Skip to content
This repository was archived by the owner on Dec 3, 2024. It is now read-only.

Added Kustomize for controller, sidecar & CRDs #18

Merged
merged 1 commit into from
Dec 10, 2020
Merged

Added Kustomize for controller, sidecar & CRDs #18

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 24 additions & 0 deletions deploy/base/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: objectstorage-controller
namespace: objectstorage-system
spec:
replicas: 1
strategy:
rollingUpdate:
maxUnavailable: 0
maxSurge: 1
selector:
matchLabels:
app: objectstorage-controller
template:
metadata:
labels:
app: objectstorage-controller
spec:
serviceAccountName: objectstorage-controller-sa
containers:
- name: objectstorage-controller
image: quay.io/containerobjectstorage/objectstorage-controller:latest
5 changes: 5 additions & 0 deletions deploy/base/ns.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: objectstorage-system
55 changes: 55 additions & 0 deletions deploy/base/rbac.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: objectstorage-controller-role
rules:
- apiGroups: ["objectstorage.k8s.io"]
resources: ["bucketrequests", "bucketaccessrequests"]
verbs: ["get", "list", "watch"]
- apiGroups: ["objectstorage.k8s.io"]
resources: ["buckets", "bucketaccess"]
verbs: ["get", "list", "watch", "update", "create", "delete"]
- apiGroups: ["objectstorage.k8s.io"]
resources: ["bucketclass","bucketaccessclass"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["events"]
verbs: ["list", "watch", "create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: system:objectstorage-controller
subjects:
- kind: ServiceAccount
name: objectstorage-controller-sa
namespace: objectstorage-system
roleRef:
kind: ClusterRole
name: objectstorage-controller-role
apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: objectstorage-controller
namespace: objectstorage-system
rules:
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["get", "watch", "list", "delete", "update", "create"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: objectstorage-controller
namespace: objectstorage-system
subjects:
- kind: ServiceAccount
name: objectstorage-controller-sa
namespace: objectstorage-system
roleRef:
kind: Role
name: objectstorage-controller
apiGroup: rbac.authorization.k8s.io
6 changes: 6 additions & 0 deletions deploy/base/sa.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: objectstorage-controller-sa
namespace: objectstorage-system
81 changes: 81 additions & 0 deletions kustomization.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

images:
# Controller
- name: objectstorage-controller
newName: quay.io/containerobjectstorage/objectstorage-controller
newTag: latest
# Sidecar
- name: object-storage-sidecar
newName: quay.io/containerobjectstorage/object-storage-sidecar
newTag: latest
# Sample Driver
- name: sample-driver
newName: quay.io/containerobjectstorage/sample-driver
newTag: latest

resources:
# CRDs
- https://raw.githubusercontent.com/kubernetes-sigs/container-object-storage-interface-api/master/crds/objectstorage.k8s.io_bucketaccessclasses.yaml
- https://raw.githubusercontent.com/kubernetes-sigs/container-object-storage-interface-api/master/crds/objectstorage.k8s.io_bucketaccesses.yaml
- https://raw.githubusercontent.com/kubernetes-sigs/container-object-storage-interface-api/master/crds/objectstorage.k8s.io_bucketaccessrequests.yaml
- https://raw.githubusercontent.com/kubernetes-sigs/container-object-storage-interface-api/master/crds/objectstorage.k8s.io_bucketclasses.yaml
- https://raw.githubusercontent.com/kubernetes-sigs/container-object-storage-interface-api/master/crds/objectstorage.k8s.io_bucketrequests.yaml
- https://raw.githubusercontent.com/kubernetes-sigs/container-object-storage-interface-api/master/crds/objectstorage.k8s.io_buckets.yaml
# Controller
- deploy/base/ns.yaml
- deploy/base/sa.yaml
- deploy/base/rbac.yaml
- deploy/base/deployment.yaml
# Sidecar
- https://raw.githubusercontent.com/container-object-storage-interface/cosi-provisioner-sidecar/master/examples/object-storage-sidecar.yaml

patches:
# CRDs
- target:
kind: CustomResourceDefinition
patch: |-
- op: add
path: /metadata/annotations
value:
controller-gen.kubebuilder.io/version: (devel)
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/container-object-storage-interface-api/pull/2
# Controller
- target:
kind: Deployment
name: objectstorage-controller
patch: |-
- op: replace
path: /spec/template/spec/containers/0/imagePullPolicy
value: IfNotPresent
# Sidecar
- target:
kind: Deployment
name: object-storage-provisioner
patch: |-
- op: replace
path: /spec/template/spec/containers/0/imagePullPolicy
value: IfNotPresent
- op: replace
path: /spec/template/spec/containers/1/imagePullPolicy
value: IfNotPresent
- op: replace
path: /metadata
value:
name: object-storage-provisioner
labels:
app: object-storage-provisioner
namespace: objectstorage-provisioner-ns
- target:
kind: Secret
name: object-storage-provisioner
patch: |-
- op: replace
path: /metadata
value:
name: object-storage-provisioner
labels:
app: object-storage-provisioner
namespace: objectstorage-provisioner-ns