1apiVersion: v1
2kind: Namespace
3metadata:
4 name: local-storage-provider
5 labels:
6 workload.edge.ncr.com: platform
7 platform.edge.ncr.com/component: rancher-local-storage
8 annotations:
9 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
10 pallet.edge.ncr.com/name: local-storage-provider
11 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
12 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
13 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
14 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
15---
16apiVersion: storage.k8s.io/v1
17kind: StorageClass
18metadata:
19 name: local-path
20 labels:
21 platform.edge.ncr.com/component: rancher-local-storage
22 annotations:
23 defaultVolumeType: local
24 storageclass.kubernetes.io/is-default-class: "true"
25 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
26 pallet.edge.ncr.com/name: local-storage-provider
27 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
28 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
29 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
30 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
31provisioner: rancher.io/local-path
32reclaimPolicy: Delete
33volumeBindingMode: WaitForFirstConsumer
34---
35apiVersion: v1
36kind: ServiceAccount
37metadata:
38 name: local-path-provisioner-service-account
39 namespace: local-storage-provider
40 labels:
41 platform.edge.ncr.com/component: rancher-local-storage
42 annotations:
43 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
44 pallet.edge.ncr.com/name: local-storage-provider
45 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
46 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
47 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
48 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
49---
50apiVersion: rbac.authorization.k8s.io/v1
51kind: ClusterRole
52metadata:
53 name: local-path-provisioner-role
54 labels:
55 platform.edge.ncr.com/component: rancher-local-storage
56 annotations:
57 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
58 pallet.edge.ncr.com/name: local-storage-provider
59 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
60 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
61 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
62 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
63rules:
64- resources:
65 - nodes
66 - persistentvolumeclaims
67 - configmaps
68 apiGroups:
69 - ""
70 verbs:
71 - get
72 - list
73 - watch
74- resources:
75 - endpoints
76 - persistentvolumes
77 - pods
78 apiGroups:
79 - ""
80 verbs:
81 - '*'
82- resources:
83 - events
84 apiGroups:
85 - ""
86 verbs:
87 - create
88 - patch
89- resources:
90 - storageclasses
91 apiGroups:
92 - storage.k8s.io
93 verbs:
94 - get
95 - list
96 - watch
97---
98apiVersion: rbac.authorization.k8s.io/v1
99kind: ClusterRoleBinding
100metadata:
101 name: local-path-provisioner-bind
102 labels:
103 platform.edge.ncr.com/component: rancher-local-storage
104 annotations:
105 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
106 pallet.edge.ncr.com/name: local-storage-provider
107 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
108 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
109 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
110 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
111roleRef:
112 name: local-path-provisioner-role
113 kind: ClusterRole
114 apiGroup: rbac.authorization.k8s.io
115subjects:
116- name: local-path-provisioner-service-account
117 namespace: local-storage-provider
118 kind: ServiceAccount
119---
120apiVersion: v1
121kind: ConfigMap
122metadata:
123 name: local-path-config
124 namespace: local-storage-provider
125 labels:
126 platform.edge.ncr.com/component: rancher-local-storage
127 annotations:
128 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
129 pallet.edge.ncr.com/name: local-storage-provider
130 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
131 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
132 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
133 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
134data:
135 helperConfig.json: |-
136 {
137 "nodePathMap": [
138 {
139 "node": "DEFAULT_PATH_FOR_NON_LISTED_NODES",
140 "paths": [
141 "/mnt/k8s-local"
142 ]
143 }
144 ]
145 }
146 helperPod.yaml: |
147 apiVersion: v1
148 kind: Pod
149 metadata:
150 name: helper-pod
151 namespace: local-storage-provider
152 spec:
153 containers:
154 - name: helper-pod
155 image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/workloads/local-path-provisioner-helper:v0.0.3 # TODO: automate build+push via bazel
156 volumeMounts:
157 - name: lvm-lock
158 readOnly: false
159 mountPath: /run/lock/lvm
160 - name: host-devices
161 readOnly: false
162 mountPath: /dev
163 - name: data
164 mountPropagation: Bidirectional
165 imagePullPolicy: IfNotPresent
166 securityContext:
167 capabilities:
168 drop:
169 - all
170 privileged: true
171 volumes:
172 - name: host-devices
173 hostPath:
174 type: DirectoryOrCreate
175 path: /dev
176 - name: lvm-lock
177 hostPath:
178 type: DirectoryOrCreate
179 path: /run/lock/lvm
180 imagePullSecrets:
181 - name: edge-docker-pull-secret
182 setup: |-
183 #!/bin/sh
184 set -eu
185 echo "Disabled udev in lvm config"
186 sed -i -e 's/udev_rules.*/udev_rules = 0/' -e 's/udev_scan.*/udev_scan = 0/' /etc/lvm/lvm.conf
187
188 mkdir -vp "$$VOL_DIR"
189 pvcName=$$(basename "$$VOL_DIR")
190
191 if ! [ -L "/dev/ien/$$pvcName" ]; then
192 echo "Creating a new logical volume called $pvcName"
193 lvcreate -v -V"$$VOL_SIZE_BYTES"b -T ien/lvthin -n "$$pvcName"
194 else
195 echo "Tried creating a new logical volume called $$pvcName but it already exists"
196 fi
197
198 vol_realp=$$(readlink -f "/dev/ien/$$pvcName")
199 if ! findmnt --source "$$vol_realp" >/dev/null; then
200 echo "Checking for Ext4 filesystem"
201 if ! e2fsck -fvy /dev/ien/"$$pvcName"; then
202 echo "Creating an Ext4 filesystem on a logical volume called $$pvcName"
203 wipefs --all --force /dev/ien/"$$pvcName"
204 mkfs.ext4 -v /dev/ien/"$$pvcName"
205 fi
206
207 tunePerc=1
208 echo "Setting ext4 reserved blocks in $${pvcName} to $${tunePerc}%"
209 tune2fs -m"$$tunePerc" /dev/ien/"$$pvcName"
210
211 mount -v /dev/ien/"$$pvcName" "$$VOL_DIR"
212 else
213 echo "$$pvcName is already mounted"
214 fi
215
216 echo "Shutting down linkerd-proxy"
217 curl -X POST http://localhost:4191/shutdown || true
218 teardown: |-
219 #!/bin/sh
220 set -eu
221 echo "Disabled udev in lvm config"
222 sed -i -e 's/udev_rules.*/udev_rules = 0/' -e 's/udev_scan.*/udev_scan = 0/' /etc/lvm/lvm.conf
223 pvcName=$$(basename "$$VOL_DIR")
224
225 vol_realp=$$(readlink -f "/dev/ien/$$pvcName")
226 if ! findmnt --source "$$vol_realp" >/dev/null; then
227 echo "$$pvcName has already been unmounted"
228 else
229 umount -v "$$VOL_DIR"
230 fi
231
232 rm -rfv "$$VOL_DIR"
233
234 if [ -L "/dev/ien/$$pvcName" ]; then
235 echo "Removing logical volume called $$pvcName"
236 lvremove -v -y /dev/ien/"$$pvcName"
237 else
238 echo "Logical volume called $$pvcName has already been removed"
239 fi
240
241 echo "Shutting down linkerd-proxy"
242 curl -X POST http://localhost:4191/shutdown || true
243---
244apiVersion: apps/v1
245kind: Deployment
246metadata:
247 name: local-path-provisioner
248 namespace: local-storage-provider
249 labels:
250 platform.edge.ncr.com/component: rancher-local-storage
251 annotations:
252 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
253 pallet.edge.ncr.com/name: local-storage-provider
254 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
255 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
256 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
257 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
258spec:
259 replicas: 1
260 selector:
261 matchLabels:
262 app: local-path-provisioner
263 platform.edge.ncr.com/component: rancher-local-storage
264 template:
265 metadata:
266 labels:
267 app: local-path-provisioner
268 platform.edge.ncr.com/component: rancher-local-storage
269 annotations:
270 rancher/local.storage.provisioner: "reprovision"
271 pallet.edge.ncr.com/created: "2023-02-16T21:26:39Z"
272 pallet.edge.ncr.com/name: local-storage-provider
273 pallet.edge.ncr.com/revision: 696897a3df910b6e84a88c9336907a17b18159c1
274 pallet.edge.ncr.com/source: https://github.com/ncrvoyix-swt-retail/edge-infra/tree/696897a3df910b6e84a88c9336907a17b18159c1
275 pallet.edge.ncr.com/team: '@ncrvoyix-swt-retail/sds'
276 pallet.edge.ncr.com/version: 7.7.7-rc.1676582799+commit.696897a
277 spec:
278 serviceAccountName: local-path-provisioner-service-account
279 containers:
280 - name: local-path-provisioner
281 image: us-east1-docker.pkg.dev/ret-edge-pltf-infra/thirdparty/rancher/local-path-provisioner@sha256:4e56dad0fbb7fb06c41eb282bbdc591869d3b3ce9880a97dfa64608cf842fd86
282 command:
283 - local-path-provisioner
284 - --debug
285 - start
286 - --config
287 - /etc/config/config.json
288 env:
289 - name: POD_NAMESPACE
290 valueFrom:
291 fieldRef:
292 fieldPath: metadata.namespace
293 volumeMounts:
294 - name: config-volume
295 mountPath: /etc/config/
296 imagePullPolicy: IfNotPresent
297 volumes:
298 - name: config-volume
299 configMap:
300 name: local-path-config
View as plain text