Last active
March 10, 2020 07:31
-
-
Save viovanov/f31529bc1575e3358bf6bb1de9fa495b to your computer and use it in GitHub Desktop.
bluemix persistent volume with storage class name
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# needs the "containerization-nfs" namespace | |
# kubectl create -n containerization-nfs -f <URL> | |
--- | |
kind: ClusterRole | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: nfs-provisioner-runner | |
rules: | |
- apiGroups: [""] | |
resources: ["persistentvolumes"] | |
verbs: ["get", "list", "watch", "create", "delete"] | |
- apiGroups: [""] | |
resources: ["persistentvolumeclaims"] | |
verbs: ["get", "list", "watch", "update"] | |
- apiGroups: ["storage.k8s.io"] | |
resources: ["storageclasses"] | |
verbs: ["get", "list", "watch"] | |
- apiGroups: [""] | |
resources: ["events"] | |
verbs: ["create", "update", "patch"] | |
- apiGroups: [""] | |
resources: ["services", "endpoints"] | |
verbs: ["get", "list", "watch", "create", "delete", "update"] | |
- apiGroups: ["extensions"] | |
resources: ["podsecuritypolicies"] | |
resourceNames: ["containerization-tests-nfs-provisioner"] | |
verbs: ["use"] | |
--- | |
kind: ClusterRoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: run-nfs-provisioner | |
subjects: | |
- kind: ServiceAccount | |
name: containerization-tests-nfs-provisioner | |
# replace with namespace where provisioner is deployed | |
namespace: containerization-nfs | |
roleRef: | |
kind: ClusterRole | |
name: nfs-provisioner-runner | |
apiGroup: rbac.authorization.k8s.io | |
--- | |
kind: Role | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: leader-locking-nfs-provisioner | |
rules: | |
- apiGroups: [""] | |
resources: ["endpoints"] | |
verbs: ["get", "list", "watch", "create", "update", "patch"] | |
--- | |
kind: RoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: leader-locking-nfs-provisioner | |
subjects: | |
- kind: ServiceAccount | |
name: containerization-tests-nfs-provisioner | |
# replace with namespace where provisioner is deployed | |
namespace: default | |
roleRef: | |
kind: Role | |
name: leader-locking-nfs-provisioner | |
apiGroup: rbac.authorization.k8s.io | |
--- | |
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
name: containerization-tests-nfs-provisioner | |
--- | |
kind: Service | |
apiVersion: v1 | |
metadata: | |
name: containerization-tests-nfs-provisioner | |
labels: | |
app: containerization-tests-nfs-provisioner | |
spec: | |
ports: | |
- name: nfs | |
port: 2049 | |
- name: mountd | |
port: 20048 | |
- name: rpcbind | |
port: 111 | |
- name: rpcbind-udp | |
port: 111 | |
protocol: UDP | |
- name: statd | |
port: 662 | |
- name: statd-udp | |
port: 662 | |
protocol: UDP | |
- name: rquotad | |
port: 875 | |
- name: rquotad-udp | |
port: 875 | |
protocol: UDP | |
- name: nfs-udp | |
port: 2049 | |
protocol: UDP | |
- name: mountd-udp | |
port: 20048 | |
protocol: UDP | |
- name: nlockmgr | |
port: 32803 | |
- name: nlockmgr-udp | |
port: 32803 | |
protocol: UDP | |
selector: | |
app: containerization-tests-nfs-provisioner | |
--- | |
kind: Deployment | |
apiVersion: apps/v1 | |
metadata: | |
name: containerization-tests-nfs-provisioner | |
spec: | |
selector: | |
matchLabels: | |
app: containerization-tests-nfs-provisioner | |
replicas: 1 | |
strategy: | |
type: Recreate | |
template: | |
metadata: | |
labels: | |
app: containerization-tests-nfs-provisioner | |
spec: | |
serviceAccount: containerization-tests-nfs-provisioner | |
containers: | |
- name: containerization-tests-nfs-provisioner | |
image: quay.io/kubernetes_incubator/nfs-provisioner:latest | |
ports: | |
- name: nfs | |
containerPort: 2049 | |
- name: mountd | |
containerPort: 20048 | |
- name: rpcbind | |
containerPort: 111 | |
- name: rpcbind-udp | |
containerPort: 111 | |
protocol: UDP | |
- name: statd | |
containerPort: 662 | |
- name: statd-udp | |
containerPort: 662 | |
protocol: UDP | |
- name: rquotad | |
containerPort: 875 | |
- name: rquotad-udp | |
containerPort: 875 | |
protocol: UDP | |
- name: nfs-udp | |
containerPort: 2049 | |
protocol: UDP | |
- name: mountd-udp | |
containerPort: 20048 | |
protocol: UDP | |
- name: nlockmgr | |
containerPort: 32803 | |
- name: nlockmgr-udp | |
containerPort: 32803 | |
protocol: UDP | |
securityContext: | |
capabilities: | |
add: | |
- DAC_READ_SEARCH | |
- SYS_RESOURCE | |
args: | |
- "-provisioner=example.com/nfs" | |
env: | |
- name: POD_IP | |
valueFrom: | |
fieldRef: | |
fieldPath: status.podIP | |
- name: SERVICE_NAME | |
value: containerization-tests-nfs-provisioner | |
- name: POD_NAMESPACE | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.namespace | |
imagePullPolicy: "IfNotPresent" | |
volumeMounts: | |
- name: export-volume | |
mountPath: /export | |
volumes: | |
- name: export-volume | |
hostPath: | |
path: /srv | |
--- | |
kind: StorageClass | |
apiVersion: storage.k8s.io/v1 | |
metadata: | |
name: hostpath-containerization | |
provisioner: example.com/nfs | |
mountOptions: | |
- vers=4.1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment