9 changed files with 459 additions and 0 deletions
@ -0,0 +1,23 @@ |
|||||
|
# Patterns to ignore when building packages. |
||||
|
# This supports shell glob matching, relative path matching, and |
||||
|
# negation (prefixed with !). Only one pattern per line. |
||||
|
.DS_Store |
||||
|
# Common VCS dirs |
||||
|
.git/ |
||||
|
.gitignore |
||||
|
.bzr/ |
||||
|
.bzrignore |
||||
|
.hg/ |
||||
|
.hgignore |
||||
|
.svn/ |
||||
|
# Common backup files |
||||
|
*.swp |
||||
|
*.bak |
||||
|
*.tmp |
||||
|
*.orig |
||||
|
*~ |
||||
|
# Various IDEs |
||||
|
.project |
||||
|
.idea/ |
||||
|
*.tmproj |
||||
|
.vscode/ |
||||
@ -0,0 +1,16 @@ |
|||||
|
apiVersion: v2 |
||||
|
name: rook-nfs-operator |
||||
|
description: Rook NFS operator helm chart |
||||
|
|
||||
|
type: application |
||||
|
|
||||
|
# This is the chart version. This version number should be incremented each time you make changes |
||||
|
# to the chart and its templates, including the app version. |
||||
|
# Versions are expected to follow Semantic Versioning (https://semver.org/) |
||||
|
version: 0.1.0 |
||||
|
|
||||
|
# This is the version number of the application being deployed. This version number should be |
||||
|
# incremented each time you make changes to the application. Versions are not expected to |
||||
|
# follow Semantic Versioning. They should reflect the version the application is using. |
||||
|
# It is recommended to use it with quotes. |
||||
|
appVersion: "v1.7.3" |
||||
@ -0,0 +1,2 @@ |
|||||
|
Rook-nfs-operator installed successfully. |
||||
|
You can now create your NFS server objects. |
||||
@ -0,0 +1,62 @@ |
|||||
|
{{/* |
||||
|
Expand the name of the chart. |
||||
|
*/}} |
||||
|
{{- define "rook-nfs-operator.name" -}} |
||||
|
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} |
||||
|
{{- end }} |
||||
|
|
||||
|
{{/* |
||||
|
Create a default fully qualified app name. |
||||
|
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). |
||||
|
If release name contains chart name it will be used as a full name. |
||||
|
*/}} |
||||
|
{{- define "rook-nfs-operator.fullname" -}} |
||||
|
{{- if .Values.fullnameOverride }} |
||||
|
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} |
||||
|
{{- else }} |
||||
|
{{- $name := default .Chart.Name .Values.nameOverride }} |
||||
|
{{- if contains $name .Release.Name }} |
||||
|
{{- .Release.Name | trunc 63 | trimSuffix "-" }} |
||||
|
{{- else }} |
||||
|
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} |
||||
|
{{- end }} |
||||
|
{{- end }} |
||||
|
{{- end }} |
||||
|
|
||||
|
{{/* |
||||
|
Create chart name and version as used by the chart label. |
||||
|
*/}} |
||||
|
{{- define "rook-nfs-operator.chart" -}} |
||||
|
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} |
||||
|
{{- end }} |
||||
|
|
||||
|
{{/* |
||||
|
Common labels |
||||
|
*/}} |
||||
|
{{- define "rook-nfs-operator.labels" -}} |
||||
|
helm.sh/chart: {{ include "rook-nfs-operator.chart" . }} |
||||
|
{{ include "rook-nfs-operator.selectorLabels" . }} |
||||
|
{{- if .Chart.AppVersion }} |
||||
|
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} |
||||
|
{{- end }} |
||||
|
app.kubernetes.io/managed-by: {{ .Release.Service }} |
||||
|
{{- end }} |
||||
|
|
||||
|
{{/* |
||||
|
Selector labels |
||||
|
*/}} |
||||
|
{{- define "rook-nfs-operator.selectorLabels" -}} |
||||
|
app.kubernetes.io/name: {{ include "rook-nfs-operator.name" . }} |
||||
|
app.kubernetes.io/instance: {{ .Release.Name }} |
||||
|
{{- end }} |
||||
|
|
||||
|
{{/* |
||||
|
Create the name of the service account to use |
||||
|
*/}} |
||||
|
{{- define "rook-nfs-operator.serviceAccountName" -}} |
||||
|
{{- if .Values.serviceAccount.create }} |
||||
|
{{- default (include "rook-nfs-operator.fullname" .) .Values.serviceAccount.name }} |
||||
|
{{- else }} |
||||
|
{{- default "default" .Values.serviceAccount.name }} |
||||
|
{{- end }} |
||||
|
{{- end }} |
||||
@ -0,0 +1,141 @@ |
|||||
|
apiVersion: apiextensions.k8s.io/v1 |
||||
|
kind: CustomResourceDefinition |
||||
|
metadata: |
||||
|
annotations: |
||||
|
controller-gen.kubebuilder.io/version: v0.5.1-0.20210420220833-f284e2e8098c |
||||
|
creationTimestamp: null |
||||
|
name: nfsservers.nfs.rook.io |
||||
|
spec: |
||||
|
group: nfs.rook.io |
||||
|
names: |
||||
|
kind: NFSServer |
||||
|
listKind: NFSServerList |
||||
|
plural: nfsservers |
||||
|
singular: nfsserver |
||||
|
scope: Namespaced |
||||
|
versions: |
||||
|
- additionalPrinterColumns: |
||||
|
- jsonPath: .metadata.creationTimestamp |
||||
|
name: AGE |
||||
|
type: date |
||||
|
- description: NFS Server instance state |
||||
|
jsonPath: .status.state |
||||
|
name: State |
||||
|
type: string |
||||
|
name: v1alpha1 |
||||
|
schema: |
||||
|
openAPIV3Schema: |
||||
|
description: NFSServer is the Schema for the nfsservers API |
||||
|
properties: |
||||
|
apiVersion: |
||||
|
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' |
||||
|
type: string |
||||
|
kind: |
||||
|
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' |
||||
|
type: string |
||||
|
metadata: |
||||
|
type: object |
||||
|
spec: |
||||
|
description: NFSServerSpec represents the spec of NFS daemon |
||||
|
properties: |
||||
|
annotations: |
||||
|
additionalProperties: |
||||
|
type: string |
||||
|
description: The annotations-related configuration to add/set on each Pod related object. |
||||
|
type: object |
||||
|
exports: |
||||
|
description: The parameters to configure the NFS export |
||||
|
items: |
||||
|
description: ExportsSpec represents the spec of NFS exports |
||||
|
properties: |
||||
|
name: |
||||
|
description: Name of the export |
||||
|
type: string |
||||
|
persistentVolumeClaim: |
||||
|
description: PVC from which the NFS daemon gets storage for sharing |
||||
|
properties: |
||||
|
claimName: |
||||
|
description: 'ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' |
||||
|
type: string |
||||
|
readOnly: |
||||
|
description: Will force the ReadOnly setting in VolumeMounts. Default false. |
||||
|
type: boolean |
||||
|
required: |
||||
|
- claimName |
||||
|
type: object |
||||
|
server: |
||||
|
description: The NFS server configuration |
||||
|
properties: |
||||
|
accessMode: |
||||
|
description: Reading and Writing permissions on the export Valid values are "ReadOnly", "ReadWrite" and "none" |
||||
|
enum: |
||||
|
- ReadOnly |
||||
|
- ReadWrite |
||||
|
- none |
||||
|
type: string |
||||
|
allowedClients: |
||||
|
description: The clients allowed to access the NFS export |
||||
|
items: |
||||
|
description: AllowedClientsSpec represents the client specs for accessing the NFS export |
||||
|
properties: |
||||
|
accessMode: |
||||
|
description: Reading and Writing permissions for the client to access the NFS export Valid values are "ReadOnly", "ReadWrite" and "none" Gets overridden when ServerSpec.accessMode is specified |
||||
|
enum: |
||||
|
- ReadOnly |
||||
|
- ReadWrite |
||||
|
- none |
||||
|
type: string |
||||
|
clients: |
||||
|
description: The clients that can access the share Values can be hostname, ip address, netgroup, CIDR network address, or all |
||||
|
items: |
||||
|
type: string |
||||
|
type: array |
||||
|
name: |
||||
|
description: Name of the clients group |
||||
|
type: string |
||||
|
squash: |
||||
|
description: Squash options for clients Valid values are "none", "rootid", "root", and "all" Gets overridden when ServerSpec.squash is specified |
||||
|
enum: |
||||
|
- none |
||||
|
- rootid |
||||
|
- root |
||||
|
- all |
||||
|
type: string |
||||
|
type: object |
||||
|
type: array |
||||
|
squash: |
||||
|
description: This prevents the root users connected remotely from having root privileges Valid values are "none", "rootid", "root", and "all" |
||||
|
enum: |
||||
|
- none |
||||
|
- rootid |
||||
|
- root |
||||
|
- all |
||||
|
type: string |
||||
|
type: object |
||||
|
type: object |
||||
|
type: array |
||||
|
replicas: |
||||
|
description: Replicas of the NFS daemon |
||||
|
type: integer |
||||
|
type: object |
||||
|
status: |
||||
|
description: NFSServerStatus defines the observed state of NFSServer |
||||
|
properties: |
||||
|
message: |
||||
|
type: string |
||||
|
reason: |
||||
|
type: string |
||||
|
state: |
||||
|
type: string |
||||
|
type: object |
||||
|
type: object |
||||
|
served: true |
||||
|
storage: true |
||||
|
subresources: |
||||
|
status: {} |
||||
|
status: |
||||
|
acceptedNames: |
||||
|
kind: "" |
||||
|
plural: "" |
||||
|
conditions: [] |
||||
|
storedVersions: [] |
||||
@ -0,0 +1,57 @@ |
|||||
|
apiVersion: apps/v1 |
||||
|
kind: Deployment |
||||
|
metadata: |
||||
|
name: {{ include "rook-nfs-operator.fullname" . }} |
||||
|
labels: |
||||
|
{{- include "rook-nfs-operator.labels" . | nindent 4 }} |
||||
|
spec: |
||||
|
replicas: {{ .Values.replicaCount }} |
||||
|
selector: |
||||
|
matchLabels: |
||||
|
{{- include "rook-nfs-operator.selectorLabels" . | nindent 6 }} |
||||
|
template: |
||||
|
metadata: |
||||
|
{{- with .Values.podAnnotations }} |
||||
|
annotations: |
||||
|
{{- toYaml . | nindent 8 }} |
||||
|
{{- end }} |
||||
|
labels: |
||||
|
{{- include "rook-nfs-operator.selectorLabels" . | nindent 8 }} |
||||
|
spec: |
||||
|
{{- with .Values.imagePullSecrets }} |
||||
|
imagePullSecrets: |
||||
|
{{- toYaml . | nindent 8 }} |
||||
|
{{- end }} |
||||
|
serviceAccountName: {{ include "rook-nfs-operator.serviceAccountName" . }} |
||||
|
securityContext: |
||||
|
{{- toYaml .Values.podSecurityContext | nindent 8 }} |
||||
|
containers: |
||||
|
- name: {{ .Chart.Name }} |
||||
|
securityContext: |
||||
|
{{- toYaml .Values.securityContext | nindent 12 }} |
||||
|
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" |
||||
|
imagePullPolicy: {{ .Values.image.pullPolicy }} |
||||
|
args: ["nfs", "operator"] |
||||
|
env: |
||||
|
- name: POD_NAME |
||||
|
valueFrom: |
||||
|
fieldRef: |
||||
|
fieldPath: metadata.name |
||||
|
- name: POD_NAMESPACE |
||||
|
valueFrom: |
||||
|
fieldRef: |
||||
|
fieldPath: metadata.namespace |
||||
|
resources: |
||||
|
{{- toYaml .Values.resources | nindent 12 }} |
||||
|
{{- with .Values.nodeSelector }} |
||||
|
nodeSelector: |
||||
|
{{- toYaml . | nindent 8 }} |
||||
|
{{- end }} |
||||
|
{{- with .Values.affinity }} |
||||
|
affinity: |
||||
|
{{- toYaml . | nindent 8 }} |
||||
|
{{- end }} |
||||
|
{{- with .Values.tolerations }} |
||||
|
tolerations: |
||||
|
{{- toYaml . | nindent 8 }} |
||||
|
{{- end }} |
||||
@ -0,0 +1,94 @@ |
|||||
|
{{ if .Values.rbac.create }} |
||||
|
kind: ClusterRoleBinding |
||||
|
apiVersion: rbac.authorization.k8s.io/v1 |
||||
|
metadata: |
||||
|
name: rook-nfs-operator |
||||
|
roleRef: |
||||
|
apiGroup: rbac.authorization.k8s.io |
||||
|
kind: ClusterRole |
||||
|
name: rook-nfs-operator |
||||
|
subjects: |
||||
|
- kind: ServiceAccount |
||||
|
name: {{ include "rook-nfs-operator.serviceAccountName" . }} |
||||
|
namespace: {{ .Release.Namespace }} |
||||
|
--- |
||||
|
apiVersion: rbac.authorization.k8s.io/v1 |
||||
|
kind: ClusterRole |
||||
|
metadata: |
||||
|
name: rook-nfs-operator |
||||
|
rules: |
||||
|
- apiGroups: |
||||
|
- "" |
||||
|
resources: |
||||
|
- configmaps |
||||
|
verbs: |
||||
|
- create |
||||
|
- get |
||||
|
- list |
||||
|
- patch |
||||
|
- update |
||||
|
- watch |
||||
|
- apiGroups: |
||||
|
- "" |
||||
|
resources: |
||||
|
- events |
||||
|
verbs: |
||||
|
- create |
||||
|
- get |
||||
|
- list |
||||
|
- patch |
||||
|
- update |
||||
|
- watch |
||||
|
- apiGroups: |
||||
|
- "" |
||||
|
resources: |
||||
|
- pods |
||||
|
verbs: |
||||
|
- list |
||||
|
- get |
||||
|
- watch |
||||
|
- create |
||||
|
- apiGroups: |
||||
|
- "" |
||||
|
resources: |
||||
|
- services |
||||
|
verbs: |
||||
|
- create |
||||
|
- get |
||||
|
- list |
||||
|
- patch |
||||
|
- update |
||||
|
- watch |
||||
|
- apiGroups: |
||||
|
- apps |
||||
|
resources: |
||||
|
- statefulsets |
||||
|
verbs: |
||||
|
- create |
||||
|
- get |
||||
|
- list |
||||
|
- patch |
||||
|
- update |
||||
|
- watch |
||||
|
- apiGroups: |
||||
|
- nfs.rook.io |
||||
|
resources: |
||||
|
- nfsservers |
||||
|
verbs: |
||||
|
- create |
||||
|
- delete |
||||
|
- get |
||||
|
- list |
||||
|
- patch |
||||
|
- update |
||||
|
- watch |
||||
|
- apiGroups: |
||||
|
- nfs.rook.io |
||||
|
resources: |
||||
|
- nfsservers/status |
||||
|
- nfsservers/finalizers |
||||
|
verbs: |
||||
|
- get |
||||
|
- patch |
||||
|
- update |
||||
|
{{ end }} |
||||
@ -0,0 +1,12 @@ |
|||||
|
{{- if .Values.serviceAccount.create -}} |
||||
|
apiVersion: v1 |
||||
|
kind: ServiceAccount |
||||
|
metadata: |
||||
|
name: {{ include "rook-nfs-operator.serviceAccountName" . }} |
||||
|
labels: |
||||
|
{{- include "rook-nfs-operator.labels" . | nindent 4 }} |
||||
|
{{- with .Values.serviceAccount.annotations }} |
||||
|
annotations: |
||||
|
{{- toYaml . | nindent 4 }} |
||||
|
{{- end }} |
||||
|
{{- end }} |
||||
@ -0,0 +1,52 @@ |
|||||
|
# Default values for rook-nfs-operator. |
||||
|
|
||||
|
replicaCount: 1 |
||||
|
|
||||
|
image: |
||||
|
repository: rook/nfs |
||||
|
pullPolicy: IfNotPresent |
||||
|
# Overrides the image tag whose default is the chart appVersion. |
||||
|
tag: "" |
||||
|
|
||||
|
imagePullSecrets: [] |
||||
|
nameOverride: "" |
||||
|
fullnameOverride: "" |
||||
|
|
||||
|
serviceAccount: |
||||
|
create: true |
||||
|
annotations: {} |
||||
|
name: "rook-nfs-operator" |
||||
|
|
||||
|
rbac: |
||||
|
create: true |
||||
|
|
||||
|
podAnnotations: {} |
||||
|
|
||||
|
podSecurityContext: {} |
||||
|
# fsGroup: 2000 |
||||
|
|
||||
|
securityContext: {} |
||||
|
# capabilities: |
||||
|
# drop: |
||||
|
# - ALL |
||||
|
# readOnlyRootFilesystem: true |
||||
|
# runAsNonRoot: true |
||||
|
# runAsUser: 1000 |
||||
|
|
||||
|
resources: {} |
||||
|
# We usually recommend not to specify default resources and to leave this as a conscious |
||||
|
# choice for the user. This also increases chances charts run on environments with little |
||||
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following |
||||
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'. |
||||
|
# limits: |
||||
|
# cpu: 100m |
||||
|
# memory: 128Mi |
||||
|
# requests: |
||||
|
# cpu: 100m |
||||
|
# memory: 128Mi |
||||
|
|
||||
|
nodeSelector: {} |
||||
|
|
||||
|
tolerations: [] |
||||
|
|
||||
|
affinity: {} |
||||
Loading…
Reference in new issue