Created
November 7, 2022 13:54
-
-
Save ralvares/bdf102231f954866809f2c196e63ee32 to your computer and use it in GitHub Desktop.
nfs-provisioner
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: template.openshift.io/v1 | |
kind: Template | |
labels: | |
template: nfs-client-provisioner | |
message: 'NFS storage class ${STORAGE_CLASS} created.' | |
metadata: | |
annotations: | |
description: nfs-client-provisioner | |
openshift.io/display-name: nfs-client-provisioner | |
openshift.io/provider-display-name: Tiger Team | |
tags: infra,nfs | |
template.openshift.io/documentation-url: nfs-client-provisioner | |
template.openshift.io/long-description: nfs-client-provisioner | |
version: 0.0.1 | |
name: nfs-client-provisioner | |
objects: | |
- kind: Namespace | |
apiVersion: v1 | |
metadata: | |
name: ${TARGET_NAMESPACE} | |
- kind: ServiceAccount | |
apiVersion: v1 | |
metadata: | |
name: nfs-client-provisioner | |
namespace: ${TARGET_NAMESPACE} | |
- kind: ClusterRole | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: nfs-client-provisioner-runner | |
rules: | |
- apiGroups: [""] | |
resources: ["persistentvolumes"] | |
verbs: ["get", "list", "watch", "create", "delete"] | |
- apiGroups: [""] | |
resources: ["persistentvolumeclaims"] | |
verbs: ["get", "list", "watch", "update"] | |
- apiGroups: ["storage.k8s.io"] | |
resources: ["storageclasses"] | |
verbs: ["get", "list", "watch"] | |
- apiGroups: [""] | |
resources: ["events"] | |
verbs: ["create", "update", "patch"] | |
- kind: ClusterRoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: run-nfs-client-provisioner | |
subjects: | |
- kind: ServiceAccount | |
name: nfs-client-provisioner | |
namespace: ${TARGET_NAMESPACE} | |
roleRef: | |
kind: ClusterRole | |
name: nfs-client-provisioner-runner | |
apiGroup: rbac.authorization.k8s.io | |
- kind: Role | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: nfs-client-provisioner | |
namespace: ${TARGET_NAMESPACE} | |
rules: | |
- apiGroups: [""] | |
resources: ["endpoints"] | |
verbs: ["get", "list", "watch", "create", "update", "patch"] | |
- apiGroups: ["security.openshift.io"] | |
resourceNames: ["hostmount-anyuid"] | |
resources: ["securitycontextconstraints"] | |
verbs: ["use"] | |
- kind: RoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: nfs-client-provisioner | |
namespace: ${TARGET_NAMESPACE} | |
subjects: | |
- kind: ServiceAccount | |
name: nfs-client-provisioner | |
roleRef: | |
kind: Role | |
name: nfs-client-provisioner | |
apiGroup: rbac.authorization.k8s.io | |
- kind: Deployment | |
apiVersion: apps/v1 | |
metadata: | |
name: nfs-client-provisioner | |
namespace: ${TARGET_NAMESPACE} | |
spec: | |
replicas: 1 | |
selector: | |
matchLabels: | |
app: nfs-client-provisioner | |
strategy: | |
type: Recreate | |
template: | |
metadata: | |
labels: | |
app: nfs-client-provisioner | |
spec: | |
serviceAccountName: nfs-client-provisioner | |
containers: | |
- name: nfs-client-provisioner | |
image: ${PROVISIONER_IMAGE} | |
volumeMounts: | |
- name: nfs-client-root | |
mountPath: /persistentvolumes | |
env: | |
- name: PROVISIONER_NAME | |
value: ${PROVISIONER_NAME} | |
- name: NFS_SERVER | |
value: ${NFS_SERVER} | |
- name: NFS_PATH | |
value: ${NFS_PATH} | |
volumes: | |
- name: nfs-client-root | |
nfs: | |
server: ${NFS_SERVER} | |
path: ${NFS_PATH} | |
- apiVersion: storage.k8s.io/v1 | |
kind: StorageClass | |
metadata: | |
name: managed-nfs-storage | |
annotations: | |
storageclass.kubernetes.io/is-default-class: "true" | |
provisioner: ${PROVISIONER_NAME} | |
parameters: | |
archiveOnDelete: "false" | |
parameters: | |
- description: Target namespace where nfs-client-provisioner will run. | |
displayName: Target namespace | |
name: TARGET_NAMESPACE | |
required: true | |
value: openshift-nfs-provisioner | |
- name: NFS_SERVER | |
required: true | |
- name: NFS_PATH | |
required: true | |
- name: PROVISIONER_IMAGE | |
value: k8s.gcr.io/sig-storage/nfs-subdir-external-provisioner:v4.0.2 | |
- name: PROVISIONER_NAME | |
value: "nfs-subdir-external-provisioner" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
NFS External provisioner