From 658f106f081b4192476e8f84d36f78af52ac8b0f Mon Sep 17 00:00:00 2001 From: Amarnath Valluri Date: Mon, 8 Jun 2020 12:57:05 +0300 Subject: [PATCH 1/2] deploy: Move operator deployment files to ${REPO_ROOT}/deploy Also enabled kustomization support for the operator deployment. --- Makefile | 4 +- deploy/bindata_generated.go | 16 +- ...-csi.intel.com_v1alpha1_deployment_cr.yaml | 0 deploy/kustomize/operator/README.md | 4 + deploy/kustomize/operator/kustomization.yaml | 2 + .../kustomize/operator}/operator.yaml | 4 - deploy/operator/pmem-csi-operator.yaml | 159 ++++++++++++++++++ test/start-operator.sh | 6 +- 8 files changed, 179 insertions(+), 16 deletions(-) rename {operator/examples => deploy/common}/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml (100%) create mode 100644 deploy/kustomize/operator/README.md create mode 100644 deploy/kustomize/operator/kustomization.yaml rename {operator/deploy => deploy/kustomize/operator}/operator.yaml (97%) create mode 100644 deploy/operator/pmem-csi-operator.yaml diff --git a/Makefile b/Makefile index b2a5481e90..ca278ded7d 100644 --- a/Makefile +++ b/Makefile @@ -181,12 +181,14 @@ KUSTOMIZE_OUTPUT += deploy/common/pmem-storageclass-cache.yaml KUSTOMIZATION_deploy/common/pmem-storageclass-cache.yaml = deploy/kustomize/storageclass-cache KUSTOMIZE_OUTPUT += deploy/common/pmem-storageclass-late-binding.yaml KUSTOMIZATION_deploy/common/pmem-storageclass-late-binding.yaml = deploy/kustomize/storageclass-late-binding +KUSTOMIZE_OUTPUT += deploy/operator/pmem-csi-operator.yaml +KUSTOMIZATION_deploy/operator/pmem-csi-operator.yaml = deploy/kustomize/operator kustomize: _work/go-bindata clean_kustomize_output $(KUSTOMIZE_OUTPUT) $< -o deploy/bindata_generated.go -pkg deploy deploy/kubernetes-*/*/pmem-csi.yaml $(KUSTOMIZE_OUTPUT): _work/kustomize $(KUSTOMIZE_INPUT) $< build --load_restrictor none $(KUSTOMIZATION_$@) >$@ - if echo "$@" | grep -q '/pmem-csi-'; then \ + if echo "$@" | grep '/pmem-csi-' | grep -qv '\-operator'; then \ dir=$$(echo "$@" | tr - / | sed -e 's;kubernetes/;kubernetes-;' -e 's/.yaml//' -e 's;/pmem/csi/;/;') && \ mkdir -p $$dir && \ cp $@ $$dir/pmem-csi.yaml && \ diff --git a/deploy/bindata_generated.go b/deploy/bindata_generated.go index cd4e7cf11d..2389661916 100644 --- a/deploy/bindata_generated.go +++ b/deploy/bindata_generated.go @@ -99,7 +99,7 @@ func deployKubernetes115DirectPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.15/direct/pmem-csi.yaml", size: 9599, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.15/direct/pmem-csi.yaml", size: 9599, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -119,7 +119,7 @@ func deployKubernetes115LvmPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.15/lvm/pmem-csi.yaml", size: 10468, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.15/lvm/pmem-csi.yaml", size: 10468, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -139,7 +139,7 @@ func deployKubernetes116DirectPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.16/direct/pmem-csi.yaml", size: 9652, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.16/direct/pmem-csi.yaml", size: 9652, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -159,7 +159,7 @@ func deployKubernetes116LvmPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.16/lvm/pmem-csi.yaml", size: 10521, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.16/lvm/pmem-csi.yaml", size: 10521, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -179,7 +179,7 @@ func deployKubernetes117DirectPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.17/direct/pmem-csi.yaml", size: 9652, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.17/direct/pmem-csi.yaml", size: 9652, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -199,7 +199,7 @@ func deployKubernetes117LvmPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.17/lvm/pmem-csi.yaml", size: 10521, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.17/lvm/pmem-csi.yaml", size: 10521, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -219,7 +219,7 @@ func deployKubernetes118DirectPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.18/direct/pmem-csi.yaml", size: 9652, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.18/direct/pmem-csi.yaml", size: 9652, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -239,7 +239,7 @@ func deployKubernetes118LvmPmemCsiYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "deploy/kubernetes-1.18/lvm/pmem-csi.yaml", size: 10521, mode: os.FileMode(420), modTime: time.Unix(1591517044, 0)} + info := bindataFileInfo{name: "deploy/kubernetes-1.18/lvm/pmem-csi.yaml", size: 10521, mode: os.FileMode(436), modTime: time.Unix(1591617724, 0)} a := &asset{bytes: bytes, info: info} return a, nil } diff --git a/operator/examples/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml b/deploy/common/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml similarity index 100% rename from operator/examples/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml rename to deploy/common/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml diff --git a/deploy/kustomize/operator/README.md b/deploy/kustomize/operator/README.md new file mode 100644 index 0000000000..3828645c4d --- /dev/null +++ b/deploy/kustomize/operator/README.md @@ -0,0 +1,4 @@ +# Operator + +The common parts for a PMEM-CSI operator deployment. Additional layers +could be added to customize the base operator deployment. diff --git a/deploy/kustomize/operator/kustomization.yaml b/deploy/kustomize/operator/kustomization.yaml new file mode 100644 index 0000000000..6041fc268e --- /dev/null +++ b/deploy/kustomize/operator/kustomization.yaml @@ -0,0 +1,2 @@ +resources: + - operator.yaml diff --git a/operator/deploy/operator.yaml b/deploy/kustomize/operator/operator.yaml similarity index 97% rename from operator/deploy/operator.yaml rename to deploy/kustomize/operator/operator.yaml index b1bab2b239..547a804dfb 100644 --- a/operator/deploy/operator.yaml +++ b/deploy/kustomize/operator/operator.yaml @@ -1,7 +1,3 @@ -### -# TODOs: -# 1) At somepoint this file should move to REPO_ROOT/deploy/ -### apiVersion: v1 kind: ServiceAccount metadata: diff --git a/deploy/operator/pmem-csi-operator.yaml b/deploy/operator/pmem-csi-operator.yaml new file mode 100644 index 0000000000..213f5f2e3b --- /dev/null +++ b/deploy/operator/pmem-csi-operator.yaml @@ -0,0 +1,159 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pmem-csi-operator + namespace: default +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: pmem-csi-operator + namespace: default +rules: +- apiGroups: + - "" + resources: + - configmaps + - services + - services/finalizers + - serviceaccounts + - endpoints + - events + - secrets + - pods + verbs: + - '*' +- apiGroups: + - apps + resources: + - daemonsets + - statefulsets + verbs: + - '*' +- apiGroups: + - apps + resourceNames: + - pmem-csi-operator + resources: + - deployments/finalizers + verbs: + - update +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: pmem-csi-operator +rules: +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + - clusterrolebindings + verbs: + - '*' +- apiGroups: + - storage.k8s.io + resources: + - csidrivers + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - create + - delete +- apiGroups: + - pmem-csi.intel.com + resources: + - deployments + - deployments/status + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pmem-csi-operator + namespace: default +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pmem-csi-operator +subjects: +- kind: ServiceAccount + name: pmem-csi-operator + namespace: default +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: pmem-csi-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pmem-csi-operator +subjects: +- kind: ServiceAccount + name: pmem-csi-operator + namespace: default +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: pmem-csi-operator + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + name: pmem-csi-operator + template: + metadata: + labels: + app: pmem-csi-operator + name: pmem-csi-operator + pmem-csi.intel.com/webhook: ignore + spec: + containers: + - command: + - /usr/local/bin/pmem-csi-operator + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: pmem-csi-operator + image: intel/pmem-csi-driver:canary + imagePullPolicy: IfNotPresent + name: pmem-csi-operator + securityContext: + readOnlyRootFilesystem: true + volumeMounts: + - mountPath: /tmp + name: tmp + serviceAccountName: pmem-csi-operator + volumes: + - emptyDir: {} + name: tmp diff --git a/test/start-operator.sh b/test/start-operator.sh index 6968a73efb..fdf483ade2 100755 --- a/test/start-operator.sh +++ b/test/start-operator.sh @@ -9,11 +9,11 @@ source "${TEST_CONFIG:-${TEST_DIRECTORY}/test-config.sh}" CLUSTER=${CLUSTER:-pmem-govm} REPO_DIRECTORY="${REPO_DIRECTORY:-$(dirname "${TEST_DIRECTORY}")}" CLUSTER_DIRECTORY="${CLUSTER_DIRECTORY:-${REPO_DIRECTORY}/_work/${CLUSTER}}" -DEPLOYMENT_DIRECTORY="${REPO_DIRECTORY}/operator/deploy" +DEPLOYMENT_DIRECTORY="${REPO_DIRECTORY}/deploy/operator" SSH="${CLUSTER_DIRECTORY}/ssh.0" KUBECTL="${SSH} kubectl" # Always use the kubectl installed in the cluster. -deploy="${DEPLOYMENT_DIRECTORY}/operator.yaml" +deploy="${DEPLOYMENT_DIRECTORY}/pmem-csi-operator.yaml" echo "Deploying '${deploy}'..." if [ -f "$deploy" ]; then @@ -57,7 +57,7 @@ EOF cat <&2 "'${deploy}' not a yaml file" From 193671d1dac072cea90e105825bd27268e6233c3 Mon Sep 17 00:00:00 2001 From: Amarnath Valluri Date: Mon, 8 Jun 2020 14:48:21 +0300 Subject: [PATCH 2/2] deploy: Rename operator example driver name to peme-csi.intel.com To match with the provisioner in provided reference storage classes renamed the example driver deployment name. So that the driver deployed via the operator could be useful to provision volumes without deploying new storage classes. --- deploy/common/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/common/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml b/deploy/common/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml index 9833029a5a..b7e71f3c2b 100644 --- a/deploy/common/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml +++ b/deploy/common/pmem-csi.intel.com_v1alpha1_deployment_cr.yaml @@ -1,7 +1,7 @@ apiVersion: pmem-csi.intel.com/v1alpha1 kind: Deployment metadata: - name: example-deployment + name: pmem-csi.intel.com spec: pmemPercentage: 50 controllerResources: