~bitfehler/k8s.sr.ht

4745044baa15a7aee66c0db86cc39d08e02f94e6 — Conrad Hoffmann 1 year, 4 months ago 3e2fa33
Move all ceph stuff into "ceph" namespace

Also, rename the folder it's in to just "ceph", because radosgw will
also go in here.
28 files changed, 65 insertions(+), 89 deletions(-)

D ceph-csi/cephfs/csi-config-map.yaml
D ceph-csi/cephfs/test_pvc.yaml
D ceph-csi/csi-config-map.yaml
R ceph-csi/Makefile => ceph/Makefile
R ceph-csi/ceph-config-map.yaml => ceph/base.yaml
R ceph-csi/cephfs/Makefile => ceph/cephfs/Makefile
R ceph-csi/cephfs/ceph-secret-build-images.yaml.m4 => ceph/cephfs/ceph-secret-build-images.yaml.m4
R ceph-csi/cephfs/ceph-secret.yaml.m4 => ceph/cephfs/ceph-secret.yaml.m4
R ceph-csi/cephfs/csi-cephfsplugin-provisioner.yaml => ceph/cephfs/csi-cephfsplugin-provisioner.yaml
R ceph-csi/cephfs/csi-cephfsplugin.yaml => ceph/cephfs/csi-cephfsplugin.yaml
R ceph-csi/cephfs/csi-nodeplugin-rbac.yaml => ceph/cephfs/csi-nodeplugin-rbac.yaml
R ceph-csi/cephfs/csi-provisioner-rbac.yaml => ceph/cephfs/csi-provisioner-rbac.yaml
R ceph-csi/cephfs/csidriver.yaml => ceph/cephfs/csidriver.yaml
R ceph-csi/cephfs/pv_build_images.yaml => ceph/cephfs/pv_build_images.yaml
R ceph-csi/cephfs/pvc_build_images.yaml => ceph/cephfs/pvc_build_images.yaml
R ceph-csi/cephfs/storageclass_cephfs.yaml => ceph/cephfs/storageclass_cephfs.yaml
R ceph-csi/cephfs/test/pod1.yaml => ceph/cephfs/test/pod1.yaml
R ceph-csi/cephfs/test/pod2.yaml => ceph/cephfs/test/pod2.yaml
R ceph-csi/cephfs/test/pvc.yaml => ceph/cephfs/test/pvc.yaml
R ceph-csi/rbd/Makefile => ceph/rbd/Makefile
R ceph-csi/rbd/ceph-secret.yaml.m4 => ceph/rbd/ceph-secret.yaml.m4
R ceph-csi/rbd/csi-kms-config-map.yaml => ceph/rbd/csi-kms-config-map.yaml
R ceph-csi/rbd/csi-nodeplugin-rbac.yaml => ceph/rbd/csi-nodeplugin-rbac.yaml
R ceph-csi/rbd/csi-provisioner-rbac.yaml => ceph/rbd/csi-provisioner-rbac.yaml
R ceph-csi/rbd/csi-rbdplugin-provisioner.yaml => ceph/rbd/csi-rbdplugin-provisioner.yaml
R ceph-csi/rbd/csi-rbdplugin.yaml => ceph/rbd/csi-rbdplugin.yaml
R ceph-csi/rbd/csidriver.yaml => ceph/rbd/csidriver.yaml
R ceph-csi/rbd/storageclass_pool_rbd.yaml => ceph/rbd/storageclass_pool_rbd.yaml
D ceph-csi/cephfs/csi-config-map.yaml => ceph-csi/cephfs/csi-config-map.yaml +0 -14
@@ 1,14 0,0 @@
apiVersion: v1
kind: ConfigMap
data:
  config.json: |-
    [
      {
        "clusterID": "da256dbb-b2c3-4570-ad6f-7712693a547c",
        "monitors": [
          "10.0.0.132:6789"
        ]
      }
    ]
metadata:
  name: ceph-csi-config

D ceph-csi/cephfs/test_pvc.yaml => ceph-csi/cephfs/test_pvc.yaml +0 -12
@@ 1,12 0,0 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: csi-cephfs-pvc
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 1Gi
  storageClassName: csi-cephfs-sc

D ceph-csi/csi-config-map.yaml => ceph-csi/csi-config-map.yaml +0 -14
@@ 1,14 0,0 @@
apiVersion: v1
kind: ConfigMap
data:
  config.json: |-
    [
      {
        "clusterID": "da256dbb-b2c3-4570-ad6f-7712693a547c",
        "monitors": [
          "10.0.0.132:6789"
        ]
      }
    ]
metadata:
  name: ceph-csi-config

R ceph-csi/Makefile => ceph/Makefile +0 -0
R ceph-csi/ceph-config-map.yaml => ceph/base.yaml +25 -0
@@ 1,3 1,8 @@
apiVersion: v1
kind: Namespace
metadata:
  name: ceph

---
apiVersion: v1
kind: ConfigMap


@@ 11,3 16,23 @@ data:
  keyring: |
metadata:
  name: ceph-config
  namespace: ceph

---
apiVersion: v1
kind: ConfigMap
data:
  config.json: |-
    [
      {
        "clusterID": "da256dbb-b2c3-4570-ad6f-7712693a547c",
        "monitors": [
          "10.0.0.132:6789",
          "10.0.0.134:6789",
          "10.0.0.135:6789"
        ]
      }
    ]
metadata:
  name: ceph-csi-config
  namespace: ceph

R ceph-csi/cephfs/Makefile => ceph/cephfs/Makefile +1 -1
@@ 15,4 15,4 @@ ceph-secret-build-images.yaml: ceph-secret-build-images.yaml.m4
	       	> $@ < $<

clean:
	rm -f ceph-secret.yaml
	rm -f ceph-secret.yaml ceph-secret-build-images.yaml

R ceph-csi/cephfs/ceph-secret-build-images.yaml.m4 => ceph/cephfs/ceph-secret-build-images.yaml.m4 +1 -1
@@ 6,4 6,4 @@ stringData:
kind: Secret
metadata:
  name: csi-cephfs-build-images-secret
  namespace: default
  namespace: ceph

R ceph-csi/cephfs/ceph-secret.yaml.m4 => ceph/cephfs/ceph-secret.yaml.m4 +1 -1
@@ 8,4 8,4 @@ stringData:
kind: Secret
metadata:
  name: csi-cephfs-secret
  namespace: default
  namespace: ceph

R ceph-csi/cephfs/csi-cephfsplugin-provisioner.yaml => ceph/cephfs/csi-cephfsplugin-provisioner.yaml +2 -0
@@ 3,6 3,7 @@ kind: Service
apiVersion: v1
metadata:
  name: csi-cephfsplugin-provisioner
  namespace: ceph
  labels:
    app: csi-metrics
spec:


@@ 19,6 20,7 @@ kind: Deployment
apiVersion: apps/v1
metadata:
  name: csi-cephfsplugin-provisioner
  namespace: ceph
spec:
  selector:
    matchLabels:

R ceph-csi/cephfs/csi-cephfsplugin.yaml => ceph/cephfs/csi-cephfsplugin.yaml +2 -0
@@ 3,6 3,7 @@ kind: DaemonSet
apiVersion: apps/v1
metadata:
  name: csi-cephfsplugin
  namespace: ceph
spec:
  selector:
    matchLabels:


@@ 190,6 191,7 @@ apiVersion: v1
kind: Service
metadata:
  name: csi-metrics-cephfsplugin
  namespace: ceph
  labels:
    app: csi-metrics
spec:

R ceph-csi/cephfs/csi-nodeplugin-rbac.yaml => ceph/cephfs/csi-nodeplugin-rbac.yaml +2 -3
@@ 3,7 3,7 @@ apiVersion: v1
kind: ServiceAccount
metadata:
  name: cephfs-csi-nodeplugin
  namespace: default
  namespace: ceph
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1


@@ 30,8 30,7 @@ metadata:
subjects:
  - kind: ServiceAccount
    name: cephfs-csi-nodeplugin
    # replace with non-default namespace name
    namespace: default
    namespace: ceph
roleRef:
  kind: ClusterRole
  name: cephfs-csi-nodeplugin

R ceph-csi/cephfs/csi-provisioner-rbac.yaml => ceph/cephfs/csi-provisioner-rbac.yaml +5 -8
@@ 3,7 3,7 @@ apiVersion: v1
kind: ServiceAccount
metadata:
  name: cephfs-csi-provisioner
  namespace: default
  namespace: ceph

---
kind: ClusterRole


@@ 67,7 67,7 @@ metadata:
subjects:
  - kind: ServiceAccount
    name: cephfs-csi-provisioner
    namespace: default
    namespace: ceph
roleRef:
  kind: ClusterRole
  name: cephfs-external-provisioner-runner


@@ 77,8 77,7 @@ roleRef:
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  # replace with non-default namespace name
  namespace: default
  namespace: ceph
  name: cephfs-external-provisioner-cfg
rules:
  - apiGroups: [""]


@@ 93,13 92,11 @@ kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: cephfs-csi-provisioner-role-cfg
  # replace with non-default namespace name
  namespace: default
  namespace: ceph
subjects:
  - kind: ServiceAccount
    name: cephfs-csi-provisioner
    # replace with non-default namespace name
    namespace: default
    namespace: ceph
roleRef:
  kind: Role
  name: cephfs-external-provisioner-cfg

R ceph-csi/cephfs/csidriver.yaml => ceph/cephfs/csidriver.yaml +0 -0
R ceph-csi/cephfs/pv_build_images.yaml => ceph/cephfs/pv_build_images.yaml +3 -2
@@ 12,15 12,16 @@ spec:
    driver: cephfs.csi.ceph.com
    nodeStageSecretRef:
      name: csi-cephfs-build-images-secret
      namespace: default
      namespace: ceph
    volumeAttributes:
      # Required options from storageclass parameters need to be added in volumeAttributes
      "clusterID": "da256dbb-b2c3-4570-ad6f-7712693a547c"
      "fsName": "cephfs"
      "staticVolume": "true"
      "rootPath": /volumes/csi/build-images/d853ba37-8d94-41ea-b720-024f47908f26
      "rootPath": /volumes/csi/build-images/4eb739fe-81ab-4536-9d2c-fe196c37dc53
    # volumeHandle can be anything, need not to be same
    # as PV name or volume name. keeping same for brevity
    volumeHandle: cephfs-build-images-pv
  persistentVolumeReclaimPolicy: Retain
  volumeMode: Filesystem
  storageClassName: sc-cephfs

R ceph-csi/cephfs/pvc_build_images.yaml => ceph/cephfs/pvc_build_images.yaml +1 -0
@@ 12,3 12,4 @@ spec:
  volumeMode: Filesystem
  # volumeName should be same as PV name
  volumeName: cephfs-build-images-pv
  storageClassName: sc-cephfs

R ceph-csi/cephfs/storageclass_cephfs.yaml => ceph/cephfs/storageclass_cephfs.yaml +4 -4
@@ 2,7 2,7 @@
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: csi-cephfs-sc
  name: sc-cephfs
provisioner: cephfs.csi.ceph.com
parameters:
  # (required) String representing a Ceph cluster to provision storage from.


@@ 31,11 31,11 @@ parameters:

  # The secrets have to contain user and/or Ceph admin credentials.
  csi.storage.k8s.io/provisioner-secret-name: csi-cephfs-secret
  csi.storage.k8s.io/provisioner-secret-namespace: default
  csi.storage.k8s.io/provisioner-secret-namespace: ceph
  csi.storage.k8s.io/controller-expand-secret-name: csi-cephfs-secret
  csi.storage.k8s.io/controller-expand-secret-namespace: default
  csi.storage.k8s.io/controller-expand-secret-namespace: ceph
  csi.storage.k8s.io/node-stage-secret-name: csi-cephfs-secret
  csi.storage.k8s.io/node-stage-secret-namespace: default
  csi.storage.k8s.io/node-stage-secret-namespace: ceph

  # (optional) The driver can use either ceph-fuse (fuse) or
  # ceph kernelclient (kernel).

R ceph-csi/cephfs/test/pod1.yaml => ceph/cephfs/test/pod1.yaml +0 -0
R ceph-csi/cephfs/test/pod2.yaml => ceph/cephfs/test/pod2.yaml +0 -0
R ceph-csi/cephfs/test/pvc.yaml => ceph/cephfs/test/pvc.yaml +1 -1
@@ 9,4 9,4 @@ spec:
  resources:
    requests:
      storage: 1Gi
  storageClassName: csi-cephfs-sc
  storageClassName: sc-cephfs

R ceph-csi/rbd/Makefile => ceph/rbd/Makefile +0 -0
R ceph-csi/rbd/ceph-secret.yaml.m4 => ceph/rbd/ceph-secret.yaml.m4 +1 -1
@@ 5,4 5,4 @@ stringData:
kind: Secret
metadata:
  name: csi-rbd-secret
  namespace: default
  namespace: ceph

R ceph-csi/rbd/csi-kms-config-map.yaml => ceph/rbd/csi-kms-config-map.yaml +1 -0
@@ 6,3 6,4 @@ data:
    {}
metadata:
  name: ceph-csi-encryption-kms-config
  namespace: ceph

R ceph-csi/rbd/csi-nodeplugin-rbac.yaml => ceph/rbd/csi-nodeplugin-rbac.yaml +2 -5
@@ 3,8 3,7 @@ apiVersion: v1
kind: ServiceAccount
metadata:
  name: rbd-csi-nodeplugin
  # replace with non-default namespace name
  namespace: default
  namespace: ceph
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1


@@ 14,7 13,6 @@ rules:
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get"]
  # allow to read Vault Token and connection options from the Tenants namespace
  - apiGroups: [""]
    resources: ["secrets"]
    verbs: ["get"]


@@ 41,8 39,7 @@ metadata:
subjects:
  - kind: ServiceAccount
    name: rbd-csi-nodeplugin
    # replace with non-default namespace name
    namespace: default
    namespace: ceph
roleRef:
  kind: ClusterRole
  name: rbd-csi-nodeplugin

R ceph-csi/rbd/csi-provisioner-rbac.yaml => ceph/rbd/csi-provisioner-rbac.yaml +5 -10
@@ 3,8 3,7 @@ apiVersion: v1
kind: ServiceAccount
metadata:
  name: rbd-csi-provisioner
  # replace with non-default namespace name
  namespace: default
  namespace: ceph

---
kind: ClusterRole


@@ 74,8 73,7 @@ metadata:
subjects:
  - kind: ServiceAccount
    name: rbd-csi-provisioner
    # replace with non-default namespace name
    namespace: default
    namespace: ceph
roleRef:
  kind: ClusterRole
  name: rbd-external-provisioner-runner


@@ 85,8 83,7 @@ roleRef:
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  # replace with non-default namespace name
  namespace: default
  namespace: ceph
  name: rbd-external-provisioner-cfg
rules:
  - apiGroups: [""]


@@ 101,13 98,11 @@ kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rbd-csi-provisioner-role-cfg
  # replace with non-default namespace name
  namespace: default
  namespace: ceph
subjects:
  - kind: ServiceAccount
    name: rbd-csi-provisioner
    # replace with non-default namespace name
    namespace: default
    namespace: ceph
roleRef:
  kind: Role
  name: rbd-external-provisioner-cfg

R ceph-csi/rbd/csi-rbdplugin-provisioner.yaml => ceph/rbd/csi-rbdplugin-provisioner.yaml +2 -4
@@ 3,8 3,7 @@ kind: Service
apiVersion: v1
metadata:
  name: csi-rbdplugin-provisioner
  # replace with non-default namespace name
  namespace: default
  namespace: ceph
  labels:
    app: csi-metrics
spec:


@@ 21,8 20,7 @@ kind: Deployment
apiVersion: apps/v1
metadata:
  name: csi-rbdplugin-provisioner
  # replace with non-default namespace name
  namespace: default
  namespace: ceph
spec:
  # TODO: upstream, this is 3
  replicas: 2

R ceph-csi/rbd/csi-rbdplugin.yaml => ceph/rbd/csi-rbdplugin.yaml +2 -4
@@ 3,8 3,7 @@ kind: DaemonSet
apiVersion: apps/v1
metadata:
  name: csi-rbdplugin
  # replace with non-default namespace name
  namespace: default
  namespace: ceph
spec:
  selector:
    matchLabels:


@@ 207,8 206,7 @@ apiVersion: v1
kind: Service
metadata:
  name: csi-metrics-rbdplugin
  # replace with non-default namespace name
  namespace: default
  namespace: ceph
  labels:
    app: csi-metrics
spec:

R ceph-csi/rbd/csidriver.yaml => ceph/rbd/csidriver.yaml +0 -0
R ceph-csi/rbd/storageclass_pool_rbd.yaml => ceph/rbd/storageclass_pool_rbd.yaml +4 -4
@@ 2,7 2,7 @@
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
   name: csi-rbd-sc
   name: sc-rbd
provisioner: rbd.csi.ceph.com
# If topology based provisioning is desired, delayed provisioning of
# PV is required and is enabled using the following attribute


@@ 82,11 82,11 @@ parameters:
   # The secrets have to contain Ceph credentials with required access
   # to the 'pool'.
   csi.storage.k8s.io/provisioner-secret-name: csi-rbd-secret
   csi.storage.k8s.io/provisioner-secret-namespace: default
   csi.storage.k8s.io/provisioner-secret-namespace: ceph
   csi.storage.k8s.io/controller-expand-secret-name: csi-rbd-secret
   csi.storage.k8s.io/controller-expand-secret-namespace: default
   csi.storage.k8s.io/controller-expand-secret-namespace: ceph
   csi.storage.k8s.io/node-stage-secret-name: csi-rbd-secret
   csi.storage.k8s.io/node-stage-secret-namespace: default
   csi.storage.k8s.io/node-stage-secret-namespace: ceph

   # (optional) Specify the filesystem type of the volume. If not specified,
   # csi-provisioner will set default as `ext4`.