Created
May 26, 2022 21:59
-
-
Save cobookman/7dba9a5c66082b47bf0d56d7a2db3e02 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # K8s service account for CSI Driver | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: local-volume-provisioner-admin | |
| namespace: kube-system | |
| --- | |
| # List of Permissions | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRole | |
| metadata: | |
| name: local-storage-provisioner-node-clusterrole | |
| rules: | |
| - apiGroups: [""] | |
| resources: ["persistentvolumes"] | |
| verbs: ["get", "list", "watch", "create", "delete"] | |
| - apiGroups: ["storage.k8s.io"] | |
| resources: ["storageclasses"] | |
| verbs: ["get", "list", "watch"] | |
| - apiGroups: [""] | |
| resources: ["events"] | |
| verbs: ["watch"] | |
| - apiGroups: ["", "events.k8s.io"] | |
| resources: ["events"] | |
| verbs: ["create", "update", "patch"] | |
| - apiGroups: [""] | |
| resources: ["nodes"] | |
| verbs: ["get"] | |
| --- | |
| # Attach permissions to our service account | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRoleBinding | |
| metadata: | |
| name: local-storage-provisioner-node-binding | |
| namespace: kube-system | |
| subjects: | |
| - kind: ServiceAccount | |
| name: local-volume-provisioner-admin | |
| namespace: kube-system | |
| roleRef: | |
| kind: ClusterRole | |
| name: local-storage-provisioner-node-clusterrole | |
| apiGroup: rbac.authorization.k8s.io | |
| --- | |
| # Configuration for our Local Persistent Volume CSI Driver | |
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: local-volume-provisioner-config | |
| # TODO(boocolin,pbadie): Confirm what this namespace should be | |
| namespace: kube-system | |
| data: | |
| # Adds node's hostname as a label to each PV | |
| nodeLabelsForPV: | | |
| - kubernetes.io/hostname | |
| storageClassMap: | | |
| fast-disks: | |
| # path to the directory of local volumes | |
| hostDir: /mnt/fast-disks | |
| # the mount path of host directory in provisioner pod | |
| # TODO(boocolin, pbadie): This might not need to be set, and is optionatl | |
| # or over-rides hostdir in a few configs. | |
| # see - https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner/blob/master/helm/provisioner/templates/daemonset_linux.yaml | |
| mountDir: /mnt/fast-disks | |
| # The shred.sh script is contained in the CSI drivers container | |
| # https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner/blob/master/deployment/docker/scripts/shred.sh | |
| blockCleanerCommand: | |
| - "/scripts/shred.sh" | |
| - "2" | |
| # The volume mode of PV. It defines whether a device volume is # | |
| # intended to use as a formatted filesystem volume or to remain in block | |
| # state. Value of Filesystem is implied when omitted. | |
| volumeMode: Filesystem | |
| fsType: ext4 | |
| # name pattern check | |
| # only discover local disk mounted to path matching pattern("*" by default). | |
| namePattern: "*" | |
| --- | |
| # The Local Persistent Volume CSI Driver | |
| apiVersion: apps/v1 | |
| kind: DaemonSet | |
| metadata: | |
| name: local-volume-provisioner | |
| namespace: kube-system | |
| labels: | |
| app.kubernetes.io/name: local-volume-provisioner | |
| spec: | |
| selector: | |
| matchLabels: | |
| app.kubernetes.io/name: local-volume-provisioner | |
| template: | |
| metadata: | |
| labels: | |
| app.kubernetes.io/name: local-volume-provisioner | |
| spec: | |
| serviceAccountName: local-volume-provisioner-admin | |
| containers: | |
| - image: "registry.k8s.io/sig-storage/local-volume-provisioner:v2.4.0" | |
| # In production you can use the cached image by setting this | |
| # to: IfNotPresent | |
| imagePullPolicy: "Always" | |
| name: provisioner | |
| securityContext: | |
| privileged: true | |
| env: | |
| - name: MY_NODE_NAME | |
| valueFrom: | |
| fieldRef: | |
| fieldPath: spec.nodeName | |
| - name: MY_NAMESPACE | |
| valueFrom: | |
| fieldRef: | |
| fieldPath: metadata.namespace | |
| ports: | |
| # List of metrics at | |
| # https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner/blob/cee9e228dc28a4355f664b4fe2236b1857fe4eca/pkg/metrics/metrics.go | |
| - name: metrics | |
| containerPort: 8080 | |
| volumeMounts: | |
| - name: provisioner-config | |
| mountPath: /etc/provisioner/config | |
| readOnly: true | |
| - mountPath: /mnt/fast-disks | |
| name: fast-disks | |
| mountPropagation: "HostToContainer" | |
| volumes: | |
| - name: provisioner-config | |
| configMap: | |
| name: local-volume-provisioner-config | |
| - name: fast-disks | |
| hostPath: | |
| path: /mnt/fast-disks |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment