diff --git a/local-volume/provisioner/deployment/kubernetes/monitor/admin_account.yaml b/local-volume/provisioner/deployment/kubernetes/monitor/admin_account.yaml new file mode 100644 index 00000000000..21bf643dc44 --- /dev/null +++ b/local-volume/provisioner/deployment/kubernetes/monitor/admin_account.yaml @@ -0,0 +1,33 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-storage-admin +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: local-storage-provisioner-pv-binding + namespace: default +subjects: +- kind: ServiceAccount + name: local-storage-admin + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-monitor + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: local-storage-provisioner-node-binding + namespace: default +subjects: +- kind: ServiceAccount + name: local-storage-admin + namespace: default +roleRef: + kind: ClusterRole + name: system:node + apiGroup: rbac.authorization.k8s.io + diff --git a/local-volume/provisioner/deployment/kubernetes/monitor/monitor-config.yaml b/local-volume/provisioner/deployment/kubernetes/monitor/monitor-config.yaml new file mode 100644 index 00000000000..0f2b66905fc --- /dev/null +++ b/local-volume/provisioner/deployment/kubernetes/monitor/monitor-config.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-volume-config +data: + storageClassMap: | + local-storage: + hostDir: "/mnt/disks/vol" + mountDir: "/local-disks" diff --git a/local-volume/provisioner/deployment/kubernetes/monitor/monitor_cluster_role.yaml b/local-volume/provisioner/deployment/kubernetes/monitor/monitor_cluster_role.yaml new file mode 100644 index 00000000000..1877cc79e83 --- /dev/null +++ b/local-volume/provisioner/deployment/kubernetes/monitor/monitor_cluster_role.yaml @@ -0,0 +1,17 @@ +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: system:persistent-volume-monitor +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete", "update"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["watch", "create", "update", "patch"] diff --git a/local-volume/provisioner/deployment/kubernetes/monitor/provisioner-monitor-daemonset.yaml b/local-volume/provisioner/deployment/kubernetes/monitor/provisioner-monitor-daemonset.yaml new file mode 100644 index 00000000000..92e392fd757 --- /dev/null +++ b/local-volume/provisioner/deployment/kubernetes/monitor/provisioner-monitor-daemonset.yaml @@ -0,0 +1,42 @@ +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: local-volume-provisioner +spec: + template: + metadata: + labels: + app: local-volume-provisioner + spec: + containers: + - name: provisioner + image: "quay.io/external_storage/local-volume-provisioner:latest" + args: + - "-enable-monitor=true" + imagePullPolicy: Always + securityContext: + privileged: true + volumeMounts: + - name: discovery-vol + mountPath: "/local-disks" + - name: local-volume-config + mountPath: "/etc/provisioner/config/" + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + # If you want provisioner to use a kubeconfig file to access API server, instead of the default + # in-cluster config, then specify the following environment variable: + # - name: KUBECONFIG + # value: /path/to/kubeconfig + + volumes: + - name: discovery-vol + hostPath: + path: "/mnt/disks/vol" + - name: local-volume-config + configMap: + name: local-volume-config + serviceAccount: local-storage-admin +