Browse Source
Add snapshot-controller for CSI drivers and snapshot CRDs, add a default volumesnapshotclass when running cinder CSI (#6537)
Add snapshot-controller for CSI drivers and snapshot CRDs, add a default volumesnapshotclass when running cinder CSI (#6537)
* add snapshot-controller and v1beta1 snapshot api * fix typo * udpate manifest to v1beta1 * update * update manifests * fix spelling * wait until crd is applied * fix missing info in kube module * revert snapshotclass * add snapshot crds before applying the csi driver * add crds, missed them in last commit * use pull policy from kubespraypull/6623/head
Hugo Blom
4 years ago
committed by
GitHub
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 778 additions and 5 deletions
Split View
Diff Options
-
13library/kube.py
-
15roles/download/defaults/main.yml
-
7roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin-rbac.yml.j2
-
10roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-nodeplugin-rbac.yml.j2
-
27roles/kubernetes-apps/csi_driver/csi_crd/tasks/main.yml
-
84roles/kubernetes-apps/csi_driver/csi_crd/templates/volumesnapshotclasses.yml.j2
-
232roles/kubernetes-apps/csi_driver/csi_crd/templates/volumesnapshotcontents.yml.j2
-
187roles/kubernetes-apps/csi_driver/csi_crd/templates/volumesnapshots.yml.j2
-
15roles/kubernetes-apps/meta/main.yml
-
5roles/kubernetes-apps/snapshots/cinder-csi/defaults/main.yml
-
17roles/kubernetes-apps/snapshots/cinder-csi/tasks/main.yml
-
13roles/kubernetes-apps/snapshots/cinder-csi/templates/cinder-csi-snapshot-class.yml.j2
-
14roles/kubernetes-apps/snapshots/meta/main.yml
-
2roles/kubernetes-apps/snapshots/snapshot-controller/defaults/main.yml
-
25roles/kubernetes-apps/snapshots/snapshot-controller/tasks/main.yml
-
85roles/kubernetes-apps/snapshots/snapshot-controller/templates/rbac-snapshot-controller.yml.j2
-
32roles/kubernetes-apps/snapshots/snapshot-controller/templates/snapshot-controller.yml.j2
@ -0,0 +1,27 @@ |
|||
--- |
|||
- name: CSI CRD | Generate Manifests |
|||
template: |
|||
src: "{{ item.file }}.j2" |
|||
dest: "{{ kube_config_dir }}/{{ item.file }}" |
|||
with_items: |
|||
- {name: volumesnapshotclasses, file: volumesnapshotclasses.yml} |
|||
- {name: volumesnapshotcontents, file: volumesnapshotcontents.yml} |
|||
- {name: volumesnapshots, file: volumesnapshots.yml} |
|||
register: csi_crd_manifests |
|||
when: inventory_hostname == groups['kube-master'][0] |
|||
tags: csi-driver |
|||
|
|||
- name: CSI CRD | Apply Manifests |
|||
kube: |
|||
kubectl: "{{ bin_dir }}/kubectl" |
|||
filename: "{{ kube_config_dir }}/{{ item.item.file }}" |
|||
state: "latest" |
|||
wait: true |
|||
with_items: |
|||
- "{{ csi_crd_manifests.results }}" |
|||
when: |
|||
- inventory_hostname == groups['kube-master'][0] |
|||
- not item is skipped |
|||
loop_control: |
|||
label: "{{ item.item.file }}" |
|||
tags: csi-driver |
|||
@ -0,0 +1,84 @@ |
|||
--- |
|||
apiVersion: apiextensions.k8s.io/v1beta1 |
|||
kind: CustomResourceDefinition |
|||
metadata: |
|||
annotations: |
|||
controller-gen.kubebuilder.io/version: v0.2.5 |
|||
api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/260" |
|||
creationTimestamp: null |
|||
name: volumesnapshotclasses.snapshot.storage.k8s.io |
|||
spec: |
|||
additionalPrinterColumns: |
|||
- JSONPath: .driver |
|||
name: Driver |
|||
type: string |
|||
- JSONPath: .deletionPolicy |
|||
description: Determines whether a VolumeSnapshotContent created through the VolumeSnapshotClass |
|||
should be deleted when its bound VolumeSnapshot is deleted. |
|||
name: DeletionPolicy |
|||
type: string |
|||
- JSONPath: .metadata.creationTimestamp |
|||
name: Age |
|||
type: date |
|||
group: snapshot.storage.k8s.io |
|||
names: |
|||
kind: VolumeSnapshotClass |
|||
listKind: VolumeSnapshotClassList |
|||
plural: volumesnapshotclasses |
|||
singular: volumesnapshotclass |
|||
preserveUnknownFields: false |
|||
scope: Cluster |
|||
subresources: {} |
|||
validation: |
|||
openAPIV3Schema: |
|||
description: VolumeSnapshotClass specifies parameters that a underlying storage |
|||
system uses when creating a volume snapshot. A specific VolumeSnapshotClass |
|||
is used by specifying its name in a VolumeSnapshot object. VolumeSnapshotClasses |
|||
are non-namespaced |
|||
properties: |
|||
apiVersion: |
|||
description: 'APIVersion defines the versioned schema of this representation |
|||
of an object. Servers should convert recognized schemas to the latest |
|||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' |
|||
type: string |
|||
deletionPolicy: |
|||
description: deletionPolicy determines whether a VolumeSnapshotContent created |
|||
through the VolumeSnapshotClass should be deleted when its bound VolumeSnapshot |
|||
is deleted. Supported values are "Retain" and "Delete". "Retain" means |
|||
that the VolumeSnapshotContent and its physical snapshot on underlying |
|||
storage system are kept. "Delete" means that the VolumeSnapshotContent |
|||
and its physical snapshot on underlying storage system are deleted. Required. |
|||
enum: |
|||
- Delete |
|||
- Retain |
|||
type: string |
|||
driver: |
|||
description: driver is the name of the storage driver that handles this |
|||
VolumeSnapshotClass. Required. |
|||
type: string |
|||
kind: |
|||
description: 'Kind is a string value representing the REST resource this |
|||
object represents. Servers may infer this from the endpoint the client |
|||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' |
|||
type: string |
|||
parameters: |
|||
additionalProperties: |
|||
type: string |
|||
description: parameters is a key-value map with storage driver specific |
|||
parameters for creating snapshots. These values are opaque to Kubernetes. |
|||
type: object |
|||
required: |
|||
- deletionPolicy |
|||
- driver |
|||
type: object |
|||
version: v1beta1 |
|||
versions: |
|||
- name: v1beta1 |
|||
served: true |
|||
storage: true |
|||
status: |
|||
acceptedNames: |
|||
kind: "" |
|||
plural: "" |
|||
conditions: [] |
|||
storedVersions: [] |
|||
@ -0,0 +1,232 @@ |
|||
--- |
|||
apiVersion: apiextensions.k8s.io/v1beta1 |
|||
kind: CustomResourceDefinition |
|||
metadata: |
|||
annotations: |
|||
controller-gen.kubebuilder.io/version: v0.2.5 |
|||
api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/260" |
|||
creationTimestamp: null |
|||
name: volumesnapshotcontents.snapshot.storage.k8s.io |
|||
spec: |
|||
additionalPrinterColumns: |
|||
- JSONPath: .status.readyToUse |
|||
description: Indicates if a snapshot is ready to be used to restore a volume. |
|||
name: ReadyToUse |
|||
type: boolean |
|||
- JSONPath: .status.restoreSize |
|||
description: Represents the complete size of the snapshot in bytes |
|||
name: RestoreSize |
|||
type: integer |
|||
- JSONPath: .spec.deletionPolicy |
|||
description: Determines whether this VolumeSnapshotContent and its physical snapshot |
|||
on the underlying storage system should be deleted when its bound VolumeSnapshot |
|||
is deleted. |
|||
name: DeletionPolicy |
|||
type: string |
|||
- JSONPath: .spec.driver |
|||
description: Name of the CSI driver used to create the physical snapshot on the |
|||
underlying storage system. |
|||
name: Driver |
|||
type: string |
|||
- JSONPath: .spec.volumeSnapshotClassName |
|||
description: Name of the VolumeSnapshotClass to which this snapshot belongs. |
|||
name: VolumeSnapshotClass |
|||
type: string |
|||
- JSONPath: .spec.volumeSnapshotRef.name |
|||
description: Name of the VolumeSnapshot object to which this VolumeSnapshotContent |
|||
object is bound. |
|||
name: VolumeSnapshot |
|||
type: string |
|||
- JSONPath: .metadata.creationTimestamp |
|||
name: Age |
|||
type: date |
|||
group: snapshot.storage.k8s.io |
|||
names: |
|||
kind: VolumeSnapshotContent |
|||
listKind: VolumeSnapshotContentList |
|||
plural: volumesnapshotcontents |
|||
singular: volumesnapshotcontent |
|||
preserveUnknownFields: false |
|||
scope: Cluster |
|||
subresources: |
|||
status: {} |
|||
validation: |
|||
openAPIV3Schema: |
|||
description: VolumeSnapshotContent represents the actual "on-disk" snapshot |
|||
object in the underlying storage system |
|||
properties: |
|||
apiVersion: |
|||
description: 'APIVersion defines the versioned schema of this representation |
|||
of an object. Servers should convert recognized schemas to the latest |
|||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' |
|||
type: string |
|||
kind: |
|||
description: 'Kind is a string value representing the REST resource this |
|||
object represents. Servers may infer this from the endpoint the client |
|||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' |
|||
type: string |
|||
spec: |
|||
description: spec defines properties of a VolumeSnapshotContent created |
|||
by the underlying storage system. Required. |
|||
properties: |
|||
deletionPolicy: |
|||
description: deletionPolicy determines whether this VolumeSnapshotContent |
|||
and its physical snapshot on the underlying storage system should |
|||
be deleted when its bound VolumeSnapshot is deleted. Supported values |
|||
are "Retain" and "Delete". "Retain" means that the VolumeSnapshotContent |
|||
and its physical snapshot on underlying storage system are kept. "Delete" |
|||
means that the VolumeSnapshotContent and its physical snapshot on |
|||
underlying storage system are deleted. In dynamic snapshot creation |
|||
case, this field will be filled in with the "DeletionPolicy" field |
|||
defined in the VolumeSnapshotClass the VolumeSnapshot refers to. For |
|||
pre-existing snapshots, users MUST specify this field when creating |
|||
the VolumeSnapshotContent object. Required. |
|||
enum: |
|||
- Delete |
|||
- Retain |
|||
type: string |
|||
driver: |
|||
description: driver is the name of the CSI driver used to create the |
|||
physical snapshot on the underlying storage system. This MUST be the |
|||
same as the name returned by the CSI GetPluginName() call for that |
|||
driver. Required. |
|||
type: string |
|||
source: |
|||
description: source specifies from where a snapshot will be created. |
|||
This field is immutable after creation. Required. |
|||
properties: |
|||
snapshotHandle: |
|||
description: snapshotHandle specifies the CSI "snapshot_id" of a |
|||
pre-existing snapshot on the underlying storage system. This field |
|||
is immutable. |
|||
type: string |
|||
volumeHandle: |
|||
description: volumeHandle specifies the CSI "volume_id" of the volume |
|||
from which a snapshot should be dynamically taken from. This field |
|||
is immutable. |
|||
type: string |
|||
type: object |
|||
volumeSnapshotClassName: |
|||
description: name of the VolumeSnapshotClass to which this snapshot |
|||
belongs. |
|||
type: string |
|||
volumeSnapshotRef: |
|||
description: volumeSnapshotRef specifies the VolumeSnapshot object to |
|||
which this VolumeSnapshotContent object is bound. VolumeSnapshot.Spec.VolumeSnapshotContentName |
|||
field must reference to this VolumeSnapshotContent's name for the |
|||
bidirectional binding to be valid. For a pre-existing VolumeSnapshotContent |
|||
object, name and namespace of the VolumeSnapshot object MUST be provided |
|||
for binding to happen. This field is immutable after creation. Required. |
|||
properties: |
|||
apiVersion: |
|||
description: API version of the referent. |
|||
type: string |
|||
fieldPath: |
|||
description: 'If referring to a piece of an object instead of an |
|||
entire object, this string should contain a valid JSON/Go field |
|||
access statement, such as desiredState.manifest.containers[2]. |
|||
For example, if the object reference is to a container within |
|||
a pod, this would take on a value like: "spec.containers{name}" |
|||
(where "name" refers to the name of the container that triggered |
|||
the event) or if no container name is specified "spec.containers[2]" |
|||
(container with index 2 in this pod). This syntax is chosen only |
|||
to have some well-defined way of referencing a part of an object. |
|||
TODO: this design is not final and this field is subject to change |
|||
in the future.' |
|||
type: string |
|||
kind: |
|||
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' |
|||
type: string |
|||
name: |
|||
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' |
|||
type: string |
|||
namespace: |
|||
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' |
|||
type: string |
|||
resourceVersion: |
|||
description: 'Specific resourceVersion to which this reference is |
|||
made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' |
|||
type: string |
|||
uid: |
|||
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' |
|||
type: string |
|||
type: object |
|||
required: |
|||
- deletionPolicy |
|||
- driver |
|||
- source |
|||
- volumeSnapshotRef |
|||
type: object |
|||
status: |
|||
description: status represents the current information of a snapshot. |
|||
properties: |
|||
creationTime: |
|||
description: creationTime is the timestamp when the point-in-time snapshot |
|||
is taken by the underlying storage system. In dynamic snapshot creation |
|||
case, this field will be filled in with the "creation_time" value |
|||
returned from CSI "CreateSnapshotRequest" gRPC call. For a pre-existing |
|||
snapshot, this field will be filled with the "creation_time" value |
|||
returned from the CSI "ListSnapshots" gRPC call if the driver supports |
|||
it. If not specified, it indicates the creation time is unknown. The |
|||
format of this field is a Unix nanoseconds time encoded as an int64. |
|||
On Unix, the command `date +%s%N` returns the current time in nanoseconds |
|||
since 1970-01-01 00:00:00 UTC. |
|||
format: int64 |
|||
type: integer |
|||
error: |
|||
description: error is the latest observed error during snapshot creation, |
|||
if any. |
|||
properties: |
|||
message: |
|||
description: 'message is a string detailing the encountered error |
|||
during snapshot creation if specified. NOTE: message may be logged, |
|||
and it should not contain sensitive information.' |
|||
type: string |
|||
time: |
|||
description: time is the timestamp when the error was encountered. |
|||
format: date-time |
|||
type: string |
|||
type: object |
|||
readyToUse: |
|||
description: readyToUse indicates if a snapshot is ready to be used |
|||
to restore a volume. In dynamic snapshot creation case, this field |
|||
will be filled in with the "ready_to_use" value returned from CSI |
|||
"CreateSnapshotRequest" gRPC call. For a pre-existing snapshot, this |
|||
field will be filled with the "ready_to_use" value returned from the |
|||
CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, |
|||
this field will be set to "True". If not specified, it means the readiness |
|||
of a snapshot is unknown. |
|||
type: boolean |
|||
restoreSize: |
|||
description: restoreSize represents the complete size of the snapshot |
|||
in bytes. In dynamic snapshot creation case, this field will be filled |
|||
in with the "size_bytes" value returned from CSI "CreateSnapshotRequest" |
|||
gRPC call. For a pre-existing snapshot, this field will be filled |
|||
with the "size_bytes" value returned from the CSI "ListSnapshots" |
|||
gRPC call if the driver supports it. When restoring a volume from |
|||
this snapshot, the size of the volume MUST NOT be smaller than the |
|||
restoreSize if it is specified, otherwise the restoration will fail. |
|||
If not specified, it indicates that the size is unknown. |
|||
format: int64 |
|||
minimum: 0 |
|||
type: integer |
|||
snapshotHandle: |
|||
description: snapshotHandle is the CSI "snapshot_id" of a snapshot on |
|||
the underlying storage system. If not specified, it indicates that |
|||
dynamic snapshot creation has either failed or it is still in progress. |
|||
type: string |
|||
type: object |
|||
required: |
|||
- spec |
|||
type: object |
|||
version: v1beta1 |
|||
versions: |
|||
- name: v1beta1 |
|||
served: true |
|||
storage: true |
|||
status: |
|||
acceptedNames: |
|||
kind: "" |
|||
plural: "" |
|||
conditions: [] |
|||
storedVersions: [] |
|||
@ -0,0 +1,187 @@ |
|||
--- |
|||
apiVersion: apiextensions.k8s.io/v1beta1 |
|||
kind: CustomResourceDefinition |
|||
metadata: |
|||
annotations: |
|||
controller-gen.kubebuilder.io/version: v0.2.5 |
|||
api-approved.kubernetes.io: "https://github.com/kubernetes-csi/external-snapshotter/pull/260" |
|||
creationTimestamp: null |
|||
name: volumesnapshots.snapshot.storage.k8s.io |
|||
spec: |
|||
additionalPrinterColumns: |
|||
- JSONPath: .status.readyToUse |
|||
description: Indicates if a snapshot is ready to be used to restore a volume. |
|||
name: ReadyToUse |
|||
type: boolean |
|||
- JSONPath: .spec.source.persistentVolumeClaimName |
|||
description: Name of the source PVC from where a dynamically taken snapshot will |
|||
be created. |
|||
name: SourcePVC |
|||
type: string |
|||
- JSONPath: .spec.source.volumeSnapshotContentName |
|||
description: Name of the VolumeSnapshotContent which represents a pre-provisioned |
|||
snapshot. |
|||
name: SourceSnapshotContent |
|||
type: string |
|||
- JSONPath: .status.restoreSize |
|||
description: Represents the complete size of the snapshot. |
|||
name: RestoreSize |
|||
type: string |
|||
- JSONPath: .spec.volumeSnapshotClassName |
|||
description: The name of the VolumeSnapshotClass requested by the VolumeSnapshot. |
|||
name: SnapshotClass |
|||
type: string |
|||
- JSONPath: .status.boundVolumeSnapshotContentName |
|||
description: The name of the VolumeSnapshotContent to which this VolumeSnapshot |
|||
is bound. |
|||
name: SnapshotContent |
|||
type: string |
|||
- JSONPath: .status.creationTime |
|||
description: Timestamp when the point-in-time snapshot is taken by the underlying |
|||
storage system. |
|||
name: CreationTime |
|||
type: date |
|||
- JSONPath: .metadata.creationTimestamp |
|||
name: Age |
|||
type: date |
|||
group: snapshot.storage.k8s.io |
|||
names: |
|||
kind: VolumeSnapshot |
|||
listKind: VolumeSnapshotList |
|||
plural: volumesnapshots |
|||
singular: volumesnapshot |
|||
preserveUnknownFields: false |
|||
scope: Namespaced |
|||
subresources: |
|||
status: {} |
|||
validation: |
|||
openAPIV3Schema: |
|||
description: VolumeSnapshot is a user's request for either creating a point-in-time |
|||
snapshot of a persistent volume, or binding to a pre-existing snapshot. |
|||
properties: |
|||
apiVersion: |
|||
description: 'APIVersion defines the versioned schema of this representation |
|||
of an object. Servers should convert recognized schemas to the latest |
|||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' |
|||
type: string |
|||
kind: |
|||
description: 'Kind is a string value representing the REST resource this |
|||
object represents. Servers may infer this from the endpoint the client |
|||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' |
|||
type: string |
|||
spec: |
|||
description: 'spec defines the desired characteristics of a snapshot requested |
|||
by a user. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshots#volumesnapshots |
|||
Required.' |
|||
properties: |
|||
source: |
|||
description: source specifies where a snapshot will be created from. |
|||
This field is immutable after creation. Required. |
|||
properties: |
|||
persistentVolumeClaimName: |
|||
description: persistentVolumeClaimName specifies the name of the |
|||
PersistentVolumeClaim object in the same namespace as the VolumeSnapshot |
|||
object where the snapshot should be dynamically taken from. This |
|||
field is immutable. |
|||
type: string |
|||
volumeSnapshotContentName: |
|||
description: volumeSnapshotContentName specifies the name of a pre-existing |
|||
VolumeSnapshotContent object. This field is immutable. |
|||
type: string |
|||
type: object |
|||
volumeSnapshotClassName: |
|||
description: 'volumeSnapshotClassName is the name of the VolumeSnapshotClass |
|||
requested by the VolumeSnapshot. If not specified, the default snapshot |
|||
class will be used if one exists. If not specified, and there is no |
|||
default snapshot class, dynamic snapshot creation will fail. Empty |
|||
string is not allowed for this field. TODO(xiangqian): a webhook validation |
|||
on empty string. More info: https://kubernetes.io/docs/concepts/storage/volume-snapshot-classes' |
|||
type: string |
|||
required: |
|||
- source |
|||
type: object |
|||
status: |
|||
description: 'status represents the current information of a snapshot. NOTE: |
|||
status can be modified by sources other than system controllers, and must |
|||
not be depended upon for accuracy. Controllers should only use information |
|||
from the VolumeSnapshotContent object after verifying that the binding |
|||
is accurate and complete.' |
|||
properties: |
|||
boundVolumeSnapshotContentName: |
|||
description: 'boundVolumeSnapshotContentName represents the name of |
|||
the VolumeSnapshotContent object to which the VolumeSnapshot object |
|||
is bound. If not specified, it indicates that the VolumeSnapshot object |
|||
has not been successfully bound to a VolumeSnapshotContent object |
|||
yet. NOTE: Specified boundVolumeSnapshotContentName alone does not |
|||
mean binding is valid. Controllers MUST always verify bidirectional |
|||
binding between VolumeSnapshot and VolumeSnapshotContent to |
|||
avoid possible security issues.' |
|||
type: string |
|||
creationTime: |
|||
description: creationTime is the timestamp when the point-in-time snapshot |
|||
is taken by the underlying storage system. In dynamic snapshot creation |
|||
case, this field will be filled in with the "creation_time" value |
|||
returned from CSI "CreateSnapshotRequest" gRPC call. For a pre-existing |
|||
snapshot, this field will be filled with the "creation_time" value |
|||
returned from the CSI "ListSnapshots" gRPC call if the driver supports |
|||
it. If not specified, it indicates that the creation time of the snapshot |
|||
is unknown. |
|||
format: date-time |
|||
type: string |
|||
error: |
|||
description: error is the last observed error during snapshot creation, |
|||
if any. This field could be helpful to upper level controllers(i.e., |
|||
application controller) to decide whether they should continue on |
|||
waiting for the snapshot to be created based on the type of error |
|||
reported. |
|||
properties: |
|||
message: |
|||
description: 'message is a string detailing the encountered error |
|||
during snapshot creation if specified. NOTE: message may be logged, |
|||
and it should not contain sensitive information.' |
|||
type: string |
|||
time: |
|||
description: time is the timestamp when the error was encountered. |
|||
format: date-time |
|||
type: string |
|||
type: object |
|||
readyToUse: |
|||
description: readyToUse indicates if a snapshot is ready to be used |
|||
to restore a volume. In dynamic snapshot creation case, this field |
|||
will be filled in with the "ready_to_use" value returned from CSI |
|||
"CreateSnapshotRequest" gRPC call. For a pre-existing snapshot, this |
|||
field will be filled with the "ready_to_use" value returned from the |
|||
CSI "ListSnapshots" gRPC call if the driver supports it, otherwise, |
|||
this field will be set to "True". If not specified, it means the readiness |
|||
of a snapshot is unknown. |
|||
type: boolean |
|||
restoreSize: |
|||
anyOf: |
|||
- type: integer |
|||
- type: string |
|||
description: restoreSize represents the complete size of the snapshot |
|||
in bytes. In dynamic snapshot creation case, this field will be filled |
|||
in with the "size_bytes" value returned from CSI "CreateSnapshotRequest" |
|||
gRPC call. For a pre-existing snapshot, this field will be filled |
|||
with the "size_bytes" value returned from the CSI "ListSnapshots" |
|||
gRPC call if the driver supports it. When restoring a volume from |
|||
this snapshot, the size of the volume MUST NOT be smaller than the |
|||
restoreSize if it is specified, otherwise the restoration will fail. |
|||
If not specified, it indicates that the size is unknown. |
|||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
|||
x-kubernetes-int-or-string: true |
|||
type: object |
|||
required: |
|||
- spec |
|||
type: object |
|||
version: v1beta1 |
|||
versions: |
|||
- name: v1beta1 |
|||
served: true |
|||
storage: true |
|||
status: |
|||
acceptedNames: |
|||
kind: "" |
|||
plural: "" |
|||
conditions: [] |
|||
storedVersions: [] |
|||
@ -0,0 +1,5 @@ |
|||
--- |
|||
snapshot_classes: |
|||
- name: cinder-csi-snapshot |
|||
is_default: false |
|||
force_create: true |
|||
@ -0,0 +1,17 @@ |
|||
--- |
|||
- name: Kubernetes Snapshots | Copy Cinder CSI Snapshot Class template |
|||
template: |
|||
src: "cinder-csi-snapshot-class.yml.j2" |
|||
dest: "{{ kube_config_dir }}/cinder-csi-snapshot-class.yml" |
|||
register: manifests |
|||
when: |
|||
- inventory_hostname == groups['kube-master'][0] |
|||
|
|||
- name: Kubernetes Snapshots | Add Cinder CSI Snapshot Class |
|||
kube: |
|||
kubectl: "{{ bin_dir }}/kubectl" |
|||
filename: "{{ kube_config_dir }}/cinder-csi-snapshot-class.yml" |
|||
state: "latest" |
|||
when: |
|||
- inventory_hostname == groups['kube-master'][0] |
|||
- manifests.changed |
|||
@ -0,0 +1,13 @@ |
|||
{% for class in snapshot_classes %} |
|||
--- |
|||
kind: VolumeSnapshotClass |
|||
apiVersion: snapshot.storage.k8s.io/v1beta1 |
|||
metadata: |
|||
name: "{{ class.name }}" |
|||
annotations: |
|||
storageclass.kubernetes.io/is-default-class: "{{ class.is_default | default(false) | ternary("true","false") }}" |
|||
driver: cinder.csi.openstack.org |
|||
deletionPolicy: Delete |
|||
parameters: |
|||
force-create: "{{ class.force_create }}" |
|||
{% endfor %} |
|||
@ -0,0 +1,14 @@ |
|||
--- |
|||
dependencies: |
|||
- role: kubernetes-apps/snapshots/snapshot-controller |
|||
when: |
|||
- cinder_csi_enabled |
|||
tags: |
|||
- snapshot-controller |
|||
|
|||
- role: kubernetes-apps/snapshots/cinder-csi |
|||
when: |
|||
- cinder_csi_enabled |
|||
tags: |
|||
- snapshot |
|||
- cinder-csi-driver |
|||
@ -0,0 +1,2 @@ |
|||
--- |
|||
snapshot_controller_replicas: 1 |
|||
@ -0,0 +1,25 @@ |
|||
--- |
|||
- name: Snapshot Controller | Generate Manifests |
|||
template: |
|||
src: "{{ item.file }}.j2" |
|||
dest: "{{ kube_config_dir }}/{{ item.file }}" |
|||
with_items: |
|||
- {name: rbac-snapshot-controller, file: rbac-snapshot-controller.yml} |
|||
- {name: snapshot-controller, file: snapshot-controller.yml} |
|||
register: snapshot_controller_manifests |
|||
when: inventory_hostname == groups['kube-master'][0] |
|||
tags: snapshot-controller |
|||
|
|||
- name: Snapshot Controller | Apply Manifests |
|||
kube: |
|||
kubectl: "{{ bin_dir }}/kubectl" |
|||
filename: "{{ kube_config_dir }}/{{ item.item.file }}" |
|||
state: "latest" |
|||
with_items: |
|||
- "{{ snapshot_controller_manifests.results }}" |
|||
when: |
|||
- inventory_hostname == groups['kube-master'][0] |
|||
- not item is skipped |
|||
loop_control: |
|||
label: "{{ item.item.file }}" |
|||
tags: snapshot-controller |
|||
@ -0,0 +1,85 @@ |
|||
# RBAC file for the snapshot controller. |
|||
# |
|||
# The snapshot controller implements the control loop for CSI snapshot functionality. |
|||
# It should be installed as part of the base Kubernetes distribution in an appropriate |
|||
# namespace for components implementing base system functionality. For installing with |
|||
# Vanilla Kubernetes, kube-system makes sense for the namespace. |
|||
|
|||
apiVersion: v1 |
|||
kind: ServiceAccount |
|||
metadata: |
|||
name: snapshot-controller |
|||
namespace: kube-system |
|||
|
|||
--- |
|||
kind: ClusterRole |
|||
apiVersion: rbac.authorization.k8s.io/v1 |
|||
metadata: |
|||
# rename if there are conflicts |
|||
name: snapshot-controller-runner |
|||
rules: |
|||
- apiGroups: [""] |
|||
resources: ["persistentvolumes"] |
|||
verbs: ["get", "list", "watch"] |
|||
- apiGroups: [""] |
|||
resources: ["persistentvolumeclaims"] |
|||
verbs: ["get", "list", "watch", "update"] |
|||
- apiGroups: ["storage.k8s.io"] |
|||
resources: ["storageclasses"] |
|||
verbs: ["get", "list", "watch"] |
|||
- apiGroups: [""] |
|||
resources: ["events"] |
|||
verbs: ["list", "watch", "create", "update", "patch"] |
|||
- apiGroups: ["snapshot.storage.k8s.io"] |
|||
resources: ["volumesnapshotclasses"] |
|||
verbs: ["get", "list", "watch"] |
|||
- apiGroups: ["snapshot.storage.k8s.io"] |
|||
resources: ["volumesnapshotcontents"] |
|||
verbs: ["create", "get", "list", "watch", "update", "delete"] |
|||
- apiGroups: ["snapshot.storage.k8s.io"] |
|||
resources: ["volumesnapshots"] |
|||
verbs: ["get", "list", "watch", "update"] |
|||
- apiGroups: ["snapshot.storage.k8s.io"] |
|||
resources: ["volumesnapshots/status"] |
|||
verbs: ["update"] |
|||
|
|||
--- |
|||
kind: ClusterRoleBinding |
|||
apiVersion: rbac.authorization.k8s.io/v1 |
|||
metadata: |
|||
name: snapshot-controller-role |
|||
subjects: |
|||
- kind: ServiceAccount |
|||
name: snapshot-controller |
|||
namespace: kube-system |
|||
roleRef: |
|||
kind: ClusterRole |
|||
# change the name also here if the ClusterRole gets renamed |
|||
name: snapshot-controller-runner |
|||
apiGroup: rbac.authorization.k8s.io |
|||
|
|||
--- |
|||
kind: Role |
|||
apiVersion: rbac.authorization.k8s.io/v1 |
|||
metadata: |
|||
namespace: kube-system |
|||
name: snapshot-controller-leaderelection |
|||
rules: |
|||
- apiGroups: ["coordination.k8s.io"] |
|||
resources: ["leases"] |
|||
verbs: ["get", "watch", "list", "delete", "update", "create"] |
|||
|
|||
--- |
|||
kind: RoleBinding |
|||
apiVersion: rbac.authorization.k8s.io/v1 |
|||
metadata: |
|||
name: snapshot-controller-leaderelection |
|||
namespace: kube-system |
|||
subjects: |
|||
- kind: ServiceAccount |
|||
name: snapshot-controller |
|||
namespace: kube-system |
|||
roleRef: |
|||
kind: Role |
|||
name: snapshot-controller-leaderelection |
|||
apiGroup: rbac.authorization.k8s.io |
|||
@ -0,0 +1,32 @@ |
|||
# This YAML file shows how to deploy the snapshot controller |
|||
|
|||
# The snapshot controller implements the control loop for CSI snapshot functionality. |
|||
# It should be installed as part of the base Kubernetes distribution in an appropriate |
|||
# namespace for components implementing base system functionality. For installing with |
|||
# Vanilla Kubernetes, kube-system makes sense for the namespace. |
|||
|
|||
--- |
|||
kind: StatefulSet |
|||
apiVersion: apps/v1 |
|||
metadata: |
|||
name: snapshot-controller |
|||
namespace: kube-system |
|||
spec: |
|||
serviceName: "snapshot-controller" |
|||
replicas: {{ snapshot_controller_replicas }} |
|||
selector: |
|||
matchLabels: |
|||
app: snapshot-controller |
|||
template: |
|||
metadata: |
|||
labels: |
|||
app: snapshot-controller |
|||
spec: |
|||
serviceAccount: snapshot-controller |
|||
containers: |
|||
- name: snapshot-controller |
|||
image: {{ snapshot_controller_image_repo }}:{{ snapshot_controller_image_tag }} |
|||
args: |
|||
- "--v=5" |
|||
- "--leader-election=false" |
|||
imagePullPolicy: {{ k8s_image_pull_policy }} |
|||
Write
Preview
Loading…
Cancel
Save