From 0c28d964c27d27adb652c2fa85eea7356a3635b7 Mon Sep 17 00:00:00 2001 From: Hendrik Ferber Date: Thu, 27 Feb 2020 19:34:27 +0100 Subject: [PATCH 1/7] changed chart config and lables to support more configuration values --- helm/provisioner/Chart.yaml | 11 +- helm/provisioner/templates/NOTES.txt | 1 + helm/provisioner/templates/_helpers.tpl | 42 ++++ helm/provisioner/templates/configmap.yaml | 49 ++++ helm/provisioner/templates/daemonset.yaml | 89 +++++++ helm/provisioner/templates/namespace.yaml | 10 - .../provisioner-cluster-role-binding.yaml | 124 ---------- .../provisioner-service-account.yaml | 11 - helm/provisioner/templates/provisioner.yaml | 218 ------------------ .../{pod-security-policy.yaml => psp.yaml} | 11 +- helm/provisioner/templates/rbac.yaml | 131 +++++++++++ .../provisioner/templates/serviceaccount.yaml | 12 + .../provisioner/templates/servicemonitor.yaml | 53 +++++ helm/provisioner/templates/storageclass.yaml | 28 +++ helm/provisioner/values.yaml | 83 ++++--- 15 files changed, 457 insertions(+), 416 deletions(-) create mode 100644 helm/provisioner/templates/NOTES.txt create mode 100644 helm/provisioner/templates/_helpers.tpl create mode 100644 helm/provisioner/templates/configmap.yaml create mode 100644 helm/provisioner/templates/daemonset.yaml delete mode 100644 helm/provisioner/templates/namespace.yaml delete mode 100644 helm/provisioner/templates/provisioner-cluster-role-binding.yaml delete mode 100644 helm/provisioner/templates/provisioner-service-account.yaml delete mode 100644 helm/provisioner/templates/provisioner.yaml rename helm/provisioner/templates/{pod-security-policy.yaml => psp.yaml} (63%) create mode 100644 helm/provisioner/templates/rbac.yaml create mode 100644 helm/provisioner/templates/serviceaccount.yaml create mode 100644 helm/provisioner/templates/servicemonitor.yaml create mode 100644 helm/provisioner/templates/storageclass.yaml diff --git a/helm/provisioner/Chart.yaml b/helm/provisioner/Chart.yaml index b8847a5fb..9bee8e64d 100644 --- a/helm/provisioner/Chart.yaml +++ b/helm/provisioner/Chart.yaml @@ -1,9 +1,8 @@ apiVersion: v1 -version: 2.3.4 -description: local provisioner chart -name: provisioner appVersion: 2.3.4 +description: local provisioner chart keywords: - - storage - - local -engine: gotpl +- storage +- local +name: provisioner +version: 3.0.0 diff --git a/helm/provisioner/templates/NOTES.txt b/helm/provisioner/templates/NOTES.txt new file mode 100644 index 000000000..583930491 --- /dev/null +++ b/helm/provisioner/templates/NOTES.txt @@ -0,0 +1 @@ +provisioner installed diff --git a/helm/provisioner/templates/_helpers.tpl b/helm/provisioner/templates/_helpers.tpl new file mode 100644 index 000000000..406d4d0b1 --- /dev/null +++ b/helm/provisioner/templates/_helpers.tpl @@ -0,0 +1,42 @@ +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "provisioner.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Expand the name of the chart. +*/}} +{{- define "provisioner.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "provisioner.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "provisioner.serviceAccountName" -}} +{{- if .Values.common.serviceAccount.create -}} + {{ default (include "provisioner.fullname" .) .Values.common.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.common.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/helm/provisioner/templates/configmap.yaml b/helm/provisioner/templates/configmap.yaml new file mode 100644 index 000000000..db3e6c773 --- /dev/null +++ b/helm/provisioner/templates/configmap.yaml @@ -0,0 +1,49 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "provisioner.fullname" . }}-config + namespace: {{ .Release.Namespace }} + labels: + helm.sh/chart: {{ template "provisioner.chart" . }} + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +data: +{{- if .Values.daemonset.nodeLabels }} + nodeLabelsForPV: | + {{- range $label := .Values.daemonset.nodeLabels }} + - {{$label}} + {{- end }} +{{- end }} +{{- if .Values.common.useAlphaAPI }} + useAlphaAPI: "true" +{{- end }} +{{- if .Values.common.setPVOwnerRef }} + setPVOwnerRef: "true" +{{- end }} +{{- if .Values.common.useJobForCleaning }} + useJobForCleaning: "yes" +{{- end}} +{{- if .Values.common.useNodeNameOnly }} + useNodeNameOnly: "true" +{{- end }} +{{- if .Values.common.minResyncPeriod }} + minResyncPeriod: {{ .Values.common.minResyncPeriod | quote }} +{{- end}} + storageClassMap: | + {{- range $classConfig := .Values.classes }} + {{ $classConfig.name }}: + hostDir: {{ $classConfig.hostDir }} + mountDir: {{ if $classConfig.mountDir }} {{- $classConfig.mountDir -}} {{ else }} {{- $classConfig.hostDir -}} {{ end }} + {{- if $classConfig.blockCleanerCommand }} + blockCleanerCommand: + {{- range $val := $classConfig.blockCleanerCommand }} + - "{{ $val -}}"{{- end}} + {{- end }} + {{- if $classConfig.volumeMode }} + volumeMode: {{ $classConfig.volumeMode }} + {{- end }} + {{- if $classConfig.fsType }} + fsType: {{ $classConfig.fsType }} + {{- end }} + {{- end }} diff --git a/helm/provisioner/templates/daemonset.yaml b/helm/provisioner/templates/daemonset.yaml new file mode 100644 index 000000000..a5c2ef950 --- /dev/null +++ b/helm/provisioner/templates/daemonset.yaml @@ -0,0 +1,89 @@ +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ include "provisioner.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + helm.sh/chart: {{ template "provisioner.chart" . }} + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + spec: + serviceAccountName: {{ template "provisioner.serviceAccountName" . }} +{{- if .Values.daemonset.priorityClassName }} + priorityClassName: {{.Values.daemonset.priorityClassName}} +{{- end }} +{{- if .Values.daemonset.nodeSelector }} + nodeSelector: +{{ .Values.daemonset.nodeSelector | toYaml | trim | indent 8 }} +{{- end }} +{{- if .Values.daemonset.tolerations }} + tolerations: +{{ .Values.daemonset.tolerations | toYaml | trim | indent 8 }} +{{- end }} + containers: + - image: "{{ .Values.daemonset.image }}" + {{- if .Values.daemonset.imagePullPolicy }} + imagePullPolicy: {{ .Values.daemonset.imagePullPolicy | quote }} + {{- end }} + name: provisioner + securityContext: + privileged: true +{{- if .Values.daemonset.resources }} + resources: +{{ .Values.daemonset.resources | toYaml | trim | indent 12 }} +{{- end }} + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "{{ .Values.daemonset.image }}" + {{- if .Values.daemonset.kubeConfigEnv }} + - name: KUBECONFIG + value: {{.Values.daemonset.kubeConfigEnv}} + {{- end }} + {{- if .Values.serviceMonitor.enabled }} + ports: + - containerPort: 8080 + name: metrics + {{- end }} + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + {{- range $classConfig := .Values.classes }} + - mountPath: {{ if $classConfig.mountDir }} {{- $classConfig.mountDir -}} {{ else }} {{- $classConfig.hostDir -}} {{ end }} + name: {{ $classConfig.name }} + mountPropagation: "HostToContainer" + {{- end }} + volumes: + - name: provisioner-config + configMap: + name: {{ template "provisioner.fullname" . }}-config + - name: provisioner-dev + hostPath: + path: /dev + {{- range $classConfig := .Values.classes }} + - name: {{ $classConfig.name }} + hostPath: + path: {{ $classConfig.hostDir }} + {{- end }} diff --git a/helm/provisioner/templates/namespace.yaml b/helm/provisioner/templates/namespace.yaml deleted file mode 100644 index 77a0b7885..000000000 --- a/helm/provisioner/templates/namespace.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- if .Values.common.createNamespace }} -apiVersion: v1 -kind: Namespace -metadata: - name: {{ .Values.common.namespace | quote }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -{{- end }} diff --git a/helm/provisioner/templates/provisioner-cluster-role-binding.yaml b/helm/provisioner/templates/provisioner-cluster-role-binding.yaml deleted file mode 100644 index b58a04c7a..000000000 --- a/helm/provisioner/templates/provisioner-cluster-role-binding.yaml +++ /dev/null @@ -1,124 +0,0 @@ -{{- if .Values.common.rbac }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -subjects: -- kind: ServiceAccount - name: {{ .Values.daemonset.serviceAccount }} - namespace: {{ .Values.common.namespace }} -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -subjects: -- kind: ServiceAccount - name: {{ .Values.daemonset.serviceAccount }} - namespace: {{ .Values.common.namespace }} -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io -{{- if .Values.common.useJobForCleaning }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: local-storage-provisioner-jobs-role - namespace: {{ .Values.common.namespace }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -rules: -- apiGroups: - - 'batch' - resources: - - jobs - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: local-storage-provisioner-jobs-rolebinding - namespace: {{ .Values.common.namespace }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -subjects: -- kind: ServiceAccount - name: {{ .Values.daemonset.serviceAccount }} - namespace: {{ .Values.common.namespace }} -roleRef: - kind: Role - name: local-storage-provisioner-jobs-role - apiGroup: rbac.authorization.k8s.io -{{- end }} -{{- if .Values.common.podSecurityPolicy }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: local-storage-provisioner-psp-role - namespace: {{ .Values.common.namespace }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -rules: -- apiGroups: - - policy - resources: - - podsecuritypolicies - resourceNames: - - local-storage-provisioner-pod-security-policy - verbs: - - use ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: local-storage-provisioner-psp-rolebinding - namespace: {{ .Values.common.namespace }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -subjects: -- kind: ServiceAccount - name: {{ .Values.daemonset.serviceAccount }} - namespace: {{ .Values.common.namespace }} -roleRef: - kind: Role - name: local-storage-provisioner-psp-role - apiGroup: rbac.authorization.k8s.io -{{- end }} -{{- end }} diff --git a/helm/provisioner/templates/provisioner-service-account.yaml b/helm/provisioner/templates/provisioner-service-account.yaml deleted file mode 100644 index df257b17f..000000000 --- a/helm/provisioner/templates/provisioner-service-account.yaml +++ /dev/null @@ -1,11 +0,0 @@ -{{- if .Values.common.rbac }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.daemonset.serviceAccount }} - namespace: {{ .Values.common.namespace }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -{{- end }} diff --git a/helm/provisioner/templates/provisioner.yaml b/helm/provisioner/templates/provisioner.yaml deleted file mode 100644 index 201250d59..000000000 --- a/helm/provisioner/templates/provisioner.yaml +++ /dev/null @@ -1,218 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Values.common.configMapName }} - namespace: {{ .Values.common.namespace }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -data: -{{- if .Values.daemonset.nodeLabels }} - nodeLabelsForPV: | - {{- range $label := .Values.daemonset.nodeLabels }} - - {{$label}} - {{- end }} -{{- end }} -{{- if .Values.common.useAlphaAPI }} - useAlphaAPI: "true" -{{- end }} -{{- if .Values.common.setPVOwnerRef }} - setPVOwnerRef: "true" -{{- end }} -{{- if .Values.common.useJobForCleaning }} - useJobForCleaning: "yes" -{{- end}} -{{- if .Values.common.useNodeNameOnly }} - useNodeNameOnly: "true" -{{- end }} -{{- if .Values.common.minResyncPeriod }} - minResyncPeriod: {{ .Values.common.minResyncPeriod | quote }} -{{- end}} - storageClassMap: | - {{- range $classConfig := .Values.classes }} - {{ $classConfig.name }}: - hostDir: {{ $classConfig.hostDir }} - mountDir: {{ if $classConfig.mountDir }} {{- $classConfig.mountDir -}} {{ else }} {{- $classConfig.hostDir -}} {{ end }} - {{- if $classConfig.blockCleanerCommand }} - blockCleanerCommand: - {{- range $val := $classConfig.blockCleanerCommand }} - - "{{ $val -}}"{{- end}} - {{- end }} - {{- if $classConfig.volumeMode }} - volumeMode: {{ $classConfig.volumeMode }} - {{- end }} - {{- if $classConfig.fsType }} - fsType: {{ $classConfig.fsType }} - {{- end }} - {{- end }} ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: {{ .Values.daemonset.name }} - namespace: {{ .Values.common.namespace }} - labels: - app: local-volume-provisioner - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -spec: - selector: - matchLabels: - app: local-volume-provisioner - template: - metadata: - labels: - app: local-volume-provisioner - spec: - serviceAccountName: {{.Values.daemonset.serviceAccount}} -{{- if .Values.daemonset.priorityClassName }} -{{- if eq .Values.common.namespace "kube-system" }} - priorityClassName: {{.Values.daemonset.priorityClassName}} -{{- else }} - {{- $systemCriticalClasses := list "system-cluster-critical" "system-node-critical" }} - {{- if not (has .Values.daemonset.priorityClassName $systemCriticalClasses) }} - priorityClassName: {{.Values.daemonset.priorityClassName}} - {{- end }} -{{- end }} -{{- end }} -{{- if .Values.daemonset.nodeSelector }} - nodeSelector: -{{ .Values.daemonset.nodeSelector | toYaml | trim | indent 8 }} -{{- end }} -{{- if .Values.daemonset.tolerations }} - tolerations: -{{ .Values.daemonset.tolerations | toYaml | trim | indent 8 }} -{{- end }} - containers: - - image: "{{ .Values.daemonset.image }}" - {{- if .Values.daemonset.imagePullPolicy }} - imagePullPolicy: {{ .Values.daemonset.imagePullPolicy | quote }} - {{- end }} - name: provisioner - securityContext: - privileged: true -{{- if .Values.daemonset.resources }} - resources: -{{ .Values.daemonset.resources | toYaml | trim | indent 12 }} -{{- end }} - env: - - name: MY_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: MY_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: JOB_CONTAINER_IMAGE - value: "{{ .Values.daemonset.image }}" - {{- if .Values.daemonset.kubeConfigEnv }} - - name: KUBECONFIG - value: {{.Values.daemonset.kubeConfigEnv}} - {{- end }} - {{- if .Values.prometheus.operator.enabled }} - ports: - - containerPort: 8080 - name: http - {{- end }} - volumeMounts: - - mountPath: /etc/provisioner/config - name: provisioner-config - readOnly: true - - mountPath: /dev - name: provisioner-dev - {{- range $classConfig := .Values.classes }} - - mountPath: {{ if $classConfig.mountDir }} {{- $classConfig.mountDir -}} {{ else }} {{- $classConfig.hostDir -}} {{ end }} - name: {{ $classConfig.name }} - mountPropagation: "HostToContainer" - {{- end }} - volumes: - - name: provisioner-config - configMap: - name: {{ .Values.common.configMapName }} - - name: provisioner-dev - hostPath: - path: /dev - {{- range $classConfig := .Values.classes }} - - name: {{ $classConfig.name }} - hostPath: - path: {{ $classConfig.hostDir }} - {{- end }} -{{- $release := .Release }} -{{- $chart := .Chart }} -{{- range $val := .Values.classes }} -{{- if $val.storageClass }} ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: {{ $val.name }} - {{- if kindIs "map" $val.storageClass }} - {{- if $val.storageClass.isDefaultClass }} - annotations: - storageclass.kubernetes.io/is-default-class: "true" - {{- end }} - {{- end }} - labels: - heritage: {{ $release.Service | quote }} - release: {{ $release.Name | quote }} - chart: {{ replace "+" "_" $chart.Version | printf "%s-%s" $chart.Name }} -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -{{- if kindIs "map" $val.storageClass }} -reclaimPolicy: {{ $val.storageClass.reclaimPolicy | default "Delete" }} -{{- else }} -reclaimPolicy: Delete -{{- end }} -{{- end }} -{{- end }} -{{- if .Values.prometheus.operator.enabled }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.daemonset.name }} - namespace: {{ .Values.common.namespace }} - labels: - app: local-volume-provisioner - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -spec: - type: ClusterIP - ports: - - port: 8080 - targetPort: 8080 - name: http - selector: - app: local-volume-provisioner ---- -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ .Values.daemonset.name }} - namespace: {{ .Values.prometheus.operator.serviceMonitor.namespace }} - labels: - app: local-volume-provisioner - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} - {{- if .Values.prometheus.operator.serviceMonitor.selector }} - {{ toYaml .Values.prometheus.operator.serviceMonitor.selector }} - {{- end -}} -spec: - jobLabel: app - selector: - matchLabels: - app: local-volume-provisioner - release: {{ .Release.Name | quote }} - namespaceSelector: - matchNames: - - {{ .Values.common.namespace }} - endpoints: - - port: http - interval: {{ .Values.prometheus.operator.serviceMonitor.interval }} - scheme: http -{{- end }} diff --git a/helm/provisioner/templates/pod-security-policy.yaml b/helm/provisioner/templates/psp.yaml similarity index 63% rename from helm/provisioner/templates/pod-security-policy.yaml rename to helm/provisioner/templates/psp.yaml index 9e660cf73..1f2da6247 100644 --- a/helm/provisioner/templates/pod-security-policy.yaml +++ b/helm/provisioner/templates/psp.yaml @@ -1,12 +1,13 @@ -{{- if .Values.common.podSecurityPolicy -}} +{{- if .Values.common.rbac.pspEnabled -}} apiVersion: policy/v1beta1 kind: PodSecurityPolicy metadata: - name: local-storage-provisioner-pod-security-policy + name: {{ template "provisioner.fullname" . }} labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} + helm.sh/chart: {{ template "provisioner.chart" . }} + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} spec: allowPrivilegeEscalation: true allowedHostPaths: diff --git a/helm/provisioner/templates/rbac.yaml b/helm/provisioner/templates/rbac.yaml new file mode 100644 index 000000000..bd4c98057 --- /dev/null +++ b/helm/provisioner/templates/rbac.yaml @@ -0,0 +1,131 @@ +{{- if .Values.common.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "provisioner.fullname" . }}-pv-binding + labels: + helm.sh/chart: {{ template "provisioner.chart" . }} + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +subjects: +- kind: ServiceAccount + name: {{ template "provisioner.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "provisioner.fullname" . }}-node-clusterrole + labels: + helm.sh/chart: {{ template "provisioner.chart" . }} + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "provisioner.fullname" . }}-node-binding + labels: + helm.sh/chart: {{ template "provisioner.chart" . }} + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +subjects: +- kind: ServiceAccount + name: {{ template "provisioner.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ template "provisioner.fullname" . }}-node-clusterrole + apiGroup: rbac.authorization.k8s.io +{{- if .Values.common.useJobForCleaning }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "provisioner.fullname" . }}-jobs-role + namespace: {{ .Release.Namespace }} + labels: + helm.sh/chart: {{ template "provisioner.chart" . }} + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +rules: +- apiGroups: + - 'batch' + resources: + - jobs + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "provisioner.fullname" . }}-jobs-rolebinding + namespace: {{ .Release.Namespace }} + labels: + helm.sh/chart: {{ template "provisioner.chart" . }} + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +subjects: +- kind: ServiceAccount + name: {{ template "provisioner.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: Role + name: {{ template "provisioner.fullname" . }}-jobs-role + apiGroup: rbac.authorization.k8s.io +{{- end }} +{{- if .Values.common.rbac.pspEnabled }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "provisioner.fullname" . }}-psp-role + namespace: {{ .Release.Namespace }} + labels: + helm.sh/chart: {{ template "provisioner.chart" . }} + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +rules: +- apiGroups: + - policy + resources: + - podsecuritypolicies + resourceNames: + - {{ template "provisioner.fullname" . }} + verbs: + - use +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "provisioner.fullname" . }}-psp-rolebinding + namespace: {{ .Release.Namespace }} + labels: + helm.sh/chart: {{ template "provisioner.chart" . }} + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +subjects: +- kind: ServiceAccount + name: {{ template "provisioner.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: Role + name: {{ template "provisioner.fullname" . }}-psp-role + apiGroup: rbac.authorization.k8s.io +{{- end }} +{{- end }} diff --git a/helm/provisioner/templates/serviceaccount.yaml b/helm/provisioner/templates/serviceaccount.yaml new file mode 100644 index 000000000..19941689f --- /dev/null +++ b/helm/provisioner/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.common.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "provisioner.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + helm.sh/chart: {{ template "provisioner.chart" . }} + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} diff --git a/helm/provisioner/templates/servicemonitor.yaml b/helm/provisioner/templates/servicemonitor.yaml new file mode 100644 index 000000000..89c69531d --- /dev/null +++ b/helm/provisioner/templates/servicemonitor.yaml @@ -0,0 +1,53 @@ +{{- if .Values.serviceMonitor.enabled }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "provisioner.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + helm.sh/chart: {{ template "provisioner.chart" . }} + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +spec: + type: ClusterIP + ports: + - port: 8080 + targetPort: 8080 + name: metrics + selector: + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "provisioner.fullname" . }} + namespace: {{ .Values.serviceMonitor.namespace | default .Release.Namespace }} + labels: + helm.sh/chart: {{ template "provisioner.chart" . }} + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- range $k, $v := .Values.serviceMonitor.additionalLabels }} + {{ $k }}: {{ $v | quote }} + {{- end }} +spec: + jobLabel: app.kubernetes.io/name + endpoints: + - port: metrics + interval: {{ .Values.serviceMonitor.interval }} + scheme: http +{{- if .Values.serviceMonitor.relabelings }} + relabelings: +{{ toYaml .Values.serviceMonitor.relabelings | indent 4 }} +{{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + app.kubernetes.io/name: {{ template "provisioner.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} diff --git a/helm/provisioner/templates/storageclass.yaml b/helm/provisioner/templates/storageclass.yaml new file mode 100644 index 000000000..ce2f2ae0d --- /dev/null +++ b/helm/provisioner/templates/storageclass.yaml @@ -0,0 +1,28 @@ +{{- $release := .Release }} +{{- $chart := .Chart }} +{{- range $val := .Values.classes }} +{{- if $val.storageClass }} +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ $val.name }} + {{- if kindIs "map" $val.storageClass }} + {{- if $val.storageClass.isDefaultClass }} + annotations: + storageclass.kubernetes.io/is-default-class: "true" + {{- end }} + {{- end }} + labels: + app.kubernetes.io/managed-by: {{ $release.Service | quote }} + app.kubernetes.io/instance: {{ $release.Name | quote }} + helm.sh/chart: {{ replace "+" "_" $chart.Version | printf "%s-%s" $chart.Name }} +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +{{- if kindIs "map" $val.storageClass }} +reclaimPolicy: {{ $val.storageClass.reclaimPolicy | default "Delete" }} +{{- else }} +reclaimPolicy: Delete +{{- end }} +{{- end }} +{{- end }} diff --git a/helm/provisioner/values.yaml b/helm/provisioner/values.yaml index 954d07c18..f65d5431f 100644 --- a/helm/provisioner/values.yaml +++ b/helm/provisioner/values.yaml @@ -3,17 +3,21 @@ # common: # - # Defines whether to generate service account and role bindings. + # Defines whether to generate rbac roles # - rbac: true + rbac: + # rbac.create: `true` if rbac resources should be created + create: true + # rbac.pspEnabled: `true` if PodSecurityPolicy resources should be created + pspEnabled: false # - # Defines the namespace where provisioner runs + # Defines whether to generate a serviceAccount # - namespace: default - # - # Defines whether to create provisioner namespace - # - createNamespace: false + serviceAccount: + # serviceAccount.create: Whether to create a service account or not + create: true + # serviceAccount.name: The name of the service account to create or use + name: "" # # Beta PV.NodeAffinity field is used by default. If running against pre-1.10 # k8s version, the `useAlphaAPI` flag must be enabled in the configMap. @@ -38,14 +42,6 @@ common: # 2*minResyncPeriod. Default: 5m0s. # #minResyncPeriod: 5m0s - # - # Defines the name of configmap used by Provisioner - # - configMapName: "local-provisioner-config" - # - # Enables or disables Pod Security Policy creation and binding - # - podSecurityPolicy: false # # Configure storage classes. # @@ -82,28 +78,19 @@ classes: # storageClass: # reclaimPolicy: Delete # Available reclaim policies: Delete/Retain, defaults: Delete. # isDefaultClass: true # set as default class - # # Configure DaemonSet for provisioner. # daemonset: - # - # Defines the name of a Provisioner - # - name: "local-volume-provisioner" # # Defines Provisioner's image name including container registry. # - image: quay.io/external_storage/local-volume-provisioner:v2.3.4 + image: quay.io/external_storage/local-volume-provisioner:v2.3.3 # # Defines Image download policy, see kubernetes documentation for available values. # #imagePullPolicy: Always # - # Defines a name of the service account which Provisioner will use to communicate with API server. - # - serviceAccount: local-storage-admin - # # Defines a name of the Pod Priority Class to use with the Provisioner DaemonSet # # Note that if you want to make it critical, specify "system-cluster-critical" @@ -135,23 +122,35 @@ daemonset: # If configured, resources will set the requests/limits field to the Daemonset PodSpec. # Ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ resources: {} + # limits: + # memory: "512Mi" + # cpu: "1000m" + # requests: + # memory: "32Mi" + # cpu: "10m" # # Configure Prometheus monitoring # -prometheus: - operator: - ## Are you using Prometheus Operator? - enabled: false - - serviceMonitor: - ## Interval at which Prometheus scrapes the provisioner - interval: 10s +serviceMonitor: + enabled: false + ## Interval at which Prometheus scrapes the provisioner + interval: 10s + # Namespace Prometheus is installed in defaults to release namespace + namespace: + ## Defaults to whats used if you follow CoreOS [Prometheus Install Instructions](https://github.com/coreos/prometheus-operator/tree/master/helm#tldr) + ## [Prometheus Selector Label](https://github.com/coreos/prometheus-operator/blob/master/helm/prometheus/templates/prometheus.yaml#L65) + ## [Kube Prometheus Selector Label](https://github.com/coreos/prometheus-operator/blob/master/helm/kube-prometheus/values.yaml#L298) + additionalLabels: {} + relabelings: [] + # - sourceLabels: [__meta_kubernetes_pod_node_name] + # separator: ; + # regex: ^(.*)$ + # targetLabel: nodename + # replacement: $1 + # action: replace - # Namespace Prometheus is installed in - namespace: monitoring - - ## Defaults to whats used if you follow CoreOS [Prometheus Install Instructions](https://github.com/coreos/prometheus-operator/tree/master/helm#tldr) - ## [Prometheus Selector Label](https://github.com/coreos/prometheus-operator/blob/master/helm/prometheus/templates/prometheus.yaml#L65) - ## [Kube Prometheus Selector Label](https://github.com/coreos/prometheus-operator/blob/master/helm/kube-prometheus/values.yaml#L298) - selector: - prometheus: kube-prometheus +# +# Overrice the default chartname or releasename +# +nameOverride: "" +fullnameOverride: "" From 751679258a2f597dd6e4c890adec15f6ee14e21a Mon Sep 17 00:00:00 2001 From: Hendrik Ferber Date: Thu, 27 Feb 2020 19:36:02 +0100 Subject: [PATCH 2/7] added helm v3/v2 to generation and verify script --- hack/lib.sh | 13 ++++++++++--- hack/update-generated.sh | 16 ++++++++++++++-- hack/verify-generated.sh | 28 ++++++++++++++++++++++++++-- 3 files changed, 50 insertions(+), 7 deletions(-) diff --git a/hack/lib.sh b/hack/lib.sh index ae4308ef5..7043abf45 100755 --- a/hack/lib.sh +++ b/hack/lib.sh @@ -23,9 +23,11 @@ OS=$(go env GOOS) ARCH=$(go env GOARCH) OUTPUT=${ROOT}/_output OUTPUT_BIN=${OUTPUT}/${OS}/${ARCH} -HELM_VERSION=2.7.2 +HELM2_VERSION=2.16.1 +HELM_VERSION=3.1.0 DEP_VERSION=0.5.0 DEP_BIN=$OUTPUT_BIN/dep +HELM2_BIN=$OUTPUT_BIN/helm2 HELM_BIN=$OUTPUT_BIN/helm MISSPELL_VERSION=0.3.4 MISSPELL_BIN=$OUTPUT_BIN/misspell @@ -36,6 +38,11 @@ function hack::verify_helm() { if test -x "$HELM_BIN"; then local v=$($HELM_BIN version --short --client | grep -o -P '\d+.\d+.\d+') [[ "$v" == "$HELM_VERSION" ]] + return + fi + if test -x "$HELM2_BIN"; then + local v=$($HELM2_BIN version --short --client | grep -o -P '\d+.\d+.\d+') + [[ "$v" == "$HELM2_VERSION" ]] return fi return 1 @@ -47,8 +54,8 @@ function hack::install_helm() { fi local OS=$(uname | tr A-Z a-z) local ARCH=amd64 - local HELM_URL=http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-${OS}-${ARCH}.tar.gz - curl -s "$HELM_URL" | tar --strip-components 1 -C $OUTPUT_BIN -zxf - ${OS}-${ARCH}/helm + local HELM_URL=https://get.helm.sh/helm-v${HELM2_VERSION}-${OS}-${ARCH}.tar.gz + curl -s "$HELM_URL" | tar --strip-components 1 -C $OUTPUT_BIN -zxf - ${OS}-${ARCH}/helm && mv $OUTPUT_BIN/helm $OUTPUT_BIN/helm2 } function hack::verify_dep() { diff --git a/hack/update-generated.sh b/hack/update-generated.sh index ba594b169..5f6640a3e 100755 --- a/hack/update-generated.sh +++ b/hack/update-generated.sh @@ -35,12 +35,24 @@ sure generated files are what you expected. EOF echo "*** IMPORTANT NOTE ***" +echo "====== HELM v2 ========" + +FILES=$(ls examples/) +for f in $FILES; do + input="examples/$f" + generated="generated_examples/helm2/$f" + printf "Generating with helm v${HELM2_VERSION} %s from %s\n" $generated $input + $HELM2_BIN template -f examples/$f --name local-static-provisioner --namespace default ./provisioner > $generated +done + +echo "====== HELM v3 ========" + FILES=$(ls examples/) for f in $FILES; do input="examples/$f" generated="generated_examples/$f" - printf "Generating %s from %s\n" $generated $input - $HELM_BIN template ./provisioner -f examples/$f > generated_examples/$f + printf "Generating with helm v${HELM_VERSION} %s from %s\n" $generated $input + $HELM_BIN template --dry-run -f examples/$f local-static-provisioner --namespace default ./provisioner > $generated done echo "Done." diff --git a/hack/verify-generated.sh b/hack/verify-generated.sh index 1add4a99f..d1597554c 100755 --- a/hack/verify-generated.sh +++ b/hack/verify-generated.sh @@ -35,13 +35,32 @@ if [ $ret -ne 0 ]; then exit 2 fi -# check examples +# check examples helm2 +function test_values_helm2_file() { + local input="examples/$1" + local expected="generated_examples/helm2/$1" + local tmpfile=$(mktemp) + trap "test -f $tmpfile && rm $tmpfile || true" EXIT + $HELM2_BIN template -f examples/$f --name local-static-provisioner --namespace default ./provisioner > $tmpfile + echo -n "Checking $input " + local diff=$(diff -u $expected $tmpfile 2>&1) || true + if [[ -n "${diff}" ]]; then + echo "failed, diff: " + echo "$diff" + exit 1 + else + echo "passed." + fi +} + +# check examples helm3 function test_values_file() { local input="examples/$1" local expected="generated_examples/$1" local tmpfile=$(mktemp) trap "test -f $tmpfile && rm $tmpfile || true" EXIT - $HELM_BIN template ./provisioner -f examples/$f > $tmpfile + #echo "$HELM_BIN" + $HELM_BIN template --dry-run -f examples/$f local-static-provisioner --namespace default ./provisioner > $tmpfile echo -n "Checking $input " local diff=$(diff -u $expected $tmpfile 2>&1) || true if [[ -n "${diff}" ]]; then @@ -54,6 +73,11 @@ function test_values_file() { } FILES=$(ls examples/) +echo "==== HELM v2====" +for f in $FILES; do + test_values_helm2_file $f +done +echo "==== HELM v3====" for f in $FILES; do test_values_file $f done From ffb87a2200ad2aa90cac4e51c4dbcf59f88a47d2 Mon Sep 17 00:00:00 2001 From: Hendrik Ferber Date: Thu, 27 Feb 2020 19:36:59 +0100 Subject: [PATCH 3/7] added new generated examples for helm v2/v3 --- .../baremetal-cleanbyjobs.yaml | 240 ++++++++-------- .../baremetal-default-storage.yaml | 202 +++++++------ .../baremetal-nodeselector.yaml | 198 +++++++------ .../baremetal-priority-critical.yaml | 202 +++++++------ .../baremetal-priority-noncritical.yaml | 198 +++++++------ .../baremetal-prometheus.yaml | 272 +++++++++--------- .../baremetal-resyncperiod.yaml | 198 +++++++------ .../baremetal-tolerations.yaml | 198 +++++++------ .../baremetal-with-resource-limits.yaml | 198 +++++++------ .../baremetal-without-rbac.yaml | 90 +++--- helm/generated_examples/baremetal.yaml | 198 +++++++------ helm/generated_examples/gce-pre1.9.yaml | 198 +++++++------ helm/generated_examples/gce-retain.yaml | 223 +++++++------- helm/generated_examples/gce.yaml | 223 +++++++------- helm/generated_examples/gke.yaml | 198 +++++++------ .../helm2/baremetal-cleanbyjobs.yaml | 211 ++++++++++++++ .../helm2/baremetal-default-storage.yaml | 173 +++++++++++ .../helm2/baremetal-nodeselector.yaml | 176 ++++++++++++ .../helm2/baremetal-priority-critical.yaml | 175 +++++++++++ .../helm2/baremetal-priority-noncritical.yaml | 175 +++++++++++ .../helm2/baremetal-prometheus.yaml | 221 ++++++++++++++ .../helm2/baremetal-resyncperiod.yaml | 174 +++++++++++ .../helm2/baremetal-tolerations.yaml | 177 ++++++++++++ .../helm2/baremetal-with-resource-limits.yaml | 181 ++++++++++++ .../helm2/baremetal-without-rbac.yaml | 124 ++++++++ helm/generated_examples/helm2/baremetal.yaml | 174 +++++++++++ helm/generated_examples/helm2/gce-pre1.9.yaml | 172 +++++++++++ helm/generated_examples/helm2/gce-retain.yaml | 192 +++++++++++++ helm/generated_examples/helm2/gce.yaml | 192 +++++++++++++ helm/generated_examples/helm2/gke.yaml | 171 +++++++++++ 30 files changed, 4196 insertions(+), 1528 deletions(-) create mode 100644 helm/generated_examples/helm2/baremetal-cleanbyjobs.yaml create mode 100644 helm/generated_examples/helm2/baremetal-default-storage.yaml create mode 100644 helm/generated_examples/helm2/baremetal-nodeselector.yaml create mode 100644 helm/generated_examples/helm2/baremetal-priority-critical.yaml create mode 100644 helm/generated_examples/helm2/baremetal-priority-noncritical.yaml create mode 100644 helm/generated_examples/helm2/baremetal-prometheus.yaml create mode 100644 helm/generated_examples/helm2/baremetal-resyncperiod.yaml create mode 100644 helm/generated_examples/helm2/baremetal-tolerations.yaml create mode 100644 helm/generated_examples/helm2/baremetal-with-resource-limits.yaml create mode 100644 helm/generated_examples/helm2/baremetal-without-rbac.yaml create mode 100644 helm/generated_examples/helm2/baremetal.yaml create mode 100644 helm/generated_examples/helm2/gce-pre1.9.yaml create mode 100644 helm/generated_examples/helm2/gce-retain.yaml create mode 100644 helm/generated_examples/helm2/gce.yaml create mode 100644 helm/generated_examples/helm2/gke.yaml diff --git a/helm/generated_examples/baremetal-cleanbyjobs.yaml b/helm/generated_examples/baremetal-cleanbyjobs.yaml index b53cf2d13..35a5cd051 100644 --- a/helm/generated_examples/baremetal-cleanbyjobs.yaml +++ b/helm/generated_examples/baremetal-cleanbyjobs.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config + name: local-static-provisioner-config namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: useJobForCleaning: "yes" storageClassMap: | @@ -19,146 +32,83 @@ data: - "/scripts/quick_reset.sh" volumeMode: Block --- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: local-volume-provisioner - namespace: default - labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -spec: - selector: - matchLabels: - app: local-volume-provisioner - template: - metadata: - labels: - app: local-volume-provisioner - spec: - serviceAccountName: local-storage-admin - containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" - name: provisioner - securityContext: - privileged: true - env: - - name: MY_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: MY_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" - volumeMounts: - - mountPath: /etc/provisioner/config - name: provisioner-config - readOnly: true - - mountPath: /dev - name: provisioner-dev - - mountPath: /mnt/disks - name: local-storage - mountPropagation: "HostToContainer" - volumes: - - name: provisioner-config - configMap: - name: local-provisioner-config - - name: provisioner-dev - hostPath: - path: /dev - - name: local-storage - hostPath: - path: /mnt/disks ---- +# Source: provisioner/templates/storageclass.yaml apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: local-storage labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 provisioner: kubernetes.io/no-provisioner volumeBindingMode: WaitForFirstConsumer reclaimPolicy: Delete - --- -# Source: provisioner/templates/provisioner-service-account.yaml - -apiVersion: v1 -kind: ServiceAccount +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole metadata: - name: local-storage-admin - namespace: default + name: local-static-provisioner-node-clusterrole labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] --- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - +# Source: provisioner/templates/rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: local-storage-provisioner-pv-binding + name: local-static-provisioner-pv-binding labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner subjects: - kind: ServiceAccount - name: local-storage-admin + name: local-static-provisioner namespace: default roleRef: kind: ClusterRole name: system:persistent-volume-provisioner apiGroup: rbac.authorization.k8s.io --- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- +# Source: provisioner/templates/rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: local-storage-provisioner-node-binding + name: local-static-provisioner-node-binding labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner subjects: - kind: ServiceAccount - name: local-storage-admin + name: local-static-provisioner namespace: default roleRef: kind: ClusterRole - name: local-storage-provisioner-node-clusterrole + name: local-static-provisioner-node-clusterrole apiGroup: rbac.authorization.k8s.io --- +# Source: provisioner/templates/rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: local-storage-provisioner-jobs-role + name: local-static-provisioner-jobs-role namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner rules: - apiGroups: - 'batch' @@ -167,29 +117,81 @@ rules: verbs: - '*' --- +# Source: provisioner/templates/rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: local-storage-provisioner-jobs-rolebinding + name: local-static-provisioner-jobs-rolebinding namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner subjects: - kind: ServiceAccount - name: local-storage-admin + name: local-static-provisioner namespace: default roleRef: kind: Role - name: local-storage-provisioner-jobs-role + name: local-static-provisioner-jobs-role apiGroup: rbac.authorization.k8s.io - --- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - +# Source: provisioner/templates/daemonset.yaml +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-storage + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-storage + hostPath: + path: /mnt/disks diff --git a/helm/generated_examples/baremetal-default-storage.yaml b/helm/generated_examples/baremetal-default-storage.yaml index ae3ed0958..9475bd7f2 100644 --- a/helm/generated_examples/baremetal-default-storage.yaml +++ b/helm/generated_examples/baremetal-default-storage.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config + name: local-static-provisioner-config namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: storageClassMap: | local-storage: @@ -16,28 +29,99 @@ data: mountDir: /mnt/disks volumeMode: Filesystem --- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + annotations: + storageclass.kubernetes.io/is-default-class: "true" + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: - name: local-volume-provisioner + name: local-static-provisioner namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: selector: matchLabels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner template: metadata: labels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner spec: - serviceAccountName: local-storage-admin + serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" name: provisioner securityContext: privileged: true @@ -51,7 +135,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config @@ -64,96 +148,10 @@ spec: volumes: - name: provisioner-config configMap: - name: local-provisioner-config + name: local-static-provisioner-config - name: provisioner-dev hostPath: path: /dev - name: local-storage hostPath: path: /mnt/disks ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-storage - annotations: - storageclass.kubernetes.io/is-default-class: "true" - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Delete - ---- -# Source: provisioner/templates/provisioner-service-account.yaml - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: local-storage-admin - namespace: default - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - ---- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io - ---- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - diff --git a/helm/generated_examples/baremetal-nodeselector.yaml b/helm/generated_examples/baremetal-nodeselector.yaml index 01cef0ba5..7e905acdc 100644 --- a/helm/generated_examples/baremetal-nodeselector.yaml +++ b/helm/generated_examples/baremetal-nodeselector.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config + name: local-static-provisioner-config namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: storageClassMap: | local-storage: @@ -19,30 +32,99 @@ data: - "2" volumeMode: Block --- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: - name: local-volume-provisioner + name: local-static-provisioner namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: selector: matchLabels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner template: metadata: labels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner spec: - serviceAccountName: local-storage-admin + serviceAccountName: local-static-provisioner nodeSelector: localVolume: present containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" name: provisioner securityContext: privileged: true @@ -56,7 +138,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config @@ -69,94 +151,10 @@ spec: volumes: - name: provisioner-config configMap: - name: local-provisioner-config + name: local-static-provisioner-config - name: provisioner-dev hostPath: path: /dev - name: local-storage hostPath: path: /mnt/disks ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-storage - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Delete - ---- -# Source: provisioner/templates/provisioner-service-account.yaml - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: local-storage-admin - namespace: default - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - ---- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io - ---- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - diff --git a/helm/generated_examples/baremetal-priority-critical.yaml b/helm/generated_examples/baremetal-priority-critical.yaml index bf313c6c3..26d3070a0 100644 --- a/helm/generated_examples/baremetal-priority-critical.yaml +++ b/helm/generated_examples/baremetal-priority-critical.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config - namespace: kube-system + name: local-static-provisioner-config + namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: storageClassMap: | local-storage: @@ -19,29 +32,98 @@ data: - "2" volumeMode: Block --- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: - name: local-volume-provisioner - namespace: kube-system + name: local-static-provisioner + namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: selector: matchLabels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner template: metadata: labels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner spec: - serviceAccountName: local-storage-admin + serviceAccountName: local-static-provisioner priorityClassName: system-node-critical containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" name: provisioner securityContext: privileged: true @@ -55,7 +137,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config @@ -68,94 +150,10 @@ spec: volumes: - name: provisioner-config configMap: - name: local-provisioner-config + name: local-static-provisioner-config - name: provisioner-dev hostPath: path: /dev - name: local-storage hostPath: path: /mnt/disks ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-storage - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Delete - ---- -# Source: provisioner/templates/provisioner-service-account.yaml - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: local-storage-admin - namespace: kube-system - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - ---- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: kube-system -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: kube-system -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io - ---- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - diff --git a/helm/generated_examples/baremetal-priority-noncritical.yaml b/helm/generated_examples/baremetal-priority-noncritical.yaml index 901892562..0520d1dbb 100644 --- a/helm/generated_examples/baremetal-priority-noncritical.yaml +++ b/helm/generated_examples/baremetal-priority-noncritical.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config + name: local-static-provisioner-config namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: storageClassMap: | local-storage: @@ -19,29 +32,98 @@ data: - "2" volumeMode: Block --- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: - name: local-volume-provisioner + name: local-static-provisioner namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: selector: matchLabels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner template: metadata: labels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner spec: - serviceAccountName: local-storage-admin + serviceAccountName: local-static-provisioner priorityClassName: priority-important containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" name: provisioner securityContext: privileged: true @@ -55,7 +137,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config @@ -68,94 +150,10 @@ spec: volumes: - name: provisioner-config configMap: - name: local-provisioner-config + name: local-static-provisioner-config - name: provisioner-dev hostPath: path: /dev - name: local-storage hostPath: path: /mnt/disks ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-storage - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Delete - ---- -# Source: provisioner/templates/provisioner-service-account.yaml - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: local-storage-admin - namespace: default - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - ---- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io - ---- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - diff --git a/helm/generated_examples/baremetal-prometheus.yaml b/helm/generated_examples/baremetal-prometheus.yaml index a9a94cfe9..01a9749d3 100644 --- a/helm/generated_examples/baremetal-prometheus.yaml +++ b/helm/generated_examples/baremetal-prometheus.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config + name: local-static-provisioner-config namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: storageClassMap: | local-storage: @@ -19,28 +32,118 @@ data: - "2" volumeMode: Block --- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/servicemonitor.yaml +apiVersion: v1 +kind: Service +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +spec: + type: ClusterIP + ports: + - port: 8080 + targetPort: 8080 + name: metrics + selector: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: - name: local-volume-provisioner + name: local-static-provisioner namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: selector: matchLabels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner template: metadata: labels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner spec: - serviceAccountName: local-storage-admin + serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" name: provisioner securityContext: privileged: true @@ -54,10 +157,10 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" ports: - containerPort: 8080 - name: http + name: metrics volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config @@ -70,7 +173,7 @@ spec: volumes: - name: provisioner-config configMap: - name: local-provisioner-config + name: local-static-provisioner-config - name: provisioner-dev hostPath: path: /dev @@ -78,130 +181,27 @@ spec: hostPath: path: /mnt/disks --- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-storage - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Delete ---- -apiVersion: v1 -kind: Service -metadata: - name: local-volume-provisioner - namespace: default - labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -spec: - type: ClusterIP - ports: - - port: 8080 - targetPort: 8080 - name: http - selector: - app: local-volume-provisioner ---- +# Source: provisioner/templates/servicemonitor.yaml apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: - name: local-volume-provisioner - namespace: monitoring + name: local-static-provisioner + namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - prometheus: kube-prometheus + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: - jobLabel: app - selector: - matchLabels: - app: local-volume-provisioner - release: "RELEASE-NAME" + jobLabel: app.kubernetes.io/name + endpoints: + - port: metrics + interval: 10s + scheme: http namespaceSelector: matchNames: - default - endpoints: - - port: http - interval: 10s - scheme: http - ---- -# Source: provisioner/templates/provisioner-service-account.yaml - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: local-storage-admin - namespace: default - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - ---- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io - ---- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner diff --git a/helm/generated_examples/baremetal-resyncperiod.yaml b/helm/generated_examples/baremetal-resyncperiod.yaml index f5612d3fd..875b0ac2d 100644 --- a/helm/generated_examples/baremetal-resyncperiod.yaml +++ b/helm/generated_examples/baremetal-resyncperiod.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config + name: local-static-provisioner-config namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: minResyncPeriod: "1h" storageClassMap: | @@ -19,28 +32,97 @@ data: - "/scripts/quick_reset.sh" volumeMode: Block --- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: - name: local-volume-provisioner + name: local-static-provisioner namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: selector: matchLabels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner template: metadata: labels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner spec: - serviceAccountName: local-storage-admin + serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" name: provisioner securityContext: privileged: true @@ -54,7 +136,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config @@ -67,94 +149,10 @@ spec: volumes: - name: provisioner-config configMap: - name: local-provisioner-config + name: local-static-provisioner-config - name: provisioner-dev hostPath: path: /dev - name: local-storage hostPath: path: /mnt/disks ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-storage - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Delete - ---- -# Source: provisioner/templates/provisioner-service-account.yaml - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: local-storage-admin - namespace: default - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - ---- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io - ---- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - diff --git a/helm/generated_examples/baremetal-tolerations.yaml b/helm/generated_examples/baremetal-tolerations.yaml index 7999f02d9..0e6d8666e 100644 --- a/helm/generated_examples/baremetal-tolerations.yaml +++ b/helm/generated_examples/baremetal-tolerations.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config + name: local-static-provisioner-config namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: storageClassMap: | local-storage: @@ -19,31 +32,100 @@ data: - "2" volumeMode: Block --- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: - name: local-volume-provisioner + name: local-static-provisioner namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: selector: matchLabels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner template: metadata: labels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner spec: - serviceAccountName: local-storage-admin + serviceAccountName: local-static-provisioner tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" name: provisioner securityContext: privileged: true @@ -57,7 +139,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config @@ -70,94 +152,10 @@ spec: volumes: - name: provisioner-config configMap: - name: local-provisioner-config + name: local-static-provisioner-config - name: provisioner-dev hostPath: path: /dev - name: local-storage hostPath: path: /mnt/disks ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-storage - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Delete - ---- -# Source: provisioner/templates/provisioner-service-account.yaml - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: local-storage-admin - namespace: default - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - ---- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io - ---- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - diff --git a/helm/generated_examples/baremetal-with-resource-limits.yaml b/helm/generated_examples/baremetal-with-resource-limits.yaml index d7c2448e2..3a8271521 100644 --- a/helm/generated_examples/baremetal-with-resource-limits.yaml +++ b/helm/generated_examples/baremetal-with-resource-limits.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config + name: local-static-provisioner-config namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: storageClassMap: | local-storage: @@ -19,28 +32,97 @@ data: - "2" volumeMode: Block --- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: - name: local-volume-provisioner + name: local-static-provisioner namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: selector: matchLabels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner template: metadata: labels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner spec: - serviceAccountName: local-storage-admin + serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" name: provisioner securityContext: privileged: true @@ -61,7 +143,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config @@ -74,94 +156,10 @@ spec: volumes: - name: provisioner-config configMap: - name: local-provisioner-config + name: local-static-provisioner-config - name: provisioner-dev hostPath: path: /dev - name: local-storage hostPath: path: /mnt/disks ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-storage - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Delete - ---- -# Source: provisioner/templates/provisioner-service-account.yaml - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: local-storage-admin - namespace: default - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - ---- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io - ---- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - diff --git a/helm/generated_examples/baremetal-without-rbac.yaml b/helm/generated_examples/baremetal-without-rbac.yaml index 6cc671d17..32075d3fb 100644 --- a/helm/generated_examples/baremetal-without-rbac.yaml +++ b/helm/generated_examples/baremetal-without-rbac.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config + name: local-static-provisioner-config namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: storageClassMap: | local-storage: @@ -18,28 +31,44 @@ data: - "/scripts/quick_reset.sh" volumeMode: Block --- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +# Source: provisioner/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: - name: local-volume-provisioner + name: local-static-provisioner namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: selector: matchLabels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner template: metadata: labels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner spec: - serviceAccountName: local-storage-admin + serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" name: provisioner securityContext: privileged: true @@ -53,7 +82,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config @@ -66,39 +95,10 @@ spec: volumes: - name: provisioner-config configMap: - name: local-provisioner-config + name: local-static-provisioner-config - name: provisioner-dev hostPath: path: /dev - name: local-storage hostPath: path: /mnt/disks ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-storage - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Delete - ---- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - ---- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - - ---- -# Source: provisioner/templates/provisioner-service-account.yaml - - diff --git a/helm/generated_examples/baremetal.yaml b/helm/generated_examples/baremetal.yaml index bed722ddb..bea91c93c 100644 --- a/helm/generated_examples/baremetal.yaml +++ b/helm/generated_examples/baremetal.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config + name: local-static-provisioner-config namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: storageClassMap: | local-storage: @@ -19,28 +32,97 @@ data: - "2" volumeMode: Block --- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: - name: local-volume-provisioner + name: local-static-provisioner namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: selector: matchLabels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner template: metadata: labels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner spec: - serviceAccountName: local-storage-admin + serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" name: provisioner securityContext: privileged: true @@ -54,7 +136,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config @@ -67,94 +149,10 @@ spec: volumes: - name: provisioner-config configMap: - name: local-provisioner-config + name: local-static-provisioner-config - name: provisioner-dev hostPath: path: /dev - name: local-storage hostPath: path: /mnt/disks ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-storage - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Delete - ---- -# Source: provisioner/templates/provisioner-service-account.yaml - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: local-storage-admin - namespace: default - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - ---- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io - ---- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - diff --git a/helm/generated_examples/gce-pre1.9.yaml b/helm/generated_examples/gce-pre1.9.yaml index afd00457d..a7812a815 100644 --- a/helm/generated_examples/gce-pre1.9.yaml +++ b/helm/generated_examples/gce-pre1.9.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config + name: local-static-provisioner-config namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: useAlphaAPI: "true" useNodeNameOnly: "true" @@ -17,28 +30,97 @@ data: hostDir: /mnt/disks mountDir: /mnt/disks --- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-scsi + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: - name: local-volume-provisioner + name: local-static-provisioner namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: selector: matchLabels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner template: metadata: labels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner spec: - serviceAccountName: local-storage-admin + serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" name: provisioner securityContext: privileged: true @@ -52,7 +134,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config @@ -65,94 +147,10 @@ spec: volumes: - name: provisioner-config configMap: - name: local-provisioner-config + name: local-static-provisioner-config - name: provisioner-dev hostPath: path: /dev - name: local-scsi hostPath: path: /mnt/disks ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-scsi - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Delete - ---- -# Source: provisioner/templates/provisioner-service-account.yaml - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: local-storage-admin - namespace: default - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - ---- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io - ---- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - diff --git a/helm/generated_examples/gce-retain.yaml b/helm/generated_examples/gce-retain.yaml index b4a56abf8..058a12c3e 100644 --- a/helm/generated_examples/gce-retain.yaml +++ b/helm/generated_examples/gce-retain.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config + name: local-static-provisioner-config namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: useNodeNameOnly: "true" storageClassMap: | @@ -19,28 +32,110 @@ data: hostDir: /mnt/disks/by-uuid/google-local-ssds-nvme-fs mountDir: /mnt/disks/by-uuid/google-local-ssds-nvme-fs --- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-scsi + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Retain +--- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-nvme + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Retain +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: - name: local-volume-provisioner + name: local-static-provisioner namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: selector: matchLabels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner template: metadata: labels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner spec: - serviceAccountName: local-storage-admin + serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" name: provisioner securityContext: privileged: true @@ -54,7 +149,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config @@ -70,7 +165,7 @@ spec: volumes: - name: provisioner-config configMap: - name: local-provisioner-config + name: local-static-provisioner-config - name: provisioner-dev hostPath: path: /dev @@ -80,99 +175,3 @@ spec: - name: local-nvme hostPath: path: /mnt/disks/by-uuid/google-local-ssds-nvme-fs ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-scsi - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Retain ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-nvme - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Retain - ---- -# Source: provisioner/templates/provisioner-service-account.yaml - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: local-storage-admin - namespace: default - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - ---- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io - ---- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - diff --git a/helm/generated_examples/gce.yaml b/helm/generated_examples/gce.yaml index 01d0d4dab..5e0429068 100644 --- a/helm/generated_examples/gce.yaml +++ b/helm/generated_examples/gce.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config + name: local-static-provisioner-config namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: useNodeNameOnly: "true" storageClassMap: | @@ -19,28 +32,110 @@ data: hostDir: /mnt/disks/by-uuid/google-local-ssds-nvme-fs mountDir: /mnt/disks/by-uuid/google-local-ssds-nvme-fs --- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-scsi + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-nvme + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: - name: local-volume-provisioner + name: local-static-provisioner namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: selector: matchLabels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner template: metadata: labels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner spec: - serviceAccountName: local-storage-admin + serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" name: provisioner securityContext: privileged: true @@ -54,7 +149,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config @@ -70,7 +165,7 @@ spec: volumes: - name: provisioner-config configMap: - name: local-provisioner-config + name: local-static-provisioner-config - name: provisioner-dev hostPath: path: /dev @@ -80,99 +175,3 @@ spec: - name: local-nvme hostPath: path: /mnt/disks/by-uuid/google-local-ssds-nvme-fs ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-scsi - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Delete ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-nvme - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Delete - ---- -# Source: provisioner/templates/provisioner-service-account.yaml - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: local-storage-admin - namespace: default - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - ---- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io - ---- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - diff --git a/helm/generated_examples/gke.yaml b/helm/generated_examples/gke.yaml index 33bd940bd..5146b32c1 100644 --- a/helm/generated_examples/gke.yaml +++ b/helm/generated_examples/gke.yaml @@ -1,14 +1,27 @@ --- -# Source: provisioner/templates/provisioner.yaml +# Source: provisioner/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +--- +# Source: provisioner/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: - name: local-provisioner-config + name: local-static-provisioner-config namespace: default labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner data: useNodeNameOnly: "true" storageClassMap: | @@ -16,28 +29,97 @@ data: hostDir: /mnt/disks mountDir: /mnt/disks --- +# Source: provisioner/templates/storageclass.yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-scsi + labels: + app.kubernetes.io/managed-by: "Helm" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io +--- +# Source: provisioner/templates/daemonset.yaml apiVersion: apps/v1 kind: DaemonSet metadata: - name: local-volume-provisioner + name: local-static-provisioner namespace: default labels: - app: local-volume-provisioner - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/instance: local-static-provisioner spec: selector: matchLabels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner template: metadata: labels: - app: local-volume-provisioner + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner spec: - serviceAccountName: local-storage-admin + serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" name: provisioner securityContext: privileged: true @@ -51,7 +133,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config @@ -64,94 +146,10 @@ spec: volumes: - name: provisioner-config configMap: - name: local-provisioner-config + name: local-static-provisioner-config - name: provisioner-dev hostPath: path: /dev - name: local-scsi hostPath: path: /mnt/disks ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: local-scsi - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -reclaimPolicy: Delete - ---- -# Source: provisioner/templates/provisioner-service-account.yaml - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: local-storage-admin - namespace: default - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 - ---- -# Source: provisioner/templates/provisioner-cluster-role-binding.yaml - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: "Tiller" - release: "RELEASE-NAME" - chart: provisioner-2.3.4 -subjects: -- kind: ServiceAccount - name: local-storage-admin - namespace: default -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io - ---- -# Source: provisioner/templates/namespace.yaml - - ---- -# Source: provisioner/templates/pod-security-policy.yaml - - diff --git a/helm/generated_examples/helm2/baremetal-cleanbyjobs.yaml b/helm/generated_examples/helm2/baremetal-cleanbyjobs.yaml new file mode 100644 index 000000000..cd4eac32e --- /dev/null +++ b/helm/generated_examples/helm2/baremetal-cleanbyjobs.yaml @@ -0,0 +1,211 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + useJobForCleaning: "yes" + storageClassMap: | + local-storage: + hostDir: /mnt/disks + mountDir: /mnt/disks + blockCleanerCommand: + - "/scripts/quick_reset.sh" + volumeMode: Block + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/rbac.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: local-static-provisioner-jobs-role + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: + - 'batch' + resources: + - jobs + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: local-static-provisioner-jobs-rolebinding + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: Role + name: local-static-provisioner-jobs-role + apiGroup: rbac.authorization.k8s.io + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-storage + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-storage + hostPath: + path: /mnt/disks + +--- +# Source: provisioner/templates/psp.yaml + + +--- +# Source: provisioner/templates/servicemonitor.yaml + + diff --git a/helm/generated_examples/helm2/baremetal-default-storage.yaml b/helm/generated_examples/helm2/baremetal-default-storage.yaml new file mode 100644 index 000000000..f30e8fc0c --- /dev/null +++ b/helm/generated_examples/helm2/baremetal-default-storage.yaml @@ -0,0 +1,173 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + storageClassMap: | + local-storage: + hostDir: /mnt/disks + mountDir: /mnt/disks + volumeMode: Filesystem + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + annotations: + storageclass.kubernetes.io/is-default-class: "true" + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/rbac.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-storage + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-storage + hostPath: + path: /mnt/disks + +--- +# Source: provisioner/templates/psp.yaml + + +--- +# Source: provisioner/templates/servicemonitor.yaml + + diff --git a/helm/generated_examples/helm2/baremetal-nodeselector.yaml b/helm/generated_examples/helm2/baremetal-nodeselector.yaml new file mode 100644 index 000000000..dd9371fdf --- /dev/null +++ b/helm/generated_examples/helm2/baremetal-nodeselector.yaml @@ -0,0 +1,176 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + storageClassMap: | + local-storage: + hostDir: /mnt/disks + mountDir: /mnt/disks + blockCleanerCommand: + - "/scripts/shred.sh" + - "2" + volumeMode: Block + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/rbac.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + nodeSelector: + localVolume: present + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-storage + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-storage + hostPath: + path: /mnt/disks + +--- +# Source: provisioner/templates/psp.yaml + + +--- +# Source: provisioner/templates/servicemonitor.yaml + + diff --git a/helm/generated_examples/helm2/baremetal-priority-critical.yaml b/helm/generated_examples/helm2/baremetal-priority-critical.yaml new file mode 100644 index 000000000..2b65fdd30 --- /dev/null +++ b/helm/generated_examples/helm2/baremetal-priority-critical.yaml @@ -0,0 +1,175 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + storageClassMap: | + local-storage: + hostDir: /mnt/disks + mountDir: /mnt/disks + blockCleanerCommand: + - "/scripts/shred.sh" + - "2" + volumeMode: Block + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/rbac.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + priorityClassName: system-node-critical + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-storage + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-storage + hostPath: + path: /mnt/disks + +--- +# Source: provisioner/templates/psp.yaml + + +--- +# Source: provisioner/templates/servicemonitor.yaml + + diff --git a/helm/generated_examples/helm2/baremetal-priority-noncritical.yaml b/helm/generated_examples/helm2/baremetal-priority-noncritical.yaml new file mode 100644 index 000000000..d68f0c40e --- /dev/null +++ b/helm/generated_examples/helm2/baremetal-priority-noncritical.yaml @@ -0,0 +1,175 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + storageClassMap: | + local-storage: + hostDir: /mnt/disks + mountDir: /mnt/disks + blockCleanerCommand: + - "/scripts/shred.sh" + - "2" + volumeMode: Block + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/rbac.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + priorityClassName: priority-important + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-storage + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-storage + hostPath: + path: /mnt/disks + +--- +# Source: provisioner/templates/psp.yaml + + +--- +# Source: provisioner/templates/servicemonitor.yaml + + diff --git a/helm/generated_examples/helm2/baremetal-prometheus.yaml b/helm/generated_examples/helm2/baremetal-prometheus.yaml new file mode 100644 index 000000000..28cdf22b0 --- /dev/null +++ b/helm/generated_examples/helm2/baremetal-prometheus.yaml @@ -0,0 +1,221 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + storageClassMap: | + local-storage: + hostDir: /mnt/disks + mountDir: /mnt/disks + blockCleanerCommand: + - "/scripts/shred.sh" + - "2" + volumeMode: Block + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/rbac.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io + +--- +# Source: provisioner/templates/servicemonitor.yaml + +--- +apiVersion: v1 +kind: Service +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + type: ClusterIP + ports: + - port: 8080 + targetPort: 8080 + name: metrics + selector: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + jobLabel: app.kubernetes.io/name + endpoints: + - port: metrics + interval: 10s + scheme: http + namespaceSelector: + matchNames: + - default + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + ports: + - containerPort: 8080 + name: metrics + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-storage + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-storage + hostPath: + path: /mnt/disks + +--- +# Source: provisioner/templates/psp.yaml + + diff --git a/helm/generated_examples/helm2/baremetal-resyncperiod.yaml b/helm/generated_examples/helm2/baremetal-resyncperiod.yaml new file mode 100644 index 000000000..3d0909f21 --- /dev/null +++ b/helm/generated_examples/helm2/baremetal-resyncperiod.yaml @@ -0,0 +1,174 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + minResyncPeriod: "1h" + storageClassMap: | + local-storage: + hostDir: /mnt/disks + mountDir: /mnt/disks + blockCleanerCommand: + - "/scripts/quick_reset.sh" + volumeMode: Block + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/rbac.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-storage + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-storage + hostPath: + path: /mnt/disks + +--- +# Source: provisioner/templates/psp.yaml + + +--- +# Source: provisioner/templates/servicemonitor.yaml + + diff --git a/helm/generated_examples/helm2/baremetal-tolerations.yaml b/helm/generated_examples/helm2/baremetal-tolerations.yaml new file mode 100644 index 000000000..f38b81785 --- /dev/null +++ b/helm/generated_examples/helm2/baremetal-tolerations.yaml @@ -0,0 +1,177 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + storageClassMap: | + local-storage: + hostDir: /mnt/disks + mountDir: /mnt/disks + blockCleanerCommand: + - "/scripts/shred.sh" + - "2" + volumeMode: Block + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/rbac.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-storage + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-storage + hostPath: + path: /mnt/disks + +--- +# Source: provisioner/templates/psp.yaml + + +--- +# Source: provisioner/templates/servicemonitor.yaml + + diff --git a/helm/generated_examples/helm2/baremetal-with-resource-limits.yaml b/helm/generated_examples/helm2/baremetal-with-resource-limits.yaml new file mode 100644 index 000000000..2c1fa682a --- /dev/null +++ b/helm/generated_examples/helm2/baremetal-with-resource-limits.yaml @@ -0,0 +1,181 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + storageClassMap: | + local-storage: + hostDir: /mnt/disks + mountDir: /mnt/disks + blockCleanerCommand: + - "/scripts/shred.sh" + - "2" + volumeMode: Block + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/rbac.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + resources: + limits: + cpu: 100m + memory: 200Mi + requests: + cpu: 50m + memory: 100Mi + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-storage + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-storage + hostPath: + path: /mnt/disks + +--- +# Source: provisioner/templates/psp.yaml + + +--- +# Source: provisioner/templates/servicemonitor.yaml + + diff --git a/helm/generated_examples/helm2/baremetal-without-rbac.yaml b/helm/generated_examples/helm2/baremetal-without-rbac.yaml new file mode 100644 index 000000000..9836473b1 --- /dev/null +++ b/helm/generated_examples/helm2/baremetal-without-rbac.yaml @@ -0,0 +1,124 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + storageClassMap: | + local-storage: + hostDir: /mnt/disks + mountDir: /mnt/disks + blockCleanerCommand: + - "/scripts/quick_reset.sh" + volumeMode: Block + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-storage + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-storage + hostPath: + path: /mnt/disks + +--- +# Source: provisioner/templates/psp.yaml + + +--- +# Source: provisioner/templates/rbac.yaml + + +--- +# Source: provisioner/templates/servicemonitor.yaml + + diff --git a/helm/generated_examples/helm2/baremetal.yaml b/helm/generated_examples/helm2/baremetal.yaml new file mode 100644 index 000000000..69ba9b271 --- /dev/null +++ b/helm/generated_examples/helm2/baremetal.yaml @@ -0,0 +1,174 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + storageClassMap: | + local-storage: + hostDir: /mnt/disks + mountDir: /mnt/disks + blockCleanerCommand: + - "/scripts/shred.sh" + - "2" + volumeMode: Block + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/rbac.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-storage + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-storage + hostPath: + path: /mnt/disks + +--- +# Source: provisioner/templates/psp.yaml + + +--- +# Source: provisioner/templates/servicemonitor.yaml + + diff --git a/helm/generated_examples/helm2/gce-pre1.9.yaml b/helm/generated_examples/helm2/gce-pre1.9.yaml new file mode 100644 index 000000000..ea3e3851a --- /dev/null +++ b/helm/generated_examples/helm2/gce-pre1.9.yaml @@ -0,0 +1,172 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + useAlphaAPI: "true" + useNodeNameOnly: "true" + storageClassMap: | + local-scsi: + hostDir: /mnt/disks + mountDir: /mnt/disks + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-scsi + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/rbac.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-scsi + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-scsi + hostPath: + path: /mnt/disks + +--- +# Source: provisioner/templates/psp.yaml + + +--- +# Source: provisioner/templates/servicemonitor.yaml + + diff --git a/helm/generated_examples/helm2/gce-retain.yaml b/helm/generated_examples/helm2/gce-retain.yaml new file mode 100644 index 000000000..661de4feb --- /dev/null +++ b/helm/generated_examples/helm2/gce-retain.yaml @@ -0,0 +1,192 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + useNodeNameOnly: "true" + storageClassMap: | + local-scsi: + hostDir: /mnt/disks/by-uuid/google-local-ssds-scsi-fs + mountDir: /mnt/disks/by-uuid/google-local-ssds-scsi-fs + local-nvme: + hostDir: /mnt/disks/by-uuid/google-local-ssds-nvme-fs + mountDir: /mnt/disks/by-uuid/google-local-ssds-nvme-fs + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-scsi + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Retain +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-nvme + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Retain + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/rbac.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks/by-uuid/google-local-ssds-scsi-fs + name: local-scsi + mountPropagation: "HostToContainer" + - mountPath: /mnt/disks/by-uuid/google-local-ssds-nvme-fs + name: local-nvme + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-scsi + hostPath: + path: /mnt/disks/by-uuid/google-local-ssds-scsi-fs + - name: local-nvme + hostPath: + path: /mnt/disks/by-uuid/google-local-ssds-nvme-fs + +--- +# Source: provisioner/templates/psp.yaml + + +--- +# Source: provisioner/templates/servicemonitor.yaml + + diff --git a/helm/generated_examples/helm2/gce.yaml b/helm/generated_examples/helm2/gce.yaml new file mode 100644 index 000000000..4ede142f1 --- /dev/null +++ b/helm/generated_examples/helm2/gce.yaml @@ -0,0 +1,192 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + useNodeNameOnly: "true" + storageClassMap: | + local-scsi: + hostDir: /mnt/disks/by-uuid/google-local-ssds-scsi-fs + mountDir: /mnt/disks/by-uuid/google-local-ssds-scsi-fs + local-nvme: + hostDir: /mnt/disks/by-uuid/google-local-ssds-nvme-fs + mountDir: /mnt/disks/by-uuid/google-local-ssds-nvme-fs + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-scsi + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-nvme + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/rbac.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks/by-uuid/google-local-ssds-scsi-fs + name: local-scsi + mountPropagation: "HostToContainer" + - mountPath: /mnt/disks/by-uuid/google-local-ssds-nvme-fs + name: local-nvme + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-scsi + hostPath: + path: /mnt/disks/by-uuid/google-local-ssds-scsi-fs + - name: local-nvme + hostPath: + path: /mnt/disks/by-uuid/google-local-ssds-nvme-fs + +--- +# Source: provisioner/templates/psp.yaml + + +--- +# Source: provisioner/templates/servicemonitor.yaml + + diff --git a/helm/generated_examples/helm2/gke.yaml b/helm/generated_examples/helm2/gke.yaml new file mode 100644 index 000000000..7590504f0 --- /dev/null +++ b/helm/generated_examples/helm2/gke.yaml @@ -0,0 +1,171 @@ +--- +# Source: provisioner/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-static-provisioner-config + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +data: + useNodeNameOnly: "true" + storageClassMap: | + local-scsi: + hostDir: /mnt/disks + mountDir: /mnt/disks + +--- +# Source: provisioner/templates/storageclass.yaml + +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-scsi + labels: + app.kubernetes.io/managed-by: "Tiller" + app.kubernetes.io/instance: "local-static-provisioner" + helm.sh/chart: provisioner-3.0.0 +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/serviceaccount.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner + +--- +# Source: provisioner/templates/rbac.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-pv-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-static-provisioner-node-clusterrole + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-static-provisioner-node-binding + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +subjects: +- kind: ServiceAccount + name: local-static-provisioner + namespace: default +roleRef: + kind: ClusterRole + name: local-static-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io + +--- +# Source: provisioner/templates/daemonset.yaml +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: local-static-provisioner + namespace: default + labels: + helm.sh/chart: provisioner-3.0.0 + app.kubernetes.io/name: provisioner + app.kubernetes.io/managed-by: Tiller + app.kubernetes.io/instance: local-static-provisioner +spec: + selector: + matchLabels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + template: + metadata: + labels: + app.kubernetes.io/name: provisioner + app.kubernetes.io/instance: local-static-provisioner + spec: + serviceAccountName: local-static-provisioner + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-scsi + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-static-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-scsi + hostPath: + path: /mnt/disks + +--- +# Source: provisioner/templates/psp.yaml + + +--- +# Source: provisioner/templates/servicemonitor.yaml + + From 3635d9b8b8e7e37e8e0d40a4cdaf65147dad6dfc Mon Sep 17 00:00:00 2001 From: Hendrik Ferber Date: Thu, 27 Feb 2020 19:37:40 +0100 Subject: [PATCH 4/7] adjusted example helm values --- helm/examples/baremetal-namespace.yaml | 10 ---------- helm/examples/baremetal-priority-critical.yaml | 2 -- helm/examples/baremetal-prometheus.yaml | 5 ++--- helm/examples/baremetal-without-rbac.yaml | 3 ++- 4 files changed, 4 insertions(+), 16 deletions(-) delete mode 100644 helm/examples/baremetal-namespace.yaml diff --git a/helm/examples/baremetal-namespace.yaml b/helm/examples/baremetal-namespace.yaml deleted file mode 100644 index d93dfff1e..000000000 --- a/helm/examples/baremetal-namespace.yaml +++ /dev/null @@ -1,10 +0,0 @@ -common: - namespace: local-provisioner - createNamespace: true -classes: -- name: local-storage - hostDir: /mnt/disks - blockCleanerCommand: - - "/scripts/quick_reset.sh" - volumeMode: Block - storageClass: true diff --git a/helm/examples/baremetal-priority-critical.yaml b/helm/examples/baremetal-priority-critical.yaml index ec0a2ab32..62ee02e30 100644 --- a/helm/examples/baremetal-priority-critical.yaml +++ b/helm/examples/baremetal-priority-critical.yaml @@ -14,7 +14,5 @@ classes: # - "/scripts/blkdiscard.sh" volumeMode: Block storageClass: true -common: - namespace: kube-system daemonset: priorityClassName: system-node-critical diff --git a/helm/examples/baremetal-prometheus.yaml b/helm/examples/baremetal-prometheus.yaml index 32ac50a17..c2a356adf 100644 --- a/helm/examples/baremetal-prometheus.yaml +++ b/helm/examples/baremetal-prometheus.yaml @@ -14,6 +14,5 @@ classes: # - "/scripts/blkdiscard.sh" volumeMode: Block storageClass: true -prometheus: - operator: - enabled: true +serviceMonitor: + enabled: true diff --git a/helm/examples/baremetal-without-rbac.yaml b/helm/examples/baremetal-without-rbac.yaml index 00defbddc..475117ee0 100644 --- a/helm/examples/baremetal-without-rbac.yaml +++ b/helm/examples/baremetal-without-rbac.yaml @@ -1,5 +1,6 @@ common: - rbac: false + rbac: + create: false classes: - name: local-storage hostDir: /mnt/disks From 1b102dcbc3ca073064060ddf8e90a7ebbe314a63 Mon Sep 17 00:00:00 2001 From: Hendrik Ferber Date: Thu, 27 Feb 2020 19:38:35 +0100 Subject: [PATCH 5/7] adjusted changelog and readme for helm v2/v3 --- CHANGELOG.md | 4 ++ helm/README.md | 121 +++++++++++++++++++++++++++++++++++++++++-------- 2 files changed, 107 insertions(+), 18 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d09a792aa..b64e3bd1b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # HEAD +helm chart refactoring: +- **Action required**\ + As the helm-chart structure changed the already running pod will be recreated during upgrade. Documentation can be found under [helm/README.md](./helm/README.md). Compare your existing values with the new chart parameter before upgrade. [#171](https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner/pull/171) + # [v2.3.4](https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner/releases/tag/v2.3.4) Image updates: diff --git a/helm/README.md b/helm/README.md index 12001c8e3..876b2f367 100644 --- a/helm/README.md +++ b/helm/README.md @@ -9,8 +9,12 @@ local-volume-provisioner in your Kubernetes with `helm install` directly. - [Install Helm](#install-helm) - [Custom your deployment with values file](#custom-your-deployment-with-values-file) - [Install local-volume-provisioner](#install-local-volume-provisioner) - * [Generate yaml files with `helm template` and install with `kubectl`](#generate-yaml-files-with-helm-template-and-install-with-kubectl) - * [Install with `helm install` directly](#install-with-helm-install-directly) +- [helm version < v3.0.0](#helm-version-lt-v3.0.0) + * [Generate yaml files with `helm template` and install with `kubectl`](#generate-yaml-files-with-helm-template-and-install-with-kubectl) + * [Install with `helm install` directly](#install-with-helm-install-directly) +- [helm version >= v3.0.0](#helm-version-gt-v3.0.0) + * [Generate yaml files with `helm template` and install with `kubectl`](#generate-yaml-files-with-helm-template-and-install-with-kubectl1) + * [Install with `helm install` directly](#install-with-helm-install-directly1) - [Configurations](#configurations) - [Examples](#examples) @@ -20,12 +24,11 @@ Please follow [official instructions](https://helm.sh/docs/using_helm/#installing-helm) to install `helm` client and server in your Kubernetes cluster. -Required helm version: >= 2.7.2+, < 3.0.0 +Required helm version: >= 2.7.2+ ## Custom your deployment with values file -Our chart provides a variety of options to configure deployment, see [a -full list of them](TODO). +Our chart provides a variety of options to configure deployment, see [provisioner/values.yaml](./provisioner/values.yaml). And there are [a lot of examples](TODO) to help you get started quickly. @@ -46,11 +49,13 @@ as needed (usually not necessary), and then deployed using kubectl. Here is basic workflow: -Install: +### helm version < v3.0.0 + +Install via helm template: ```console $ git clone --depth=1 https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner.git -$ helm template ./helm/provisioner -f > local-volume-provisioner.generated.yaml +$ helm template ./helm/provisioner -f --name --namespace > local-volume-provisioner.generated.yaml # edit local-volume-provisioner.generated.yaml if necessary $ kubectl create -f local-volume-provisioner.generated.yaml ``` @@ -61,6 +66,18 @@ Delete: $ kubectl delete -f local-volume-provisioner.generated.yaml ``` +Upgrade: + +**Update your custom values to match the new chart parameter** +```console +# Teardown the old provisioner +$ kubectl delete -f local-volume-provisioner.generated.yaml + +# Update your custom values to match the new chart parameter + +# Apply the new generated.yaml +$ kubectl create -f local-volume-provisioner.generated.yaml +``` ### Install with `helm install` directly Helm provides an easy interface to install applications and sources into @@ -81,6 +98,74 @@ Delete: $ helm delete --purge ``` +Upgrade: **This action will `recreate` the running pod** + +**Update your custom values to match the new chart parameter** +``` +$ helm upgrade ./helm/provisioner -f +``` + +### helm version >= v3.0.0 + +Install via helm template: + +```console +$ git clone --depth=1 https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner.git +$ helm template -f --namespace ./helm/provisioner > local-volume-provisioner.generated.yaml +# edit local-volume-provisioner.generated.yaml if necessary +$ kubectl create -f local-volume-provisioner.generated.yaml +``` + +Delete: + +```console +$ kubectl delete -f local-volume-provisioner.generated.yaml +``` + +Upgrade: + +**Update your custom values to match the new chart parameter** +```console +# Teardown the old provisioner +$ kubectl delete -f local-volume-provisioner.generated.yaml + +# Update your custom values to match the new chart parameter + +# Apply the new generated.yaml +$ kubectl create -f local-volume-provisioner.generated.yaml +``` + +### Install with `helm install` directly + +Helm provides an easy interface to install applications and sources into +Kubernetes cluster. You can install local-volume-provisioner with `helm +install` command directly. Here is basic workflow: + +Install: + +```console +$ helm install -f --namespace ./helm/provisioner +``` + +Note: set your preferred namespace and release name, e.g. `helm install -f helm/examples/gke.yaml local-volume-provisioner --namespace kube-system ./helm/provisioner` + +Delete: + +``` +$ helm uninstall --namespace +``` + +Upgrade: **This action will `recreate` the running pod** + +**Update your custom values to match the new chart parameter** + +``` +$ helm upgrade --reset-value -f --namespace ./helm/provisioner +``` +`--reset-values` will reset custom values to the values from the new chart version. `-f` apply the custom values file on top. + + + Please refer [helm docs](https://helm.sh/docs/using_helm/#using-helm) for more information. @@ -91,15 +176,14 @@ provisioner chart and their default values. | Parameter | Description | Type | Default | | --- | --- | --- | --- | -| common.rbac | Generating RBAC (Role Based Access Control) objects. | bool | `true` | -| common.namespace | Namespace where provisioner runs. | str | `default` | -| common.createNamespace | Whether to create namespace for provisioner. | bool | `false` | +| common.rbac.create | if `true`, create and use RBAC resources | bool | `true` | +| common.rbac.pspEnabled | If `true`, create and use a restricted pod security policy | bool | `false` | +| common.serviceAccount.create | if `true`, create serviceaccount in .Release.Namespace | bool | `true` | +| common.serviceAccount.name | if set serviceaccount if the given name will be created | str | `""` | | common.useAlphaAPI | If running against pre-1.10 k8s version, the `useAlphaAPI` flag must be enabled. | bool | `false` | | common.useJobForCleaning | If set to true, provisioner will use jobs-based block cleaning. | bool | `false` | | common.useNodeNameOnly | If set to true, provisioner name will only use Node.Name and not Node.UID. | bool | `false` | | common.minResyncPeriod | Resync period in reflectors will be random between `minResyncPeriod` and `2*minResyncPeriod`. | str | `5m0s` | -| common.configMapName | Provisioner ConfigMap name. | str | `local-provisioner-config` | -| common.podSecurityPolicy | Whether to create pod security policy or not. | bool | `false` | | common.setPVOwnerRef | If set to true, PVs are set to be dependents of the owner Node. | bool | `false` | | classes.[n].name | StorageClass name. | str | `-` | | classes.[n].hostDir | Path on the host where local volumes of this storage class are mounted under. | str | `-` | @@ -110,20 +194,21 @@ provisioner chart and their default values. | classes.[n].storageClass | Create storage class for this class and configure it optionally. | bool/map | `false` | | classes.[n].storageClass.reclaimPolicy | Specify reclaimPolicy of storage class, available: Delete/Retain. | str | `Delete` | | classes.[n].storageClass.isDefaultClass | Set storage class as default | bool | `false` | -| daemonset.name | Provisioner DaemonSet name. | str | `local-volume-provisioner` | | daemonset.image | Provisioner image. | str | `quay.io/external_storage/local-volume-provisioner:v2.1.0` | | daemonset.imagePullPolicy | Provisioner DaemonSet image pull policy. | str | `-` | -| daemonset.serviceAccount | Provisioner DaemonSet service account. | str | `local-storage-admin` | | daemonset.priorityClassName | Provisioner DaemonSet Pod Priority Class name. | str | `` | | daemonset.kubeConfigEnv | Specify the location of kubernetes config file. | str | `-` | | daemonset.nodeLabels | List of node labels to be copied to the PVs created by the provisioner. | list | `-` | | daemonset.nodeSelector | NodeSelector constraint on nodes eligible to run the provisioner. | map | `-` | | daemonset.tolerations | List of tolerations to be applied to the Provisioner DaemonSet. | list | `-` | | daemonset.resources | Map of resource request and limits to be applied to the Provisioner Daemonset. | map | `-` | -| prometheus.operator.enabled | If set to true, will configure Prometheus monitoring | bool | `false` | -| prometheus.operator.serviceMonitor.interval | Interval at which Prometheus scrapes the provisioner | str | `10s` | -| prometheus.operator.serviceMonitor.namespace | The namespace Prometheus is installed in | str | `monitoring` | -| prometheus.operator.serviceMonitor.selector | The Prometheus selector label | map | `prometheus: kube-prometheus` | +| serviceMonitor.enabled | If set to true, Prometheus servicemonitor will be applied | bool | `false` | +| serviceMonitor.interval | Interval at which Prometheus scrapes the provisioner | str | `10s` | +| serviceMonitor.namespace | The namespace Prometheus servicemonitor will be installed | str | `.Release.Namespace` | +| serviceMonitor.additionalLabels | Additional labels for the servicemonitor | map | `-` | +| serviceMonitor.relabelings | Additional metrics relabel_config | lists | `-` | +| nameOverride | Override default chartname | str | `""` | +| fullnameOverride | Override default releasename | str | `""` | Note: `classes` is a list of objects, you can specify one or more classes. From 3004ec8c4d2a1e82384237de1f66b814df1ca1cc Mon Sep 17 00:00:00 2001 From: Hendrik Ferber Date: Thu, 27 Feb 2020 19:48:44 +0100 Subject: [PATCH 6/7] changed image version to v2.3.4 --- helm/generated_examples/baremetal-cleanbyjobs.yaml | 4 ++-- helm/generated_examples/baremetal-default-storage.yaml | 4 ++-- helm/generated_examples/baremetal-nodeselector.yaml | 4 ++-- helm/generated_examples/baremetal-priority-critical.yaml | 4 ++-- helm/generated_examples/baremetal-priority-noncritical.yaml | 4 ++-- helm/generated_examples/baremetal-prometheus.yaml | 4 ++-- helm/generated_examples/baremetal-resyncperiod.yaml | 4 ++-- helm/generated_examples/baremetal-tolerations.yaml | 4 ++-- helm/generated_examples/baremetal-with-resource-limits.yaml | 4 ++-- helm/generated_examples/baremetal-without-rbac.yaml | 4 ++-- helm/generated_examples/baremetal.yaml | 4 ++-- helm/generated_examples/gce-pre1.9.yaml | 4 ++-- helm/generated_examples/gce-retain.yaml | 4 ++-- helm/generated_examples/gce.yaml | 4 ++-- helm/generated_examples/gke.yaml | 4 ++-- helm/generated_examples/helm2/baremetal-cleanbyjobs.yaml | 4 ++-- helm/generated_examples/helm2/baremetal-default-storage.yaml | 4 ++-- helm/generated_examples/helm2/baremetal-nodeselector.yaml | 4 ++-- .../generated_examples/helm2/baremetal-priority-critical.yaml | 4 ++-- .../helm2/baremetal-priority-noncritical.yaml | 4 ++-- helm/generated_examples/helm2/baremetal-prometheus.yaml | 4 ++-- helm/generated_examples/helm2/baremetal-resyncperiod.yaml | 4 ++-- helm/generated_examples/helm2/baremetal-tolerations.yaml | 4 ++-- .../helm2/baremetal-with-resource-limits.yaml | 4 ++-- helm/generated_examples/helm2/baremetal-without-rbac.yaml | 4 ++-- helm/generated_examples/helm2/baremetal.yaml | 4 ++-- helm/generated_examples/helm2/gce-pre1.9.yaml | 4 ++-- helm/generated_examples/helm2/gce-retain.yaml | 4 ++-- helm/generated_examples/helm2/gce.yaml | 4 ++-- helm/generated_examples/helm2/gke.yaml | 4 ++-- helm/provisioner/values.yaml | 2 +- 31 files changed, 61 insertions(+), 61 deletions(-) diff --git a/helm/generated_examples/baremetal-cleanbyjobs.yaml b/helm/generated_examples/baremetal-cleanbyjobs.yaml index 35a5cd051..248ebcfaa 100644 --- a/helm/generated_examples/baremetal-cleanbyjobs.yaml +++ b/helm/generated_examples/baremetal-cleanbyjobs.yaml @@ -161,7 +161,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -175,7 +175,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/baremetal-default-storage.yaml b/helm/generated_examples/baremetal-default-storage.yaml index 9475bd7f2..8388825c8 100644 --- a/helm/generated_examples/baremetal-default-storage.yaml +++ b/helm/generated_examples/baremetal-default-storage.yaml @@ -121,7 +121,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -135,7 +135,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/baremetal-nodeselector.yaml b/helm/generated_examples/baremetal-nodeselector.yaml index 7e905acdc..a1a89fabe 100644 --- a/helm/generated_examples/baremetal-nodeselector.yaml +++ b/helm/generated_examples/baremetal-nodeselector.yaml @@ -124,7 +124,7 @@ spec: nodeSelector: localVolume: present containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -138,7 +138,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/baremetal-priority-critical.yaml b/helm/generated_examples/baremetal-priority-critical.yaml index 26d3070a0..ffd7c209d 100644 --- a/helm/generated_examples/baremetal-priority-critical.yaml +++ b/helm/generated_examples/baremetal-priority-critical.yaml @@ -123,7 +123,7 @@ spec: serviceAccountName: local-static-provisioner priorityClassName: system-node-critical containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -137,7 +137,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/baremetal-priority-noncritical.yaml b/helm/generated_examples/baremetal-priority-noncritical.yaml index 0520d1dbb..04964fd42 100644 --- a/helm/generated_examples/baremetal-priority-noncritical.yaml +++ b/helm/generated_examples/baremetal-priority-noncritical.yaml @@ -123,7 +123,7 @@ spec: serviceAccountName: local-static-provisioner priorityClassName: priority-important containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -137,7 +137,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/baremetal-prometheus.yaml b/helm/generated_examples/baremetal-prometheus.yaml index 01a9749d3..a41991b5e 100644 --- a/helm/generated_examples/baremetal-prometheus.yaml +++ b/helm/generated_examples/baremetal-prometheus.yaml @@ -143,7 +143,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -157,7 +157,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" ports: - containerPort: 8080 name: metrics diff --git a/helm/generated_examples/baremetal-resyncperiod.yaml b/helm/generated_examples/baremetal-resyncperiod.yaml index 875b0ac2d..d5500be03 100644 --- a/helm/generated_examples/baremetal-resyncperiod.yaml +++ b/helm/generated_examples/baremetal-resyncperiod.yaml @@ -122,7 +122,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -136,7 +136,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/baremetal-tolerations.yaml b/helm/generated_examples/baremetal-tolerations.yaml index 0e6d8666e..1f589d6c5 100644 --- a/helm/generated_examples/baremetal-tolerations.yaml +++ b/helm/generated_examples/baremetal-tolerations.yaml @@ -125,7 +125,7 @@ spec: - effect: NoSchedule key: node-role.kubernetes.io/master containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -139,7 +139,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/baremetal-with-resource-limits.yaml b/helm/generated_examples/baremetal-with-resource-limits.yaml index 3a8271521..a5985f43e 100644 --- a/helm/generated_examples/baremetal-with-resource-limits.yaml +++ b/helm/generated_examples/baremetal-with-resource-limits.yaml @@ -122,7 +122,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -143,7 +143,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/baremetal-without-rbac.yaml b/helm/generated_examples/baremetal-without-rbac.yaml index 32075d3fb..0aec1763a 100644 --- a/helm/generated_examples/baremetal-without-rbac.yaml +++ b/helm/generated_examples/baremetal-without-rbac.yaml @@ -68,7 +68,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -82,7 +82,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/baremetal.yaml b/helm/generated_examples/baremetal.yaml index bea91c93c..067e5f65f 100644 --- a/helm/generated_examples/baremetal.yaml +++ b/helm/generated_examples/baremetal.yaml @@ -122,7 +122,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -136,7 +136,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/gce-pre1.9.yaml b/helm/generated_examples/gce-pre1.9.yaml index a7812a815..76fc7146f 100644 --- a/helm/generated_examples/gce-pre1.9.yaml +++ b/helm/generated_examples/gce-pre1.9.yaml @@ -120,7 +120,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -134,7 +134,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/gce-retain.yaml b/helm/generated_examples/gce-retain.yaml index 058a12c3e..f8d94050e 100644 --- a/helm/generated_examples/gce-retain.yaml +++ b/helm/generated_examples/gce-retain.yaml @@ -135,7 +135,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -149,7 +149,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/gce.yaml b/helm/generated_examples/gce.yaml index 5e0429068..be84b704f 100644 --- a/helm/generated_examples/gce.yaml +++ b/helm/generated_examples/gce.yaml @@ -135,7 +135,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -149,7 +149,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/gke.yaml b/helm/generated_examples/gke.yaml index 5146b32c1..7235d0261 100644 --- a/helm/generated_examples/gke.yaml +++ b/helm/generated_examples/gke.yaml @@ -119,7 +119,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -133,7 +133,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/helm2/baremetal-cleanbyjobs.yaml b/helm/generated_examples/helm2/baremetal-cleanbyjobs.yaml index cd4eac32e..42a4be900 100644 --- a/helm/generated_examples/helm2/baremetal-cleanbyjobs.yaml +++ b/helm/generated_examples/helm2/baremetal-cleanbyjobs.yaml @@ -166,7 +166,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -180,7 +180,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/helm2/baremetal-default-storage.yaml b/helm/generated_examples/helm2/baremetal-default-storage.yaml index f30e8fc0c..56fa7033a 100644 --- a/helm/generated_examples/helm2/baremetal-default-storage.yaml +++ b/helm/generated_examples/helm2/baremetal-default-storage.yaml @@ -128,7 +128,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -142,7 +142,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/helm2/baremetal-nodeselector.yaml b/helm/generated_examples/helm2/baremetal-nodeselector.yaml index dd9371fdf..f35bb4bd6 100644 --- a/helm/generated_examples/helm2/baremetal-nodeselector.yaml +++ b/helm/generated_examples/helm2/baremetal-nodeselector.yaml @@ -131,7 +131,7 @@ spec: nodeSelector: localVolume: present containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -145,7 +145,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/helm2/baremetal-priority-critical.yaml b/helm/generated_examples/helm2/baremetal-priority-critical.yaml index 2b65fdd30..d9d3be8a2 100644 --- a/helm/generated_examples/helm2/baremetal-priority-critical.yaml +++ b/helm/generated_examples/helm2/baremetal-priority-critical.yaml @@ -130,7 +130,7 @@ spec: serviceAccountName: local-static-provisioner priorityClassName: system-node-critical containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -144,7 +144,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/helm2/baremetal-priority-noncritical.yaml b/helm/generated_examples/helm2/baremetal-priority-noncritical.yaml index d68f0c40e..ba4061830 100644 --- a/helm/generated_examples/helm2/baremetal-priority-noncritical.yaml +++ b/helm/generated_examples/helm2/baremetal-priority-noncritical.yaml @@ -130,7 +130,7 @@ spec: serviceAccountName: local-static-provisioner priorityClassName: priority-important containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -144,7 +144,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/helm2/baremetal-prometheus.yaml b/helm/generated_examples/helm2/baremetal-prometheus.yaml index 28cdf22b0..88c7eea54 100644 --- a/helm/generated_examples/helm2/baremetal-prometheus.yaml +++ b/helm/generated_examples/helm2/baremetal-prometheus.yaml @@ -177,7 +177,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -191,7 +191,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" ports: - containerPort: 8080 name: metrics diff --git a/helm/generated_examples/helm2/baremetal-resyncperiod.yaml b/helm/generated_examples/helm2/baremetal-resyncperiod.yaml index 3d0909f21..660f2f12e 100644 --- a/helm/generated_examples/helm2/baremetal-resyncperiod.yaml +++ b/helm/generated_examples/helm2/baremetal-resyncperiod.yaml @@ -129,7 +129,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -143,7 +143,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/helm2/baremetal-tolerations.yaml b/helm/generated_examples/helm2/baremetal-tolerations.yaml index f38b81785..3306c7928 100644 --- a/helm/generated_examples/helm2/baremetal-tolerations.yaml +++ b/helm/generated_examples/helm2/baremetal-tolerations.yaml @@ -132,7 +132,7 @@ spec: - effect: NoSchedule key: node-role.kubernetes.io/master containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -146,7 +146,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/helm2/baremetal-with-resource-limits.yaml b/helm/generated_examples/helm2/baremetal-with-resource-limits.yaml index 2c1fa682a..b827a98a6 100644 --- a/helm/generated_examples/helm2/baremetal-with-resource-limits.yaml +++ b/helm/generated_examples/helm2/baremetal-with-resource-limits.yaml @@ -129,7 +129,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -150,7 +150,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/helm2/baremetal-without-rbac.yaml b/helm/generated_examples/helm2/baremetal-without-rbac.yaml index 9836473b1..ab7f97659 100644 --- a/helm/generated_examples/helm2/baremetal-without-rbac.yaml +++ b/helm/generated_examples/helm2/baremetal-without-rbac.yaml @@ -75,7 +75,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -89,7 +89,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/helm2/baremetal.yaml b/helm/generated_examples/helm2/baremetal.yaml index 69ba9b271..cf7106679 100644 --- a/helm/generated_examples/helm2/baremetal.yaml +++ b/helm/generated_examples/helm2/baremetal.yaml @@ -129,7 +129,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -143,7 +143,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/helm2/gce-pre1.9.yaml b/helm/generated_examples/helm2/gce-pre1.9.yaml index ea3e3851a..b7d5f6cd3 100644 --- a/helm/generated_examples/helm2/gce-pre1.9.yaml +++ b/helm/generated_examples/helm2/gce-pre1.9.yaml @@ -127,7 +127,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -141,7 +141,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/helm2/gce-retain.yaml b/helm/generated_examples/helm2/gce-retain.yaml index 661de4feb..67a7fa1a4 100644 --- a/helm/generated_examples/helm2/gce-retain.yaml +++ b/helm/generated_examples/helm2/gce-retain.yaml @@ -141,7 +141,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -155,7 +155,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/helm2/gce.yaml b/helm/generated_examples/helm2/gce.yaml index 4ede142f1..be09676cb 100644 --- a/helm/generated_examples/helm2/gce.yaml +++ b/helm/generated_examples/helm2/gce.yaml @@ -141,7 +141,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -155,7 +155,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/generated_examples/helm2/gke.yaml b/helm/generated_examples/helm2/gke.yaml index 7590504f0..22656e99a 100644 --- a/helm/generated_examples/helm2/gke.yaml +++ b/helm/generated_examples/helm2/gke.yaml @@ -126,7 +126,7 @@ spec: spec: serviceAccountName: local-static-provisioner containers: - - image: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + - image: "quay.io/external_storage/local-volume-provisioner:v2.3.4" name: provisioner securityContext: privileged: true @@ -140,7 +140,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: JOB_CONTAINER_IMAGE - value: "quay.io/external_storage/local-volume-provisioner:v2.3.3" + value: "quay.io/external_storage/local-volume-provisioner:v2.3.4" volumeMounts: - mountPath: /etc/provisioner/config name: provisioner-config diff --git a/helm/provisioner/values.yaml b/helm/provisioner/values.yaml index f65d5431f..64496139b 100644 --- a/helm/provisioner/values.yaml +++ b/helm/provisioner/values.yaml @@ -85,7 +85,7 @@ daemonset: # # Defines Provisioner's image name including container registry. # - image: quay.io/external_storage/local-volume-provisioner:v2.3.3 + image: quay.io/external_storage/local-volume-provisioner:v2.3.4 # # Defines Image download policy, see kubernetes documentation for available values. # From 1c1d3dc35398de23cc6c680445e3962e5865b6d3 Mon Sep 17 00:00:00 2001 From: Hendrik Ferber Date: Sat, 14 Mar 2020 15:00:47 +0100 Subject: [PATCH 7/7] changed lib script helm for template generation --- hack/lib.sh | 38 +++++++++++++++++++++++++++----------- hack/update-generated.sh | 7 ++++--- hack/verify-generated.sh | 8 ++++---- 3 files changed, 35 insertions(+), 18 deletions(-) diff --git a/hack/lib.sh b/hack/lib.sh index 7043abf45..622354d6c 100755 --- a/hack/lib.sh +++ b/hack/lib.sh @@ -24,22 +24,18 @@ ARCH=$(go env GOARCH) OUTPUT=${ROOT}/_output OUTPUT_BIN=${OUTPUT}/${OS}/${ARCH} HELM2_VERSION=2.16.1 -HELM_VERSION=3.1.0 +HELM3_VERSION=3.1.2 DEP_VERSION=0.5.0 DEP_BIN=$OUTPUT_BIN/dep HELM2_BIN=$OUTPUT_BIN/helm2 -HELM_BIN=$OUTPUT_BIN/helm +HELM3_BIN=$OUTPUT_BIN/helm3 MISSPELL_VERSION=0.3.4 MISSPELL_BIN=$OUTPUT_BIN/misspell test -d "$OUTPUT_BIN" || mkdir -p "$OUTPUT_BIN" -function hack::verify_helm() { - if test -x "$HELM_BIN"; then - local v=$($HELM_BIN version --short --client | grep -o -P '\d+.\d+.\d+') - [[ "$v" == "$HELM_VERSION" ]] - return - fi +# helm 2 verify and install +function hack::verify_helm2() { if test -x "$HELM2_BIN"; then local v=$($HELM2_BIN version --short --client | grep -o -P '\d+.\d+.\d+') [[ "$v" == "$HELM2_VERSION" ]] @@ -47,9 +43,8 @@ function hack::verify_helm() { fi return 1 } - -function hack::install_helm() { - if hack::verify_helm; then +function hack::install_helm2() { + if hack::verify_helm2; then return 0 fi local OS=$(uname | tr A-Z a-z) @@ -58,6 +53,27 @@ function hack::install_helm() { curl -s "$HELM_URL" | tar --strip-components 1 -C $OUTPUT_BIN -zxf - ${OS}-${ARCH}/helm && mv $OUTPUT_BIN/helm $OUTPUT_BIN/helm2 } +# helm 3 verify and install +function hack::verify_helm3() { + if test -x "$HELM3_BIN"; then + local v=$($HELM3_BIN version --short --client | grep -o -P '\d+.\d+.\d+') + [[ "$v" == "$HELM3_VERSION" ]] + return + fi + return 1 +} +function hack::install_helm3() { + if hack::verify_helm3; then + return 0 + fi + local OS=$(uname | tr A-Z a-z) + local ARCH=amd64 + local HELM_URL=https://get.helm.sh/helm-v${HELM3_VERSION}-${OS}-${ARCH}.tar.gz + curl -s "$HELM_URL" | tar --strip-components 1 -C $OUTPUT_BIN -zxf - ${OS}-${ARCH}/helm && mv $OUTPUT_BIN/helm $OUTPUT_BIN/helm3 +} + + + function hack::verify_dep() { if test -x "$DEP_BIN"; then local v=$($DEP_BIN version | awk -F: '/^\s+version\s+:/ { print $2 }' | sed -r 's/^\s+v//g') diff --git a/hack/update-generated.sh b/hack/update-generated.sh index 5f6640a3e..dc54ba468 100755 --- a/hack/update-generated.sh +++ b/hack/update-generated.sh @@ -23,7 +23,8 @@ cd $ROOT source "${ROOT}/hack/lib.sh" -hack::install_helm +hack::install_helm2 +hack::install_helm3 cd helm @@ -51,8 +52,8 @@ FILES=$(ls examples/) for f in $FILES; do input="examples/$f" generated="generated_examples/$f" - printf "Generating with helm v${HELM_VERSION} %s from %s\n" $generated $input - $HELM_BIN template --dry-run -f examples/$f local-static-provisioner --namespace default ./provisioner > $generated + printf "Generating with helm v${HELM3_VERSION} %s from %s\n" $generated $input + $HELM3_BIN template --dry-run -f examples/$f local-static-provisioner --namespace default ./provisioner > $generated done echo "Done." diff --git a/hack/verify-generated.sh b/hack/verify-generated.sh index d1597554c..f5c4e7c07 100755 --- a/hack/verify-generated.sh +++ b/hack/verify-generated.sh @@ -23,13 +23,14 @@ cd $ROOT source "${ROOT}/hack/lib.sh" -hack::install_helm +hack::install_helm2 +hack::install_helm3 cd helm # lint first ret=0 -$HELM_BIN lint ./provisioner || ret=$? +$HELM3_BIN lint ./provisioner || ret=$? if [ $ret -ne 0 ]; then echo "helm lint failed" exit 2 @@ -59,8 +60,7 @@ function test_values_file() { local expected="generated_examples/$1" local tmpfile=$(mktemp) trap "test -f $tmpfile && rm $tmpfile || true" EXIT - #echo "$HELM_BIN" - $HELM_BIN template --dry-run -f examples/$f local-static-provisioner --namespace default ./provisioner > $tmpfile + $HELM3_BIN template --dry-run -f examples/$f local-static-provisioner --namespace default ./provisioner > $tmpfile echo -n "Checking $input " local diff=$(diff -u $expected $tmpfile 2>&1) || true if [[ -n "${diff}" ]]; then