Improving the setup process

9 years ago · d0507fed40
7 changed files with 175 additions and 69 deletions
--- a/README.md
+++ b/README.md
@ -1,5 +1,38 @@
-= TODO
+# An Hostpath Provisioner for OpenShift
-== Setup
+## Build
 ```
 $ export GOPATH="$PWD"
 $ cd src
 $ glide install -v
 $ CGO_ENABLED=0 go build -a -ldflags '-extldflags "-static"' -o ../hostpath-provisioner hostpath-provisioner/hostpath-provisioner.go
 ```
 ## Package
 ```
 $ docker build -t hostpath-provisioner .
 ```
 ## Setup
 ```
 $ oc project default
 $ oc process -f setup/hostpath-provisioner-template.yaml
 ```
 ## Test
 ```
 $ oc project my-project
 $ oc create -f setup/sample-claim.yaml
 $ ls -l /tmp/openshift/
 ```
 ## Cleanup
 ```
 $ oc project default
 $ oc delete all -l template=hostpath-provisioner-template
 ```
--- a/setup/class.yaml
+++ b/setup/class.yaml
@ -1,5 +0,0 @@
 kind: StorageClass
 apiVersion: storage.k8s.io/v1beta1
 metadata:
  name: hostpath-provisioner
 provisioner: itix.fr/hostpath
--- a/setup/hostpath-provisioner-template.yaml
+++ b/setup/hostpath-provisioner-template.yaml
@ -0,0 +1,140 @@
 apiVersion: v1
 kind: Template
 labels:
  template: hostpath-provisioner-template
 message: An hostpath provisioner has been created in your project.
  Look at https://github.com/nmasse-itix/OpenShift-HostPath-Provisioner
  for more information about using this template.
 metadata:
  annotations:
    description: |-
      A storage provisioner that provision hostPath PV
      NOTE: Cannot be used in production or in a multi-node cluster.
    iconClass: icon-jenkins
    openshift.io/display-name: Hostpath Provisioner
    tags: storage
    template.openshift.io/documentation-url: https://github.com/nmasse-itix/OpenShift-HostPath-Provisioner
    template.openshift.io/long-description: A storage provisioner that provision hostPath PV
    template.openshift.io/provider-display-name: Nicolas Masse <nicolas.masse@itix.fr>
    template.openshift.io/support-url: https://github.com/nmasse-itix/OpenShift-HostPath-Provisioner/issues
  name: hostpath-provisioner
 objects:
 - apiVersion: v1
  kind: ServiceAccount
  metadata:
    name: hostpath-provisioner
    namespace: ${TARGET_NAMESPACE}
 - kind: ClusterRole
  apiVersion: v1
  metadata:
    name: hostpath-provisioner
  rules:
   - apiGroups: [""]
     resources: ["persistentvolumes"]
     verbs: ["get", "list", "watch", "create", "delete"]
   - apiGroups: [""]
     resources: ["persistentvolumeclaims"]
     verbs: ["get", "list", "watch", "update"]
   - apiGroups: ["storage.k8s.io"]
     resources: ["storageclasses"]
     verbs: ["get", "list", "watch"]
   - apiGroups: [""]
     resources: ["events"]
     verbs: ["list", "watch", "create", "update", "patch"]
   - apiGroups: [""]
     resources: ["services", "endpoints"]
     verbs: ["get"]
 - apiVersion: v1
  groupNames: null
  kind: ClusterRoleBinding
  metadata:
    name: hostpath-provisioner
  roleRef:
    name: hostpath-provisioner
  subjects:
  - kind: ServiceAccount
    name: hostpath-provisioner
    namespace: ${TARGET_NAMESPACE}
  userNames:
  - system:serviceaccount:${TARGET_NAMESPACE}:hostpath-provisioner
 - apiVersion: v1
  kind: SecurityContextConstraints
  metadata:
    annotations:
      kubernetes.io/description: 'hostpath-provisioner is a copy of the default hostmount-anyuid scc.'
    name: hostpath-provisioner
  allowHostDirVolumePlugin: true
  allowHostIPC: false
  allowHostNetwork: false
  allowHostPID: false
  allowHostPorts: false
  allowPrivilegedContainer: false
  allowedCapabilities: null
  defaultAddCapabilities: null
  fsGroup:
    type: RunAsAny
  priority: null
  readOnlyRootFilesystem: false
  requiredDropCapabilities: null
  runAsUser:
    type: RunAsAny
  seLinuxContext:
    type: MustRunAs
  supplementalGroups:
    type: RunAsAny
  users:
  - system:serviceaccount:${TARGET_NAMESPACE}:hostpath-provisioner
  volumes:
  - configMap
  - downwardAPI
  - emptyDir
  - hostPath
  - nfs
  - persistentVolumeClaim
  - secret
 - apiVersion: 1
  kind: DaemonSet
  metadata:
    name: hostpath-provisioner
    namespace: ${TARGET_NAMESPACE}
  spec:
    template:
      spec:
        containers:
          name: hostpath-provisioner
          image: ${HOSTPATH_PROVISIONER_IMAGE}
          imagePullPolicy: "IfNotPresent"
          env:
            - name: HOSTPATH_TO_USE
              value: ${HOSTPATH_TO_USE}
            - name: NODE_NAME
              valueFrom:
                fieldRef:
                  fieldPath: spec.nodeName
          volumeMounts:
            - name: pv-volume
              mountPath: ${HOSTPATH_TO_USE}
        volumes:
          - name: pv-volume
            hostPath:
              path: ${HOSTPATH_TO_USE}
        serviceAccount: hostpath-provisioner
 parameters:
 - description: Name of the Docker Image to be used for the Hostpath Provisioner DaemonSet.
  displayName: Hostpath Provisioner Docker Image
  name: HOSTPATH_PROVISIONER_IMAGE
  value: hostpath-provisioner:latest
 - description: The OpenShift Namespace on which you want to deploy the Hostpath Provisioner.
  displayName: Hostpath Provisioner Target Namespace
  name: TARGET_NAMESPACE
  value: default
 - description: A path on the host to on which the Hostpath Provisioner can create PVs.
  displayName: Host Path
  name: HOSTPATH_TO_USE
  value: /tmp/openshift
--- a/setup/pod.yaml
+++ b/setup/pod.yaml
@ -1,24 +0,0 @@
 kind: Pod
 apiVersion: v1
 metadata:
  name: hostpath-provisioner
 spec:
  containers:
    - name: hostpath-provisioner
      image: hostpath-provisioner:latest
      imagePullPolicy: "IfNotPresent"
      env:
        - name: HOSTPATH_TO_USE
          value: /tmp/openshift/
        - name: NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
      volumeMounts:
        - name: pv-volume
          mountPath: /tmp/openshift
  volumes:
    - name: pv-volume
      hostPath:
        path: /tmp/openshift
  serviceAccount: hostpath-provisioner
--- a/setup/roles.yaml
+++ b/setup/roles.yaml
@ -1,20 +0,0 @@
 kind: ClusterRole
 apiVersion: v1
 metadata:
 name: hostpath-provisioner
 rules:
 - apiGroups: [""]
   resources: ["persistentvolumes"]
   verbs: ["get", "list", "watch", "create", "delete"]
 - apiGroups: [""]
   resources: ["persistentvolumeclaims"]
   verbs: ["get", "list", "watch", "update"]
 - apiGroups: ["storage.k8s.io"]
   resources: ["storageclasses"]
   verbs: ["get", "list", "watch"]
 - apiGroups: [""]
   resources: ["events"]
   verbs: ["list", "watch", "create", "update", "patch"]
 - apiGroups: [""]
   resources: ["services", "endpoints"]
   verbs: ["get"]
--- a/setup/service-account.yaml
+++ b/setup/service-account.yaml
@ -1,4 +0,0 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
 name: hostpath-provisioner
--- a/setup/setup.sh
+++ b/setup/setup.sh
@ -1,14 +0,0 @@
 oc project default
 oc create -f service-account.yaml
 oc create -f roles.yaml
 oc adm policy add-scc-to-user hostmount-anyuid -z hostpath-provisioner
 oc adm policy add-cluster-role-to-user hostpath-provisioner -z hostpath-provisioner
 mkdir /tmp/openshift
 chmod 777 /tmp/openshift
 chcon -Rt svirt_sandbox_file_t /tmp/openshift
 oc create -f pod.yaml
 oc create -f class.yaml
 oc create -f sample-claim.yaml