diff --git a/local-volume/helm/README.md b/local-volume/helm/README.md index 2afc07ef7c1..3fa5cac909e 100644 --- a/local-volume/helm/README.md +++ b/local-volume/helm/README.md @@ -72,8 +72,9 @@ provisioner chart and their default values. | daemonset.serviceAccount | Provisioner DaemonSet service account. | str | `local-storage-admin` | | daemonset.kubeConfigEnv | Specify the location of kubernetes config file. | str | `-` | | daemonset.nodeLabels | List of node labels to be copied to the PVs created by the provisioner. | list | `-` | +| daemonset.nodeSelector | NodeSelector constraint on nodes eligible to run the provisioner. | map | `-` | | daemonset.tolerations | List of tolerations to be applied to the Provisioner DaemonSet. | list | `-` | -| daemonset.resources | Map of resource request and limits to be applied to the Provisioner Daemonset. | map | `-` | +| daemonset.resources | Map of resource request and limits to be applied to the Provisioner Daemonset. | map | `-` | Note: `classes` is a list of objects, you can specify one or more classes. ## Examples diff --git a/local-volume/helm/examples/baremetal-nodeselector.yaml b/local-volume/helm/examples/baremetal-nodeselector.yaml new file mode 100644 index 00000000000..4526479d71e --- /dev/null +++ b/local-volume/helm/examples/baremetal-nodeselector.yaml @@ -0,0 +1,20 @@ +classes: +- name: local-storage + hostDir: /mnt/disks + blockCleanerCommand: + # Do a quick reset of the block device during its cleanup. + # - "/scripts/quick_reset.sh" + # or use dd to zero out block dev in two iterations by uncommenting these lines. + # - "/scripts/dd_zero.sh" + # - "2" + # or run shred utility for 2 iterations. + - "/scripts/shred.sh" + - "2" + # or blkdiscard utility by uncommenting the line below. + # - "/scripts/blkdiscard.sh" + volumeMode: Block + storageClass: true + +daemonset: + nodeSelector: + localVolume: present diff --git a/local-volume/helm/provisioner/Chart.yaml b/local-volume/helm/provisioner/Chart.yaml index 814f172095d..91d6e203b15 100644 --- a/local-volume/helm/provisioner/Chart.yaml +++ b/local-volume/helm/provisioner/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -version: 2.0.0 +version: 2.3.0 description: local provisioner chart name: provisioner keywords: diff --git a/local-volume/helm/provisioner/templates/provisioner.yaml b/local-volume/helm/provisioner/templates/provisioner.yaml index f93c83b7df1..da7fd0af28d 100644 --- a/local-volume/helm/provisioner/templates/provisioner.yaml +++ b/local-volume/helm/provisioner/templates/provisioner.yaml @@ -61,6 +61,10 @@ spec: app: local-volume-provisioner spec: serviceAccountName: {{.Values.daemonset.serviceAccount}} +{{- if .Values.daemonset.nodeSelector }} + nodeSelector: +{{ .Values.daemonset.nodeSelector | toYaml | trim | indent 8 }} +{{- end }} {{- if .Values.daemonset.tolerations }} tolerations: {{ .Values.daemonset.tolerations | toYaml | trim | indent 8 }} diff --git a/local-volume/helm/provisioner/values.yaml b/local-volume/helm/provisioner/values.yaml index 77bc0cb49d3..b7ab80eb430 100644 --- a/local-volume/helm/provisioner/values.yaml +++ b/local-volume/helm/provisioner/values.yaml @@ -89,6 +89,11 @@ daemonset: # Defines a name of the service account which Provisioner will use to communicate with API server. # serviceAccount: local-storage-admin + # If configured, nodeSelector will add a nodeSelector field to the DaemonSet PodSpec. + # + # NodeSelector constraint for local-volume-provisioner scheduling to nodes. + # Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector + nodeSelector: {} # # If configured KubeConfigEnv will (optionally) specify the location of kubeconfig file on the node. # kubeConfigEnv: KUBECONFIG diff --git a/local-volume/helm/test/expected/baremetal-cleanbyjobs.yaml b/local-volume/helm/test/expected/baremetal-cleanbyjobs.yaml index d4f5c1f80f6..ea1b0c6abb2 100644 --- a/local-volume/helm/test/expected/baremetal-cleanbyjobs.yaml +++ b/local-volume/helm/test/expected/baremetal-cleanbyjobs.yaml @@ -8,7 +8,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 data: useJobForCleaning: "yes" storageClassMap: | @@ -91,7 +91,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 --- # Source: provisioner/templates/provisioner-cluster-role-binding.yaml @@ -104,7 +104,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin @@ -122,7 +122,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 rules: - apiGroups: [""] resources: ["nodes"] @@ -136,7 +136,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin @@ -154,7 +154,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 rules: - apiGroups: - 'batch' @@ -171,7 +171,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin diff --git a/local-volume/helm/test/expected/baremetal-nodeselector.yaml b/local-volume/helm/test/expected/baremetal-nodeselector.yaml new file mode 100644 index 00000000000..c21d4378121 --- /dev/null +++ b/local-volume/helm/test/expected/baremetal-nodeselector.yaml @@ -0,0 +1,150 @@ +--- +# Source: provisioner/templates/provisioner.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: local-provisioner-config + namespace: default + labels: + heritage: "Tiller" + release: "RELEASE-NAME" + chart: provisioner-2.3.0 +data: + storageClassMap: | + local-storage: + hostDir: /mnt/disks + mountDir: /mnt/disks + blockCleanerCommand: + - "/scripts/shred.sh" + - "2" + volumeMode: Block +--- +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: local-volume-provisioner + namespace: default + labels: + app: local-volume-provisioner +spec: + selector: + matchLabels: + app: local-volume-provisioner + template: + metadata: + labels: + app: local-volume-provisioner + spec: + serviceAccountName: local-storage-admin + nodeSelector: + localVolume: present + containers: + - image: "quay.io/external_storage/local-volume-provisioner:v2.2.0" + name: provisioner + securityContext: + privileged: true + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: JOB_CONTAINER_IMAGE + value: "quay.io/external_storage/local-volume-provisioner:v2.2.0" + volumeMounts: + - mountPath: /etc/provisioner/config + name: provisioner-config + readOnly: true + - mountPath: /dev + name: provisioner-dev + - mountPath: /mnt/disks + name: local-storage + mountPropagation: "HostToContainer" + volumes: + - name: provisioner-config + configMap: + name: local-provisioner-config + - name: provisioner-dev + hostPath: + path: /dev + - name: local-storage + hostPath: + path: /mnt/disks +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-storage +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Delete + +--- +# Source: provisioner/templates/provisioner-service-account.yaml + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-storage-admin + namespace: default + labels: + heritage: "Tiller" + release: "RELEASE-NAME" + chart: provisioner-2.3.0 + +--- +# Source: provisioner/templates/provisioner-cluster-role-binding.yaml + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-storage-provisioner-pv-binding + namespace: default + labels: + heritage: "Tiller" + release: "RELEASE-NAME" + chart: provisioner-2.3.0 +subjects: +- kind: ServiceAccount + name: local-storage-admin + namespace: default +roleRef: + kind: ClusterRole + name: system:persistent-volume-provisioner + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-storage-provisioner-node-clusterrole + namespace: default + labels: + heritage: "Tiller" + release: "RELEASE-NAME" + chart: provisioner-2.3.0 +rules: +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-storage-provisioner-node-binding + namespace: default + labels: + heritage: "Tiller" + release: "RELEASE-NAME" + chart: provisioner-2.3.0 +subjects: +- kind: ServiceAccount + name: local-storage-admin + namespace: default +roleRef: + kind: ClusterRole + name: local-storage-provisioner-node-clusterrole + apiGroup: rbac.authorization.k8s.io + diff --git a/local-volume/helm/test/expected/baremetal-resyncperiod.yaml b/local-volume/helm/test/expected/baremetal-resyncperiod.yaml index 5dd28deb350..52aa1309596 100644 --- a/local-volume/helm/test/expected/baremetal-resyncperiod.yaml +++ b/local-volume/helm/test/expected/baremetal-resyncperiod.yaml @@ -8,7 +8,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 data: minResyncPeriod: "1h" storageClassMap: | @@ -91,7 +91,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 --- # Source: provisioner/templates/provisioner-cluster-role-binding.yaml @@ -104,7 +104,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin @@ -122,7 +122,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 rules: - apiGroups: [""] resources: ["nodes"] @@ -136,7 +136,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin diff --git a/local-volume/helm/test/expected/baremetal-tolerations.yaml b/local-volume/helm/test/expected/baremetal-tolerations.yaml index 4776719fead..5bcf1179afe 100644 --- a/local-volume/helm/test/expected/baremetal-tolerations.yaml +++ b/local-volume/helm/test/expected/baremetal-tolerations.yaml @@ -8,7 +8,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 data: storageClassMap: | local-storage: @@ -94,7 +94,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 --- # Source: provisioner/templates/provisioner-cluster-role-binding.yaml @@ -107,7 +107,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin @@ -125,7 +125,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 rules: - apiGroups: [""] resources: ["nodes"] @@ -139,7 +139,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin diff --git a/local-volume/helm/test/expected/baremetal-with-resource-limits.yaml b/local-volume/helm/test/expected/baremetal-with-resource-limits.yaml index a824a9f5d95..74eac86f7fe 100644 --- a/local-volume/helm/test/expected/baremetal-with-resource-limits.yaml +++ b/local-volume/helm/test/expected/baremetal-with-resource-limits.yaml @@ -8,7 +8,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 data: storageClassMap: | local-storage: @@ -98,7 +98,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 --- # Source: provisioner/templates/provisioner-cluster-role-binding.yaml @@ -111,7 +111,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin @@ -129,7 +129,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 rules: - apiGroups: [""] resources: ["nodes"] @@ -143,7 +143,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin diff --git a/local-volume/helm/test/expected/baremetal-without-rbac.yaml b/local-volume/helm/test/expected/baremetal-without-rbac.yaml index 1bf58168e85..51ad2bdba2d 100644 --- a/local-volume/helm/test/expected/baremetal-without-rbac.yaml +++ b/local-volume/helm/test/expected/baremetal-without-rbac.yaml @@ -8,7 +8,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 data: storageClassMap: | local-storage: diff --git a/local-volume/helm/test/expected/baremetal.yaml b/local-volume/helm/test/expected/baremetal.yaml index b758a03df88..9bddf482e00 100644 --- a/local-volume/helm/test/expected/baremetal.yaml +++ b/local-volume/helm/test/expected/baremetal.yaml @@ -8,7 +8,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 data: storageClassMap: | local-storage: @@ -91,7 +91,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 --- # Source: provisioner/templates/provisioner-cluster-role-binding.yaml @@ -104,7 +104,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin @@ -122,7 +122,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 rules: - apiGroups: [""] resources: ["nodes"] @@ -136,7 +136,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin diff --git a/local-volume/helm/test/expected/gce-pre1.9.yaml b/local-volume/helm/test/expected/gce-pre1.9.yaml index 8e7c2d84ac2..77cb73e6f38 100644 --- a/local-volume/helm/test/expected/gce-pre1.9.yaml +++ b/local-volume/helm/test/expected/gce-pre1.9.yaml @@ -8,7 +8,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 data: useAlphaAPI: "true" useNodeNameOnly: "true" @@ -89,7 +89,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 --- # Source: provisioner/templates/provisioner-cluster-role-binding.yaml @@ -102,7 +102,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin @@ -120,7 +120,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 rules: - apiGroups: [""] resources: ["nodes"] @@ -134,7 +134,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin diff --git a/local-volume/helm/test/expected/gce-retain.yaml b/local-volume/helm/test/expected/gce-retain.yaml index 281ee89872a..cd37bfffd2c 100644 --- a/local-volume/helm/test/expected/gce-retain.yaml +++ b/local-volume/helm/test/expected/gce-retain.yaml @@ -8,7 +8,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 data: useNodeNameOnly: "true" storageClassMap: | @@ -105,7 +105,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 --- # Source: provisioner/templates/provisioner-cluster-role-binding.yaml @@ -118,7 +118,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin @@ -136,7 +136,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 rules: - apiGroups: [""] resources: ["nodes"] @@ -150,7 +150,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin diff --git a/local-volume/helm/test/expected/gce.yaml b/local-volume/helm/test/expected/gce.yaml index bf444dca9a9..9a681e78f18 100644 --- a/local-volume/helm/test/expected/gce.yaml +++ b/local-volume/helm/test/expected/gce.yaml @@ -8,7 +8,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 data: useNodeNameOnly: "true" storageClassMap: | @@ -109,7 +109,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 --- # Source: provisioner/templates/provisioner-cluster-role-binding.yaml @@ -122,7 +122,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin @@ -140,7 +140,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 rules: - apiGroups: [""] resources: ["nodes"] @@ -154,7 +154,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin diff --git a/local-volume/helm/test/expected/gke.yaml b/local-volume/helm/test/expected/gke.yaml index 9aa04142e03..64b9e8635fa 100644 --- a/local-volume/helm/test/expected/gke.yaml +++ b/local-volume/helm/test/expected/gke.yaml @@ -8,7 +8,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 data: useNodeNameOnly: "true" storageClassMap: | @@ -88,7 +88,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 --- # Source: provisioner/templates/provisioner-cluster-role-binding.yaml @@ -101,7 +101,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin @@ -119,7 +119,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 rules: - apiGroups: [""] resources: ["nodes"] @@ -133,7 +133,7 @@ metadata: labels: heritage: "Tiller" release: "RELEASE-NAME" - chart: provisioner-2.0.0 + chart: provisioner-2.3.0 subjects: - kind: ServiceAccount name: local-storage-admin