Merge "Improves ceph-provisioner storageclasses"

2019-04-02 05:37:26 +00:00 · 2019-04-02 05:37:26 +00:00 · 15a0cd7c2b
commit 15a0cd7c2b
parent 76e4021648 361f0bebb7
8 changed files with 163 additions and 93 deletions
--- a/ceph-provisioners/templates/job-cephfs-client-key.yaml
+++ b/ceph-provisioners/templates/job-cephfs-client-key.yaml
@ -54,7 +54,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: Role
 metadata:
  name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }}
-  namespace: {{ .Values.storageclass.rbd.admin_secret_namespace }}
+  namespace: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
 rules:
  - apiGroups:
      - ""
@ -68,7 +68,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: RoleBinding
 metadata:
  name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }}
-  namespace: {{ .Values.storageclass.rbd.admin_secret_namespace }}
+  namespace: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
@ -106,11 +106,11 @@ spec:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: PVC_CEPH_CEPHFS_STORAGECLASS_USER_SECRET_NAME
-              value: {{ .Values.storageclass.cephfs.user_secret_name }}
+              value: {{ .Values.storageclass.cephfs.parameters.userSecretName }}
            - name: PVC_CEPH_CEPHFS_STORAGECLASS_ADMIN_SECRET_NAME
-              value: {{ .Values.storageclass.cephfs.admin_secret_name }}
+              value: {{ .Values.storageclass.cephfs.parameters.adminSecretName }}
            - name: PVC_CEPH_CEPHFS_STORAGECLASS_DEPLOYED_NAMESPACE
-              value: {{ .Values.storageclass.cephfs.admin_secret_namespace }}
+              value: {{ .Values.storageclass.cephfs.parameters.adminSecretNamespace }}
          command:
            - /tmp/provisioner-cephfs-client-key-manager.sh
          volumeMounts:
--- a/ceph-provisioners/templates/job-namespace-client-key-cleaner.yaml
+++ b/ceph-provisioners/templates/job-namespace-client-key-cleaner.yaml
@ -77,7 +77,7 @@ spec:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: PVC_CEPH_RBD_STORAGECLASS_USER_SECRET_NAME
-              value: {{ .Values.storageclass.rbd.user_secret_name }}
+              value: {{ .Values.storageclass.rbd.parameters.userSecretName }}
          command:
            - /tmp/provisioner-rbd-namespace-client-key-cleaner.sh
          volumeMounts:
--- a/ceph-provisioners/templates/job-namespace-client-key.yaml
+++ b/ceph-provisioners/templates/job-namespace-client-key.yaml
@ -54,7 +54,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: Role
 metadata:
  name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }}
-  namespace: {{ .Values.storageclass.rbd.admin_secret_namespace }}
+  namespace: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
 rules:
  - apiGroups:
      - ""
@ -68,7 +68,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: RoleBinding
 metadata:
  name: {{ printf "%s-%s" $serviceAccountName $randStringSuffix }}
-  namespace: {{ .Values.storageclass.rbd.admin_secret_namespace }}
+  namespace: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
@ -104,11 +104,11 @@ spec:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: PVC_CEPH_RBD_STORAGECLASS_USER_SECRET_NAME
-              value: {{ .Values.storageclass.rbd.user_secret_name }}
+              value: {{ .Values.storageclass.rbd.parameters.userSecretName }}
            - name: PVC_CEPH_RBD_STORAGECLASS_ADMIN_SECRET_NAME
-              value: {{ .Values.storageclass.rbd.admin_secret_name }}
+              value: {{ .Values.storageclass.rbd.parameters.adminSecretName }}
            - name: PVC_CEPH_RBD_STORAGECLASS_DEPLOYED_NAMESPACE
-              value: {{ .Values.storageclass.rbd.admin_secret_namespace }}
+              value: {{ .Values.storageclass.rbd.parameters.adminSecretNamespace }}
          command:
            - /tmp/provisioner-rbd-namespace-client-key-manager.sh
          volumeMounts:
--- a/ceph-provisioners/templates/storageclass-cephfs.yaml
+++ b/ceph-provisioners/templates/storageclass-cephfs.yaml
@ -1,30 +0,0 @@
 {{/*
 Copyright 2017 The Openstack-Helm Authors.
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
   http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 {{- if and .Values.manifests.storageclass_cephfs ( and .Values.deployment.ceph .Values.storageclass.cephfs.provision_storage_class ) }}
 {{- $envAll := . }}
 ---
 kind: StorageClass
 apiVersion: storage.k8s.io/v1
 metadata:
  name: {{ .Values.storageclass.cephfs.name }}
 provisioner: {{ .Values.storageclass.cephfs.provisioner }}
 parameters:
    monitors: {{ tuple "ceph_mon" "internal" "mon" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
    adminId: {{ .Values.storageclass.cephfs.admin_id | quote }}
    adminSecretName: {{ .Values.storageclass.cephfs.user_secret_name | quote }}
    adminSecretNamespace: {{ .Release.Namespace | quote }}
 {{- end }}
--- a/ceph-provisioners/templates/storageclass-rbd.yaml
+++ b/ceph-provisioners/templates/storageclass-rbd.yaml
@ -1,35 +0,0 @@
 {{/*
 Copyright 2017 The Openstack-Helm Authors.
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
   http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 {{- if and .Values.manifests.storageclass_rbd (and .Values.deployment.ceph .Values.storageclass.rbd.provision_storage_class) }}
 {{- $envAll := . }}
 ---
 apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:
    name: {{ .Values.storageclass.rbd.name }}
 provisioner: {{ .Values.storageclass.rbd.provisioner }}
 parameters:
    monitors: {{ tuple "ceph_mon" "internal" "mon" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
    adminId: {{ .Values.storageclass.rbd.admin_id }}
    adminSecretName: {{ .Values.storageclass.rbd.admin_secret_name }}
    adminSecretNamespace: {{ .Values.storageclass.rbd.admin_secret_namespace }}
    pool: {{ .Values.storageclass.rbd.pool }}
    userId: {{ .Values.storageclass.rbd.user_id }}
    userSecretName: {{ .Values.storageclass.rbd.user_secret_name }}
    imageFormat: {{ .Values.storageclass.rbd.image_format | quote }}
    imageFeatures: {{ .Values.storageclass.rbd.image_features }}
 {{- end }}
--- a/ceph-provisioners/templates/storageclass.yaml
+++ b/ceph-provisioners/templates/storageclass.yaml
@ -0,0 +1,21 @@
 {{/*
 Copyright 2017 The Openstack-Helm Authors.
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
   http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 {{- if and .Values.manifests.storageclass (.Values.deployment.ceph) }}
 {{- range $storageclass, $val := .Values.storageclass }}
 {{ dict "storageclass_data" $val "envAll" $ | include "helm-toolkit.manifests.ceph-storageclass" }}
 {{- end }}
 {{- end }}
--- a/ceph-provisioners/values.yaml
+++ b/ceph-provisioners/values.yaml
@ -171,29 +171,35 @@ bootstrap:
 # if you change provision_storage_class to false
 # it is presumed you manage your own storage
 # class definition externally
 #(kranthikirang):We iterate over each storageclass parameters
 #and derive the manifest.
 storageclass:
  rbd:
    provision_storage_class: true
    provisioner: ceph.com/rbd
    name: general
    monitors: null
    pool: rbd
    admin_id: admin
    ceph_configmap_name: ceph-etc
-    admin_secret_name: pvc-ceph-conf-combined-storageclass
+    metadata:
-    admin_secret_namespace: ceph
+      default_storage_class: true
-    user_id: admin
+      name: general
-    user_secret_name: pvc-ceph-client-key
+    parameters:
-    image_format: "2"
+      pool: rbd
-    image_features: layering
+      adminId: admin
      adminSecretName: pvc-ceph-conf-combined-storageclass
      adminSecretNamespace: ceph
      userId: admin
      userSecretName: pvc-ceph-client-key
      imageFormat: "2"
      imageFeatures: layering
  cephfs:
    provision_storage_class: true
    provisioner: ceph.com/cephfs
-    name: cephfs
+    metadata:
-    admin_id: admin
+      name: cephfs
-    user_secret_name: pvc-ceph-cephfs-client-key
+    parameters:
-    admin_secret_name: pvc-ceph-conf-combined-storageclass
+      adminId: admin
-    admin_secret_namespace: ceph
+      userSecretName: pvc-ceph-cephfs-client-key
      adminSecretName: pvc-ceph-conf-combined-storageclass
      adminSecretNamespace: ceph
 endpoints:
  cluster_domain_suffix: cluster.local
@ -231,5 +237,4 @@ manifests:
  job_image_repo_sync: true
  job_namespace_client_key_cleaner: true
  job_namespace_client_key: true
-  storageclass_cephfs: true
+  storageclass: true
  storageclass_rbd: true
--- a/helm-toolkit/templates/manifests/_ceph-storageclass.tpl
+++ b/helm-toolkit/templates/manifests/_ceph-storageclass.tpl
@ -0,0 +1,109 @@
 {{/*
 Copyright 2017 The Openstack-Helm Authors.
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
   http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 {{/*
 abstract: |
  Creates a manifest for kubernete ceph storageclass
 examples:
  - values: |
      manifests:
        storageclass: true
      storageclass:
        rbd:
          provision_storage_class: true
          provisioner: "ceph.com/rbd"
          metadata:
            default_storage_class: true
            name: general
          parameters:
            #We will grab the monitors value based on helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup
            pool: rbd
            admin_id: admin
            ceph_configmap_name: "ceph-etc"
            admin_secret_name: "pvc-ceph-conf-combined-storageclass"
            admin_secret_namespace: ceph
            user_id: admin
            user_secret_name: "pvc-ceph-client-key"
            image_format: "2"
            image_features: layering
        cephfs:
          provision_storage_class: true
          provisioner: "ceph.com/cephfs"
          metadata:
            name: cephfs
          parameters:
            admin_id: admin
            user_secret_name: "pvc-ceph-cephfs-client-key"
            admin_secret_name: "pvc-ceph-conf-combined-storageclass"
            admin_secret_namespace: ceph
    usage: |
      {{- range $storageclass, $val := .Values.storageclass }}
      {{ dict "storageclass_data" $val "envAll" $ | include "helm-toolkit.manifests.ceph-storageclass" }}
      {{- end }}
    return: |
      ---
      apiVersion: storage.k8s.io/v1
      kind: StorageClass
      metadata:
        annotations:
          storageclass.kubernetes.io/is-default-class: "true"
        name: general
      provisioner: ceph.com/rbd
      parameters:
        monitors: ceph-mon.<ceph-namespace>.svc.<k8s-domain-name>:6789
        adminId: admin
        adminSecretName: pvc-ceph-conf-combined-storageclass
        adminSecretNamespace: ceph
        pool: rbd
        userId: admin
        userSecretName: pvc-ceph-client-key
        image_format: "2"
        image_features: layering
      ---
      apiVersion: storage.k8s.io/v1
      kind: StorageClass
      metadata:
        name: cephfs
      provisioner: ceph.com/rbd
      parameters:
        monitors: ceph-mon.<ceph-namespace>.svc.<k8s-domain-name>:6789
        adminId: admin
        adminSecretName: pvc-ceph-conf-combined-storageclass
        adminSecretNamespace: ceph
 */}}
 {{- define "helm-toolkit.manifests.ceph-storageclass" -}}
 {{- $envAll := index . "envAll" -}}
 {{- $storageclassData := index . "storageclass_data" -}}
 ---
 {{- if $storageclassData.provision_storage_class }}
 apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:
 {{- if $storageclassData.metadata.default_storage_class }}
  annotations:
    storageclass.kubernetes.io/is-default-class: "true"
 {{- end }}
  name: {{ $storageclassData.metadata.name }}
 provisioner: {{ $storageclassData.provisioner }}
 parameters:
  monitors: {{ tuple "ceph_mon" "internal" "mon" $envAll | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
 {{- range $attr, $value := $storageclassData.parameters }}
  {{ $attr }}: {{ $value | quote }}
 {{- end }}
 {{- end }}
 {{- end }}