Skip to content

Commit

Permalink
Add a chart to deploy rook-nfs on local NVME
Browse files Browse the repository at this point in the history
  • Loading branch information
@m-bull
m-bull committed Mar 25, 2022
1 parent 329482d commit 5015e03
Show file tree
Hide file tree
Showing 17 changed files with 765 additions and 0 deletions.
23 changes: 23 additions & 0 deletions storage-nvme-rook-nfs/.helmignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
11 changes: 11 additions & 0 deletions storage-nvme-rook-nfs/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
apiVersion: v2
name: nvme-rook-nfs
description: Deploy rook NFS on Arcus DAC nodes
type: application
version: 0.1.0
appVersion: "1.7"
icon: https://raw.githubusercontent.com/rook/rook/master/Documentation/media/logo.svg
dependencies:
- name: provisioner
version: ">=0-0"
repository: file://../vendor/sig-storage-local-static-provisioner/helm/provisioner
141 changes: 141 additions & 0 deletions storage-nvme-rook-nfs/crds/nfsserver.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,141 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.5.1-0.20210420220833-f284e2e8098c
creationTimestamp: null
name: nfsservers.nfs.rook.io
spec:
group: nfs.rook.io
names:
kind: NFSServer
listKind: NFSServerList
plural: nfsservers
singular: nfsserver
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
- description: NFS Server instance state
jsonPath: .status.state
name: State
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: NFSServer is the Schema for the nfsservers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: NFSServerSpec represents the spec of NFS daemon
properties:
annotations:
additionalProperties:
type: string
description: The annotations-related configuration to add/set on each Pod related object.
type: object
exports:
description: The parameters to configure the NFS export
items:
description: ExportsSpec represents the spec of NFS exports
properties:
name:
description: Name of the export
type: string
persistentVolumeClaim:
description: PVC from which the NFS daemon gets storage for sharing
properties:
claimName:
description: 'ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
type: string
readOnly:
description: Will force the ReadOnly setting in VolumeMounts. Default false.
type: boolean
required:
- claimName
type: object
server:
description: The NFS server configuration
properties:
accessMode:
description: Reading and Writing permissions on the export Valid values are "ReadOnly", "ReadWrite" and "none"
enum:
- ReadOnly
- ReadWrite
- none
type: string
allowedClients:
description: The clients allowed to access the NFS export
items:
description: AllowedClientsSpec represents the client specs for accessing the NFS export
properties:
accessMode:
description: Reading and Writing permissions for the client to access the NFS export Valid values are "ReadOnly", "ReadWrite" and "none" Gets overridden when ServerSpec.accessMode is specified
enum:
- ReadOnly
- ReadWrite
- none
type: string
clients:
description: The clients that can access the share Values can be hostname, ip address, netgroup, CIDR network address, or all
items:
type: string
type: array
name:
description: Name of the clients group
type: string
squash:
description: Squash options for clients Valid values are "none", "rootid", "root", and "all" Gets overridden when ServerSpec.squash is specified
enum:
- none
- rootid
- root
- all
type: string
type: object
type: array
squash:
description: This prevents the root users connected remotely from having root privileges Valid values are "none", "rootid", "root", and "all"
enum:
- none
- rootid
- root
- all
type: string
type: object
type: object
type: array
replicas:
description: Replicas of the NFS daemon
type: integer
type: object
status:
description: NFSServerStatus defines the observed state of NFSServer
properties:
message:
type: string
reason:
type: string
state:
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
Empty file added storage-nvme-rook-nfs/templates/NOTES.txt
View file
Empty file.
67 changes: 67 additions & 0 deletions storage-nvme-rook-nfs/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "storage-nvme-rook-nfs.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}

{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "storage-nvme-rook-nfs.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}

{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "storage-nvme-rook-nfs.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}

{{/*
Common labels
*/}}
{{- define "storage-nvme-rook-nfs.labels" -}}
helm.sh/chart: {{ include "storage-nvme-rook-nfs.chart" . }}
{{ include "storage-nvme-rook-nfs.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}

{{/*
Selector labels
*/}}
{{- define "storage-nvme-rook-nfs.selectorLabels" -}}
app.kubernetes.io/name: {{ include "storage-nvme-rook-nfs.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

{{/*
Create the name of the operator service account to use
*/}}
{{- define "storage-nvme-rook-nfs.operator.serviceAccountName" -}}
{{- $saname := default (include "storage-nvme-rook-nfs.fullname" .) .Values.operator.serviceAccount.prefix }}
{{- printf "%s-operator" $saname }}
{{- end }}

{{/*
Create the name of the nfsserver service account to use
*/}}
{{- define "storage-nvme-rook-nfs.nfsserver.serviceAccountName" -}}
{{- $saname := default (include "storage-nvme-rook-nfs.fullname" .) .Values.nfsserver.serviceAccount.prefix }}
{{- printf "%s-operator" $saname }}
{{- end }}
121 changes: 121 additions & 0 deletions storage-nvme-rook-nfs/templates/daemonset.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,121 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ include "storage-nvme-rook-nfs.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "storage-nvme-rook-nfs.labels" . | nindent 4 }}
spec:
selector:
matchLabels:
app.kubernetes.io/name: {{ template "storage-nvme-rook-nfs.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
template:
metadata:
labels:
app.kubernetes.io/name: {{ template "storage-nvme-rook-nfs.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- if .Values.provisioner.daemonset.podLabels }}
{{ .Values.provisioner.daemonset.podLabels | toYaml | trim | indent 8 }}
{{- end }}
annotations:
{{- if .Values.provisioner.daemonset.podAnnotations }}
{{ .Values.provisioner.daemonset.podAnnotations | toYaml | trim | indent 8 }}
{{- end }}
spec:
hostPID: true
nodeSelector:
kubernetes.io/os: linux
{{- if .Values.provisioner.daemonset.affinity }}
affinity:
{{ toYaml .Values.provisioner.daemonset.affinity | nindent 8 }}
{{- end }}
initContainers:
- name: prepare-disks
image: alpine
command: ['/bin/sh', '-c', 'nsenter -t 1 -m -u -i -n -p -- bash -c "${STARTUP_SCRIPT}"']
{{- if .Values.provisioner.daemonset.imagePullPolicy }}
imagePullPolicy: {{ .Values.provisioner.daemonset.imagePullPolicy }}
{{- end }}
securityContext:
privileged: {{ .Values.provisioner.daemonset.privileged }}
{{- if .Values.provisioner.daemonset.resources }}
resources:
{{ toYaml .Values.provisioner.daemonset.resources | nindent 12 }}
{{- end }}
volumeMounts:
{{- if .Values.provisioner.common.mountDevVolume }}
- name: provisioner-dev
mountPath: /dev
{{- end }}
{{- range $classConfig := .Values.provisioner.classes }}
- name: {{ $classConfig.name }}
mountPath: {{ $classConfig.mountDir | default $classConfig.hostDir }}
mountPropagation: HostToContainer
{{- end }}
env:
- name: BLOCK_DEVICES
value: {{ join " " .Values.provisioner.common.blockDeviceNames | quote }}
- name: STARTUP_SCRIPT
value: |
#!/usr/bin/env bash
set -euo pipefail
set -x
blockDevices=${BLOCK_DEVICES}
for dev in $blockDevices; do
cleanName=$(echo ${dev} | sed 's/\//-/g')
existing=$(find /mnt/disks/ -maxdepth 1 -type l -name "*${cleanName}" | wc -l)
if [[ $existing -ge "1" ]]; then
echo "${dev} already cleaned"
else
sed -i "s|${dev}.*||" /etc/fstab
umount ${dev} || true
wipefs --all -f ${dev}
dd if=/dev/zero of=${dev} bs=1M count=10 conv=fsync
echo "${dev} cleaned"
fi
done
mkdir -p /mnt/disks
for dev in $blockDevices; do
existing=$(find /mnt/disks/ -maxdepth 1 -type l -name "*${cleanName}" | wc -l)
if [[ $existing -ge "1" ]]; then
echo "${dev} already linked"
else
ln -s ${dev} /mnt/disks/$(uuidgen)${cleanName}
echo "${dev} linked"
fi
done
containers:
- name: pause
image: gcr.io/google_containers/pause
resources:
limits:
cpu: 50m
memory: 50Mi
requests:
cpu: 50m
memory: 50Mi
volumes:
- name: prepare-disks-config
configMap:
name: {{ template "storage-nvme-rook-nfs.fullname" . }}-prepare-disks-config
{{- if .Values.provisioner.common.mountDevVolume }}
- name: provisioner-dev
hostPath:
path: /dev
{{- end }}
{{- range $classConfig := .Values.provisioner.classes }}
- name: {{ $classConfig.name }}
hostPath:
path: {{ $classConfig.hostDir }}
{{- end }}
{{- range $name, $path := .Values.provisioner.daemonset.additionalHostPathVolumes }}
- name: {{ quote $name }}
hostPath:
path: {{ quote $path }}
{{- end }}

9 changes: 9 additions & 0 deletions storage-nvme-rook-nfs/templates/namespace.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
apiVersion: v1
kind: Namespace
metadata:
name: {{ .Values.operator.namespace }} # namespace:operator
---
apiVersion: v1
kind: Namespace
metadata:
name: {{ .Values.nfsserver.namespace }} # namespace:nfsserver
Loading

0 comments on commit 5015e03

Please sign in to comment.