feat(external-provisioner): adds support for local-path-provisioner (#4232)

* feat(external-provisioner/local-path-provisioner): adds support for local path provisioner

Helpful for local development but also in production workloads (once the
permission model is worked out) where you have redundancy built into the
software uses the PVCs (e.g. database cluster with synchronous
replication)

* feat(local-path-provisioner): adds debug flag, image tag group var

* fix(local-path-provisioner): moves image repo/tag to download role

* test(gce_centos7-flannel): enables local-path-provisioner in test case

* fix(addons): add image repo/tag to commented default values

* fix(local-path-provisioner): typo in jinja template for local path provisioner

* style(local-path-provisioner): debug flag condition re-formatted

* fix(local-path-provisioner): adds missing default value for debug flag

* fix(local-path-provisioner): syntax fix for debug if condition end

* fix(local-path-provisioner): jinja template syntax: if condition white space
pull/4305/head
Peter Metz 2019-02-25 22:45:30 -08:00 committed by Kubernetes Prow Robot
parent 063faaae1c
commit 26ca58419f
8 changed files with 192 additions and 1 deletions

6
Vagrantfile vendored
View File

@ -52,6 +52,8 @@ $kube_node_instances_with_disks_size = "20G"
$kube_node_instances_with_disks_number = 2
$override_disk_size = false
$disk_size = "20GB"
$local_path_provisioner_enabled = false
$local_path_provisioner_claim_root = "/opt/local-path-provisioner/"
$playbook = "cluster.yml"
@ -180,7 +182,9 @@ Vagrant.configure("2") do |config|
"kube_network_plugin_multus": $multi_networking,
"docker_keepcache": "1",
"download_run_once": "True",
"download_localhost": "False"
"download_localhost": "False",
"local_path_provisioner_enabled": "#{$local_path_provisioner_enabled}",
"local_path_provisioner_claim_root": "#{$local_path_provisioner_claim_root}"
}
# Only execute the Ansible provisioner once, when all the machines are up and ready.

View File

@ -17,6 +17,16 @@ metrics_server_enabled: false
# metrics_server_metric_resolution: 60s
# metrics_server_kubelet_preferred_address_types: "InternalIP"
# Rancher Local Path Provisioner
local_path_provisioner_enabled: false
# local_path_provisioner_namespace: "local-path-storage"
# local_path_provisioner_storage_class: "local-path"
# local_path_provisioner_reclaim_policy: Delete
# local_path_provisioner_claim_root: /opt/local-path-provisioner/
# local_path_provisioner_debug: false
# local_path_provisioner_image_repo: "rancher/local-path-provisioner"
# local_path_provisioner_image_tag: "v0.0.2"
# Local volume provisioner deployment
local_volume_provisioner_enabled: false
# local_volume_provisioner_namespace: kube-system

View File

@ -291,6 +291,8 @@ local_volume_provisioner_image_repo: "quay.io/external_storage/local-volume-prov
local_volume_provisioner_image_tag: "v2.1.0"
cephfs_provisioner_image_repo: "quay.io/external_storage/cephfs-provisioner"
cephfs_provisioner_image_tag: "v2.1.0-k8s1.11"
local_path_provisioner_image_repo: "rancher/local-path-provisioner"
local_path_provisioner_image_tag: "v0.0.2"
ingress_nginx_controller_image_repo: "quay.io/kubernetes-ingress-controller/nginx-ingress-controller"
ingress_nginx_controller_image_tag: "0.21.0"
cert_manager_version: "v0.5.2"
@ -700,6 +702,15 @@ downloads:
groups:
- kube-node
local_path_provisioner:
enabled: "{{ local_volume_provisioner_enabled }}"
container: true
repo: "{{ local_path_provisioner_image_repo }}"
tag: "{{ local_path_provisioner_image_tag }}"
sha256: "{{ local_path_provisioner_digest_checksum|default(None) }}"
groups:
- kube-node
ingress_nginx_controller:
enabled: "{{ ingress_nginx_enabled }}"
container: true

View File

@ -0,0 +1,7 @@
---
local_path_provisioner_namespace: "local-path-storage"
local_path_provisioner_storage_class: "local-path"
local_path_provisioner_reclaim_policy: Delete
local_path_provisioner_claim_root: /opt/local-path-provisioner/
local_path_provisioner_is_default_storageclass: "true"
local_path_provisioner_debug: false

View File

@ -0,0 +1,40 @@
---
- name: Local Path Provisioner | Create addon dir
file:
path: "{{ kube_config_dir }}/addons/local_path_provisioner"
state: directory
owner: root
group: root
mode: 0755
when:
- inventory_hostname == groups['kube-master'][0]
- name: Local Path Provisioner | Create claim root dir
file:
path: "{{ local_path_provisioner_claim_root }}"
state: directory
- name: Local Path Provisioner | Render Template
set_fact:
local_path_provisioner_templates:
- { name: local-path-storage, file: local-path-storage.yaml, type: sc }
- name: Local Path Provisioner | Create manifests
template:
src: "{{ item.file }}.j2"
dest: "{{ kube_config_dir }}/addons/local_path_provisioner/{{ item.file }}"
with_items: "{{ local_path_provisioner_templates }}"
register: local_path_provisioner_manifests
when: inventory_hostname == groups['kube-master'][0]
- name: Local Path Provisioner | Apply manifests
kube:
name: "{{ item.item.name }}"
namespace: "{{ local_path_provisioner_namespace }}"
kubectl: "{{ bin_dir }}/kubectl"
resource: "{{ item.item.type }}"
filename: "{{ kube_config_dir }}/addons/local_path_provisioner/{{ item.item.file }}"
state: "latest"
with_items: "{{ local_path_provisioner_manifests.results }}"
when: inventory_hostname == groups['kube-master'][0]

View File

@ -0,0 +1,111 @@
apiVersion: v1
kind: Namespace
metadata:
name: {{ local_path_provisioner_namespace }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: local-path-provisioner-service-account
namespace: {{ local_path_provisioner_namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: local-path-provisioner-role
namespace: {{ local_path_provisioner_namespace }}
rules:
- apiGroups: [""]
resources: ["nodes", "persistentvolumeclaims"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["endpoints", "persistentvolumes", "pods"]
verbs: ["*"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "patch"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: local-path-provisioner-bind
namespace: {{ local_path_provisioner_namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: local-path-provisioner-role
subjects:
- kind: ServiceAccount
name: local-path-provisioner-service-account
namespace: {{ local_path_provisioner_namespace }}
---
apiVersion: apps/v1beta2
kind: Deployment
metadata:
name: local-path-provisioner
namespace: {{ local_path_provisioner_namespace }}
spec:
replicas: 1
selector:
matchLabels:
app: local-path-provisioner
template:
metadata:
labels:
app: local-path-provisioner
spec:
serviceAccountName: local-path-provisioner-service-account
containers:
- name: local-path-provisioner
image: {{ local_path_provisioner_image_repo }}:{{ local_path_provisioner_image_tag }}
imagePullPolicy: Always
command:
- local-path-provisioner
- start
- --config
- /etc/config/config.json
{% if local_path_provisioner_debug|default(false) %}
- --debug
{% endif %}
volumeMounts:
- name: config-volume
mountPath: /etc/config/
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumes:
- name: config-volume
configMap:
name: local-path-config
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: {{ local_path_provisioner_storage_class }}
annotations:
storageclass.kubernetes.io/is-default-class: {{ local_path_provisioner_is_default_storageclass }}
provisioner: rancher.io/local-path
volumeBindingMode: WaitForFirstConsumer
reclaimPolicy: {{ local_path_provisioner_reclaim_policy }}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: local-path-config
namespace: {{ local_path_provisioner_namespace }}
data:
config.json: |-
{
"nodePathMap":[
{
"node":"DEFAULT_PATH_FOR_NON_LISTED_NODES",
"paths":["{{ local_path_provisioner_claim_root }}"]
}
]
}

View File

@ -15,3 +15,10 @@ dependencies:
- apps
- cephfs-provisioner
- external-provisioner
- role: kubernetes-apps/external_provisioner/local_path_provisioner
when: local_path_provisioner_enabled
tags:
- apps
- local-path-provisioner
- external-provisioner

View File

@ -21,3 +21,4 @@ metrics_server_enabled: true
kube_token_auth: true
kube_basic_auth: true
enable_nodelocaldns: true
local_path_provisioner_enabled: true