airship/treasuremap
Code Issues Proposed changes

Rook-ceph cluster deployment

Browse Source 
* Type catalog should contain only core services related to
  the deployment of the ceph cluster (monitors, osds, mgrs, etc)
* Manifests to create pools, dashboards, cephfs - are moved to
  the function catalog.
* Code related to the OpenStack deployment is removed
* Dashboard is disabled by default, ingress controller is removed
* Rook-operator version is upgraded to 1.5.9 to prevent incompatibility
  with pool quota settings
* Fixed a minor bug in the site-level catalogue storage definition
  and in the replacement function
* Added cleanup manifest for StorageCatalogue
* Added airshipctl phase to deploy rook-operator
* Implementation of the rook-ceph operator has been changed
* Added the configuration for the csi driver images
* Added overrides for ceph.conf
* Added configuration for rook-operator and ceph images

* Merge conflict resolution

* Code standartization

* Rename rook-ceph-crds -> rook-operator

Relates-to: [WIP] Expects to deliver Rook/Ceph via 2 phases
Relates-to: #30

Change-Id: I7ec7f756e742db1595143c2dfc6751b16fb25efb
This commit is contained in:
SIGUNOV, VLADIMIR (vs422h) 2021-03-31 21:12:03 -04:00 committed by Stephen Taylor
parent cefc656976
commit fd3f0d747a
45 changed files with 3670 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
manifests/function/rook-cluster/cephfs/base/filesystem.yaml Normal file
View File

@ -0,0 +1,75 @@
#################################################################################################################
# Create a filesystem with settings with replication enabled for a production environment.
# A minimum of 3 OSDs on different nodes are required in this example.
# kubectl create -f filesystem.yaml
#################################################################################################################
apiVersion: ceph.rook.io/v1
kind: CephFilesystem
metadata:
name: cephfs
namespace: rook-ceph # namespace:cluster
spec:
# The metadata pool spec. Must use replication.
metadataPool:
replicated:
size: 3
requireSafeReplicaSize: true
parameters:
# Inline compression mode for the data pool
# Further reference: https://docs.ceph.com/docs/nautilus/rados/configuration/bluestore-config-ref/#inline-compression
compression_mode: none
# gives a hint (%) to Ceph in terms of expected consumption of the total cluster capacity of a given pool
# for more info: https://docs.ceph.com/docs/master/rados/operations/placement-groups/#specifying-expected-pool-size
#target_size_ratio: ".5"
# The list of data pool specs. Can use replication or erasure coding.
# Whether to preserve filesystem after CephFilesystem CRD deletion
preserveFilesystemOnDelete: true
# The metadata service (mds) configuration
metadataServer:
# The affinity rules to apply to the mds deployment
placement:
# nodeAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# nodeSelectorTerms:
# - matchExpressions:
# - key: role
# operator: In
# values:
# - mds-node
# topologySpreadConstraints:
# tolerations:
# - key: mds-node
# operator: Exists
# podAffinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- rook-ceph-mds
# topologyKey: kubernetes.io/hostname will place MDS across different hosts
topologyKey: kubernetes.io/hostname
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- rook-ceph-mds
# topologyKey: */zone can be used to spread MDS across different AZ
# Use <topologyKey: failure-domain.beta.kubernetes.io/zone> in k8s cluster if your cluster is v1.16 or lower
# Use <topologyKey: topology.kubernetes.io/zone> in k8s cluster is v1.17 or upper
topologyKey: topology.kubernetes.io/zone
# A key/value list of annotations
annotations:
# key: value
# A key/value list of labels
labels:
# key: value

2
manifests/function/rook-cluster/cephfs/base/kustomization.yaml Normal file
View File

@ -0,0 +1,2 @@
resources:
- filesystem.yaml

21
manifests/function/rook-cluster/cephfs/cephfs-mds.yaml Normal file
View File

@ -0,0 +1,21 @@
apiVersion: ceph.rook.io/v1
kind: CephFilesystem
metadata:
name: cephfs
namespace: rook-ceph # namespace:cluster
spec:
metadataServer:
# The number of active MDS instances
activeCount: 1
# Whether each active MDS instance will have an active standby with a warm metadata cache for faster failover.
# If false, standbys will be available, but will not have a warm cache.
activeStandby: true
resources:
# The requests and limits set here, allow the filesystem MDS Pod(s) to use half of one CPU core and 1 gigabyte of memory
# limits:
# cpu: "500m"
# memory: "1024Mi"
# requests:
# cpu: "500m"
# memory: "1024Mi"
# priorityClassName: my-priority-class

20
manifests/function/rook-cluster/cephfs/cephfs-pool.yaml Normal file
View File

@ -0,0 +1,20 @@
apiVersion: ceph.rook.io/v1
kind: CephFilesystem
metadata:
name: cephfs
namespace: rook-ceph # namespace:cluster
spec:
dataPools:
- failureDomain: host
replicated:
size: 3
# Disallow setting pool with replica 1, this could lead to data loss without recovery.
# Make sure you're *ABSOLUTELY CERTAIN* that is what you want
requireSafeReplicaSize: true
parameters:
# Inline compression mode for the data pool
# Further reference: https://docs.ceph.com/docs/nautilus/rados/configuration/bluestore-config-ref/#inline-compression
compression_mode: none
# gives a hint (%) to Ceph in terms of expected consumption of the total cluster capacity of a given pool
# for more info: https://docs.ceph.com/docs/master/rados/operations/placement-groups/#specifying-expected-pool-size
target_size_ratio: ".5"

5
manifests/function/rook-cluster/cephfs/kustomization.yaml Normal file
View File

@ -0,0 +1,5 @@
resources:
- ./base
patchesStrategicMerge:
- cephfs-pool.yaml
- cephfs-mds.yaml

19
manifests/function/rook-cluster/dashboard/base/external-dashboard.yaml Normal file
View File

@ -0,0 +1,19 @@
apiVersion: v1
kind: Service
metadata:
name: rook-ceph-mgr-dashboard
namespace: rook-ceph # namespace:cluster
labels:
app: rook-ceph-mgr
rook_cluster: rook-ceph # namespace:cluster
spec:
ports:
- name: dashboard
port: 7000
protocol: TCP
targetPort: 7000
selector:
app: rook-ceph-mgr
rook_cluster: rook-ceph
sessionAffinity: None
type: NodePort

2
manifests/function/rook-cluster/dashboard/base/kustomization.yaml Normal file
View File

@ -0,0 +1,2 @@
resources:
- external-dashboard.yaml

2
manifests/function/rook-cluster/dashboard/http/kustomization.yaml Normal file
View File

@ -0,0 +1,2 @@
resources:
- ../base

2
manifests/function/rook-cluster/pools/base/kustomization.yaml Normal file
View File

@ -0,0 +1,2 @@
resources:
- pool.yaml

65
manifests/function/rook-cluster/pools/base/pool.yaml Normal file
View File

@ -0,0 +1,65 @@
#################################################################################################################
# Create a Ceph pool with settings for replication in production environments. A minimum of 3 OSDs on
# different hosts are required in this example.
# kubectl create -f pool.yaml
#################################################################################################################
apiVersion: ceph.rook.io/v1
kind: CephBlockPool
metadata:
name: "pool"
namespace: rook-ceph # namespace:cluster
spec:
# The failure domain will spread the replicas of the data across different failure zones
# Default value is host. Could be osd or rack, depending on your crushmap
failureDomain: host
# For a pool based on raw copies, specify the number of copies. A size of 1 indicates no redundancy.
replicated:
size: 3
# Disallow setting pool with replica 1, this could lead to data loss without recovery.
# Make sure you're *ABSOLUTELY CERTAIN* that is what you want
requireSafeReplicaSize: true
# The number for replicas per failure domain, the value must be a divisor of the replica count. If specified, the most common value is 2 for stretch clusters, where the replica count would be 4.
# replicasPerFailureDomain: 2
# The name of the failure domain to place further down replicas
# subFailureDomain: host
# Ceph CRUSH root location of the rule
# For reference: https://docs.ceph.com/docs/nautilus/rados/operations/crush-map/#types-and-buckets
#crushRoot: my-root
# The Ceph CRUSH device class associated with the CRUSH replicated rule
# For reference: https://docs.ceph.com/docs/nautilus/rados/operations/crush-map/#device-classes
#deviceClass: my-class
# Enables collecting RBD per-image IO statistics by enabling dynamic OSD performance counters. Defaults to false.
# For reference: https://docs.ceph.com/docs/master/mgr/prometheus/#rbd-io-statistics
# enableRBDStats: true
# Set any property on a given pool
# see https://docs.ceph.com/docs/master/rados/operations/pools/#set-pool-values
parameters:
# Inline compression mode for the data pool
# Further reference: https://docs.ceph.com/docs/nautilus/rados/configuration/bluestore-config-ref/#inline-compression
compression_mode: none
# gives a hint (%) to Ceph in terms of expected consumption of the total cluster capacity of a given pool
# for more info: https://docs.ceph.com/docs/master/rados/operations/placement-groups/#specifying-expected-pool-size
#target_size_ratio: ".5"
mirroring:
enabled: false
# mirroring mode: pool level or per image
# for more details see: https://docs.ceph.com/docs/master/rbd/rbd-mirroring/#enable-mirroring
mode: image
# specify the schedule(s) on which snapshots should be taken
# snapshotSchedules:
# - interval: 24h # daily snapshots
# startTime: 14:00:00-05:00
# reports pool mirroring status if enabled
statusCheck:
mirror:
disabled: false
interval: 60s
# quota in bytes and/or objects, default value is 0 (unlimited)
# see https://docs.ceph.com/en/latest/rados/operations/pools/#set-pool-quotas
# quotas:
# maxSize: "10Gi" # valid suffixes include K, M, G, T, P, Ki, Mi, Gi, Ti, Pi
# maxObjects: 1000000000 # 1 billion objects
# A key/value list of annotations
annotations:
# key: value

12
manifests/function/rook-cluster/pools/data/data-pool.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: ceph.rook.io/v1
kind: CephBlockPool
metadata:
name: pool
namespace: rook-ceph
spec:
failureDomain: host
replicated:
size: 2
quotas:
maxSize: "10Gi" # valid suffixes include K, M, G, T, P, Ki, Mi, Gi, Ti, Pi
maxObjects: 1000000000 # 1 billion objects

5
manifests/function/rook-cluster/pools/data/kustomization.yaml Normal file
View File

@ -0,0 +1,5 @@
resources:
- ../base
namePrefix: data-
patchesStrategicMerge:
- data-pool.yaml

3
manifests/function/rook-cluster/pools/kustomization.yaml Normal file
View File

@ -0,0 +1,3 @@
resources:
- ./rbd
- ./data

5
manifests/function/rook-cluster/pools/rbd/kustomization.yaml Normal file
View File

@ -0,0 +1,5 @@
resources:
- ../base
namePrefix: rbd-
patchesStrategicMerge:
- rbd-pool.yaml

13
manifests/function/rook-cluster/pools/rbd/rbd-pool.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: ceph.rook.io/v1
kind: CephBlockPool
metadata:
name: "pool"
namespace: rook-ceph # namespace:cluster
spec:
failureDomain: host
replicated:
size: 3
quotas:
maxSize: "0" # valid suffixes include K, M, G, T, P, Ki, Mi, Gi, Ti, Pi, eg: "10Gi"
# "0" means no quotas. Since rook 1.5.9 you must use string as a value's type
maxObjects: 0 # 1000000000 = billion objects, 0 means no quotas

21
manifests/function/rook-operator/helmrelease.yaml
View File

@ -1,21 +0,0 @@
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: rook-ceph-operator
namespace: rook-ceph
spec:
releaseName: rook-release
interval: 5m
chart:
spec:
chart: rook-ceph
sourceRef:
kind: HelmRepository
name: rook-ceph
version: 1.5.8
interval: 1m
timeout: 5m
# Reference values at
# https://github.com/rook/rook/blob/master/cluster/charts/rook-ceph/values.yaml
# You can redefine default values in the section below
values: {}

7
manifests/function/rook-operator/helmrepository.yaml
View File

@ -1,7 +0,0 @@
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository
metadata:
name: rook-release
spec:
url: https://charts.rook.io/release
interval: 10m

6
manifests/function/rook-operator/kustomization.yaml
View File

@ -1,6 +1,2 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- helmrepository.yaml
- helmrelease.yaml
- upstream

4
manifests/function/rook-operator/namespace.yaml
View File

@ -1,4 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: rook-ceph

70
manifests/function/rook-operator/replacements/versions.yaml
View File

@ -5,45 +5,81 @@ metadata:
annotations:
config.kubernetes.io/function: |-
container:
image: quay.io/airshipit/replacement-transformer:latest
image: quay.io/airshipit/replacement-transformer:v2
replacements:
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.helm_repositories.rook-operator}"
fieldref: "{.spec.images.rook-operator.rook-ceph-operator.rook-ceph-operator.image}"
target:
objref:
kind: HelmRepository
name: rook-release
fieldrefs: ["{.spec}"]
kind: Deployment
name: rook-ceph-operator
fieldrefs: ["{.spec.template.spec.containers[?(.name == 'rook-ceph-operator')].image}"]
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.charts.rook-operator.chart}"
fieldref: "{.spec.images.rook-operator.rook-ceph-operator-config.rook_csi_ceph_image.image}"
target:
objref:
kind: HelmRelease
name: rook-ceph-operator
fieldrefs: ["{.spec.chart.spec.chart}"]
kind: ConfigMap
name: rook-ceph-operator-config
fieldrefs: ["{.data.ROOK_CSI_CEPH_IMAGE}"]
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.charts.rook-operator.version}"
fieldref: "{.spec.images.rook-operator.rook-ceph-operator-config.rook_csi_registrar_image.image}"
target:
objref:
kind: HelmRelease
name: rook-ceph-operator
fieldrefs: ["{.spec.chart.version}"]
kind: ConfigMap
name: rook-ceph-operator-config
fieldrefs: ["{.data.ROOK_CSI_REGISTRAR_IMAGE}"]
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.image_components.rook-operator.rook-operator}"
fieldref: "{.spec.images.rook-operator.rook-ceph-operator-config.rook_csi_resizer_image.image}"
target:
objref:
kind: HelmRelease
name: rook-ceph-operator
fieldrefs: ["{.spec.values.image}"]
kind: ConfigMap
name: rook-ceph-operator-config
fieldrefs: ["{.data.ROOK_CSI_RESIZER_IMAGE}"]
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.images.rook-operator.rook-ceph-operator-config.rook_csi_provisioner_image.image}"
target:
objref:
kind: ConfigMap
name: rook-ceph-operator-config
fieldrefs: ["{.data.ROOK_CSI_PROVISIONER_IMAGE}"]
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.images.rook-operator.rook-ceph-operator-config.rook_csi_snapshotter_image.image}"
target:
objref:
kind: ConfigMap
name: rook-ceph-operator-config
fieldrefs: ["{.data.ROOK_CSI_SNAPSHOTTER_IMAGE}"]
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.images.rook-operator.rook-ceph-operator-config.rook_csi_attacher_image.image}"
target:
objref:
kind: ConfigMap
name: rook-ceph-operator-config
fieldrefs: ["{.data.ROOK_CSI_ATTACHER_IMAGE}"]

1123
manifests/function/rook-operator/upstream/common.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

1411
manifests/function/rook-operator/upstream/crds.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

5
manifests/function/rook-operator/upstream/kustomization.yaml Normal file
View File

@ -0,0 +1,5 @@
resources:
- namespace.yaml
- crds.yaml
- common.yaml
- operator.yaml

7
manifests/function/rook-operator/upstream/namespace.yaml Normal file
View File

@ -0,0 +1,7 @@
# Namespace where the operator and other rook resources are created
apiVersion: v1
kind: Namespace
metadata:
name: rook-ceph # namespace:cluster
# OLM: BEGIN OBJECTBUCKET ROLEBINDING
---

484
manifests/function/rook-operator/upstream/operator.yaml Normal file
View File

@ -0,0 +1,484 @@
#################################################################################################################
# The deployment for the rook operator
# Contains the common settings for most Kubernetes deployments.
# For example, to create the rook-ceph cluster:
# kubectl create -f crds.yaml -f common.yaml -f operator.yaml
# kubectl create -f cluster.yaml
#
# Also see other operator sample files for variations of operator.yaml:
# - operator-openshift.yaml: Common settings for running in OpenShift
###############################################################################################################
# Rook Ceph Operator Config ConfigMap
# Use this ConfigMap to override Rook-Ceph Operator configurations.
# NOTE! Precedence will be given to this config if the same Env Var config also exists in the
# Operator Deployment.
# To move a configuration(s) from the Operator Deployment to this ConfigMap, add the config
# here. It is recommended to then remove it from the Deployment to eliminate any future confusion.
kind: ConfigMap
apiVersion: v1
metadata:
name: rook-ceph-operator-config
# should be in the namespace of the operator
namespace: rook-ceph # namespace:operator
data:
# Enable the CSI driver.
# To run the non-default version of the CSI driver, see the override-able image properties in operator.yaml
ROOK_CSI_ENABLE_CEPHFS: "true"
# Enable the default version of the CSI RBD driver. To start another version of the CSI driver, see image properties below.
ROOK_CSI_ENABLE_RBD: "true"
ROOK_CSI_ENABLE_GRPC_METRICS: "false"
# Set logging level for csi containers.
# Supported values from 0 to 5. 0 for general useful logs, 5 for trace level verbosity.
# CSI_LOG_LEVEL: "0"
# OMAP generator will generate the omap mapping between the PV name and the RBD image.
# CSI_ENABLE_OMAP_GENERATOR need to be enabled when we are using rbd mirroring feature.
# By default OMAP generator sidecar is deployed with CSI provisioner pod, to disable
# it set it to false.
# CSI_ENABLE_OMAP_GENERATOR: "false"
# set to false to disable deployment of snapshotter container in CephFS provisioner pod.
CSI_ENABLE_CEPHFS_SNAPSHOTTER: "true"
# set to false to disable deployment of snapshotter container in RBD provisioner pod.
CSI_ENABLE_RBD_SNAPSHOTTER: "true"
# Enable cephfs kernel driver instead of ceph-fuse.
# If you disable the kernel client, your application may be disrupted during upgrade.
# See the upgrade guide: https://rook.io/docs/rook/master/ceph-upgrade.html
# NOTE! cephfs quota is not supported in kernel version < 4.17
CSI_FORCE_CEPHFS_KERNEL_CLIENT: "true"
# (Optional) policy for modifying a volume's ownership or permissions when the RBD PVC is being mounted.
# supported values are documented at https://kubernetes-csi.github.io/docs/support-fsgroup.html
CSI_RBD_FSGROUPPOLICY: "ReadWriteOnceWithFSType"
# (Optional) policy for modifying a volume's ownership or permissions when the CephFS PVC is being mounted.
# supported values are documented at https://kubernetes-csi.github.io/docs/support-fsgroup.html
CSI_CEPHFS_FSGROUPPOLICY: "ReadWriteOnceWithFSType"
# (Optional) Allow starting unsupported ceph-csi image
ROOK_CSI_ALLOW_UNSUPPORTED_VERSION: "false"
# The default version of CSI supported by Rook will be started. To change the version
# of the CSI driver to something other than what is officially supported, change
# these images to the desired release of the CSI driver.
ROOK_CSI_CEPH_IMAGE: "quay.io/cephcsi/cephcsi:v3.2.1"
ROOK_CSI_REGISTRAR_IMAGE: "k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.0.1"
ROOK_CSI_RESIZER_IMAGE: "k8s.gcr.io/sig-storage/csi-resizer:v1.0.1"
ROOK_CSI_PROVISIONER_IMAGE: "k8s.gcr.io/sig-storage/csi-provisioner:v2.0.4"
ROOK_CSI_SNAPSHOTTER_IMAGE: "k8s.gcr.io/sig-storage/csi-snapshotter:v3.0.2"
ROOK_CSI_ATTACHER_IMAGE: "k8s.gcr.io/sig-storage/csi-attacher:v3.0.2"
# (Optional) set user created priorityclassName for csi plugin pods.
# CSI_PLUGIN_PRIORITY_CLASSNAME: "system-node-critical"
# (Optional) set user created priorityclassName for csi provisioner pods.
# CSI_PROVISIONER_PRIORITY_CLASSNAME: "system-cluster-critical"
# CSI CephFS plugin daemonset update strategy, supported values are OnDelete and RollingUpdate.
# Default value is RollingUpdate.
# CSI_CEPHFS_PLUGIN_UPDATE_STRATEGY: "OnDelete"
# CSI RBD plugin daemonset update strategy, supported values are OnDelete and RollingUpdate.
# Default value is RollingUpdate.
# CSI_RBD_PLUGIN_UPDATE_STRATEGY: "OnDelete"
# kubelet directory path, if kubelet configured to use other than /var/lib/kubelet path.
# ROOK_CSI_KUBELET_DIR_PATH: "/var/lib/kubelet"
# Labels to add to the CSI CephFS Deployments and DaemonSets Pods.
# ROOK_CSI_CEPHFS_POD_LABELS: "key1=value1,key2=value2"
# Labels to add to the CSI RBD Deployments and DaemonSets Pods.
# ROOK_CSI_RBD_POD_LABELS: "key1=value1,key2=value2"
# (Optional) Ceph Provisioner NodeAffinity.
# CSI_PROVISIONER_NODE_AFFINITY: "role=storage-node; storage=rook, ceph"
# (Optional) CEPH CSI provisioner tolerations list. Put here list of taints you want to tolerate in YAML format.
# CSI provisioner would be best to start on the same nodes as other ceph daemons.
# CSI_PROVISIONER_TOLERATIONS: |
# - effect: NoSchedule
# key: node-role.kubernetes.io/controlplane
# operator: Exists
# - effect: NoExecute
# key: node-role.kubernetes.io/etcd
# operator: Exists
# (Optional) Ceph CSI plugin NodeAffinity.
# CSI_PLUGIN_NODE_AFFINITY: "role=storage-node; storage=rook, ceph"
# (Optional) CEPH CSI plugin tolerations list. Put here list of taints you want to tolerate in YAML format.
# CSI plugins need to be started on all the nodes where the clients need to mount the storage.
# CSI_PLUGIN_TOLERATIONS: |
# - effect: NoSchedule
# key: node-role.kubernetes.io/controlplane
# operator: Exists
# - effect: NoExecute
# key: node-role.kubernetes.io/etcd
# operator: Exists
# (Optional) CEPH CSI RBD provisioner resource requirement list, Put here list of resource
# requests and limits you want to apply for provisioner pod
# CSI_RBD_PROVISIONER_RESOURCE: |
# - name : csi-provisioner
# resource:
# requests:
# memory: 128Mi
# cpu: 100m
# limits:
# memory: 256Mi
# cpu: 200m
# - name : csi-resizer
# resource:
# requests:
# memory: 128Mi
# cpu: 100m
# limits:
# memory: 256Mi
# cpu: 200m
# - name : csi-attacher
# resource:
# requests:
# memory: 128Mi
# cpu: 100m
# limits:
# memory: 256Mi
# cpu: 200m
# - name : csi-snapshotter
# resource:
# requests:
# memory: 128Mi
# cpu: 100m
# limits:
# memory: 256Mi
# cpu: 200m
# - name : csi-rbdplugin
# resource:
# requests:
# memory: 512Mi
# cpu: 250m
# limits:
# memory: 1Gi
# cpu: 500m
# - name : liveness-prometheus
# resource:
# requests:
# memory: 128Mi
# cpu: 50m
# limits:
# memory: 256Mi
# cpu: 100m
# (Optional) CEPH CSI RBD plugin resource requirement list, Put here list of resource
# requests and limits you want to apply for plugin pod
# CSI_RBD_PLUGIN_RESOURCE: |
# - name : driver-registrar
# resource:
# requests:
# memory: 128Mi
# cpu: 50m
# limits:
# memory: 256Mi
# cpu: 100m
# - name : csi-rbdplugin
# resource:
# requests:
# memory: 512Mi
# cpu: 250m
# limits:
# memory: 1Gi
# cpu: 500m
# - name : liveness-prometheus
# resource:
# requests:
# memory: 128Mi
# cpu: 50m
# limits:
# memory: 256Mi
# cpu: 100m
# (Optional) CEPH CSI CephFS provisioner resource requirement list, Put here list of resource
# requests and limits you want to apply for provisioner pod
# CSI_CEPHFS_PROVISIONER_RESOURCE: |
# - name : csi-provisioner
# resource:
# requests:
# memory: 128Mi
# cpu: 100m
# limits:
# memory: 256Mi
# cpu: 200m
# - name : csi-resizer
# resource:
# requests:
# memory: 128Mi
# cpu: 100m
# limits:
# memory: 256Mi
# cpu: 200m
# - name : csi-attacher
# resource:
# requests:
# memory: 128Mi
# cpu: 100m
# limits:
# memory: 256Mi
# cpu: 200m
# - name : csi-cephfsplugin
# resource:
# requests:
# memory: 512Mi
# cpu: 250m
# limits:
# memory: 1Gi
# cpu: 500m
# - name : liveness-prometheus
# resource:
# requests:
# memory: 128Mi
# cpu: 50m
# limits:
# memory: 256Mi
# cpu: 100m
# (Optional) CEPH CSI CephFS plugin resource requirement list, Put here list of resource
# requests and limits you want to apply for plugin pod
# CSI_CEPHFS_PLUGIN_RESOURCE: |
# - name : driver-registrar
# resource:
# requests:
# memory: 128Mi
# cpu: 50m
# limits:
# memory: 256Mi
# cpu: 100m
# - name : csi-cephfsplugin
# resource:
# requests:
# memory: 512Mi
# cpu: 250m
# limits:
# memory: 1Gi
# cpu: 500m
# - name : liveness-prometheus
# resource:
# requests:
# memory: 128Mi
# cpu: 50m
# limits:
# memory: 256Mi
# cpu: 100m
# Configure CSI CSI Ceph FS grpc and liveness metrics port
# CSI_CEPHFS_GRPC_METRICS_PORT: "9091"
# CSI_CEPHFS_LIVENESS_METRICS_PORT: "9081"
# Configure CSI RBD grpc and liveness metrics port
# CSI_RBD_GRPC_METRICS_PORT: "9090"
# CSI_RBD_LIVENESS_METRICS_PORT: "9080"
# Whether the OBC provisioner should watch on the operator namespace or not, if not the namespace of the cluster will be used
ROOK_OBC_WATCH_OPERATOR_NAMESPACE: "true"
# (Optional) Admission controller NodeAffinity.
# ADMISSION_CONTROLLER_NODE_AFFINITY: "role=storage-node; storage=rook, ceph"
# (Optional) Admission controller tolerations list. Put here list of taints you want to tolerate in YAML format.
# Admission controller would be best to start on the same nodes as other ceph daemons.
# ADMISSION_CONTROLLER_TOLERATIONS: |
# - effect: NoSchedule
# key: node-role.kubernetes.io/controlplane
# operator: Exists
# - effect: NoExecute
# key: node-role.kubernetes.io/etcd
# operator: Exists
---
# OLM: BEGIN OPERATOR DEPLOYMENT
apiVersion: apps/v1
kind: Deployment
metadata:
name: rook-ceph-operator
namespace: rook-ceph # namespace:operator
labels:
operator: rook
storage-backend: ceph
spec:
selector:
matchLabels:
app: rook-ceph-operator
replicas: 1
template:
metadata:
labels:
app: rook-ceph-operator
spec:
serviceAccountName: rook-ceph-system
containers:
- name: rook-ceph-operator
image: rook/ceph:v1.5.9
args: ["ceph", "operator"]
volumeMounts:
- mountPath: /var/lib/rook
name: rook-config
- mountPath: /etc/ceph
name: default-config-dir
env:
# If the operator should only watch for cluster CRDs in the same namespace, set this to "true".
# If this is not set to true, the operator will watch for cluster CRDs in all namespaces.
- name: ROOK_CURRENT_NAMESPACE_ONLY
value: "false"
# To disable RBAC, uncomment the following:
# - name: RBAC_ENABLED
# value: "false"
# Rook Agent toleration. Will tolerate all taints with all keys.
# Choose between NoSchedule, PreferNoSchedule and NoExecute:
# - name: AGENT_TOLERATION
# value: "NoSchedule"
# (Optional) Rook Agent toleration key. Set this to the key of the taint you want to tolerate
# - name: AGENT_TOLERATION_KEY
# value: "<KeyOfTheTaintToTolerate>"
# (Optional) Rook Agent tolerations list. Put here list of taints you want to tolerate in YAML format.
# - name: AGENT_TOLERATIONS
# value: |
# - effect: NoSchedule
# key: node-role.kubernetes.io/controlplane
# operator: Exists
# - effect: NoExecute
# key: node-role.kubernetes.io/etcd
# operator: Exists
# (Optional) Rook Agent priority class name to set on the pod(s)
# - name: AGENT_PRIORITY_CLASS_NAME
# value: "<PriorityClassName>"
# (Optional) Rook Agent NodeAffinity.
# - name: AGENT_NODE_AFFINITY
# value: "role=storage-node; storage=rook,ceph"
# (Optional) Rook Agent mount security mode. Can by `Any` or `Restricted`.
# `Any` uses Ceph admin credentials by default/fallback.
# For using `Restricted` you must have a Ceph secret in each namespace storage should be consumed from and
# set `mountUser` to the Ceph user, `mountSecret` to the Kubernetes secret name.
# to the namespace in which the `mountSecret` Kubernetes secret namespace.
# - name: AGENT_MOUNT_SECURITY_MODE
# value: "Any"
# Set the path where the Rook agent can find the flex volumes
# - name: FLEXVOLUME_DIR_PATH
# value: "<PathToFlexVolumes>"
# Set the path where kernel modules can be found
# - name: LIB_MODULES_DIR_PATH
# value: "<PathToLibModules>"
# Mount any extra directories into the agent container
# - name: AGENT_MOUNTS
# value: "somemount=/host/path:/container/path,someothermount=/host/path2:/container/path2"
# Rook Discover toleration. Will tolerate all taints with all keys.
# Choose between NoSchedule, PreferNoSchedule and NoExecute:
# - name: DISCOVER_TOLERATION
# value: "NoSchedule"
# (Optional) Rook Discover toleration key. Set this to the key of the taint you want to tolerate
# - name: DISCOVER_TOLERATION_KEY
# value: "<KeyOfTheTaintToTolerate>"
# (Optional) Rook Discover tolerations list. Put here list of taints you want to tolerate in YAML format.
# - name: DISCOVER_TOLERATIONS
# value: |
# - effect: NoSchedule
# key: node-role.kubernetes.io/controlplane
# operator: Exists
# - effect: NoExecute
# key: node-role.kubernetes.io/etcd
# operator: Exists
# (Optional) Rook Discover priority class name to set on the pod(s)
# - name: DISCOVER_PRIORITY_CLASS_NAME
# value: "<PriorityClassName>"
# (Optional) Discover Agent NodeAffinity.
# - name: DISCOVER_AGENT_NODE_AFFINITY
# value: "role=storage-node; storage=rook, ceph"
# (Optional) Discover Agent Pod Labels.
# - name: DISCOVER_AGENT_POD_LABELS
# value: "key1=value1,key2=value2"
# Allow rook to create multiple file systems. Note: This is considered
# an experimental feature in Ceph as described at
# http://docs.ceph.com/docs/master/cephfs/experimental-features/#multiple-filesystems-within-a-ceph-cluster
# which might cause mons to crash as seen in https://github.com/rook/rook/issues/1027
- name: ROOK_ALLOW_MULTIPLE_FILESYSTEMS
value: "false"
# The logging level for the operator: INFO | DEBUG
- name: ROOK_LOG_LEVEL
value: "INFO"
# The duration between discovering devices in the rook-discover daemonset.
- name: ROOK_DISCOVER_DEVICES_INTERVAL
value: "60m"
# Whether to start pods as privileged that mount a host path, which includes the Ceph mon and osd pods.
# Set this to true if SELinux is enabled (e.g. OpenShift) to workaround the anyuid issues.
# For more details see https://github.com/rook/rook/issues/1314#issuecomment-355799641
- name: ROOK_HOSTPATH_REQUIRES_PRIVILEGED
value: "false"
# In some situations SELinux relabelling breaks (times out) on large filesystems, and doesn't work with cephfs ReadWriteMany volumes (last relabel wins).
# Disable it here if you have similar issues.
# For more details see https://github.com/rook/rook/issues/2417
- name: ROOK_ENABLE_SELINUX_RELABELING
value: "true"
# In large volumes it will take some time to chown all the files. Disable it here if you have performance issues.
# For more details see https://github.com/rook/rook/issues/2254
- name: ROOK_ENABLE_FSGROUP
value: "true"
# Disable automatic orchestration when new devices are discovered
- name: ROOK_DISABLE_DEVICE_HOTPLUG
value: "false"
# Provide customised regex as the values using comma. For eg. regex for rbd based volume, value will be like "(?i)rbd[0-9]+".
# In case of more than one regex, use comma to separate between them.
# Default regex will be "(?i)dm-[0-9]+,(?i)rbd[0-9]+,(?i)nbd[0-9]+"
# Add regex expression after putting a comma to blacklist a disk
# If value is empty, the default regex will be used.
- name: DISCOVER_DAEMON_UDEV_BLACKLIST
value: "(?i)dm-[0-9]+,(?i)rbd[0-9]+,(?i)nbd[0-9]+"
# Whether to enable the flex driver. By default it is enabled and is fully supported, but will be deprecated in some future release
# in favor of the CSI driver.
- name: ROOK_ENABLE_FLEX_DRIVER
value: "false"
# Whether to start the discovery daemon to watch for raw storage devices on nodes in the cluster.
# This daemon does not need to run if you are only going to create your OSDs based on StorageClassDeviceSets with PVCs.
- name: ROOK_ENABLE_DISCOVERY_DAEMON
value: "false"
# Time to wait until the node controller will move Rook pods to other
# nodes after detecting an unreachable node.
# Pods affected by this setting are:
# mgr, rbd, mds, rgw, nfs, PVC based mons and osds, and ceph toolbox
# The value used in this variable replaces the default value of 300 secs
# added automatically by k8s as Toleration for
# <node.kubernetes.io/unreachable>
# The total amount of time to reschedule Rook pods in healthy nodes
# before detecting a <not ready node> condition will be the sum of:
# --> node-monitor-grace-period: 40 seconds (k8s kube-controller-manager flag)
# --> ROOK_UNREACHABLE_NODE_TOLERATION_SECONDS: 5 seconds
- name: ROOK_UNREACHABLE_NODE_TOLERATION_SECONDS
value: "5"
# The name of the node to pass with the downward API
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
# The pod name to pass with the downward API
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
# The pod namespace to pass with the downward API
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
# Uncomment it to run lib bucket provisioner in multithreaded mode
#- name: LIB_BUCKET_PROVISIONER_THREADS
# value: "5"
# Uncomment it to run rook operator on the host network
#hostNetwork: true
volumes:
- name: rook-config
emptyDir: {}
- name: default-config-dir
emptyDir: {}
# OLM: END OPERATOR DEPLOYMENT

30
manifests/function/treasuremap-base-catalogues/versions-treasuremap.yaml
View File

@ -93,6 +93,32 @@ spec:
airship-host-config:
airship-host-config:
image: quay.io/airshipit/hostconfig-operator:latest
rook-operator:
rook-ceph-operator:
rook-ceph-operator:
image: rook/ceph:v1.5.9
rook-ceph-operator-config:
ceph_daemon:
image: ceph/ceph:v15.2.10
rook_csi_ceph_image:
image: quay.io/cephcsi/cephcsi:v3.2.1
rook_csi_registrar_image:
image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.0.1
rook_csi_resizer_image:
image: k8s.gcr.io/sig-storage/csi-resizer:v1.0.1
rook_csi_provisioner_image:
image: k8s.gcr.io/sig-storage/csi-provisioner:v2.0.4
rook_csi_snapshotter_image:
image: k8s.gcr.io/sig-storage/csi-snapshotter:v3.0.2
rook_csi_attacher_image:
image: k8s.gcr.io/sig-storage/csi-attacher:v3.0.2
storage-rook:
ceph:
ceph-version:
image: ceph/ceph:v15.2.10
rook-ceph-tools:
rook-ceph-tools:
image: rook/ceph:v1.5.9
image_components:
# image_components are organized by
@ -153,10 +179,6 @@ spec:
defaultBackend:
repository: k8s.gcr.io/defaultbackend-amd64
tag: "1.5"
rook-operator:
rook-operator:
repository: rook/ceph
tag: v1.5.8
dex-aio:
# NOTE: The dex-aio chart uses a different format for declaring images, so
# the 'name' property is required. 'repository' should contain only the name

1
manifests/site/test-site/target/catalogues/kustomization.yaml
View File

@ -5,6 +5,7 @@ resources:
- ../../../../type/airship-core/shared/catalogues
- hosts.yaml
- ../generator/results
- storage.yaml
patchesStrategicMerge:
- versions-airshipctl.yaml

35
manifests/site/test-site/target/catalogues/storage.yaml Normal file
View File

@ -0,0 +1,35 @@
# This makes a couple small networking tweaks that are specific to the
# ephemeral cluster, on top of the target cluster networking definition.
# These values can be overridden at the site, type, etc levels as appropriate.
apiVersion: airshipit.org/v1alpha1
kind: VariableCatalogue
metadata:
name: storage
labels:
airshipit.org/deploy-k8s: "false"
spec:
storage:
useAllNodes: false # We define per node/per device configuration below
useAllDevices: false # We define per node/per device configuration below
nodes:
- name: stl2r01s02
devicePathFilter: "^/dev/disk/by-path/pci-0000:18:00.0-scsi-0:2:[3-8]:0"
# Or you can use device filter
# deviceFilter: "^/dev/sd[d-k]"
- name: stl2r01s04
devicePathFilter: "^/dev/disk/by-path/pci-0000:18:00.0-scsi-0:2:[3-8]:0"
# Or you can use device filter
# deviceFilter: "^/dev/sd[d-k]"
- name: stl2r01s05
devicePathFilter: "^/dev/disk/by-path/pci-0000:18:00.0-scsi-0:2:[3-8]:0"
# Or you can use device filter
# deviceFilter: "^/dev/sd[d-k]"
- name: stl2r01s06
devicePathFilter: "^/dev/disk/by-path/pci-0000:18:00.0-scsi-0:2:[3-8]:0"
# Or you can use device filter
# deviceFilter: "^/dev/sd[d-k]"
- name: stl2r01s07
devicePathFilter: "^/dev/disk/by-path/pci-0000:18:00.0-scsi-0:2:[3-8]:0"
# Or you can use device filter
# deviceFilter: "^/dev/sd[d-k]"
---

3
manifests/site/test-site/target/workload/kustomization.yaml
View File

@ -1,5 +1,6 @@
resources:
- ../../../../type/airship-core/target/workload/ingress
- ../../../../type/airship-core/target/workload
- ../catalogues
transformers:
- ../../../../function/ingress/replacements
- ./replacements

21
manifests/site/test-site/target/workload/replacements/ceph-nodes.yaml Normal file
View File

@ -0,0 +1,21 @@
apiVersion: airshipit.org/v1alpha1
kind: ReplacementTransformer
metadata:
name: ceph-nodes-replacements
labels:
airshipit.org/deploy-k8s: "false"
annotations:
config.kubernetes.io/function: |-
container:
image: quay.io/airshipit/replacement-transformer:v2
replacements:
- source:
objref:
kind: VariableCatalogue
name: storage
fieldref: "{.spec.storage}"
target:
objref:
kind: CephCluster
name: ceph
fieldrefs: ["{.spec.storage}"]

2
manifests/site/test-site/target/workload/replacements/kustomization.yaml Normal file
View File

@ -0,0 +1,2 @@
resources:
- ceph-nodes.yaml

12
manifests/site/virtual-network-cloud/ephemeral/bootstrap/hostgenerator/patch-delete-catalogues.yaml
View File

@ -39,3 +39,15 @@ patches: |-
metadata:
name: versions-treasuremap
$patch: delete
---
apiVersion: airshipit.org/v1alpha1
kind: VariableCatalogue
metadata:
name: networking-ha
$patch: delete
---
apiVersion: airshipit.org/v1alpha1
kind: StorageCatalogue
metadata:
name: storage
$patch: delete

12
manifests/site/virtual-network-cloud/target/workers/hostgenerator/patch-delete-catalogues.yaml
View File

@ -39,3 +39,15 @@ patches: |-
metadata:
name: versions-treasuremap
$patch: delete
---
apiVersion: airshipit.org/v1alpha1
kind: VariableCatalogue
metadata:
name: networking-ha
$patch: delete
---
apiVersion: airshipit.org/v1alpha1
kind: StorageCatalogue
metadata:
name: storage
$patch: delete

2
manifests/type/airship-core/phases/kustomization.yaml
View File

@ -1,3 +1,3 @@
resources:
- ../../../../../airshipctl/manifests/phases/
- lma-infra-target.yaml
- lma-infra-target.yaml

1
manifests/type/airship-core/target/initinfra/kustomization.yaml
View File

@ -5,6 +5,7 @@ resources:
- ../../../../function/hostconfig-operator
- ../../../../../../airshipctl/manifests/composite/flux-helm/
- ../../../../../../airshipctl/manifests/function/helm-chart-collator/
- ../../../../function/rook-operator
commonLabels:
airshipit.org/stage: initinfra

1
manifests/type/airship-core/target/initinfra/replacements/kustomization.yaml
View File

@ -3,3 +3,4 @@ resources:
- ../../../../../../../airshipctl/manifests/function/hwcc/replacements
- ../../../../../../../airshipctl/manifests/function/helm-chart-collator/replacements
- ../../../../../function/hostconfig-operator/replacements
- ../../../../../function/rook-operator/replacements

1
manifests/type/airship-core/target/workload/kustomization.yaml
View File

@ -1,2 +1,3 @@
resources:
- ingress
- storage/rook

2
manifests/type/airship-core/target/workload/replacements/kustomization.yaml Normal file
View File

@ -0,0 +1,2 @@
resources:
- ../storage/rook/replacements

21
manifests/type/airship-core/target/workload/storage/rook/ceph-conf.yaml Normal file
View File

@ -0,0 +1,21 @@
# Use the config section below to create your custom
# ceph.conf file
# Refer to the documentation at:
# https://rook.io/docs/rook/v1.5/ceph-advanced-configuration.html#custom-cephconf-settings
# Be aware - the rook operator doesn't perform any validations and syntax check against
# the configuration below. Even a typo in this file can cause the entire cluster failure.
kind: ConfigMap
apiVersion: v1
metadata:
name: rook-config-override
namespace: rook-ceph # namespace:cluster
data:
config: |
[global]
osd_pool_default_size = 3
mon_warn_on_pool_no_redundancy = true
# # You can add other default configuration sections
# # to create fully customized ceph.conf
# [mon]
# [osd]
# [rgw]

60
manifests/type/airship-core/target/workload/storage/rook/cephcluster.yaml Normal file
View File

@ -0,0 +1,60 @@
apiVersion: ceph.rook.io/v1
kind: CephCluster
metadata:
name: ceph
namespace: rook-ceph
spec:
dataDirHostPath: /var/lib/rook
cephVersion:
#see: https://tracker.ceph.com/issues/48797
image: ceph/ceph:v15.2.10
#allowUnsupported: true
mon:
count: 3
allowMultiplePerNode: false
dashboard:
enabled: true
# If you are going to use the dashboard together with ingress-controller,
# make sure it is deployed.
ssl: true
crashCollector:
disable: false
network:
# Instead of 'host' you can enable the 'multus' network provider.
# However, the Multus network is in the EXPERIMENTAL stage.
provider: host
storage:
# Using settings below is not recommended for the production environment
useAllNodes: true # Recommended setting is `false`
useAllDevices: true # Recommended setting is `false`
# # To gain more control over you deployment, you should uncomment settings
# # listed below and setup your storage layout per node.
# # Please refer to the official rook documentation
# nodes:
# - name: changemes02
# devices:
# # You can use a list of devices (by path)
# # - name: /dev/disk/by-path/pci-0000:18:00.0-scsi-0:2:3:0
# # - name: /dev/disk/by-path/pci-0000:18:00.0-scsi-0:2:4:0
# # - name: /dev/disk/by-path/pci-0000:18:00.0-scsi-0:2:5:0
# # - name: /dev/disk/by-path/pci-0000:18:00.0-scsi-0:2:6:0
# # - name: /dev/disk/by-path/pci-0000:18:00.0-scsi-0:2:7:0
# # - name: /dev/disk/by-path/pci-0000:18:00.0-scsi-0:2:8:0
# - name: changemes04
# # Instead of enlisting available devices you can use regex
# devicePathFilter: "^/dev/disk/by-path/pci-0000:18:00.0-scsi-0:2:[3-8]:0"
# - name: changemes05
# devices:
# # Or you can use drive names (directly)
# # - name: /dev/sdc
# # - name: /dev/sdd
# # - name: /dev/sde
# # - name: /dev/sdf
# # - name: /dev/sdg
# # - name: /dev/sdh
# - name: changemes06
# # Or via regex
# deviceFilter: "^/dev/sd[c-h]"
# Also you can configure each device and/or each node. Please refer to the official rook
# documentation for the branch 1.5.x
---

41
manifests/type/airship-core/target/workload/storage/rook/kustomization.yaml Normal file
View File

@ -0,0 +1,41 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: rook-ceph
resources:
- namespace.yaml # Name space (rook-ceph) should be installed together with the rook-operator
# however we add this file here, to make sure we do have this ns deployed.
- ceph-conf.yaml
- cephcluster.yaml
- rook-ceph-tools.yaml
# Below is the functions section. You are free to comment out or in oppsite to remove comments
# enabling or disabling any function in the list.
# All functions are independent, and can be deployed simultaneously at any moment.
- ../../../../../../function/rook-cluster/pools
- ../../../../../../function/rook-cluster/cephfs
- ../../../../../../function/rook-cluster/dashboard/http
patchesJSON6902:
- target:
kind: CephCluster
name: ceph
patch: |-
- op: replace
path: /spec/dashboard/enabled
value: true
- op: replace
path: /spec/dashboard/ssl
value: true
# If you enabling ssl for the dashboard, do not forget
# to enable the patch below
- target:
kind: Service
name: rook-ceph-mgr-dashboard
patch: |-
- op: replace
path: "/spec/ports"
value:
- name: dashboard
port: 8443
protocol: TCP
targetPort: 8443

9
manifests/type/airship-core/target/workload/storage/rook/namespace.yaml Normal file
View File

@ -0,0 +1,9 @@
# TO BE DELETED
# The namespace rook-ceph should be installed together
# with rook-ceph-operator. However, we will keep this file
# in current PS for the debug purposes.
# apiVersion: v1
# kind: Namespace
# metadata:
# name: rook-ceph

2
manifests/type/airship-core/target/workload/storage/rook/replacements/kustomization.yaml Normal file
View File

@ -0,0 +1,2 @@
resources:
- versions.yaml

30
manifests/type/airship-core/target/workload/storage/rook/replacements/versions.yaml Normal file
View File

@ -0,0 +1,30 @@
apiVersion: airshipit.org/v1alpha1
kind: ReplacementTransformer
metadata:
name: rook-ceph-cluster-replacements
annotations:
config.kubernetes.io/function: |-
container:
image: quay.io/airshipit/replacement-transformer:v2
replacements:
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.images.storage-rook.ceph.rook-ceph-tools.image}"
target:
objref:
kind: Deployment
name: rook-ceph-tools
fieldrefs: ["{.spec.template.spec.containers[?(.name == 'rook-ceph-tools')].image}"]
- source:
objref:
kind: VersionsCatalogue
name: versions-treasuremap
fieldref: "{.spec.images.storage-rook.ceph.ceph.ceph-version.image}"
target:
objref:
kind: CephCluster
name: ceph
fieldrefs: ["{.spec.cephVersion.image}"]

55
manifests/type/airship-core/target/workload/storage/rook/rook-ceph-tools.yaml Normal file
View File

@ -0,0 +1,55 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: rook-ceph-tools
namespace: rook-ceph # namespace:cluster
labels:
app: rook-ceph-tools
spec:
replicas: 1
selector:
matchLabels:
app: rook-ceph-tools
template:
metadata:
labels:
app: rook-ceph-tools
spec:
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: rook-ceph-tools
image: rook/ceph:v1.5.9
command: ["/tini"]
args: ["-g", "--", "/usr/local/bin/toolbox.sh"]
imagePullPolicy: IfNotPresent
env:
- name: ROOK_CEPH_USERNAME
valueFrom:
secretKeyRef:
name: rook-ceph-mon
key: ceph-username
- name: ROOK_CEPH_SECRET
valueFrom:
secretKeyRef:
name: rook-ceph-mon
key: ceph-secret
volumeMounts:
- mountPath: /etc/ceph
name: ceph-config
- name: mon-endpoint-volume
mountPath: /etc/rook
volumes:
- name: mon-endpoint-volume
configMap:
name: rook-ceph-mon-endpoints
items:
- key: data
path: mon-endpoints
- name: ceph-config
emptyDir: {}
tolerations:
- key: "node.kubernetes.io/unreachable"
operator: "Exists"
effect: "NoExecute"
tolerationSeconds: 5