type: string | ||
credentialsSecretName: | ||
description: |- | ||
CredentialsSecretName is the name of the secret that COSI should populate | ||
with the credentials. If a secret by this name already exists, then it is | ||
assumed that credentials have already been generated. It is not overridden. | ||
This secret is deleted when the BucketAccess is delted. | ||
type: string | ||
protocol: | ||
description: |- | ||
Protocol is the name of the Protocol | ||
that this access credential is supposed to support | ||
If left empty, it will choose the protocol supported | ||
by the bucket. If the bucket supports multiple protocols, | ||
the end protocol is determined by the driver. | ||
type: string | ||
serviceAccountName: | ||
description: |- | ||
ServiceAccountName is the name of the serviceAccount that COSI will map | ||
to the OSP service account when IAM styled authentication is specified | ||
type: string | ||
required: | ||
- bucketAccessClassName | ||
- bucketClaimName | ||
- credentialsSecretName | ||
type: object | ||
status: | ||
properties: | ||
accessGranted: | ||
description: AccessGranted indicates the successful grant of privileges | ||
to access the bucket | ||
type: boolean | ||
accountID: | ||
description: |- | ||
AccountID is the unique ID for the account in the OSP. It will be populated | ||
by the COSI sidecar once access has been successfully granted. | ||
type: string | ||
type: object | ||
type: object | ||
served: true | ||
storage: true | ||
subresources: | ||
status: {} |
85 changes: 85 additions & 0 deletions
85
...s/apiextensions.k8s.io_v1_customresourcedefinition_bucketclaims.objectstorage.k8s.io.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
apiVersion: apiextensions.k8s.io/v1 | ||
kind: CustomResourceDefinition | ||
metadata: | ||
annotations: | ||
api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1979-object-storage-support | ||
controller-gen.kubebuilder.io/version: v0.16.4 | ||
objectstorage.k8s.io/authors: Kubernetes Authors | ||
objectstorage.k8s.io/license: Apache V2 | ||
objectstorage.k8s.io/support: https://github.com/kubernetes-sigs/container-object-storage-api | ||
name: bucketclaims.objectstorage.k8s.io | ||
spec: | ||
group: objectstorage.k8s.io | ||
names: | ||
kind: BucketClaim | ||
listKind: BucketClaimList | ||
plural: bucketclaims | ||
singular: bucketclaim | ||
scope: Namespaced | ||
versions: | ||
- name: v1alpha1 | ||
schema: | ||
openAPIV3Schema: | ||
properties: | ||
apiVersion: | ||
description: |- | ||
APIVersion defines the versioned schema of this representation of an object. | ||
Servers should convert recognized schemas to the latest internal value, and | ||
may reject unrecognized values. | ||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources | ||
type: string | ||
kind: | ||
description: |- | ||
Kind is a string value representing the REST resource this object represents. | ||
Servers may infer this from the endpoint the client submits requests to. | ||
Cannot be updated. | ||
In CamelCase. | ||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | ||
type: string | ||
metadata: | ||
type: object | ||
spec: | ||
properties: | ||
bucketClassName: | ||
description: Name of the BucketClass | ||
type: string | ||
existingBucketName: | ||
description: |- | ||
Name of a bucket object that was manually | ||
created to import a bucket created outside of COSI | ||
If unspecified, then a new Bucket will be dynamically provisioned | ||
type: string | ||
protocols: | ||
description: |- | ||
Protocols are the set of data API this bucket is required to support. | ||
The possible values for protocol are: | ||
- S3: Indicates Amazon S3 protocol | ||
- Azure: Indicates Microsoft Azure BlobStore protocol | ||
- GCS: Indicates Google Cloud Storage protocol | ||
items: | ||
type: string | ||
type: array | ||
required: | ||
- protocols | ||
type: object | ||
status: | ||
properties: | ||
bucketName: | ||
description: |- | ||
BucketName is the name of the provisioned Bucket in response | ||
to this BucketClaim. It is generated and set by the COSI controller | ||
before making the creation request to the OSP backend. | ||
type: string | ||
bucketReady: | ||
description: |- | ||
BucketReady indicates that the bucket is ready for consumpotion | ||
by workloads | ||
type: boolean | ||
required: | ||
- bucketReady | ||
type: object | ||
type: object | ||
served: true | ||
storage: true | ||
subresources: | ||
status: {} |
65 changes: 65 additions & 0 deletions
65
.../apiextensions.k8s.io_v1_customresourcedefinition_bucketclasses.objectstorage.k8s.io.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,65 @@ | ||
apiVersion: apiextensions.k8s.io/v1 | ||
kind: CustomResourceDefinition | ||
metadata: | ||
annotations: | ||
api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1979-object-storage-support | ||
controller-gen.kubebuilder.io/version: v0.16.4 | ||
objectstorage.k8s.io/authors: Kubernetes Authors | ||
objectstorage.k8s.io/license: Apache V2 | ||
objectstorage.k8s.io/support: https://github.com/kubernetes-sigs/container-object-storage-api | ||
name: bucketclasses.objectstorage.k8s.io | ||
spec: | ||
group: objectstorage.k8s.io | ||
names: | ||
kind: BucketClass | ||
listKind: BucketClassList | ||
plural: bucketclasses | ||
singular: bucketclass | ||
scope: Cluster | ||
versions: | ||
- name: v1alpha1 | ||
schema: | ||
openAPIV3Schema: | ||
properties: | ||
apiVersion: | ||
description: |- | ||
APIVersion defines the versioned schema of this representation of an object. | ||
Servers should convert recognized schemas to the latest internal value, and | ||
may reject unrecognized values. | ||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources | ||
type: string | ||
deletionPolicy: | ||
default: Retain | ||
description: |- | ||
DeletionPolicy is used to specify how COSI should handle deletion of this | ||
bucket. There are 2 possible values: | ||
- Retain: Indicates that the bucket should not be deleted from the OSP | ||
- Delete: Indicates that the bucket should be deleted from the OSP | ||
once all the workloads accessing this bucket are done | ||
type: string | ||
driverName: | ||
description: DriverName is the name of driver associated with this bucket | ||
type: string | ||
kind: | ||
description: |- | ||
Kind is a string value representing the REST resource this object represents. | ||
Servers may infer this from the endpoint the client submits requests to. | ||
Cannot be updated. | ||
In CamelCase. | ||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | ||
type: string | ||
metadata: | ||
type: object | ||
parameters: | ||
additionalProperties: | ||
type: string | ||
description: |- | ||
Parameters is an opaque map for passing in configuration to a driver | ||
for creating the bucket | ||
type: object | ||
required: | ||
- deletionPolicy | ||
- driverName | ||
type: object | ||
served: true | ||
storage: true |
Oops, something went wrong.