diff --git a/Makefile b/Makefile index b2a5481e90..ca278ded7d 100644 --- a/Makefile +++ b/Makefile @@ -181,12 +181,14 @@ KUSTOMIZE_OUTPUT += deploy/common/pmem-storageclass-cache.yaml KUSTOMIZATION_deploy/common/pmem-storageclass-cache.yaml = deploy/kustomize/storageclass-cache KUSTOMIZE_OUTPUT += deploy/common/pmem-storageclass-late-binding.yaml KUSTOMIZATION_deploy/common/pmem-storageclass-late-binding.yaml = deploy/kustomize/storageclass-late-binding +KUSTOMIZE_OUTPUT += deploy/operator/pmem-csi-operator.yaml +KUSTOMIZATION_deploy/operator/pmem-csi-operator.yaml = deploy/kustomize/operator kustomize: _work/go-bindata clean_kustomize_output $(KUSTOMIZE_OUTPUT) $< -o deploy/bindata_generated.go -pkg deploy deploy/kubernetes-*/*/pmem-csi.yaml $(KUSTOMIZE_OUTPUT): _work/kustomize $(KUSTOMIZE_INPUT) $< build --load_restrictor none $(KUSTOMIZATION_$@) >$@ - if echo "$@" | grep -q '/pmem-csi-'; then \ + if echo "$@" | grep '/pmem-csi-' | grep -qv '\-operator'; then \ dir=$$(echo "$@" | tr - / | sed -e 's;kubernetes/;kubernetes-;' -e 's/.yaml//' -e 's;/pmem/csi/;/;') && \ mkdir -p $$dir && \ cp $@ $$dir/pmem-csi.yaml && \ diff --git a/deploy/bindata_generated.go b/deploy/bindata_generated.go index cd4e7cf11d..2389661916 100644 --- a/deploy/bindata_generated.go +++ b/deploy/bindata_generated.go @@ -99,7 +99,7 @@ func deployKubernetes115DirectPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.15/direct/pmem-csi.yaml", size: 9599, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.15/direct/pmem-csi.yaml", size: 9599, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -119,7 +119,7 @@ func deployKubernetes115LvmPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.15/lvm/pmem-csi.yaml", size: 10468, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.15/lvm/pmem-csi.yaml", size: 10468, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -139,7 +139,7 @@ func deployKubernetes116DirectPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.16/direct/pmem-csi.yaml", size: 9652, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.16/direct/pmem-csi.yaml", size: 9652, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -159,7 +159,7 @@ func deployKubernetes116LvmPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.16/lvm/pmem-csi.yaml", size: 10521, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.16/lvm/pmem-csi.yaml", size: 10521, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -179,7 +179,7 @@ func deployKubernetes117DirectPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.17/direct/pmem-csi.yaml", size: 9652, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.17/direct/pmem-csi.yaml", size: 9652, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -199,7 +199,7 @@ func deployKubernetes117LvmPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.17/lvm/pmem-csi.yaml", size: 10521, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.17/lvm/pmem-csi.yaml", size: 10521, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -219,7 +219,7 @@ func deployKubernetes118DirectPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.18/direct/pmem-csi.yaml", size: 9652, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.18/direct/pmem-csi.yaml", size: 9652, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -239,7 +239,7 @@ func deployKubernetes118LvmPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.18/lvm/pmem-csi.yaml", size: 10521, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.18/lvm/pmem-csi.yaml", size: 10521, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } diff --git a/operator/examples/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml b/deploy/common/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml similarity index 90% rename from operator/examples/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml rename to deploy/common/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml index 9833029a5a..b7e71f3c2b 100644 --- a/operator/examples/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml +++ b/deploy/common/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml @@ -1,7 +1,7 @@ apiVersion: pmem-csi.intel.com/v1alpha1 kind: Deployment metadata: - name: example-deployment + name: pmem-csi.intel.com spec: pmemPercentage: 50 controllerResources: diff --git a/deploy/kustomize/operator/README.md b/deploy/kustomize/operator/README.md new file mode 100644 index 0000000000..3828645c4d --- /dev/null +++ b/deploy/kustomize/operator/README.md @@ -0,0 +1,4 @@ +# Operator + +The common parts for a PMEM-CSI operator deployment. Additional layers +could be added to customize the base operator deployment. diff --git a/deploy/kustomize/operator/kustomization.yaml b/deploy/kustomize/operator/kustomization.yaml new file mode 100644 index 0000000000..6041fc268e --- /dev/null +++ b/deploy/kustomize/operator/kustomization.yaml @@ -0,0 +1,2 @@ +resources: + - operator.yaml diff --git a/operator/deploy/operator.yaml b/deploy/kustomize/operator/operator.yaml similarity index 97% rename from operator/deploy/operator.yaml rename to deploy/kustomize/operator/operator.yaml index b1bab2b239..547a804dfb 100644 --- a/operator/deploy/operator.yaml +++ b/deploy/kustomize/operator/operator.yaml @@ -1,7 +1,3 @@ -### -# TODOs: -# 1) At somepoint this file should move to REPO_ROOT/deploy/ -### apiVersion: v1 kind: ServiceAccount metadata: diff --git a/deploy/operator/pmem-csi-operator.yaml b/deploy/operator/pmem-csi-operator.yaml new file mode 100644 index 0000000000..213f5f2e3b --- /dev/null +++ b/deploy/operator/pmem-csi-operator.yaml @@ -0,0 +1,159 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pmem-csi-operator + namespace: default +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: pmem-csi-operator + namespace: default +rules: +- apiGroups: + - "" + resources: + - configmaps + - services + - services/finalizers + - serviceaccounts + - endpoints + - events + - secrets + - pods + verbs: + - '*' +- apiGroups: + - apps + resources: + - daemonsets + - statefulsets + verbs: + - '*' +- apiGroups: + - apps + resourceNames: + - pmem-csi-operator + resources: + - deployments/finalizers + verbs: + - update +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: pmem-csi-operator +rules: +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + - clusterrolebindings + verbs: + - '*' +- apiGroups: + - storage.k8s.io + resources: + - csidrivers + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - create + - delete +- apiGroups: + - pmem-csi.intel.com + resources: + - deployments + - deployments/status + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pmem-csi-operator + namespace: default +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pmem-csi-operator +subjects: +- kind: ServiceAccount + name: pmem-csi-operator + namespace: default +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: pmem-csi-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pmem-csi-operator +subjects: +- kind: ServiceAccount + name: pmem-csi-operator + namespace: default +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: pmem-csi-operator + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + name: pmem-csi-operator + template: + metadata: + labels: + app: pmem-csi-operator + name: pmem-csi-operator + pmem-csi.intel.com/webhook: ignore + spec: + containers: + - command: + - /usr/local/bin/pmem-csi-operator + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: pmem-csi-operator + image: intel/pmem-csi-driver:canary + imagePullPolicy: IfNotPresent + name: pmem-csi-operator + securityContext: + readOnlyRootFilesystem: true + volumeMounts: + - mountPath: /tmp + name: tmp + serviceAccountName: pmem-csi-operator + volumes: + - emptyDir: {} + name: tmp diff --git a/test/start-operator.sh b/test/start-operator.sh index 6968a73efb..fdf483ade2 100755 --- a/test/start-operator.sh +++ b/test/start-operator.sh @@ -9,11 +9,11 @@ source "${TEST_CONFIG:-${TEST_DIRECTORY}/test-config.sh}" CLUSTER=${CLUSTER:-pmem-govm} REPO_DIRECTORY="${REPO_DIRECTORY:-$(dirname "${TEST_DIRECTORY}")}" CLUSTER_DIRECTORY="${CLUSTER_DIRECTORY:-${REPO_DIRECTORY}/_work/${CLUSTER}}" -DEPLOYMENT_DIRECTORY="${REPO_DIRECTORY}/operator/deploy" +DEPLOYMENT_DIRECTORY="${REPO_DIRECTORY}/deploy/operator" SSH="${CLUSTER_DIRECTORY}/ssh.0" KUBECTL="${SSH} kubectl" # Always use the kubectl installed in the cluster. -deploy="${DEPLOYMENT_DIRECTORY}/operator.yaml" +deploy="${DEPLOYMENT_DIRECTORY}/pmem-csi-operator.yaml" echo "Deploying '${deploy}'..." if [ -f "$deploy" ]; then @@ -57,7 +57,7 @@ EOF cat <&2 "'${deploy}' not a yaml file"