working on setup

9 years ago · 4e0ee7621a
4 changed files with 37 additions and 51 deletions
--- a/setup/pod.yaml
+++ b/setup/pod.yaml
@ -8,14 +8,18 @@ spec:
      image: hostpath-provisioner:latest
      imagePullPolicy: "IfNotPresent"
      env:
+        - name: HOSTPATH_TO_USE
+          value: /var/openshift/
        - name: NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
      volumeMounts:
        - name: pv-volume
-          mountPath: /tmp/hostpath-provisioner
+          mountPath: /var/openshift
  volumes:
    - name: pv-volume
      hostPath:
-        path: /tmp/hostpath-provisioner
+        path: /var/openshift
+  serviceAccount: hostpath-provisioner
+  
--- a/setup/roles.yaml
+++ b/setup/roles.yaml
@ -1,49 +1,20 @@
- apiVersion: rbac.authorization.k8s.io/v1beta1
-  kind: ClusterRole
-  metadata:
-    creationTimestamp: null
-    labels:
-      kubernetes.io/bootstrapping: rbac-defaults
-    name: system:persistent-volume-provisioner
-  rules:
-  - apiGroups:
-    - ""
-    resources:
-    - persistentvolumes
-    verbs:
-    - create
-    - delete
-    - get
-    - list
-    - watch
-  - apiGroups:
-    - ""
-    resources:
-    - persistentvolumeclaims
-    verbs:
-    - get
-    - list
-    - update
-    - watch
-  - apiGroups:
-    - storage.k8s.io
-    resources:
-    - storageclasses
-    verbs:
-    - get
-    - list
-    - watch
-  - apiGroups:
-    - ""
-    resources:
-    - events
-    verbs:
-    - watch
-  - apiGroups:
-    - ""
-    resources:
-    - events
-    verbs:
-    - create
-    - patch
-    - update
+kind: ClusterRole
+apiVersion: v1
+metadata:
+ name: hostpath-provisioner
+rules:
+ - apiGroups: [""]
+ resources: ["persistentvolumes"]
+ verbs: ["get", "list", "watch", "create", "delete"]
+ - apiGroups: [""]
+ resources: ["persistentvolumeclaims"]
+ verbs: ["get", "list", "watch", "update"]
+ - apiGroups: ["storage.k8s.io"]
+ resources: ["storageclasses"]
+ verbs: ["get", "list", "watch"]
+ - apiGroups: [""]
+ resources: ["events"]
+ verbs: ["list", "watch", "create", "update", "patch"]
+ - apiGroups: [""]
+ resources: ["services", "endpoints"]
+ verbs: ["get"]
--- a/setup/service-account.yaml
+++ b/setup/service-account.yaml
@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: hostpath-provisioner
--- a/setup/setup.sh
+++ b/setup/setup.sh
@ -0,0 +1,7 @@
+oc create -f service-account.yaml
+oc create -f roles.yaml
+# oc adm policy add-scc-to-user hostmount-anyuid system:serviceaccount:test-provisioner:hostpath-provisioner
+# oc adm policy add-cluster-role-to-user hostpath-provisioner-runner system:serviceaccount:test-provisioner:hostpath-provisioner
+
+oc create -f pod.yaml
+oc create -f class.yaml