owainlewis/auth.txt

## auth.txt
➜  oci-kubeadm git:(master) ✗ cat manifests/flexvolume-config.yaml
---
auth:
  region: us-phoenix-1
  tenancy: ocid1.tenancy.oc1..
  compartment: ocid1.compartment.oc1..
  user: ocid1.user.oc1..
  key: |
    -----BEGIN RSA PRIVATE KEY-----
    -----END RSA PRIVATE KEY-----
  fingerprint: XXX

## flex-logs-master.log
27757 2018/11/07 16:31:38 Attaching volume ocid1.volume.oc1.phx.abyhqljrbm3gpfr7jfzduesedvhfcrapjyyubi224yhw72maq234rytgef4q -> instance ocid1.instance.oc1.phx.abyhqljrzdc2ynxqna5ur6gsccihmwr46mq2hqbv2jo7an3pzrnu6rkjkdia
27887 2018/11/07 16:31:39 OCI FlexVolume Driver version: a9f17065 (a9f17065)
27887 2018/11/07 16:31:39 '/usr/libexec/kubernetes/kubelet-plugins/volume/exec/oracle~oci/oci init' called with []
27887 2018/11/07 16:31:39 Command result: {"status":"Success"}
27892 2018/11/07 16:31:39 OCI FlexVolume Driver version: a9f17065 (a9f17065)

## flexvolume-driver-rbac.yaml
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: oci-flexvolume-driver
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
  name: oci-flexvolume-driver
rules:
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: oci-flexvolume-driver
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind:  ClusterRole
  name: oci-flexvolume-driver
subjects:
- kind: ServiceAccount
  name: oci-flexvolume-driver
  namespace: kube-system

## flexvolume-driver.yaml
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: oci-flexvolume-driver-master
  namespace: kube-system
spec:
  selector:
    matchLabels:
      component: oci-flexvolume-driver
      tier: control-plane
  updateStrategy:
    type: RollingUpdate
  template:
    metadata:
      labels:
        component: oci-flexvolume-driver
        tier: control-plane
    spec:
      serviceAccountName: oci-flexvolume-driver
      nodeSelector:
        node-role.kubernetes.io/master: ""
      tolerations:
      - key: node.cloudprovider.kubernetes.io/uninitialized
        value: "true"
        effect: NoSchedule
      - key: node-role.kubernetes.io/master
        operator: Exists
        effect: NoSchedule
      volumes:
        - name: flexvolume-mount
          hostPath:
            path: /usr/libexec/kubernetes/kubelet-plugins/volume/exec/
            type: DirectoryOrCreate
        - name: config
          secret:
            secretName: oci-flexvolume-driver
        - name: kubeconfig
          secret:
            secretName: oci-flexvolume-driver-kubeconfig
      containers:
        - name: oci-flexvolume-driver
          image: iad.ocir.io/oracle/cloud-provider-oci:a9f17065
          command: ["/bin/bash", "/usr/local/bin/install.sh"]
          securityContext:
            privileged: true
          volumeMounts:
            - mountPath: /flexmnt
              name: flexvolume-mount
            - mountPath: /tmp
              name: config
              readOnly: true
            - mountPath: /tmp2
              name: kubeconfig
              readOnly: true
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: oci-flexvolume-driver-worker
  namespace: kube-system
spec:
  selector:
    matchLabels:
      component: oci-flexvolume-driver
      tier: node
  updateStrategy:
    type: RollingUpdate
  template:
    metadata:
      labels:
        component: oci-flexvolume-driver
        tier: node
    spec:
      volumes:
        - name: flexvolume-mount
          hostPath:
            path: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
            type: DirectoryOrCreate
      containers:
        - name: oci-flexvolume-driver
          image: iad.ocir.io/oracle/cloud-provider-oci:a9f17065
          command: ["/bin/bash", "/usr/local/bin/install.sh"]
          securityContext:
            privileged: true
          volumeMounts:
            - mountPath: /flexmnt
              name: flexvolume-mount

## gistfile1.txt
➜  oci-kubeadm git:(master) ✗ k apply -f oci-flexvolume-driver-rbac.yaml
serviceaccount "oci-flexvolume-driver" unchanged
clusterrole.rbac.authorization.k8s.io "oci-flexvolume-driver" configured
clusterrolebinding.rbac.authorization.k8s.io "oci-flexvolume-driver" configured

➜  oci-kubeadm git:(master) ✗ k apply -f oci-flexvolume-driver.yaml
daemonset.apps "oci-flexvolume-driver-master" created
daemonset.apps "oci-flexvolume-driver-worker" created

➜  oci-kubeadm git:(master) ✗ ks get po
NAME                                                  READY     STATUS              RESTARTS   AGE
coredns-576cbf47c7-5gg6l                              1/1       Running             0          1d
coredns-576cbf47c7-6gz9x                              1/1       Running             0          1d
etcd-k8s-master-ad-1-0                                1/1       Running             0          1d
kube-apiserver-k8s-master-ad-1-0                      1/1       Running             0          1d
kube-controller-manager-k8s-master-ad-1-0             1/1       Running             0          1d
kube-flannel-ds-amd64-6xswb                           1/1       Running             0          1d
kube-flannel-ds-amd64-cmn79                           1/1       Running             0          1d
kube-flannel-ds-amd64-lv6lz                           1/1       Running             0          1d
kube-flannel-ds-amd64-mdrkb                           1/1       Running             0          1d
kube-proxy-7zpwp                                      1/1       Running             0          1d
kube-proxy-98ffv                                      1/1       Running             0          1d
kube-proxy-jjbjk                                      1/1       Running             0          1d
kube-proxy-zbvtp                                      1/1       Running             0          1d
kube-scheduler-k8s-master-ad-1-0                      1/1       Running             0          1d
oci-block-volume-provisioner-79967d8b55-fj5w7         1/1       Running             0          1d
oci-cloud-controller-manager-cv69g                    1/1       Running             0          23h
oci-file-system-volume-provisioner-5c85b9c9d7-6q8wj   1/1       Running             0          1d
oci-flexvolume-driver-master-5mqnp                    1/1       Running             0          5s
oci-flexvolume-driver-worker-mnt46                    1/1       Running             0          5s
oci-flexvolume-driver-worker-nnpck                    1/1       Running             0          5s

➜  oci-kubeadm git:(master) ✗ k create -f ../config-files/claim.yaml
persistentvolumeclaim "oci-block-volume" created

➜  oci-kubeadm git:(master) ✗ k create -f ../config-files/pod.yaml
pod "nginx" created


## pod.yaml
---
kind: Pod
apiVersion: v1
metadata:
  name: nginx
spec:
  volumes:
    - name: nginx
      persistentVolumeClaim:
        claimName: oci-block-volume
  containers:
    - name: nginx
      image: nginx
      ports:
        - containerPort: 80
      volumeMounts:
      - mountPath: "/usr/share/nginx/html"
        name: nginx

## pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: oci-block-volume
spec:
  storageClassName: oci
  selector:
    matchLabels:
      failure-domain.beta.kubernetes.io/zone: AD-1
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 50Gi
	➜ oci-kubeadm git:(master) ✗ cat manifests/flexvolume-config.yaml
	---
	auth:
	region: us-phoenix-1
	tenancy: ocid1.tenancy.oc1..
	compartment: ocid1.compartment.oc1..
	user: ocid1.user.oc1..
	key: \|
	-----BEGIN RSA PRIVATE KEY-----
	-----END RSA PRIVATE KEY-----
	fingerprint: XXX
	27757 2018/11/07 16:31:38 Attaching volume ocid1.volume.oc1.phx.abyhqljrbm3gpfr7jfzduesedvhfcrapjyyubi224yhw72maq234rytgef4q -> instance ocid1.instance.oc1.phx.abyhqljrzdc2ynxqna5ur6gsccihmwr46mq2hqbv2jo7an3pzrnu6rkjkdia
	27887 2018/11/07 16:31:39 OCI FlexVolume Driver version: a9f17065 (a9f17065)
	27887 2018/11/07 16:31:39 '/usr/libexec/kubernetes/kubelet-plugins/volume/exec/oracle~oci/oci init' called with []
	27887 2018/11/07 16:31:39 Command result: {"status":"Success"}
	27892 2018/11/07 16:31:39 OCI FlexVolume Driver version: a9f17065 (a9f17065)
	---
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: oci-flexvolume-driver
	namespace: kube-system
	---
	apiVersion: rbac.authorization.k8s.io/v1beta1
	kind: ClusterRole
	metadata:
	name: oci-flexvolume-driver
	rules:
	- apiGroups: [""]
	resources: ["nodes"]
	verbs: ["get"]
	---
	apiVersion: rbac.authorization.k8s.io/v1beta1
	kind: ClusterRoleBinding
	metadata:
	name: oci-flexvolume-driver
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	name: oci-flexvolume-driver
	subjects:
	- kind: ServiceAccount
	name: oci-flexvolume-driver
	namespace: kube-system
	---
	apiVersion: apps/v1
	kind: DaemonSet
	metadata:
	name: oci-flexvolume-driver-master
	namespace: kube-system
	spec:
	selector:
	matchLabels:
	component: oci-flexvolume-driver
	tier: control-plane
	updateStrategy:
	type: RollingUpdate
	template:
	metadata:
	labels:
	component: oci-flexvolume-driver
	tier: control-plane
	spec:
	serviceAccountName: oci-flexvolume-driver
	nodeSelector:
	node-role.kubernetes.io/master: ""
	tolerations:
	- key: node.cloudprovider.kubernetes.io/uninitialized
	value: "true"
	effect: NoSchedule
	- key: node-role.kubernetes.io/master
	operator: Exists
	effect: NoSchedule
	volumes:
	- name: flexvolume-mount
	hostPath:
	path: /usr/libexec/kubernetes/kubelet-plugins/volume/exec/
	type: DirectoryOrCreate
	- name: config
	secret:
	secretName: oci-flexvolume-driver
	- name: kubeconfig
	secret:
	secretName: oci-flexvolume-driver-kubeconfig
	containers:
	- name: oci-flexvolume-driver
	image: iad.ocir.io/oracle/cloud-provider-oci:a9f17065
	command: ["/bin/bash", "/usr/local/bin/install.sh"]
	securityContext:
	privileged: true
	volumeMounts:
	- mountPath: /flexmnt
	name: flexvolume-mount
	- mountPath: /tmp
	name: config
	readOnly: true
	- mountPath: /tmp2
	name: kubeconfig
	readOnly: true
	---
	apiVersion: apps/v1
	kind: DaemonSet
	metadata:
	name: oci-flexvolume-driver-worker
	namespace: kube-system
	spec:
	selector:
	matchLabels:
	component: oci-flexvolume-driver
	tier: node
	updateStrategy:
	type: RollingUpdate
	template:
	metadata:
	labels:
	component: oci-flexvolume-driver
	tier: node
	spec:
	volumes:
	- name: flexvolume-mount
	hostPath:
	path: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
	type: DirectoryOrCreate
	containers:
	- name: oci-flexvolume-driver
	image: iad.ocir.io/oracle/cloud-provider-oci:a9f17065
	command: ["/bin/bash", "/usr/local/bin/install.sh"]
	securityContext:
	privileged: true
	volumeMounts:
	- mountPath: /flexmnt
	name: flexvolume-mount
	➜ oci-kubeadm git:(master) ✗ k apply -f oci-flexvolume-driver-rbac.yaml
	serviceaccount "oci-flexvolume-driver" unchanged
	clusterrole.rbac.authorization.k8s.io "oci-flexvolume-driver" configured
	clusterrolebinding.rbac.authorization.k8s.io "oci-flexvolume-driver" configured

	➜ oci-kubeadm git:(master) ✗ k apply -f oci-flexvolume-driver.yaml
	daemonset.apps "oci-flexvolume-driver-master" created
	daemonset.apps "oci-flexvolume-driver-worker" created

	➜ oci-kubeadm git:(master) ✗ ks get po
	NAME READY STATUS RESTARTS AGE
	coredns-576cbf47c7-5gg6l 1/1 Running 0 1d
	coredns-576cbf47c7-6gz9x 1/1 Running 0 1d
	etcd-k8s-master-ad-1-0 1/1 Running 0 1d
	kube-apiserver-k8s-master-ad-1-0 1/1 Running 0 1d
	kube-controller-manager-k8s-master-ad-1-0 1/1 Running 0 1d
	kube-flannel-ds-amd64-6xswb 1/1 Running 0 1d
	kube-flannel-ds-amd64-cmn79 1/1 Running 0 1d
	kube-flannel-ds-amd64-lv6lz 1/1 Running 0 1d
	kube-flannel-ds-amd64-mdrkb 1/1 Running 0 1d
	kube-proxy-7zpwp 1/1 Running 0 1d
	kube-proxy-98ffv 1/1 Running 0 1d
	kube-proxy-jjbjk 1/1 Running 0 1d
	kube-proxy-zbvtp 1/1 Running 0 1d
	kube-scheduler-k8s-master-ad-1-0 1/1 Running 0 1d
	oci-block-volume-provisioner-79967d8b55-fj5w7 1/1 Running 0 1d
	oci-cloud-controller-manager-cv69g 1/1 Running 0 23h
	oci-file-system-volume-provisioner-5c85b9c9d7-6q8wj 1/1 Running 0 1d
	oci-flexvolume-driver-master-5mqnp 1/1 Running 0 5s
	oci-flexvolume-driver-worker-mnt46 1/1 Running 0 5s
	oci-flexvolume-driver-worker-nnpck 1/1 Running 0 5s

	➜ oci-kubeadm git:(master) ✗ k create -f ../config-files/claim.yaml
	persistentvolumeclaim "oci-block-volume" created

	➜ oci-kubeadm git:(master) ✗ k create -f ../config-files/pod.yaml
	pod "nginx" created
	---
	kind: Pod
	apiVersion: v1
	metadata:
	name: nginx
	spec:
	volumes:
	- name: nginx
	persistentVolumeClaim:
	claimName: oci-block-volume
	containers:
	- name: nginx
	image: nginx
	ports:
	- containerPort: 80
	volumeMounts:
	- mountPath: "/usr/share/nginx/html"
	name: nginx
	kind: PersistentVolumeClaim
	apiVersion: v1
	metadata:
	name: oci-block-volume
	spec:
	storageClassName: oci
	selector:
	matchLabels:
	failure-domain.beta.kubernetes.io/zone: AD-1
	accessModes:
	- ReadWriteOnce
	resources:
	requests:
	storage: 50Gi