Skip to content

Commit

Permalink
feat: add cosi helm chart
Browse files Browse the repository at this point in the history
Signed-off-by: Tarun Gupta Akirala <[email protected]>
  • Loading branch information
takirala committed Dec 18, 2024
1 parent 5e8d404 commit 6da7e16
Show file tree
Hide file tree
Showing 14 changed files with 761 additions and 0 deletions.
13 changes: 13 additions & 0 deletions stable/cosi/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
apiVersion: v2
name: cosi
version: 0.0.1-alpha.1
appVersion: 0.0.1-alpha.1
description: Container Object Storage Interface (COSI) provisioner for Kubernetes
keywords:
- cosi
icon: https://raw.githubusercontent.com/container-object-storage-interface/container-object-storage-interface.github.io/refs/heads/master/static/img/logo-15.svg
home: https://container-object-storage-interface.github.io/
sources:
- https://github.com/kubernetes-sigs/container-object-storage-interface
maintainers:
- name: takirala
29 changes: 29 additions & 0 deletions stable/cosi/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
# Container Object Storage Interface (COSI) Helm Chart

This Helm chart deploys the Kubernetes SIGs [Container Object Storage Interface (COSI)](https://github.com/kubernetes-sigs/container-object-storage-interface) components onto a Kubernetes cluster.

## Overview

COSI provides a standardized interface for object storage in Kubernetes, enabling dynamic provisioning and management of object storage buckets and access credentials.

This chart includes:
- COSI Controller
- Sidecar containers
- CRDs required for COSI

## Prerequisites

- Kubernetes 1.21 or newer
- Helm 3.5.0 or newer
- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) installed and configured
- Permissions to install Custom Resource Definitions (CRDs)

## Installation

### Add the Helm Repository

```bash
helm repo add mesosphere-stable https://mesosphere.github.io/charts/stable
helm repo update
helm install cosi-release mesosphere-stable/cosi --create-namespace
```
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1979-object-storage-support
controller-gen.kubebuilder.io/version: v0.16.4
objectstorage.k8s.io/authors: Kubernetes Authors
objectstorage.k8s.io/license: Apache V2
objectstorage.k8s.io/support: https://github.com/kubernetes-sigs/container-object-storage-api
name: bucketaccessclasses.objectstorage.k8s.io
spec:
group: objectstorage.k8s.io
names:
kind: BucketAccessClass
listKind: BucketAccessClassList
plural: bucketaccessclasses
singular: bucketaccessclass
scope: Cluster
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
authenticationType:
description: |-
AuthenticationType denotes the style of authentication
It can be one of
Key - access, secret tokens based authentication
IAM - implicit authentication of pods to the OSP based on service account mappings
type: string
driverName:
description: |-
DriverName is the name of driver associated with
this BucketAccess
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
parameters:
additionalProperties:
type: string
description: |-
Parameters is an opaque map for passing in configuration to a driver
for granting access to a bucket
type: object
required:
- authenticationType
- driverName
type: object
served: true
storage: true
Original file line number Diff line number Diff line change
@@ -0,0 +1,90 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1979-object-storage-support
controller-gen.kubebuilder.io/version: v0.16.4
objectstorage.k8s.io/authors: Kubernetes Authors
objectstorage.k8s.io/license: Apache V2
objectstorage.k8s.io/support: https://github.com/kubernetes-sigs/container-object-storage-api
name: bucketaccesses.objectstorage.k8s.io
spec:
group: objectstorage.k8s.io
names:
kind: BucketAccess
listKind: BucketAccessList
plural: bucketaccesses
singular: bucketaccess
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
properties:
bucketAccessClassName:
description: BucketAccessClassName is the name of the BucketAccessClass
type: string
bucketClaimName:
description: BucketClaimName is the name of the BucketClaim.
type: string
credentialsSecretName:
description: |-
CredentialsSecretName is the name of the secret that COSI should populate
with the credentials. If a secret by this name already exists, then it is
assumed that credentials have already been generated. It is not overridden.
This secret is deleted when the BucketAccess is delted.
type: string
protocol:
description: |-
Protocol is the name of the Protocol
that this access credential is supposed to support
If left empty, it will choose the protocol supported
by the bucket. If the bucket supports multiple protocols,
the end protocol is determined by the driver.
type: string
serviceAccountName:
description: |-
ServiceAccountName is the name of the serviceAccount that COSI will map
to the OSP service account when IAM styled authentication is specified
type: string
required:
- bucketAccessClassName
- bucketClaimName
- credentialsSecretName
type: object
status:
properties:
accessGranted:
description: AccessGranted indicates the successful grant of privileges
to access the bucket
type: boolean
accountID:
description: |-
AccountID is the unique ID for the account in the OSP. It will be populated
by the COSI sidecar once access has been successfully granted.
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1979-object-storage-support
controller-gen.kubebuilder.io/version: v0.16.4
objectstorage.k8s.io/authors: Kubernetes Authors
objectstorage.k8s.io/license: Apache V2
objectstorage.k8s.io/support: https://github.com/kubernetes-sigs/container-object-storage-api
name: bucketclaims.objectstorage.k8s.io
spec:
group: objectstorage.k8s.io
names:
kind: BucketClaim
listKind: BucketClaimList
plural: bucketclaims
singular: bucketclaim
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
properties:
bucketClassName:
description: Name of the BucketClass
type: string
existingBucketName:
description: |-
Name of a bucket object that was manually
created to import a bucket created outside of COSI
If unspecified, then a new Bucket will be dynamically provisioned
type: string
protocols:
description: |-
Protocols are the set of data API this bucket is required to support.
The possible values for protocol are:
- S3: Indicates Amazon S3 protocol
- Azure: Indicates Microsoft Azure BlobStore protocol
- GCS: Indicates Google Cloud Storage protocol
items:
type: string
type: array
required:
- protocols
type: object
status:
properties:
bucketName:
description: |-
BucketName is the name of the provisioned Bucket in response
to this BucketClaim. It is generated and set by the COSI controller
before making the creation request to the OSP backend.
type: string
bucketReady:
description: |-
BucketReady indicates that the bucket is ready for consumpotion
by workloads
type: boolean
required:
- bucketReady
type: object
type: object
served: true
storage: true
subresources:
status: {}
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1979-object-storage-support
controller-gen.kubebuilder.io/version: v0.16.4
objectstorage.k8s.io/authors: Kubernetes Authors
objectstorage.k8s.io/license: Apache V2
objectstorage.k8s.io/support: https://github.com/kubernetes-sigs/container-object-storage-api
name: bucketclasses.objectstorage.k8s.io
spec:
group: objectstorage.k8s.io
names:
kind: BucketClass
listKind: BucketClassList
plural: bucketclasses
singular: bucketclass
scope: Cluster
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
deletionPolicy:
default: Retain
description: |-
DeletionPolicy is used to specify how COSI should handle deletion of this
bucket. There are 2 possible values:
- Retain: Indicates that the bucket should not be deleted from the OSP
- Delete: Indicates that the bucket should be deleted from the OSP
once all the workloads accessing this bucket are done
type: string
driverName:
description: DriverName is the name of driver associated with this bucket
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
parameters:
additionalProperties:
type: string
description: |-
Parameters is an opaque map for passing in configuration to a driver
for creating the bucket
type: object
required:
- deletionPolicy
- driverName
type: object
served: true
storage: true
Loading

0 comments on commit 6da7e16

Please sign in to comment.