From 87cc1ee645fd82e4230d81d28e40dd61ad185efc Mon Sep 17 00:00:00 2001 From: Jeff Billimek Date: Sat, 19 Oct 2019 20:11:30 -0400 Subject: [PATCH] Remove submodule (#82) * removing submodule Signed-off-by: Jeff Billimek * removing submodule Signed-off-by: Jeff Billimek * removing submodule Signed-off-by: Jeff Billimek --- .gitmodules | 3 - .../sig-storage-local-static-provisioner | 1 - provisioner/Chart.yaml | 12 - provisioner/templates/namespace.yaml | 10 - .../templates/pod-security-policy.yaml | 35 --- .../provisioner-cluster-role-binding.yaml | 124 ---------- .../provisioner-service-account.yaml | 11 - provisioner/templates/provisioner.yaml | 218 ------------------ provisioner/values.yaml | 157 ------------- 9 files changed, 571 deletions(-) delete mode 160000 .submodules/sig-storage-local-static-provisioner delete mode 100644 provisioner/Chart.yaml delete mode 100644 provisioner/templates/namespace.yaml delete mode 100644 provisioner/templates/pod-security-policy.yaml delete mode 100644 provisioner/templates/provisioner-cluster-role-binding.yaml delete mode 100644 provisioner/templates/provisioner-service-account.yaml delete mode 100644 provisioner/templates/provisioner.yaml delete mode 100644 provisioner/values.yaml diff --git a/.gitmodules b/.gitmodules index f58db6b2..f29983ae 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,6 +1,3 @@ [submodule "kube-plex"] path = .submodules/kube-plex url = https://github.com/billimek/kube-plex.git -[submodule ".submodules/sig-storage-local-static-provisioner"] - path = .submodules/sig-storage-local-static-provisioner - url = https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner.git diff --git a/.submodules/sig-storage-local-static-provisioner b/.submodules/sig-storage-local-static-provisioner deleted file mode 160000 index 747ad24a..00000000 --- a/.submodules/sig-storage-local-static-provisioner +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 747ad24a8984fd89021e88b0369043a412fb4cf8 diff --git a/provisioner/Chart.yaml b/provisioner/Chart.yaml deleted file mode 100644 index e524c013..00000000 --- a/provisioner/Chart.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -version: 2.3.2 -description: local provisioner chart -name: provisioner -appVersion: 2.3.2 -keywords: - - storage - - local -engine: gotpl -home: https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner/tree/master/helm/provisioner -maintainers: -- name: billimek diff --git a/provisioner/templates/namespace.yaml b/provisioner/templates/namespace.yaml deleted file mode 100644 index 77a0b788..00000000 --- a/provisioner/templates/namespace.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- if .Values.common.createNamespace }} -apiVersion: v1 -kind: Namespace -metadata: - name: {{ .Values.common.namespace | quote }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -{{- end }} diff --git a/provisioner/templates/pod-security-policy.yaml b/provisioner/templates/pod-security-policy.yaml deleted file mode 100644 index 9e660cf7..00000000 --- a/provisioner/templates/pod-security-policy.yaml +++ /dev/null @@ -1,35 +0,0 @@ -{{- if .Values.common.podSecurityPolicy -}} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: local-storage-provisioner-pod-security-policy - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -spec: - allowPrivilegeEscalation: true - allowedHostPaths: - - pathPrefix: /dev - {{- range $classConfig := .Values.classes }} - - pathPrefix: {{ $classConfig.hostDir }} - {{- end }} - fsGroup: - rule: RunAsAny - privileged: true - requiredDropCapabilities: - - ALL - runAsUser: - ranges: - - max: 65535 - min: 1 - rule: MustRunAs - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - volumes: - - configMap - - secret - - hostPath -{{- end }} diff --git a/provisioner/templates/provisioner-cluster-role-binding.yaml b/provisioner/templates/provisioner-cluster-role-binding.yaml deleted file mode 100644 index b58a04c7..00000000 --- a/provisioner/templates/provisioner-cluster-role-binding.yaml +++ /dev/null @@ -1,124 +0,0 @@ -{{- if .Values.common.rbac }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-pv-binding - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -subjects: -- kind: ServiceAccount - name: {{ .Values.daemonset.serviceAccount }} - namespace: {{ .Values.common.namespace }} -roleRef: - kind: ClusterRole - name: system:persistent-volume-provisioner - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: local-storage-provisioner-node-clusterrole - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -rules: -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: local-storage-provisioner-node-binding - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -subjects: -- kind: ServiceAccount - name: {{ .Values.daemonset.serviceAccount }} - namespace: {{ .Values.common.namespace }} -roleRef: - kind: ClusterRole - name: local-storage-provisioner-node-clusterrole - apiGroup: rbac.authorization.k8s.io -{{- if .Values.common.useJobForCleaning }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: local-storage-provisioner-jobs-role - namespace: {{ .Values.common.namespace }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -rules: -- apiGroups: - - 'batch' - resources: - - jobs - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: local-storage-provisioner-jobs-rolebinding - namespace: {{ .Values.common.namespace }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -subjects: -- kind: ServiceAccount - name: {{ .Values.daemonset.serviceAccount }} - namespace: {{ .Values.common.namespace }} -roleRef: - kind: Role - name: local-storage-provisioner-jobs-role - apiGroup: rbac.authorization.k8s.io -{{- end }} -{{- if .Values.common.podSecurityPolicy }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: local-storage-provisioner-psp-role - namespace: {{ .Values.common.namespace }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -rules: -- apiGroups: - - policy - resources: - - podsecuritypolicies - resourceNames: - - local-storage-provisioner-pod-security-policy - verbs: - - use ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: local-storage-provisioner-psp-rolebinding - namespace: {{ .Values.common.namespace }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -subjects: -- kind: ServiceAccount - name: {{ .Values.daemonset.serviceAccount }} - namespace: {{ .Values.common.namespace }} -roleRef: - kind: Role - name: local-storage-provisioner-psp-role - apiGroup: rbac.authorization.k8s.io -{{- end }} -{{- end }} diff --git a/provisioner/templates/provisioner-service-account.yaml b/provisioner/templates/provisioner-service-account.yaml deleted file mode 100644 index df257b17..00000000 --- a/provisioner/templates/provisioner-service-account.yaml +++ /dev/null @@ -1,11 +0,0 @@ -{{- if .Values.common.rbac }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.daemonset.serviceAccount }} - namespace: {{ .Values.common.namespace }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -{{- end }} diff --git a/provisioner/templates/provisioner.yaml b/provisioner/templates/provisioner.yaml deleted file mode 100644 index 201250d5..00000000 --- a/provisioner/templates/provisioner.yaml +++ /dev/null @@ -1,218 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Values.common.configMapName }} - namespace: {{ .Values.common.namespace }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -data: -{{- if .Values.daemonset.nodeLabels }} - nodeLabelsForPV: | - {{- range $label := .Values.daemonset.nodeLabels }} - - {{$label}} - {{- end }} -{{- end }} -{{- if .Values.common.useAlphaAPI }} - useAlphaAPI: "true" -{{- end }} -{{- if .Values.common.setPVOwnerRef }} - setPVOwnerRef: "true" -{{- end }} -{{- if .Values.common.useJobForCleaning }} - useJobForCleaning: "yes" -{{- end}} -{{- if .Values.common.useNodeNameOnly }} - useNodeNameOnly: "true" -{{- end }} -{{- if .Values.common.minResyncPeriod }} - minResyncPeriod: {{ .Values.common.minResyncPeriod | quote }} -{{- end}} - storageClassMap: | - {{- range $classConfig := .Values.classes }} - {{ $classConfig.name }}: - hostDir: {{ $classConfig.hostDir }} - mountDir: {{ if $classConfig.mountDir }} {{- $classConfig.mountDir -}} {{ else }} {{- $classConfig.hostDir -}} {{ end }} - {{- if $classConfig.blockCleanerCommand }} - blockCleanerCommand: - {{- range $val := $classConfig.blockCleanerCommand }} - - "{{ $val -}}"{{- end}} - {{- end }} - {{- if $classConfig.volumeMode }} - volumeMode: {{ $classConfig.volumeMode }} - {{- end }} - {{- if $classConfig.fsType }} - fsType: {{ $classConfig.fsType }} - {{- end }} - {{- end }} ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: {{ .Values.daemonset.name }} - namespace: {{ .Values.common.namespace }} - labels: - app: local-volume-provisioner - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -spec: - selector: - matchLabels: - app: local-volume-provisioner - template: - metadata: - labels: - app: local-volume-provisioner - spec: - serviceAccountName: {{.Values.daemonset.serviceAccount}} -{{- if .Values.daemonset.priorityClassName }} -{{- if eq .Values.common.namespace "kube-system" }} - priorityClassName: {{.Values.daemonset.priorityClassName}} -{{- else }} - {{- $systemCriticalClasses := list "system-cluster-critical" "system-node-critical" }} - {{- if not (has .Values.daemonset.priorityClassName $systemCriticalClasses) }} - priorityClassName: {{.Values.daemonset.priorityClassName}} - {{- end }} -{{- end }} -{{- end }} -{{- if .Values.daemonset.nodeSelector }} - nodeSelector: -{{ .Values.daemonset.nodeSelector | toYaml | trim | indent 8 }} -{{- end }} -{{- if .Values.daemonset.tolerations }} - tolerations: -{{ .Values.daemonset.tolerations | toYaml | trim | indent 8 }} -{{- end }} - containers: - - image: "{{ .Values.daemonset.image }}" - {{- if .Values.daemonset.imagePullPolicy }} - imagePullPolicy: {{ .Values.daemonset.imagePullPolicy | quote }} - {{- end }} - name: provisioner - securityContext: - privileged: true -{{- if .Values.daemonset.resources }} - resources: -{{ .Values.daemonset.resources | toYaml | trim | indent 12 }} -{{- end }} - env: - - name: MY_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: MY_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: JOB_CONTAINER_IMAGE - value: "{{ .Values.daemonset.image }}" - {{- if .Values.daemonset.kubeConfigEnv }} - - name: KUBECONFIG - value: {{.Values.daemonset.kubeConfigEnv}} - {{- end }} - {{- if .Values.prometheus.operator.enabled }} - ports: - - containerPort: 8080 - name: http - {{- end }} - volumeMounts: - - mountPath: /etc/provisioner/config - name: provisioner-config - readOnly: true - - mountPath: /dev - name: provisioner-dev - {{- range $classConfig := .Values.classes }} - - mountPath: {{ if $classConfig.mountDir }} {{- $classConfig.mountDir -}} {{ else }} {{- $classConfig.hostDir -}} {{ end }} - name: {{ $classConfig.name }} - mountPropagation: "HostToContainer" - {{- end }} - volumes: - - name: provisioner-config - configMap: - name: {{ .Values.common.configMapName }} - - name: provisioner-dev - hostPath: - path: /dev - {{- range $classConfig := .Values.classes }} - - name: {{ $classConfig.name }} - hostPath: - path: {{ $classConfig.hostDir }} - {{- end }} -{{- $release := .Release }} -{{- $chart := .Chart }} -{{- range $val := .Values.classes }} -{{- if $val.storageClass }} ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: {{ $val.name }} - {{- if kindIs "map" $val.storageClass }} - {{- if $val.storageClass.isDefaultClass }} - annotations: - storageclass.kubernetes.io/is-default-class: "true" - {{- end }} - {{- end }} - labels: - heritage: {{ $release.Service | quote }} - release: {{ $release.Name | quote }} - chart: {{ replace "+" "_" $chart.Version | printf "%s-%s" $chart.Name }} -provisioner: kubernetes.io/no-provisioner -volumeBindingMode: WaitForFirstConsumer -{{- if kindIs "map" $val.storageClass }} -reclaimPolicy: {{ $val.storageClass.reclaimPolicy | default "Delete" }} -{{- else }} -reclaimPolicy: Delete -{{- end }} -{{- end }} -{{- end }} -{{- if .Values.prometheus.operator.enabled }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.daemonset.name }} - namespace: {{ .Values.common.namespace }} - labels: - app: local-volume-provisioner - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} -spec: - type: ClusterIP - ports: - - port: 8080 - targetPort: 8080 - name: http - selector: - app: local-volume-provisioner ---- -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ .Values.daemonset.name }} - namespace: {{ .Values.prometheus.operator.serviceMonitor.namespace }} - labels: - app: local-volume-provisioner - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }} - {{- if .Values.prometheus.operator.serviceMonitor.selector }} - {{ toYaml .Values.prometheus.operator.serviceMonitor.selector }} - {{- end -}} -spec: - jobLabel: app - selector: - matchLabels: - app: local-volume-provisioner - release: {{ .Release.Name | quote }} - namespaceSelector: - matchNames: - - {{ .Values.common.namespace }} - endpoints: - - port: http - interval: {{ .Values.prometheus.operator.serviceMonitor.interval }} - scheme: http -{{- end }} diff --git a/provisioner/values.yaml b/provisioner/values.yaml deleted file mode 100644 index 2a2eabbe..00000000 --- a/provisioner/values.yaml +++ /dev/null @@ -1,157 +0,0 @@ -# -# Common options. -# -common: - # - # Defines whether to generate service account and role bindings. - # - rbac: true - # - # Defines the namespace where provisioner runs - # - namespace: default - # - # Defines whether to create provisioner namespace - # - createNamespace: false - # - # Beta PV.NodeAffinity field is used by default. If running against pre-1.10 - # k8s version, the `useAlphaAPI` flag must be enabled in the configMap. - # - useAlphaAPI: false - # - # Indicates if PVs should be dependents of the owner Node. - # - setPVOwnerRef: false - # - # Provisioner clean volumes in process by default. If set to true, provisioner - # will use Jobs to clean. - # - useJobForCleaning: false - # - # Provisioner name contains Node.UID by default. If set to true, the provisioner - # name will only use Node.Name. - # - useNodeNameOnly: false - # - # Resync period in reflectors will be random between minResyncPeriod and - # 2*minResyncPeriod. Default: 5m0s. - # - # minResyncPeriod: 5m0s - # - # Defines the name of configmap used by Provisioner - # - configMapName: "local-provisioner-config" - # - # Enables or disables Pod Security Policy creation and binding - # - podSecurityPolicy: false -# -# Configure storage classes. -# -classes: -- name: fast-disks # Defines name of storage classe. - # Path on the host where local volumes of this storage class are mounted - # under. - hostDir: /mnt/fast-disks - # Optionally specify mount path of local volumes. By default, we use same - # path as hostDir in container. - # mountDir: /mnt/fast-disks - # The volume mode of created PersistentVolume object. Default to Filesystem - # if not specified. - volumeMode: Filesystem - # Filesystem type to mount. - # It applies only when the source path is a block device, - # and desire volume mode is Filesystem. - # Must be a filesystem type supported by the host operating system. - fsType: ext4 - blockCleanerCommand: - # Do a quick reset of the block device during its cleanup. - # - "/scripts/quick_reset.sh" - # or use dd to zero out block dev in two iterations by uncommenting these lines - # - "/scripts/dd_zero.sh" - # - "2" - # or run shred utility for 2 iteration.s - - "/scripts/shred.sh" - - "2" - # or blkdiscard utility by uncommenting the line below. - # - "/scripts/blkdiscard.sh" - # Uncomment to create storage class object with default configuration. - # storageClass: true - # Uncomment to create storage class object and configure it. - # storageClass: - # reclaimPolicy: Delete # Available reclaim policies: Delete/Retain, defaults: Delete. - # isDefaultClass: true # set as default class - -# -# Configure DaemonSet for provisioner. -# -daemonset: - # - # Defines the name of a Provisioner - # - name: "local-volume-provisioner" - # - # Defines Provisioner's image name including container registry. - # - image: quay.io/external_storage/local-volume-provisioner:v2.3.2 - # - # Defines Image download policy, see kubernetes documentation for available values. - # - # imagePullPolicy: Always - # - # Defines a name of the service account which Provisioner will use to communicate with API server. - # - serviceAccount: local-storage-admin - # - # Defines a name of the Pod Priority Class to use with the Provisioner DaemonSet - # - # Note that if you want to make it critical, specify "system-cluster-critical" - # or "system-node-critical" and deploy in kube-system namespace. - # Ref: https://k8s.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical - # - # priorityClassName: system-node-critical - # If configured, nodeSelector will add a nodeSelector field to the DaemonSet PodSpec. - # - # NodeSelector constraint for local-volume-provisioner scheduling to nodes. - # Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector - nodeSelector: {} - # - # If configured KubeConfigEnv will (optionally) specify the location of kubeconfig file on the node. - # kubeConfigEnv: KUBECONFIG - # - # List of node labels to be copied to the PVs created by the provisioner in a format: - # - # nodeLabels: - # - failure-domain.beta.kubernetes.io/zone - # - failure-domain.beta.kubernetes.io/region - # - # If configured, tolerations will add a toleration field to the DaemonSet PodSpec. - # - # Node tolerations for local-volume-provisioner scheduling to nodes with taints. - # Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - tolerations: [] - # - # If configured, resources will set the requests/limits field to the Daemonset PodSpec. - # Ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - resources: {} -# -# Configure Prometheus monitoring -# -prometheus: - operator: - ## Are you using Prometheus Operator? - enabled: false - - serviceMonitor: - ## Interval at which Prometheus scrapes the provisioner - interval: 10s - - # Namespace Prometheus is installed in - namespace: monitoring - - ## Defaults to whats used if you follow CoreOS [Prometheus Install Instructions](https://github.com/coreos/prometheus-operator/tree/master/helm#tldr) - ## [Prometheus Selector Label](https://github.com/coreos/prometheus-operator/blob/master/helm/prometheus/templates/prometheus.yaml#L65) - ## [Kube Prometheus Selector Label](https://github.com/coreos/prometheus-operator/blob/master/helm/kube-prometheus/values.yaml#L298) - selector: - prometheus: kube-prometheus