Improving the setup process

9 years ago · d0507fed40
7 changed files with 175 additions and 69 deletions
--- a/README.md
+++ b/README.md
@ -1,5 +1,38 @@
-= TODO
+# An Hostpath Provisioner for OpenShift

-== Setup
+## Build

+```
+$ export GOPATH="$PWD"
+$ cd src
+$ glide install -v
+$ CGO_ENABLED=0 go build -a -ldflags '-extldflags "-static"' -o ../hostpath-provisioner hostpath-provisioner/hostpath-provisioner.go
+```

+## Package
+
+```
+$ docker build -t hostpath-provisioner .
+```
+
+## Setup
+
+```
+$ oc project default
+$ oc process -f setup/hostpath-provisioner-template.yaml
+```
+
+## Test
+
+```
+$ oc project my-project
+$ oc create -f setup/sample-claim.yaml
+$ ls -l /tmp/openshift/
+```
+
+## Cleanup
+
+```
+$ oc project default
+$ oc delete all -l template=hostpath-provisioner-template
+```
--- a/setup/class.yaml
+++ b/setup/class.yaml
@ -1,5 +0,0 @@
-kind: StorageClass
-apiVersion: storage.k8s.io/v1beta1
-metadata:
-  name: hostpath-provisioner
-provisioner: itix.fr/hostpath
--- a/setup/hostpath-provisioner-template.yaml
+++ b/setup/hostpath-provisioner-template.yaml
@ -0,0 +1,140 @@
+apiVersion: v1
+kind: Template
+labels:
+  template: hostpath-provisioner-template
+message: An hostpath provisioner has been created in your project.
+  Look at https://github.com/nmasse-itix/OpenShift-HostPath-Provisioner
+  for more information about using this template.
+metadata:
+  annotations:
+    description: |-
+      A storage provisioner that provision hostPath PV
+
+      NOTE: Cannot be used in production or in a multi-node cluster.
+    iconClass: icon-jenkins
+    openshift.io/display-name: Hostpath Provisioner
+    tags: storage
+    template.openshift.io/documentation-url: https://github.com/nmasse-itix/OpenShift-HostPath-Provisioner
+    template.openshift.io/long-description: A storage provisioner that provision hostPath PV
+    template.openshift.io/provider-display-name: Nicolas Masse <nicolas.masse@itix.fr>
+    template.openshift.io/support-url: https://github.com/nmasse-itix/OpenShift-HostPath-Provisioner/issues
+  name: hostpath-provisioner
+objects:
+- apiVersion: v1
+  kind: ServiceAccount
+  metadata:
+    name: hostpath-provisioner
+    namespace: ${TARGET_NAMESPACE}
+
+- kind: ClusterRole
+  apiVersion: v1
+  metadata:
+    name: hostpath-provisioner
+  rules:
+   - apiGroups: [""]
+     resources: ["persistentvolumes"]
+     verbs: ["get", "list", "watch", "create", "delete"]
+   - apiGroups: [""]
+     resources: ["persistentvolumeclaims"]
+     verbs: ["get", "list", "watch", "update"]
+   - apiGroups: ["storage.k8s.io"]
+     resources: ["storageclasses"]
+     verbs: ["get", "list", "watch"]
+   - apiGroups: [""]
+     resources: ["events"]
+     verbs: ["list", "watch", "create", "update", "patch"]
+   - apiGroups: [""]
+     resources: ["services", "endpoints"]
+     verbs: ["get"]
+
+- apiVersion: v1
+  groupNames: null
+  kind: ClusterRoleBinding
+  metadata:
+    name: hostpath-provisioner
+  roleRef:
+    name: hostpath-provisioner
+  subjects:
+  - kind: ServiceAccount
+    name: hostpath-provisioner
+    namespace: ${TARGET_NAMESPACE}
+  userNames:
+  - system:serviceaccount:${TARGET_NAMESPACE}:hostpath-provisioner
+
+- apiVersion: v1
+  kind: SecurityContextConstraints
+  metadata:
+    annotations:
+      kubernetes.io/description: 'hostpath-provisioner is a copy of the default hostmount-anyuid scc.'
+    name: hostpath-provisioner
+  allowHostDirVolumePlugin: true
+  allowHostIPC: false
+  allowHostNetwork: false
+  allowHostPID: false
+  allowHostPorts: false
+  allowPrivilegedContainer: false
+  allowedCapabilities: null
+  defaultAddCapabilities: null
+  fsGroup:
+    type: RunAsAny
+  priority: null
+  readOnlyRootFilesystem: false
+  requiredDropCapabilities: null
+  runAsUser:
+    type: RunAsAny
+  seLinuxContext:
+    type: MustRunAs
+  supplementalGroups:
+    type: RunAsAny
+  users:
+  - system:serviceaccount:${TARGET_NAMESPACE}:hostpath-provisioner
+  volumes:
+  - configMap
+  - downwardAPI
+  - emptyDir
+  - hostPath
+  - nfs
+  - persistentVolumeClaim
+  - secret
+
+- apiVersion: 1
+  kind: DaemonSet
+  metadata:
+    name: hostpath-provisioner
+    namespace: ${TARGET_NAMESPACE}
+  spec:
+    template:
+      spec:
+        containers:
+          name: hostpath-provisioner
+          image: ${HOSTPATH_PROVISIONER_IMAGE}
+          imagePullPolicy: "IfNotPresent"
+          env:
+            - name: HOSTPATH_TO_USE
+              value: ${HOSTPATH_TO_USE}
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: spec.nodeName
+          volumeMounts:
+            - name: pv-volume
+              mountPath: ${HOSTPATH_TO_USE}
+        volumes:
+          - name: pv-volume
+            hostPath:
+              path: ${HOSTPATH_TO_USE}
+        serviceAccount: hostpath-provisioner
+
+parameters:
+- description: Name of the Docker Image to be used for the Hostpath Provisioner DaemonSet.
+  displayName: Hostpath Provisioner Docker Image
+  name: HOSTPATH_PROVISIONER_IMAGE
+  value: hostpath-provisioner:latest
+- description: The OpenShift Namespace on which you want to deploy the Hostpath Provisioner.
+  displayName: Hostpath Provisioner Target Namespace
+  name: TARGET_NAMESPACE
+  value: default
+- description: A path on the host to on which the Hostpath Provisioner can create PVs.
+  displayName: Host Path
+  name: HOSTPATH_TO_USE
+  value: /tmp/openshift
--- a/setup/pod.yaml
+++ b/setup/pod.yaml
@ -1,24 +0,0 @@
-kind: Pod
-apiVersion: v1
-metadata:
-  name: hostpath-provisioner
-spec:
-  containers:
-    - name: hostpath-provisioner
-      image: hostpath-provisioner:latest
-      imagePullPolicy: "IfNotPresent"
-      env:
-        - name: HOSTPATH_TO_USE
-          value: /tmp/openshift/
-        - name: NODE_NAME
-          valueFrom:
-            fieldRef:
-              fieldPath: spec.nodeName
-      volumeMounts:
-        - name: pv-volume
-          mountPath: /tmp/openshift
-  volumes:
-    - name: pv-volume
-      hostPath:
-        path: /tmp/openshift
-  serviceAccount: hostpath-provisioner
--- a/setup/roles.yaml
+++ b/setup/roles.yaml
@ -1,20 +0,0 @@
-kind: ClusterRole
-apiVersion: v1
-metadata:
- name: hostpath-provisioner
-rules:
- - apiGroups: [""]
-   resources: ["persistentvolumes"]
-   verbs: ["get", "list", "watch", "create", "delete"]
- - apiGroups: [""]
-   resources: ["persistentvolumeclaims"]
-   verbs: ["get", "list", "watch", "update"]
- - apiGroups: ["storage.k8s.io"]
-   resources: ["storageclasses"]
-   verbs: ["get", "list", "watch"]
- - apiGroups: [""]
-   resources: ["events"]
-   verbs: ["list", "watch", "create", "update", "patch"]
- - apiGroups: [""]
-   resources: ["services", "endpoints"]
-   verbs: ["get"]
--- a/setup/service-account.yaml
+++ b/setup/service-account.yaml
@ -1,4 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: hostpath-provisioner
--- a/setup/setup.sh
+++ b/setup/setup.sh
@ -1,14 +0,0 @@
-oc project default
-oc create -f service-account.yaml
-oc create -f roles.yaml
-oc adm policy add-scc-to-user hostmount-anyuid -z hostpath-provisioner
-oc adm policy add-cluster-role-to-user hostpath-provisioner -z hostpath-provisioner
-
-mkdir /tmp/openshift
-chmod 777 /tmp/openshift
-chcon -Rt svirt_sandbox_file_t /tmp/openshift
-
-oc create -f pod.yaml
-oc create -f class.yaml
-
-oc create -f sample-claim.yaml