Skip to content
This repository was archived by the owner on Oct 21, 2020. It is now read-only.

Commit 2db4446

Browse files
author
Matthew Wong
authored
Merge pull request #892 from wongma7/leader-election
Replace per-PVC leader election with per-cluster
2 parents b73dc28 + 8052cf7 commit 2db4446

File tree

135 files changed

+120496
-1563
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

135 files changed

+120496
-1563
lines changed

Gopkg.lock

Lines changed: 39 additions & 35 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

aws/efs/README.md

Lines changed: 2 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -141,24 +141,15 @@ If your cluster has RBAC enabled or you are running OpenShift you must authorize
141141

142142
#### RBAC
143143
```console
144-
$ kubectl create -f deploy/auth/serviceaccount.yaml
145-
serviceaccount "efs-provisioner" created
146-
$ kubectl create -f deploy/auth/clusterrole.yaml
147-
clusterrole "efs-provisioner-runner" created
148-
$ kubectl create -f deploy/auth/clusterrolebinding.yaml
149-
clusterrolebinding "run-efs-provisioner" created
150-
$ kubectl patch deployment efs-provisioner -p '{"spec":{"template":{"spec":{"serviceAccount":"efs-provisioner"}}}}'
144+
$ kubectl create -f deploy/rbac.yaml
151145
```
152146

153147
#### OpenShift
154148
```console
155-
$ oc create -f deploy/auth/serviceaccount.yaml
156-
serviceaccount "efs-provisioner" created
157-
$ oc create -f deploy/auth/openshift-clusterrole.yaml
149+
$ oc create -f deploy/openshift-clusterrole.yaml
158150
clusterrole "efs-provisioner-runner" created
159151
$ oadm policy add-scc-to-user hostmount-anyuid system:serviceaccount:default:efs-provisioner
160152
$ oadm policy add-cluster-role-to-user efs-provisioner-runner system:serviceaccount:default:efs-provisioner
161-
$ oc patch deployment efs-provisioner -p '{"spec":{"template":{"spec":{"serviceAccount":"efs-provisioner"}}}}'
162153
```
163154
### SELinux
164155
If SELinux is enforcing on the node where the provisioner runs, you must enable writing from a pod to a remote NFS server (EFS in this case) on the node by running:

aws/efs/deploy/auth/clusterrolebinding.yaml

Lines changed: 0 additions & 12 deletions
This file was deleted.

aws/efs/deploy/auth/serviceaccount.yaml

Lines changed: 0 additions & 4 deletions
This file was deleted.

aws/efs/deploy/deployment.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,8 @@
1+
apiVersion: v1
2+
kind: ServiceAccount
3+
metadata:
4+
name: efs-provisioner
5+
---
16
kind: Deployment
27
apiVersion: extensions/v1beta1
38
metadata:
@@ -11,6 +16,7 @@ spec:
1116
labels:
1217
app: efs-provisioner
1318
spec:
19+
serviceAccount: efs-provisioner
1420
containers:
1521
- name: efs-provisioner
1622
image: quay.io/external_storage/efs-provisioner:latest

aws/efs/deploy/auth/openshift-clusterrole.yaml renamed to aws/efs/deploy/openshift-clusterrole.yaml

File renamed without changes.

0 commit comments

Comments
 (0)