diff --git a/kubernetes/infrastructure/local-path-provisioner/app/local-path-provisioner.yaml b/kubernetes/infrastructure/local-path-provisioner/app/local-path-provisioner.yaml new file mode 100644 index 0000000..2465d9e --- /dev/null +++ b/kubernetes/infrastructure/local-path-provisioner/app/local-path-provisioner.yaml @@ -0,0 +1,149 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: local-path-provisioner-service-account + namespace: local-path-storage +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: local-path-provisioner-role + namespace: local-path-storage +rules: + - apiGroups: [ "" ] + resources: [ "pods" ] + verbs: [ "get", "list", "watch", "create", "patch", "update", "delete" ] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: local-path-provisioner-role +rules: + - apiGroups: [ "" ] + resources: [ "nodes", "persistentvolumeclaims", "configmaps", "pods", "pods/log" ] + verbs: [ "get", "list", "watch" ] + - apiGroups: [ "" ] + resources: [ "persistentvolumes" ] + verbs: [ "get", "list", "watch", "create", "patch", "update", "delete" ] + - apiGroups: [ "" ] + resources: [ "events" ] + verbs: [ "create", "patch" ] + - apiGroups: [ "storage.k8s.io" ] + resources: [ "storageclasses" ] + verbs: [ "get", "list", "watch" ] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: local-path-provisioner-bind + namespace: local-path-storage +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: local-path-provisioner-role +subjects: + - kind: ServiceAccount + name: local-path-provisioner-service-account + namespace: local-path-storage +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: local-path-provisioner-bind +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: local-path-provisioner-role +subjects: + - kind: ServiceAccount + name: local-path-provisioner-service-account + namespace: local-path-storage +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: local-path-provisioner + namespace: local-path-storage +spec: + replicas: 1 + selector: + matchLabels: + app: local-path-provisioner + template: + metadata: + labels: + app: local-path-provisioner + spec: + serviceAccountName: local-path-provisioner-service-account + containers: + - name: local-path-provisioner + image: rancher/local-path-provisioner:v0.0.28 + imagePullPolicy: IfNotPresent + command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + volumeMounts: + - name: config-volume + mountPath: /etc/config/ + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + volumes: + - name: config-volume + configMap: + name: local-path-config +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: local-path +provisioner: rancher.io/local-path +volumeBindingMode: WaitForFirstConsumer +reclaimPolicy: Retain +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: local-path-config + namespace: local-path-storage +data: + config.json: |- + { + "nodePathMap": [ + { + "node": "DEFAULT_PATH_FOR_NON_LISTED_NODES", + "paths": [ + "/opt/local-path-provisioner"] + } + ] + } + setup: |- + #!/bin/sh + set -eu + mkdir -m 0777 -p "$VOL_DIR" + teardown: |- + #!/bin/sh + set -eu + rm -rf "$VOL_DIR" + helperPod.yaml: |- + apiVersion: v1 + kind: Pod + metadata: + name: helper-pod + spec: + priorityClassName: system-node-critical + tolerations: + - key: node.kubernetes.io/disk-pressure + operator: Exists + effect: NoSchedule + containers: + - name: helper-pod + image: busybox + imagePullPolicy: IfNotPresent \ No newline at end of file diff --git a/kubernetes/infrastructure/local-path-provisioner/app/release.yaml b/kubernetes/infrastructure/local-path-provisioner/app/release.yaml deleted file mode 100644 index 4968935..0000000 --- a/kubernetes/infrastructure/local-path-provisioner/app/release.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: local-path-provisioner - namespace: local-path-storage -spec: - interval: 1h - driftDetection: - mode: enabled - chart: - spec: - chart: local-path-provisioner - version: master-head - sourceRef: - kind: GitRepository - namespace: flux-system - name: local-path-provisioner - interval: 24h - values: - storageClass: - reclaimPolicy: Retain diff --git a/kubernetes/infrastructure/local-path-provisioner/local-path-provisioner.yaml b/kubernetes/infrastructure/local-path-provisioner/local-path-provisioner.yaml index 517c6f2..aa01a00 100644 --- a/kubernetes/infrastructure/local-path-provisioner/local-path-provisioner.yaml +++ b/kubernetes/infrastructure/local-path-provisioner/local-path-provisioner.yaml @@ -16,4 +16,4 @@ spec: name: flux-system dependsOn: - name: namespaces - namespace: flux-system + namespace: flux-system \ No newline at end of file diff --git a/kubernetes/infrastructure/repositories/repos/local-path-provisioner.yaml b/kubernetes/infrastructure/repositories/repos/local-path-provisioner.yaml deleted file mode 100644 index c60bd81..0000000 --- a/kubernetes/infrastructure/repositories/repos/local-path-provisioner.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: source.toolkit.fluxcd.io/v1 -kind: GitRepository -metadata: - name: local-path-provisioner - namespace: flux-system -spec: - interval: 5m - ref: - branch: master - secretRef: - name: flux-system - timeout: 60s - url: https://github.com/rancher/local-path-provisioner.git \ No newline at end of file