From 639d1aab5e4cc7e3a33e24226bcb10f6e04b6d7b Mon Sep 17 00:00:00 2001 From: Mayank Shah Date: Fri, 9 Oct 2020 15:53:32 +0530 Subject: [PATCH] Add manifest for installing driver controller and install docs Signed-off-by: Mayank Shah --- .gitignore | 5 + Makefile | 25 +++- deploy/kubernetes/csi-nfs-controller.yaml | 107 ++++++++++++++++++ .../kubernetes/rbac-csi-nfs-controller.yaml | 49 ++++++++ docs/csi-dev.md | 49 ++++++++ 5 files changed, 234 insertions(+), 1 deletion(-) create mode 100644 deploy/kubernetes/csi-nfs-controller.yaml create mode 100644 deploy/kubernetes/rbac-csi-nfs-controller.yaml create mode 100644 docs/csi-dev.md diff --git a/.gitignore b/.gitignore index 5e56e040e..2626f83a9 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,6 @@ /bin + +# This is where the result of the go build goes +/output*/ +/_output*/ +/_output \ No newline at end of file diff --git a/Makefile b/Makefile index 96499d771..a940cedda 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - +CMDS=nfsplugin +DEPLOY_FOLDER = ./deploy/kubernetes CMDS=nfsplugin all: build @@ -21,3 +22,25 @@ include release-tools/build.make sanity-test: build ./test/sanity/run-test.sh +.PHONY: local-build-push +local-build-push: build + docker build -t $(LOCAL_USER)/nfsplugin:latest . + docker push $(LOCAL_USER)/nfsplugin + +.PHONY: local-k8s-install +local-k8s-install: + echo "Instlling locally" + kubectl apply -f $(DEPLOY_FOLDER)/rbac-csi-nfs-controller.yaml + kubectl apply -f $(DEPLOY_FOLDER)/csi-nfs-driverinfo.yaml + kubectl apply -f $(DEPLOY_FOLDER)/csi-nfs-controller.yaml + kubectl apply -f $(DEPLOY_FOLDER)/csi-nfs-node.yaml + echo "Successfully installed" + +.PHONY: local-k8s-uninstall +local-k8s-uninstall: + echo "Uninstalling driver" + kubectl delete -f $(DEPLOY_FOLDER)/csi-nfs-controller.yaml --ignore-not-found + kubectl delete -f $(DEPLOY_FOLDER)/csi-nfs-node.yaml --ignore-not-found + kubectl delete -f $(DEPLOY_FOLDER)/csi-nfs-driverinfo.yaml --ignore-not-found + kubectl delete -f $(DEPLOY_FOLDER)/rbac-csi-nfs-controller.yaml --ignore-not-found + echo "Uninstalled NFS driver" \ No newline at end of file diff --git a/deploy/kubernetes/csi-nfs-controller.yaml b/deploy/kubernetes/csi-nfs-controller.yaml new file mode 100644 index 000000000..5d99d2f00 --- /dev/null +++ b/deploy/kubernetes/csi-nfs-controller.yaml @@ -0,0 +1,107 @@ +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: csi-nfs-controller + namespace: kube-system +spec: + replicas: 2 + selector: + matchLabels: + app: csi-nfs-controller + template: + metadata: + labels: + app: csi-nfs-controller + spec: + serviceAccountName: csi-nfs-controller-sa + nodeSelector: + kubernetes.io/os: linux + priorityClassName: system-cluster-critical + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Equal" + value: "true" + effect: "NoSchedule" + containers: + - name: csi-provisioner + image: mcr.microsoft.com/oss/kubernetes-csi/csi-provisioner:v1.4.0 + args: + - "-v=5" + - "--csi-address=$(ADDRESS)" + - "--enable-leader-election" + - "--leader-election-type=leases" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + - name: liveness-probe + image: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe:v1.1.0 + args: + - --csi-address=/csi/csi.sock + - --connection-timeout=3s + - --health-port=29642 + - --v=5 + volumeMounts: + - name: socket-dir + mountPath: /csi + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 10m + memory: 20Mi + - name: nfs + image: quay.io/k8scsi/nfsplugin:v2.0.0 + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + imagePullPolicy: IfNotPresent + args: + - "--nodeid=$(NODE_ID)" + - "--endpoint=$(CSI_ENDPOINT)" + env: + - name: NODE_ID + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + volumeMounts: + - name: plugin-dir + mountPath: /plugin + - name: pods-mount-dir + mountPath: /var/lib/kubelet/pods + mountPropagation: "Bidirectional" + - mountPath: /csi + name: socket-dir + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 20Mi + volumes: + - name: plugin-dir + hostPath: + path: /var/lib/kubelet/plugins/csi-nfsplugin + type: DirectoryOrCreate + - name: pods-mount-dir + hostPath: + path: /var/lib/kubelet/pods + type: Directory + - name: socket-dir + emptyDir: {} \ No newline at end of file diff --git a/deploy/kubernetes/rbac-csi-nfs-controller.yaml b/deploy/kubernetes/rbac-csi-nfs-controller.yaml new file mode 100644 index 000000000..39f7953a5 --- /dev/null +++ b/deploy/kubernetes/rbac-csi-nfs-controller.yaml @@ -0,0 +1,49 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-nfs-controller-sa + namespace: kube-system + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: nfs-external-provisioner-role +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch"] +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: nfs-csi-provisioner-binding +subjects: + - kind: ServiceAccount + name: csi-nfs-controller-sa + namespace: kube-system +roleRef: + kind: ClusterRole + name: nfs-external-provisioner-role + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/docs/csi-dev.md b/docs/csi-dev.md new file mode 100644 index 000000000..8c58f3624 --- /dev/null +++ b/docs/csi-dev.md @@ -0,0 +1,49 @@ +# CSI Driver Development Guide + +## Build this project + +- Clone this repo + +```bash +git clone https://github.com/kubernetes-csi/csi-driver-nfs +``` + +- Build CSI Driver + +```bash +$ cd csi-driver-nfs +$ make +``` + +- Verify code before submitting PRs + +```bash +make verify +``` +## Test CSI Driver locally + +> WIP + +## Test CSI Driver in a Kubernetes Cluster + +- Build container image and push to DockerHub + +```bash +# Run `docker login` first +$ export LOCAL_USER= +$ make local-build-push +``` + +- Replace `quay.io/k8scsi/nfsplugin:v2.0.0` in `deploy/kubernetes/csi-nfs-controller.yaml` and `deploy/kubernetes/csi-nfs-node.yaml` with `/nfsplugin:latest` + +- Install driver locally + +```bash +make local-k8s-install +``` + +- Uninstall driver + +```bash +make local-k8s-uninstall +``` \ No newline at end of file