9 changed files with 459 additions and 0 deletions
@ -0,0 +1,23 @@ |
# Patterns to ignore when building packages. |
# This supports shell glob matching, relative path matching, and |
# negation (prefixed with !). Only one pattern per line. |
.DS_Store |
# Common VCS dirs |
.git/ |
.gitignore |
.bzr/ |
.bzrignore |
.hg/ |
.hgignore |
.svn/ |
# Common backup files |
*.swp |
*.bak |
*.tmp |
*.orig |
*~ |
# Various IDEs |
.project |
.idea/ |
*.tmproj |
.vscode/ |
@ -0,0 +1,16 @@ |
apiVersion: v2 |
name: rook-nfs-operator |
description: Rook NFS operator helm chart |
type: application |
# This is the chart version. This version number should be incremented each time you make changes |
# to the chart and its templates, including the app version. |
# Versions are expected to follow Semantic Versioning (https://semver.org/) |
version: 0.1.0 |
# This is the version number of the application being deployed. This version number should be |
# incremented each time you make changes to the application. Versions are not expected to |
# follow Semantic Versioning. They should reflect the version the application is using. |
# It is recommended to use it with quotes. |
appVersion: "v1.7.3" |
@ -0,0 +1,2 @@ |
Rook-nfs-operator installed successfully. |
You can now create your NFS server objects. |
@ -0,0 +1,62 @@ |
{{/* |
Expand the name of the chart. |
*/}} |
{{- define "rook-nfs-operator.name" -}} |
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} |
{{- end }} |
{{/* |
Create a default fully qualified app name. |
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). |
If release name contains chart name it will be used as a full name. |
*/}} |
{{- define "rook-nfs-operator.fullname" -}} |
{{- if .Values.fullnameOverride }} |
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} |
{{- else }} |
{{- $name := default .Chart.Name .Values.nameOverride }} |
{{- if contains $name .Release.Name }} |
{{- .Release.Name | trunc 63 | trimSuffix "-" }} |
{{- else }} |
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} |
{{- end }} |
{{- end }} |
{{- end }} |
{{/* |
Create chart name and version as used by the chart label. |
*/}} |
{{- define "rook-nfs-operator.chart" -}} |
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} |
{{- end }} |
{{/* |
Common labels |
*/}} |
{{- define "rook-nfs-operator.labels" -}} |
helm.sh/chart: {{ include "rook-nfs-operator.chart" . }} |
{{ include "rook-nfs-operator.selectorLabels" . }} |
{{- if .Chart.AppVersion }} |
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} |
{{- end }} |
app.kubernetes.io/managed-by: {{ .Release.Service }} |
{{- end }} |
{{/* |
Selector labels |
*/}} |
{{- define "rook-nfs-operator.selectorLabels" -}} |
app.kubernetes.io/name: {{ include "rook-nfs-operator.name" . }} |
app.kubernetes.io/instance: {{ .Release.Name }} |
{{- end }} |
{{/* |
Create the name of the service account to use |
*/}} |
{{- define "rook-nfs-operator.serviceAccountName" -}} |
{{- if .Values.serviceAccount.create }} |
{{- default (include "rook-nfs-operator.fullname" .) .Values.serviceAccount.name }} |
{{- else }} |
{{- default "default" .Values.serviceAccount.name }} |
{{- end }} |
{{- end }} |
@ -0,0 +1,141 @@ |
apiVersion: apiextensions.k8s.io/v1 |
kind: CustomResourceDefinition |
metadata: |
annotations: |
controller-gen.kubebuilder.io/version: v0.5.1-0.20210420220833-f284e2e8098c |
creationTimestamp: null |
name: nfsservers.nfs.rook.io |
spec: |
group: nfs.rook.io |
names: |
kind: NFSServer |
listKind: NFSServerList |
plural: nfsservers |
singular: nfsserver |
scope: Namespaced |
versions: |
- additionalPrinterColumns: |
- jsonPath: .metadata.creationTimestamp |
name: AGE |
type: date |
- description: NFS Server instance state |
jsonPath: .status.state |
name: State |
type: string |
name: v1alpha1 |
schema: |
openAPIV3Schema: |
description: NFSServer is the Schema for the nfsservers API |
properties: |
apiVersion: |
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' |
type: string |
kind: |
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' |
type: string |
metadata: |
type: object |
spec: |
description: NFSServerSpec represents the spec of NFS daemon |
properties: |
annotations: |
additionalProperties: |
type: string |
description: The annotations-related configuration to add/set on each Pod related object. |
type: object |
exports: |
description: The parameters to configure the NFS export |
items: |
description: ExportsSpec represents the spec of NFS exports |
properties: |
name: |
description: Name of the export |
type: string |
persistentVolumeClaim: |
description: PVC from which the NFS daemon gets storage for sharing |
properties: |
claimName: |
description: 'ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' |
type: string |
readOnly: |
description: Will force the ReadOnly setting in VolumeMounts. Default false. |
type: boolean |
required: |
- claimName |
type: object |
server: |
description: The NFS server configuration |
properties: |
accessMode: |
description: Reading and Writing permissions on the export Valid values are "ReadOnly", "ReadWrite" and "none" |
enum: |
- ReadOnly |
- ReadWrite |
- none |
type: string |
allowedClients: |
description: The clients allowed to access the NFS export |
items: |
description: AllowedClientsSpec represents the client specs for accessing the NFS export |
properties: |
accessMode: |
description: Reading and Writing permissions for the client to access the NFS export Valid values are "ReadOnly", "ReadWrite" and "none" Gets overridden when ServerSpec.accessMode is specified |
enum: |
- ReadOnly |
- ReadWrite |
- none |
type: string |
clients: |
description: The clients that can access the share Values can be hostname, ip address, netgroup, CIDR network address, or all |
items: |
type: string |
type: array |
name: |
description: Name of the clients group |
type: string |
squash: |
description: Squash options for clients Valid values are "none", "rootid", "root", and "all" Gets overridden when ServerSpec.squash is specified |
enum: |
- none |
- rootid |
- root |
- all |
type: string |
type: object |
type: array |
squash: |
description: This prevents the root users connected remotely from having root privileges Valid values are "none", "rootid", "root", and "all" |
enum: |
- none |
- rootid |
- root |
- all |
type: string |
type: object |
type: object |
type: array |
replicas: |
description: Replicas of the NFS daemon |
type: integer |
type: object |
status: |
description: NFSServerStatus defines the observed state of NFSServer |
properties: |
message: |
type: string |
reason: |
type: string |
state: |
type: string |
type: object |
type: object |
served: true |
storage: true |
subresources: |
status: {} |
status: |
acceptedNames: |
kind: "" |
plural: "" |
conditions: [] |
storedVersions: [] |
@ -0,0 +1,57 @@ |
apiVersion: apps/v1 |
kind: Deployment |
metadata: |
name: {{ include "rook-nfs-operator.fullname" . }} |
labels: |
{{- include "rook-nfs-operator.labels" . | nindent 4 }} |
spec: |
replicas: {{ .Values.replicaCount }} |
selector: |
matchLabels: |
{{- include "rook-nfs-operator.selectorLabels" . | nindent 6 }} |
template: |
metadata: |
{{- with .Values.podAnnotations }} |
annotations: |
{{- toYaml . | nindent 8 }} |
{{- end }} |
labels: |
{{- include "rook-nfs-operator.selectorLabels" . | nindent 8 }} |
spec: |
{{- with .Values.imagePullSecrets }} |
imagePullSecrets: |
{{- toYaml . | nindent 8 }} |
{{- end }} |
serviceAccountName: {{ include "rook-nfs-operator.serviceAccountName" . }} |
securityContext: |
{{- toYaml .Values.podSecurityContext | nindent 8 }} |
containers: |
- name: {{ .Chart.Name }} |
securityContext: |
{{- toYaml .Values.securityContext | nindent 12 }} |
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" |
imagePullPolicy: {{ .Values.image.pullPolicy }} |
args: ["nfs", "operator"] |
env: |
- name: POD_NAME |
valueFrom: |
fieldRef: |
fieldPath: metadata.name |
valueFrom: |
fieldRef: |
fieldPath: metadata.namespace |
resources: |
{{- toYaml .Values.resources | nindent 12 }} |
{{- with .Values.nodeSelector }} |
nodeSelector: |
{{- toYaml . | nindent 8 }} |
{{- end }} |
{{- with .Values.affinity }} |
affinity: |
{{- toYaml . | nindent 8 }} |
{{- end }} |
{{- with .Values.tolerations }} |
tolerations: |
{{- toYaml . | nindent 8 }} |
{{- end }} |
@ -0,0 +1,94 @@ |
{{ if .Values.rbac.create }} |
kind: ClusterRoleBinding |
apiVersion: rbac.authorization.k8s.io/v1 |
metadata: |
name: rook-nfs-operator |
roleRef: |
apiGroup: rbac.authorization.k8s.io |
kind: ClusterRole |
name: rook-nfs-operator |
subjects: |
- kind: ServiceAccount |
name: {{ include "rook-nfs-operator.serviceAccountName" . }} |
namespace: {{ .Release.Namespace }} |
--- |
apiVersion: rbac.authorization.k8s.io/v1 |
kind: ClusterRole |
metadata: |
name: rook-nfs-operator |
rules: |
- apiGroups: |
- "" |
resources: |
- configmaps |
verbs: |
- create |
- get |
- list |
- patch |
- update |
- watch |
- apiGroups: |
- "" |
resources: |
- events |
verbs: |
- create |
- get |
- list |
- patch |
- update |
- watch |
- apiGroups: |
- "" |
resources: |
- pods |
verbs: |
- list |
- get |
- watch |
- create |
- apiGroups: |
- "" |
resources: |
- services |
verbs: |
- create |
- get |
- list |
- patch |
- update |
- watch |
- apiGroups: |
- apps |
resources: |
- statefulsets |
verbs: |
- create |
- get |
- list |
- patch |
- update |
- watch |
- apiGroups: |
- nfs.rook.io |
resources: |
- nfsservers |
verbs: |
- create |
- delete |
- get |
- list |
- patch |
- update |
- watch |
- apiGroups: |
- nfs.rook.io |
resources: |
- nfsservers/status |
- nfsservers/finalizers |
verbs: |
- get |
- patch |
- update |
{{ end }} |
@ -0,0 +1,12 @@ |
{{- if .Values.serviceAccount.create -}} |
apiVersion: v1 |
kind: ServiceAccount |
metadata: |
name: {{ include "rook-nfs-operator.serviceAccountName" . }} |
labels: |
{{- include "rook-nfs-operator.labels" . | nindent 4 }} |
{{- with .Values.serviceAccount.annotations }} |
annotations: |
{{- toYaml . | nindent 4 }} |
{{- end }} |
{{- end }} |
@ -0,0 +1,52 @@ |
# Default values for rook-nfs-operator. |
replicaCount: 1 |
image: |
repository: rook/nfs |
pullPolicy: IfNotPresent |
# Overrides the image tag whose default is the chart appVersion. |
tag: "" |
imagePullSecrets: [] |
nameOverride: "" |
fullnameOverride: "" |
serviceAccount: |
create: true |
annotations: {} |
name: "rook-nfs-operator" |
rbac: |
create: true |
podAnnotations: {} |
podSecurityContext: {} |
# fsGroup: 2000 |
securityContext: {} |
# capabilities: |
# drop: |
# - ALL |
# readOnlyRootFilesystem: true |
# runAsNonRoot: true |
# runAsUser: 1000 |
resources: {} |
# We usually recommend not to specify default resources and to leave this as a conscious |
# choice for the user. This also increases chances charts run on environments with little |
# resources, such as Minikube. If you do want to specify resources, uncomment the following |
# lines, adjust them as necessary, and remove the curly braces after 'resources:'. |
# limits: |
# cpu: 100m |
# memory: 128Mi |
# requests: |
# cpu: 100m |
# memory: 128Mi |
nodeSelector: {} |
tolerations: [] |
affinity: {} |
Reference in new issue